From owner-freebsd-current@freebsd.org  Wed Nov 18 04:53:16 2020
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 416D82E20D3
 for <freebsd-current@mailman.nyi.freebsd.org>;
 Wed, 18 Nov 2020 04:53:16 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4CbVn81P63z4g65;
 Wed, 18 Nov 2020 04:53:16 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: from mail-qk1-f177.google.com (mail-qk1-f177.google.com
 [209.85.222.177])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 (Authenticated sender: kevans)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 1E4D224827;
 Wed, 18 Nov 2020 04:53:16 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: by mail-qk1-f177.google.com with SMTP id n132so714753qke.1;
 Tue, 17 Nov 2020 20:53:16 -0800 (PST)
X-Gm-Message-State: AOAM533tAkHL+TVF3N/WYleS2BmYFTibixMcpYtMfT4o+h/fkm6Ezw+q
 2w+jvv0XBgjXunr784QS0zmIicKXSA7ApVyjkWY=
X-Google-Smtp-Source: ABdhPJyo6o77DaVhxaBgmsLNDNAF95lPqKk77/50EfdBhS/CU5Fqk8Pno6B7p9GCiF7e8vNDUISZ4iNtjQMrLK9UpfQ=
X-Received: by 2002:a37:9883:: with SMTP id a125mr3224019qke.430.1605675195650; 
 Tue, 17 Nov 2020 20:53:15 -0800 (PST)
MIME-Version: 1.0
References: <aa73213c-eb10-d984-f770-46601b7a1a9d@gmail.com>
 <X7QUICQLn1tBuezi@kib.kiev.ua> <X7ScgudrWey7f9Ur@raichu>
In-Reply-To: <X7ScgudrWey7f9Ur@raichu>
From: Kyle Evans <kevans@freebsd.org>
Date: Tue, 17 Nov 2020 22:53:04 -0600
X-Gmail-Original-Message-ID: <CACNAnaEuHfBKj0jV=r2HXxufbdTo-8MJ1mxa4K2w5xsJnEhX3w@mail.gmail.com>
Message-ID: <CACNAnaEuHfBKj0jV=r2HXxufbdTo-8MJ1mxa4K2w5xsJnEhX3w@mail.gmail.com>
Subject: Re: Samba kernel panics.
To: Mark Johnston <markj@freebsd.org>
Cc: Konstantin Belousov <kostikbel@gmail.com>,
 Johan Hendriks <joh.hendriks@gmail.com>, 
 FreeBSD Current <freebsd-current@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Nov 2020 04:53:16 -0000

On Tue, Nov 17, 2020 at 10:01 PM Mark Johnston <markj@freebsd.org> wrote:
>
> On Tue, Nov 17, 2020 at 08:19:12PM +0200, Konstantin Belousov wrote:
> > On Tue, Nov 17, 2020 at 06:20:31PM +0100, Johan Hendriks wrote:
> > > Hello all after updating FreeBSD13 from r367724 to r367755 my samba server
> > > craches the server.
> > > I did rebuild samba 4.11 but that does not help.
> > >
> > > The output on the console is the following.
> > >
> > > Fatal trap 12: page fault while in kernel mode
> > > cpuid =3; apic id = 06
> > > fault virtual address    = 0x803a122b8
> > > fault code                   = supervisor read instruction, protection
> > > violation
> > > instruction pointer      = 0x20:0x803a122b8
> > > stack pointer               = 0x28:0xfffffe0127733a50
> > > frame pointer              = 0x28:0x803a122b0
> > > code segment             = base 0x0, limit 0xfffff, type 0x1b
> > >                                    = DPL 0, pres 1, long 1, def32 0, gran 1
> > > processor eflags          = 17340 (smbd)
> > > trap number                = 12
> > > panic: page fault
> > > cpuid =3
> > > time = 1605632521
> > > KDB: stack backtrace:
> > > db_trace_self_wrapper() at db_trace_setf_wrapper+0x2b/frame
> > > 0xfffffe0127733700
> > > vpanic() at vpanic+0x182/frame 0xfffffe0127733750
> > > panic() at panic+0x43/frame 0xfffffe01277337b0
> > > trap_fatal() at trap_fatal+0x387/frame 0xfffffe0127733810
> > > trap_pfault() at trap_pfault+0x4f/frame 0xfffffe0127733870
> > > trap() at trap+0x27d/frame 0xfffffe0127733980
> > > calltrap() at caltrap+0x8/frame 0xfffffe0127733980
> > > --- trap 0xc, rip = 0x803a122b8, rsp = 0xfffffe0127733a50, rbp = 0x803a122b0
> > > ---
> > > KDB: enter: panic
> > > [ thread pid 17340 tid 101772 ]
> > > stopped at        kdb_enter+0x37: movq     $0,0x1fa9446(%rip)
> > > db>
> >
> > This looks like SMEP catching an issue, but it is not clear why.
>
> Probably fixed by r367783?  The bug would have partially overwritten the
> stack frame, resulting in a jump to a user address after a return.
>

Ah, yes, sorry that I missed this -- smbd was in-fact the exact
program that the reporter noted observed it with, and what the fix was
confirmed with. Sorry for the breakage~

Kyle Evans