Date: Fri, 22 Jun 2018 13:19:11 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 229222] 11.2-PRERELEASE panic-General Protection Fault, aesni_encrypt_cbc implicated Message-ID: <bug-229222-227-rYKB9lmMwL@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-229222-227@https.bugs.freebsd.org/bugzilla/> References: <bug-229222-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D229222 --- Comment #3 from dewayne@heuristicsystems.com.au --- (In reply to Konstantin Belousov from comment #2) Thank-you for looking into this. I should clarify an earlier observation. = It appears that the ssh connection was initiated from within an i386 jail that resides on the amd64 base system. i386 jails run openssl and not libressl. To you request Konstantin (kgdb) disassemble 0xffffffff80df76ee Dump of assembler code for function aesni_encrypt_cbc: 0xffffffff80df76b0 <aesni_encrypt_cbc+0>: push %rbp 0xffffffff80df76b1 <aesni_encrypt_cbc+1>: mov %rsp,%rbp 0xffffffff80df76b4 <aesni_encrypt_cbc+4>: sub $0x90,%rsp 0xffffffff80df76bb <aesni_encrypt_cbc+11>: mov %edi,-0x2c(%rbp) 0xffffffff80df76be <aesni_encrypt_cbc+14>: mov %rsi,-0x38(%rbp) 0xffffffff80df76c2 <aesni_encrypt_cbc+18>: mov %rdx,-0x40(%rbp) 0xffffffff80df76c6 <aesni_encrypt_cbc+22>: mov %rcx,-0x48(%rbp) 0xffffffff80df76ca <aesni_encrypt_cbc+26>: mov %r8,-0x50(%rbp) 0xffffffff80df76ce <aesni_encrypt_cbc+30>: mov %r9,-0x58(%rbp) 0xffffffff80df76d2 <aesni_encrypt_cbc+34>: mov -0x40(%rbp),%rcx 0xffffffff80df76d6 <aesni_encrypt_cbc+38>: shr $0x4,%rcx 0xffffffff80df76da <aesni_encrypt_cbc+42>: mov %rcx,-0x40(%rbp) 0xffffffff80df76de <aesni_encrypt_cbc+46>: mov -0x58(%rbp),%rcx 0xffffffff80df76e2 <aesni_encrypt_cbc+50>: mov %rcx,-0x28(%rbp) 0xffffffff80df76e6 <aesni_encrypt_cbc+54>: mov -0x28(%rbp),%rcx 0xffffffff80df76ea <aesni_encrypt_cbc+58>: movdqu (%rcx),%xmm0 0xffffffff80df76ee <aesni_encrypt_cbc+62>: movdqa %xmm0,-0x80(%rbp) 0xffffffff80df76f3 <aesni_encrypt_cbc+67>: movq $0x0,-0x88(%rbp) 0xffffffff80df76fe <aesni_encrypt_cbc+78>: mov -0x88(%rbp),%rax 0xffffffff80df7705 <aesni_encrypt_cbc+85>: cmp -0x40(%rbp),%rax 0xffffffff80df7709 <aesni_encrypt_cbc+89>: jae 0xffffffff80df7795 <aesni_encrypt_cbc+229> 0xffffffff80df770f <aesni_encrypt_cbc+95>: mov -0x2c(%rbp),%eax 0xffffffff80df7712 <aesni_encrypt_cbc+98>: sub $0x1,%eax 0xffffffff80df7715 <aesni_encrypt_cbc+101>: mov -0x38(%rbp),%rcx 0xffffffff80df7719 <aesni_encrypt_cbc+105>: mov -0x48(%rbp),%rdx 0xffffffff80df771d <aesni_encrypt_cbc+109>: mov %rdx,-0x8(%rbp) 0xffffffff80df7721 <aesni_encrypt_cbc+113>: mov -0x8(%rbp),%rdx 0xffffffff80df7725 <aesni_encrypt_cbc+117>: movdqu (%rdx),%xmm0 0xffffffff80df7729 <aesni_encrypt_cbc+121>: pxor -0x80(%rbp),%xmm0 0xffffffff80df772e <aesni_encrypt_cbc+126>: mov %eax,%edi 0xffffffff80df7730 <aesni_encrypt_cbc+128>: mov %rcx,%rsi 0xffffffff80df7733 <aesni_encrypt_cbc+131>: callq 0xffffffff80df77a0 <aesni_enc> 0xffffffff80df7738 <aesni_encrypt_cbc+136>: movdqa %xmm0,-0x70(%rbp) 0xffffffff80df773d <aesni_encrypt_cbc+141>: movdqa -0x70(%rbp),%xmm0 0xffffffff80df7742 <aesni_encrypt_cbc+146>: movdqa %xmm0,-0x80(%rbp) 0xffffffff80df7747 <aesni_encrypt_cbc+151>: mov -0x50(%rbp),%rcx ---Type <return> to continue, or q <return> to quit--- 0xffffffff80df774b <aesni_encrypt_cbc+155>: movdqa -0x70(%rbp),%xmm0 0xffffffff80df7750 <aesni_encrypt_cbc+160>: mov %rcx,-0x10(%rbp) 0xffffffff80df7754 <aesni_encrypt_cbc+164>: movdqa %xmm0,-0x20(%rbp) 0xffffffff80df7759 <aesni_encrypt_cbc+169>: movdqa -0x20(%rbp),%xmm0 0xffffffff80df775e <aesni_encrypt_cbc+174>: mov -0x10(%rbp),%rcx 0xffffffff80df7762 <aesni_encrypt_cbc+178>: movdqu %xmm0,(%rcx) 0xffffffff80df7766 <aesni_encrypt_cbc+182>: mov -0x48(%rbp),%rcx 0xffffffff80df776a <aesni_encrypt_cbc+186>: add $0x10,%rcx 0xffffffff80df776e <aesni_encrypt_cbc+190>: mov %rcx,-0x48(%rbp) 0xffffffff80df7772 <aesni_encrypt_cbc+194>: mov -0x50(%rbp),%rcx 0xffffffff80df7776 <aesni_encrypt_cbc+198>: add $0x10,%rcx 0xffffffff80df777a <aesni_encrypt_cbc+202>: mov %rcx,-0x50(%rbp) 0xffffffff80df777e <aesni_encrypt_cbc+206>: mov -0x88(%rbp),%rax 0xffffffff80df7785 <aesni_encrypt_cbc+213>: add $0x1,%rax 0xffffffff80df7789 <aesni_encrypt_cbc+217>: mov %rax,-0x88(%rbp) 0xffffffff80df7790 <aesni_encrypt_cbc+224>: jmpq 0xffffffff80df76fe <aesni_encrypt_cbc+78> 0xffffffff80df7795 <aesni_encrypt_cbc+229>: add $0x90,%rsp 0xffffffff80df779c <aesni_encrypt_cbc+236>: pop %rbp 0xffffffff80df779d <aesni_encrypt_cbc+237>: retq End of assembler dump. Current language: auto; currently minimal (kgdb) p/x *(struct frame *)0xfffffe0688f57d30 No struct type named frame. Happy to provide any information that will help. I'm GMT+10, 23:18 local, so may take awhile. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-229222-227-rYKB9lmMwL>