Claudio Jeker <cje...@diehard.n-r-g.com> writes: > On Thu, May 15, 2025 at 01:15:43PM +0200, Martin Pieuchot wrote: >> Fault below has been triggered by dong 'vmctl $myvm stop' while >> rebooting a 7.7 amd64 VM: >> >> OpenBSD 7.7 (GENERIC) #619: Sun Apr 13 08:19:34 MDT 2025 >> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC >> real mem = 117428224 (111MB) >> avail mem = 87916544 (83MB) >> random: good seed from bootblocks >> mpath0 at root >> scsibus0 at mpath0: 256 targets >> mainbus0 at root >> bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf2760 (10 entries) >> bios0: vendor SeaBIOS version "1.16.3p0-OpenBSD-vmm" date 01/01/2011 >> bios0: OpenBSD VMM >> acpi at bios0 not configured >> cpu0 at mainbus0: (uniprocessor) >> cpu0: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz, 2394.43 MHz, 06-3d-04 >> cpu0: cpuid 1 >> edx=78ba97f<FPU,VME,DE,PSE,TSC,MSR,PAE,CX8,SEP,PGE,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2> >> ecx=f6d83203<SSE3,PCLMUL,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,MOVBE,POPCNT,AES,XSAVE,AVX,F16C,RDRAND,HV> >> cpu0: cpuid 7.0 >> ebx=1c23a9<FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,RDSEED,ADX,SMAP> >> edx=400<MD_CLEAR> >> cpu0: cpuid d.1 eax=1<XSAVEOPT> >> cpu0: cpuid 80000001 edx=24100800<NXE,PAGE1GB,LONG> ecx=121<LAHF,ABM,3DNOWP> >> cpu0: cpuid 80000007 edx=100<ITSC> >> cpu0: MELTDOWN >> cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 256KB >> 64b/line 8-way L2 cache, 4MB 64b/line 16-way L3 cache >> cpu0: smt 0, core 0, package 0 >> cpu0: using VERW MDS workaround >> pvbus0 at mainbus0: OpenBSD >> pvclock0 at pvbus0 >> pci0 at mainbus0 bus 0 >> pchb0 at pci0 dev 0 function 0 "OpenBSD VMM Host" rev 0x00 >> virtio0 at pci0 dev 1 function 0 "Qumranet Virtio RNG" rev 0x00 >> viornd0 at virtio0 >> virtio0: irq 3 >> virtio1 at pci0 dev 2 function 0 "Qumranet Virtio Network" rev 0x00 >> vio0 at virtio1: 1 queue, address fe:e1:bb:d1:de:21 >> virtio1: irq 5 >> virtio2 at pci0 dev 3 function 0 "Qumranet Virtio Storage" rev 0x00 >> vioblk0 at virtio2 >> virtio2: irq 6 >> scsibus1 at vioblk0: 1 targets >> sd0 at scsibus1 targ 0 lun 0: <VirtIO, Block Device, > >> sd0: 3072MB, 512 bytes/sector, 6291456 sectors >> virtio3 at pci0 dev 4 function 0 "OpenBSD VMM Control" rev 0x00 >> vmmci0 at virtio3 >> virtio3: irq 7 >> isa0 at mainbus0 >> isadma0 at isa0 >> com0 at isa0 port 0x3f8/8 irq 4: ns8250, no fifo >> com0: console >> Rebooting in response to request from vmmci0 host >> uvm_fault(0xffffffff82a56848, 0xf0, 0, 1) -> e >> kernel: page fault trap, code=0 >> Stopped at mtx_enter+0x2f: movq 0(%rdi),%rax >> TID PID UID PRFLAGS PFLAGS CPU COMMAND >> * 0 0 0 0x10000 0x200 0 swapper >> mtx_enter(f0,f0,cea0d74fd2320eb6,f0,10,ffffffff82fbdcc0) at mtx_enter+0x2f >> prsignal(0,2,2,1,ffff800000090400,d) at prsignal+0x26 >> vmmci_config_change(ffff800000090400,ffff800000090400,86acf72f78ea7d07,0,ffff80 >> 0000090400,0) at vmmci_config_change+0xf6 >> virtio_pci_legacy_intr(ffff800000090400,ffff800000090400,c9a59ef2495be15f,fffff >> fff81004000,0,4) at virtio_pci_legacy_intr+0x63 >> intr_handler(ffffffff82fbddf0,ffff80000008e500,cbae99a56f027dfe,ffff80000008e48 >> 0,ffffffff8152e8b6,ffffffff82fbdde0) at intr_handler+0x56 >> Xintr_legacy7_untramp(0,ffffffff824e65b0,0,18041969,ffffffff81004000,e) at >> Xint >> r_legacy7_untramp+0x1a3 >> Xspllower(0,0,c0d762ae039e8784,ffffffff81004000,ffffffff8152ed5c,ffffffff82fb70 >> 08) at Xspllower+0x1d >> cpu_configure(4449abb23155d965,0,0,ffff800000032000,ffffffff812a613f,ffffffff82 >> fbdf10) at cpu_configure+0xaf >> main(e,e,0,1,ffffffff816ab787,ffffffff82fbdf40) at main+0x427 >> end trace frame: 0x0, count: 6 >> https://www.openbsd.org/ddb.html describes the minimum info required in bug >> > > I guess initprocess is still NULL in pvbus_reboot() and so prsignal blows > up trying to access the ps_mtx. > > I would suggest to use startuphook_establish() to delay the attach of > vmmci0 until initprocess is set.
I can take a look later this week if nobody wants to pick this up. If someone *does* want a crack at it, please ping me so I don't duplicate effort :D -dv
