Bug 279650 - Linux module crash
Summary: Linux module crash
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 15.0-CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-emulation (Nobody)
URL:
Keywords: crash
Depends on:
Blocks:
 
Reported: 2024-06-10 18:16 UTC by Ricardo Branco
Modified: 2024-06-16 11:58 UTC (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ricardo Branco 2024-06-10 18:16:52 UTC 
To reproduce:

https://download.freebsd.org/snapshots/VM-IMAGES/15.0-CURRENT/amd64/20240606/FreeBSD-15.0-CURRENT-amd64-zfs-20240606-9c5d7e4a0c02-270625.qcow2.xz

echo linux_enable=YES >> /etc/rc.conf
service linux start

---


Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address	= 0xffffffff830808bf
fault code		= supervisor write data, protection violation
instruction pointer	= 0x20:0xffffffff83077701
stack pointer	        = 0x28:0xfffffe0104bcba00
frame pointer	        = 0x28:0xfffffe0104bcba40
code segment		= base rx0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 116 (kldload)
rdi: ffffffff830808b8 rsi: 00000000000000c0 rdx: 0000000000000100
rcx: ffffffff83081950  r8: ffffffff83081978  r9: 0000000000000000
rax: 00000000000001d0 rbx: fffff8001354c480 rbp: fffffe0104bcba40
r10: 0000000000010000 r11: 0000000000000001 r12: ffffffff83080b90
r13: fffff800135711e0 r14: fffff800032df480 r15: ffffffff830886d0
trap number		= 12
panic: page fault
cpuid = 0
time = 1718042175
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0104bcb6d0
vpanic() at vpanic+0x13f/frame 0xfffffe0104bcb800
panic() at panic+0x43/frame 0xfffffe0104bcb860
trap_fatal() at trap_fatal+0x40b/frame 0xfffffe0104bcb8c0
trap_pfault() at trap_pfault+0xa0/frame 0xfffffe0104bcb930
calltrap() at calltrap+0x8/frame 0xfffffe0104bcb930
--- trap 0xc, rip = 0xffffffff83077701, rsp = 0xfffffe0104bcba00, rbp = 0xfffffe0104bcba40 ---
elf64_linux_vdso_fixup() at elf64_linux_vdso_fixup+0xf1/frame 0xfffffe0104bcba40
linux_vdso_install() at linux_vdso_install+0x5f/frame 0xfffffe0104bcba80
linker_load_module() at linker_load_module+0xc23/frame 0xfffffe0104bcbd80
kern_kldload() at kern_kldload+0x16e/frame 0xfffffe0104bcbdd0
sys_kldload() at sys_kldload+0x5c/frame 0xfffffe0104bcbe00
amd64_syscall() at amd64_syscall+0x158/frame 0xfffffe0104bcbf30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0104bcbf30
--- syscall (304, FreeBSD ELF64, kldload), rip = 0x17c6d1d37da, rsp = 0x17c6bca0038, rbp = 0x17c6bca05b0 ---
KDB: enter: panic
Comment 1 David.Boyd49 2024-06-11 14:31:22 UTC 
I have experienced the same error on 15.0-CURRENT VM-Image using the vmdk with VirtualBox.
Comment 2 Ricardo Branco 2024-06-16 11:57:42 UTC 
Perhaps related?

linux: Allows writing to the vdso from the kernel
https://github.com/freebsd/freebsd-src/commit/ec69d230933f82c7c142b053882255aa57475463

	/*
	 * VDSO is readonly mapped to the process VA and
	 * can't be relocated by rtld.
	 */
https://github.com/freebsd/freebsd-src/blob/main/sys/compat/linux/linux_vdso.c#L138
Comment 3 Ricardo Branco 2024-06-16 11:58:44 UTC 
Btw, I recompiled world & kernel and have qemu_guest_agent_enable=YES and it doesn't crash.