Date: Mon, 24 Jul 2017 17:31:37 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 220972] stable/11: panic in scsi_pass.c/passsendccb: page not present Message-ID: <bug-220972-8@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D220972 Bug ID: 220972 Summary: stable/11: panic in scsi_pass.c/passsendccb: page not present Product: Base System Version: 11.0-STABLE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: eugen@freebsd.org My mSATA SSD module (ada1) died and now kernel panices if I start smartd. I managed to obtain crashdump for debugging kernel. kgdb session follows: Script started on Tue Jul 25 00:25:08 2017 Command: kgdb kernel.debug /var/crash/vmcore.6 GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: stack backtrace: #0 0xffffffff80a13560 at witness_debugger+0x70 #1 0xffffffff80a1498e at witness_warn+0x45e #2 0xffffffff80e4d363 at trap_pfault+0x53 #3 0xffffffff80e4cb0e at trap+0x29e #4 0xffffffff80e30a61 at calltrap+0x8 #5 0xffffffff8033879a at passsendccb+0x6a #6 0xffffffff80337896 at passdoioctl+0x3c6 #7 0xffffffff803370b2 at passioctl+0x22 #8 0xffffffff80879188 at devfs_ioctl_f+0x138 #9 0xffffffff80a190c4 at kern_ioctl+0x2c4 #10 0xffffffff80a18d8f at sys_ioctl+0x16f #11 0xffffffff80e4dd2a at amd64_syscall+0x53a #12 0xffffffff80e30d4b at Xfast_syscall+0xfb Fatal trap 12: page fault while in kernel mode cpuid =3D 0; apic id =3D 00 fault virtual address =3D 0xa fault code =3D supervisor read data, page not present instruction pointer =3D 0x20:0xffffffff80e4b1b1 stack pointer =3D 0x28:0xfffffe04675ee670 frame pointer =3D 0x28:0xfffffe04675ee670 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 1028 (smartd) trap number =3D 12 panic: page fault cpuid =3D 0 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe04675ee= 250 vpanic() at vpanic+0x186/frame 0xfffffe04675ee2d0 panic() at panic+0x43/frame 0xfffffe04675ee330 trap_fatal() at trap_fatal+0x322/frame 0xfffffe04675ee380 trap_pfault() at trap_pfault+0x62/frame 0xfffffe04675ee3e0 trap() at trap+0x29e/frame 0xfffffe04675ee5a0 calltrap() at calltrap+0x8/frame 0xfffffe04675ee5a0 --- trap 0xc, rip =3D 0xffffffff80e4b1b1, rsp =3D 0xfffffe04675ee670, rbp = =3D 0xfffffe04675ee670 --- copyin() at copyin+0x41/frame 0xfffffe04675ee670 passsendccb() at passsendccb+0x6a/frame 0xfffffe04675ee6f0 passdoioctl() at passdoioctl+0x3c6/frame 0xfffffe04675ee7a0 passioctl() at passioctl+0x22/frame 0xfffffe04675ee7e0 devfs_ioctl_f() at devfs_ioctl_f+0x138/frame 0xfffffe04675ee840 kern_ioctl() at kern_ioctl+0x2c4/frame 0xfffffe04675ee8a0 sys_ioctl() at sys_ioctl+0x16f/frame 0xfffffe04675ee980 amd64_syscall() at amd64_syscall+0x53a/frame 0xfffffe04675eeab0 Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe04675eeab0 --- syscall (54, FreeBSD ELF64, sys_ioctl), rip =3D 0x80174c18a, rsp =3D 0x7fffffff0308, rbp =3D 0x7fffffff0900 --- Uptime: 1m51s Dumping 739 out of 16285 MB: (CTRL-C to abort) ..3%..11%..22%..31%..42%..52%..61%..72%..81%..91% Reading symbols from /boot/modules/geom_journal.ko...done. Loaded symbols for /boot/modules/geom_journal.ko Reading symbols from /boot/modules/nvidia-modeset.ko...done. Loaded symbols for /boot/modules/nvidia-modeset.ko Reading symbols from /boot/modules/nvidia.ko...done. Loaded symbols for /boot/modules/nvidia.ko Reading symbols from /boot/modules/vboxdrv.ko...done. Loaded symbols for /boot/modules/vboxdrv.ko Reading symbols from /boot/modules/vboxnetflt.ko...done. Loaded symbols for /boot/modules/vboxnetflt.ko Reading symbols from /boot/modules/vboxnetadp.ko...done. Loaded symbols for /boot/modules/vboxnetadp.ko #0 doadump (textdump=3D1) at pcpu.h:222 222 __asm("movq %%gs:%1,%0" : "=3Dr" (td) (kgdb) bt #0 doadump (textdump=3D1) at pcpu.h:222 #1 0xffffffff809b27ee in kern_reboot (howto=3D260) at /home/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff809b2e30 in vpanic (fmt=3D<value optimized out>, ap=3D<value optimized out>) at /home/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff809b2e73 in panic (fmt=3D<value optimized out>) at /home/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80e4d302 in trap_fatal (frame=3D0xfffffe04675ee5b0, eva=3D10)= at /home/src/sys/amd64/amd64/trap.c:801 #5 0xffffffff80e4d372 in trap_pfault (frame=3D0xfffffe04675ee5b0, usermode= =3D0) at pcpu.h:222 #6 0xffffffff80e4cb0e in trap (frame=3D0xfffffe04675ee5b0) at /home/src/sys/amd64/amd64/trap.c:421 #7 0xffffffff80e30a61 in calltrap () at /home/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff80e4b1b1 in copyin () at /home/src/sys/amd64/amd64/support.S:= 304 #9 0xffffffff8033879a in passsendccb (periph=3D0xfffff8000cfe6d00, ccb=3D0xfffff8005f6bf000, inccb=3D0xfffff8000efd8800) at /home/src/sys/cam/scsi/scsi_pass.c:2172 #10 0xffffffff80337896 in passdoioctl (dev=3D<value optimized out>, cmd=3D<= value optimized out>, addr=3D0xfffff8000efd8800 "", flag=3D<value optimized out>,= =20 td=3D<value optimized out>) at /home/src/sys/cam/scsi/scsi_pass.c:1823 #11 0xffffffff803370b2 in passioctl (dev=3D0xfffff8000cfc5800, cmd=3D330302= 0802, addr=3D0xfffff8000efd8800 "", flag=3D3, td=3D0xfffff8000e00a000) at /home/src/sys/cam/scsi/scsi_pass.c:1751 #12 0xffffffff80879188 in devfs_ioctl_f (fp=3D0xfffff8000e2a2870, com=3D330= 3020802, data=3D0xfffff8000efd8800, cred=3D0xfffff8000ed81e00, td=3D0xfffff8000e00a0= 00) at /home/src/sys/fs/devfs/devfs_vnops.c:791 #13 0xffffffff80a190c4 in kern_ioctl (td=3D<value optimized out>, fd=3D<val= ue optimized out>, com=3D<value optimized out>, data=3D<value optimized out>) = at file.h:323 #14 0xffffffff80a18d8f in sys_ioctl (td=3D<value optimized out>, uap=3D0xfffff8000e00a538) at /home/src/sys/kern/sys_generic.c:745 #15 0xffffffff80e4dd2a in amd64_syscall (td=3D0xfffff8000e00a000, traced=3D= 0) at subr_syscall.c:131 #16 0xffffffff80e30d4b in Xfast_syscall () at /home/src/sys/amd64/amd64/exception.S:396 #17 0x000000080174c18a in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal (kgdb) frame 9 #9 0xffffffff8033879a in passsendccb (periph=3D0xfffff8000cfe6d00, ccb=3D0xfffff8005f6bf000, inccb=3D0xfffff8000efd8800) at /home/src/sys/cam/scsi/scsi_pass.c:2172 2172 error =3D copyin(ccb->csio.cdb_io.cdb_ptr, cmd, ccb->csio.cdb_len); (kgdb) p ccb->csio.cdb_len $1 =3D 32 ' ' (kgdb) p ccb->csio.cdb_io.cdb_ptr $2 =3D (u_int8_t *) 0xa <Address 0xa out of bounds> (kgdb) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-220972-8>