From owner-freebsd-stable@FreeBSD.ORG Tue Aug 27 01:42:03 2013 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 32F5AC34 for ; Tue, 27 Aug 2013 01:42:03 +0000 (UTC) (envelope-from kostikbel@gmail.com) Received: from kib.kiev.ua (kib.kiev.ua [IPv6:2001:470:d5e7:1::1]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 4B1EF2FB2 for ; Tue, 27 Aug 2013 01:42:01 +0000 (UTC) Received: from tom.home (kostik@localhost [127.0.0.1]) by kib.kiev.ua (8.14.7/8.14.7) with ESMTP id r7R1fs2X017228; Tue, 27 Aug 2013 04:41:54 +0300 (EEST) (envelope-from kostikbel@gmail.com) DKIM-Filter: OpenDKIM Filter v2.8.3 kib.kiev.ua r7R1fs2X017228 Received: (from kostik@localhost) by tom.home (8.14.7/8.14.7/Submit) id r7R1fsM0017227; Tue, 27 Aug 2013 04:41:54 +0300 (EEST) (envelope-from kostikbel@gmail.com) X-Authentication-Warning: tom.home: kostik set sender to kostikbel@gmail.com using -f Date: Tue, 27 Aug 2013 04:41:54 +0300 From: Konstantin Belousov To: Rick Macklem Subject: Re: Stack overflow with kernel r254683 Message-ID: <20130827014154.GO4972@kib.kiev.ua> References: <1EFE239F82F279488E86A61C92D5E2DE03828F@DENBGAT9EI2MSX.ww902.siemens.net> <1524261611.13937235.1377558708504.JavaMail.root@uoguelph.ca> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0L3On4CPY00n7Jtc" Content-Disposition: inline In-Reply-To: <1524261611.13937235.1377558708504.JavaMail.root@uoguelph.ca> User-Agent: Mutt/1.5.21 (2010-09-15) X-Spam-Status: No, score=-2.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, DKIM_ADSP_CUSTOM_MED,FREEMAIL_FROM,NML_ADSP_CUSTOM_MED autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on tom.home Cc: freebsd-stable@freebsd.org, Matthias Schuendehuette X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Aug 2013 01:42:03 -0000 --0L3On4CPY00n7Jtc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Aug 26, 2013 at 07:11:48PM -0400, Rick Macklem wrote: > Matthias Schuendehuette wrote: > > Hello, > >=20 > > yesterday I got a kernel crash on my server (a ProLiant DL380 G5): > >=20 > > "panic: stack overflow detected; backtrace may be corrupted" > >=20 > > Kernel is "9.2-PRERELEASE FreeBSD 9.2-PRERELEASE #7 r254683" > >=20 > >=20 > > The stack trace reads: > >=20 > > #0 doadump (textdump=3D1) at pcpu.h:249 > > 249 pcpu.h: No such file or directory. > > in pcpu.h > > (kgdb) #0 doadump (textdump=3D1) at pcpu.h:249 > > #1 0xc0668a4d in kern_reboot (howto=3D260) > > at /usr/src/sys/kern/kern_shutdown.c:449 > > #2 0xc0668f07 in panic (fmt=3D0x104
) > > at /usr/src/sys/kern/kern_shutdown.c:637 > > #3 0xc0691da2 in __stack_chk_fail () > > at /usr/src/sys/kern/stack_protector.c:17 > > #4 0xc7fdb175 in nfsrvd_setattr (nd=3D0xc73b4400, isdgram=3D-952596480, > > vp=3D0xc8001140, p=3D0xf405ecc8, exp=3D0xc07af7f0) > > at > > /usr/src/sys/modules/nfsd/../../fs/nfsserver/nfs_nfsdserv.c:371 > > #5 0xc7fdb6e0 in nfsrvd_releaselckown (nd=3D0xc7442a00, > > isdgram=3D-952596480, > > vp=3D0xc7388848, p=3D0xf405ecb8, exp=3D0x0) > > at > > /usr/src/sys/modules/nfsd/../../fs/nfsserver/nfs_nfsdserv.c:3481 > > #6 0xc07af7f0 in svc_run_internal (pool=3D0xc7de8b80, ismaster=3D0) > > at /usr/src/sys/rpc/svc.c:1109 > > #7 0xc07b006d in svc_thread_start (arg=3D0xc7de8b80) > > at /usr/src/sys/rpc/svc.c:1200 > > #8 0xc06384f7 in fork_exit (callout=3D0xc07b0060 , > > arg=3D0xc7de8b80, frame=3D0xf405ed08) at > > /usr/src/sys/kern/kern_fork.c:992 > > #9 0xc08787c4 in fork_trampoline () at > > /usr/src/sys/i386/i386/exception.s:279 > >=20 > Well, when I've looked on i386, the nfsd threads normally don't use 1 page > and the stacks are 2 pages, so I doubt an nfsd thread is blowing the stac= k. It is overflowing the frame, not the whole stack. In other word, something overwrote the canary which was put on the stack between local variables and the return address, possibly corrupting the return address as well. > Also, nfsrvd_releaselckown() doesn't call nfsrvd_setattr(), so the backtr= ace > doesn't make much sense. Yes, this might be one of the consequences of the stack smashing. >=20 > Afraid I can't help more than this. Good luck with it, rick >=20 > >=20 > > I have all the files in /var/crash, so if someone wants additional > > informations > > I should be able to deliver them. > >=20 > > The kernel config file is customized in the sense that I have removed > > kernel items, that aren't used on that machine. > >=20 > > One major difference: I use > >=20 > > < options NFSCLIENT # Network Filesystem Client > > < options NFSSERVER # Network Filesystem Server > >=20 > > instead of > >=20 > > > options NFSCL # New Network Filesystem > > > Client > > > options NFSD # New Network Filesystem > > > Server > >=20 > > because a kernel a few weeks ago immediately crashed with the new > > NFS-code. > >=20 > > But it seems now, that the old NFS-code is also somehow damaged. > >=20 > > Ah, and I still have from older releases of FreeBSD the following > > loader options - do they still make sense? > >=20 > > geom_vinum_load=3D"YES" > > kern.maxdsiz=3D"734003200" > > vm.pmap.shpgperproc=3D256 > > vm.pmap.pv_entry_max=3D3145728 > >=20 > >=20 > > 'geom_vinum' is used as LVM only, no RAIDs are configured. > >=20 > > This server is primarily a Samba server with the SMB-shares exported > > as NFS-shares as well > > for the other *nix-servers around. > >=20 > > Because this is the most loaded production server, testing is a bit > > difficult, restricted to the evening and the weekends. > >=20 > > On my two other FreeBSD machines I have no problems at all, one of > > them is an identical ProLiant server with a nearly identical kernel > > config - runs like a charm... > >=20 > > Has someone a good advice or further questions? > >=20 > >=20 > > =20 > > with best regards > > Matthias Sch??ndeh??tte > >=20 > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to > > "freebsd-stable-unsubscribe@freebsd.org" > >=20 > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" --0L3On4CPY00n7Jtc Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.21 (FreeBSD) iQIcBAEBAgAGBQJSHAPhAAoJEJDCuSvBvK1B/E0P/0tgoAk0Yeiouk8mSSLKN/1A Gyk60vdh4fxgbjrMNWIi+3R5/ZvmnpZkFAH5pVpnblhKqC0WqGgxoUKibhGKnyul fGshMLRZMkSU+YAzee1h/agDGnUHkxR0LqRHib21Q9puC2jjZETm6xqwpm6kRlrc M1SSS8nt7pSJG9xqcNDfOTa7EOa0ucgob/SyLcilOnOHrAhAFWKQp5v2qie55XaK VL/yKlyCGmDt9u970yDgzBjADt3J8V1ErmsZA7SK9yi2W2Gj/5ENdfnRFqOAGDpm UMfS9THi7uEizTrC2wkpFtwN9lhgzR6uYI2qGTEOMoHtcHkF+ZdUNHbd83zc/bzS Nz25EFxtrC5BUdwaTCC2nST7wjz8/iawG2GQz3GQT23w+ozrPUPCxfyB26GtU8G2 9//uDF2EWph1KCeaHljT0EBCcIjcyTnug+DGP80RxOAaVzBxB6dCvu31aVL4H4/3 ugUneqfc2ymMHUFNPOteWYp+Ok6BsPG+s+Jy9+JolDV14FV9fUr1q6s2PEuyMgp1 aBd7pTC62Z9JP0YynknpMpQRhYg9MFdoP6y0NRi0ORvvasKUwtHaP0e/KotI0oLI LfhY5p+DPyR1LAZaPWg5KsCzPucHLowHir8u42DPEye31xl1ki32OE+89nwZ1ZLK KdbrVDw08jH9mPVFIQtX =2rTd -----END PGP SIGNATURE----- --0L3On4CPY00n7Jtc--