Re: [markiyan.kush...@gmail.com: Re: 11.0-CURRENT panic (nfsd?)]
Thank you for the report. Bug fixed at r260367. - Forwarded message from Markiyan Kushnir - Date: Sun, 5 Jan 2014 19:47:37 +0200 Subject: Re: 11.0-CURRENT panic (nfsd?) From: Markiyan Kushnir To: Markiyan Kushnir , freebsd-current@freebsd.org $ nm /boot/kernel/kernel | grep svc_run_internal 80714db0 t svc_run_internal $ addr2line -e /boot/kernel/kernel 0x80715779 /usr/src.svnup/sys/rpc/svc.c:971 949 static void 950 svc_executereq(struct svc_req *rqstp) 951 { 952 SVCXPRT *xprt = rqstp->rq_xprt; 953 SVCPOOL *pool = xprt->xp_pool; 954 int prog_found; 955 rpcvers_t low_vers; 956 rpcvers_t high_vers; 957 struct svc_callout *s; 958 959 /* now match message with a registered service*/ 960 prog_found = FALSE; 961 low_vers = (rpcvers_t) -1L; 962 high_vers = (rpcvers_t) 0L; 963 TAILQ_FOREACH(s, &pool->sp_callouts, sc_link) { 964 if (s->sc_prog == rqstp->rq_prog) { 965 if (s->sc_vers == rqstp->rq_vers) { 966 /* 967 * We hand ownership of r to the 968 * dispatch method - they must call 969 * svc_freereq. 970 */ 971 (*s->sc_dispatch)(rqstp, xprt); 972 return; 973 } /* found correct version */ 974 prog_found = TRUE; 975 if (s->sc_vers < low_vers) 976 low_vers = s->sc_vers; 977 if (s->sc_vers > high_vers) 978 high_vers = s->sc_vers; 979 } /* found correct program */ 980 } 981 982 /* 983 * if we got here, the program or version 984 * is not served ... 985 */ 986 if (prog_found) 987 svcerr_progvers(rqstp, low_vers, high_vers); 988 else 989 svcerr_noprog(rqstp); 990 991 svc_freereq(rqstp); 992 } 993 2014/1/5 John-Mark Gurney : Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 11:06 +0200: 2014/1/5 John-Mark Gurney : Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 10:57 +0200: I started to see a reliable panic on a recent CURRENT: $ uname -a FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r260296: Sun Jan 5 07:14:50 EET 2014 r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 The panic is always triggered by the first request to the nfs service (this machine runs a PXE server). The core.txt is attached. Please let me know if I can help more. Apparently the mime-type on the attachment was bad and got scrubbed... Maybe include it inline if it isn't too long? It's 144KB long. I will share it via Google Drive: https://drive.google.com/file/d/0B9Q-zpUXxqCnNVhBY0M5ZzU4d1k/edit?usp=sharing Looks like a NULL function pointer was called: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x0 fault code = supervisor read instruction, page not present instruction pointer = 0x20:0x0 stack pointer = 0x28:0xfe00d9a2bea0 frame pointer = 0x28:0xfe00d9a2c010 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 1323 (nfsd: master) trap number = 12 panic: page fault --- trap 0xc, rip = 0, rsp = 0xfe00d9a2bea0, rbp = 0xfe00d9a2c010 --- uart_sab82532_class() at 0/frame 0xfe00d9a2c010 svc_run_internal() at svc_run_internal+0x9c9/frame 0xfe00d9a2c1b0 svc_run() at svc_run+0xed/frame 0xfe00d9a2c1f0 nfsrvd_nfsd() at nfsrvd_nfsd+0x19a/frame 0xfe00d9a2c350 nfssvc_nfsd() at nfssvc_nfsd+0x11a/frame 0xfe00d9a2c970 sys_nfssvc() at sys_nfssvc+0xd2/frame 0xfe00d9a2c9a0 amd64_syscall() at amd64_syscall+0x265/frame 0xfe00d9a2cab0 Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfe00d9a2cab0 --- syscall (155, FreeBSD ELF64, sys_nfssvc), rip = 0x80088c13a, rsp = 0x7fffd438, rbp = 0x7fffd6e0 --- The uart_sab82532_class is just the closest symbol to 0, so it's in svc_run_internal that's the problem... Could you run: nm /boot/kernel/kernel | grep svc_run_internal This should return a line w/ a large hex number at the front, then run: addr2line -e /boot/kernel/kernel $( expr 0x+0x9c9) This will give you a file name and line number, and can you copy/past
Re: 11.0-CURRENT panic (nfsd?)
$ nm /boot/kernel/kernel | grep svc_run_internal 80714db0 t svc_run_internal $ addr2line -e /boot/kernel/kernel 0x80715779 /usr/src.svnup/sys/rpc/svc.c:971 949 static void 950 svc_executereq(struct svc_req *rqstp) 951 { 952 SVCXPRT *xprt = rqstp->rq_xprt; 953 SVCPOOL *pool = xprt->xp_pool; 954 int prog_found; 955 rpcvers_t low_vers; 956 rpcvers_t high_vers; 957 struct svc_callout *s; 958 959 /* now match message with a registered service*/ 960 prog_found = FALSE; 961 low_vers = (rpcvers_t) -1L; 962 high_vers = (rpcvers_t) 0L; 963 TAILQ_FOREACH(s, &pool->sp_callouts, sc_link) { 964 if (s->sc_prog == rqstp->rq_prog) { 965 if (s->sc_vers == rqstp->rq_vers) { 966 /* 967 * We hand ownership of r to the 968 * dispatch method - they must call 969 * svc_freereq. 970 */ 971 (*s->sc_dispatch)(rqstp, xprt); 972 return; 973 } /* found correct version */ 974 prog_found = TRUE; 975 if (s->sc_vers < low_vers) 976 low_vers = s->sc_vers; 977 if (s->sc_vers > high_vers) 978 high_vers = s->sc_vers; 979 } /* found correct program */ 980 } 981 982 /* 983 * if we got here, the program or version 984 * is not served ... 985 */ 986 if (prog_found) 987 svcerr_progvers(rqstp, low_vers, high_vers); 988 else 989 svcerr_noprog(rqstp); 990 991 svc_freereq(rqstp); 992 } 993 2014/1/5 John-Mark Gurney : > Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 11:06 +0200: >> 2014/1/5 John-Mark Gurney : >> > Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 10:57 +0200: >> >> I started to see a reliable panic on a recent CURRENT: >> >> >> >> $ uname -a >> >> FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 >> >> r260296: Sun Jan 5 07:14:50 EET 2014 >> >> r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 >> >> >> >> The panic is always triggered by the first request to the nfs service >> >> (this machine runs a PXE server). >> >> >> >> The core.txt is attached. Please let me know if I can help more. >> > >> > Apparently the mime-type on the attachment was bad and got scrubbed... >> > >> > Maybe include it inline if it isn't too long? >> > >> >> It's 144KB long. I will share it via Google Drive: >> >> https://drive.google.com/file/d/0B9Q-zpUXxqCnNVhBY0M5ZzU4d1k/edit?usp=sharing > > Looks like a NULL function pointer was called: > Fatal trap 12: page fault while in kernel mode > cpuid = 0; apic id = 00 > fault virtual address = 0x0 > fault code = supervisor read instruction, page not present > instruction pointer = 0x20:0x0 > stack pointer = 0x28:0xfe00d9a2bea0 > frame pointer = 0x28:0xfe00d9a2c010 > code segment= base 0x0, limit 0xf, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags= interrupt enabled, resume, IOPL = 0 > current process = 1323 (nfsd: master) > trap number = 12 > panic: page fault > > --- trap 0xc, rip = 0, rsp = 0xfe00d9a2bea0, rbp = 0xfe00d9a2c010 --- > uart_sab82532_class() at 0/frame 0xfe00d9a2c010 > svc_run_internal() at svc_run_internal+0x9c9/frame 0xfe00d9a2c1b0 > svc_run() at svc_run+0xed/frame 0xfe00d9a2c1f0 > nfsrvd_nfsd() at nfsrvd_nfsd+0x19a/frame 0xfe00d9a2c350 > nfssvc_nfsd() at nfssvc_nfsd+0x11a/frame 0xfe00d9a2c970 > sys_nfssvc() at sys_nfssvc+0xd2/frame 0xfe00d9a2c9a0 > amd64_syscall() at amd64_syscall+0x265/frame 0xfe00d9a2cab0 > Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfe00d9a2cab0 > --- syscall (155, FreeBSD ELF64, sys_nfssvc), rip = 0x80088c13a, rsp = > 0x7fffd438, rbp = 0x7fffd6e0 --- > > The uart_sab82532_class is just the closest symbol to 0, so it's in > svc_run_internal that's the problem... Could you run: > nm /boot/kernel/kernel | grep svc_run_internal > > This should return a line w/ a large hex number at the front, then run: > addr2line -e /boot/kernel/kernel $( expr 0x+0x9c9) > > This will give you a file name and line number, and can you copy/paste > the lines around and including that line number? This will help make > sure we get the correct code... > > Thanks. > > -- > John-Mark Gurney Voice: +1 415 225 5579 > >
Re: 11.0-CURRENT panic (nfsd?)
Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 11:06 +0200: > 2014/1/5 John-Mark Gurney : > > Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 10:57 +0200: > >> I started to see a reliable panic on a recent CURRENT: > >> > >> $ uname -a > >> FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 > >> r260296: Sun Jan 5 07:14:50 EET 2014 > >> r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 > >> > >> The panic is always triggered by the first request to the nfs service > >> (this machine runs a PXE server). > >> > >> The core.txt is attached. Please let me know if I can help more. > > > > Apparently the mime-type on the attachment was bad and got scrubbed... > > > > Maybe include it inline if it isn't too long? > > > > It's 144KB long. I will share it via Google Drive: > > https://drive.google.com/file/d/0B9Q-zpUXxqCnNVhBY0M5ZzU4d1k/edit?usp=sharing Looks like a NULL function pointer was called: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x0 fault code = supervisor read instruction, page not present instruction pointer = 0x20:0x0 stack pointer = 0x28:0xfe00d9a2bea0 frame pointer = 0x28:0xfe00d9a2c010 code segment= base 0x0, limit 0xf, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags= interrupt enabled, resume, IOPL = 0 current process = 1323 (nfsd: master) trap number = 12 panic: page fault --- trap 0xc, rip = 0, rsp = 0xfe00d9a2bea0, rbp = 0xfe00d9a2c010 --- uart_sab82532_class() at 0/frame 0xfe00d9a2c010 svc_run_internal() at svc_run_internal+0x9c9/frame 0xfe00d9a2c1b0 svc_run() at svc_run+0xed/frame 0xfe00d9a2c1f0 nfsrvd_nfsd() at nfsrvd_nfsd+0x19a/frame 0xfe00d9a2c350 nfssvc_nfsd() at nfssvc_nfsd+0x11a/frame 0xfe00d9a2c970 sys_nfssvc() at sys_nfssvc+0xd2/frame 0xfe00d9a2c9a0 amd64_syscall() at amd64_syscall+0x265/frame 0xfe00d9a2cab0 Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfe00d9a2cab0 --- syscall (155, FreeBSD ELF64, sys_nfssvc), rip = 0x80088c13a, rsp = 0x7fffd438, rbp = 0x7fffd6e0 --- The uart_sab82532_class is just the closest symbol to 0, so it's in svc_run_internal that's the problem... Could you run: nm /boot/kernel/kernel | grep svc_run_internal This should return a line w/ a large hex number at the front, then run: addr2line -e /boot/kernel/kernel $( expr 0x+0x9c9) This will give you a file name and line number, and can you copy/paste the lines around and including that line number? This will help make sure we get the correct code... Thanks. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: 11.0-CURRENT panic (nfsd?)
2014/1/5 John-Mark Gurney : > Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 10:57 +0200: >> I started to see a reliable panic on a recent CURRENT: >> >> $ uname -a >> FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 >> r260296: Sun Jan 5 07:14:50 EET 2014 >> r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 >> >> The panic is always triggered by the first request to the nfs service >> (this machine runs a PXE server). >> >> The core.txt is attached. Please let me know if I can help more. > > Apparently the mime-type on the attachment was bad and got scrubbed... > > Maybe include it inline if it isn't too long? > It's 144KB long. I will share it via Google Drive: https://drive.google.com/file/d/0B9Q-zpUXxqCnNVhBY0M5ZzU4d1k/edit?usp=sharing -- Markiyan. > -- > John-Mark Gurney Voice: +1 415 225 5579 > > "All that I will do, has been done, All that I have, has not." ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: 11.0-CURRENT panic (nfsd?)
Markiyan Kushnir wrote this message on Sun, Jan 05, 2014 at 10:57 +0200: > I started to see a reliable panic on a recent CURRENT: > > $ uname -a > FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 > r260296: Sun Jan 5 07:14:50 EET 2014 > r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 > > The panic is always triggered by the first request to the nfs service > (this machine runs a PXE server). > > The core.txt is attached. Please let me know if I can help more. Apparently the mime-type on the attachment was bad and got scrubbed... Maybe include it inline if it isn't too long? -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: 11.0-CURRENT panic (nfsd?)
Please ignore the attached core.txt.1.gz, and see the new core.txt.2.gz in this attachment. I confused files. -- Markiyan. 2014/1/5 Markiyan Kushnir : > I started to see a reliable panic on a recent CURRENT: > > $ uname -a > FreeBSD mkushnir.mooo.com 11.0-CURRENT FreeBSD 11.0-CURRENT #0 > r260296: Sun Jan 5 07:14:50 EET 2014 > r...@vm.mkushnir.mooo.com:/usr/obj/usr/src.svnup/sys/MAREK amd64 > > The panic is always triggered by the first request to the nfs service > (this machine runs a PXE server). > > The core.txt is attached. Please let me know if I can help more. > > -- > Markiyan. ___ freebsd-current@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"