From owner-freebsd-bugs@freebsd.org Tue Nov 22 01:11:41 2016 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id DD2EFC4DBAF for ; Tue, 22 Nov 2016 01:11:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C321D1D2F for ; Tue, 22 Nov 2016 01:11:41 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id uAM1BfDM068254 for ; Tue, 22 Nov 2016 01:11:41 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 214705] Kernel panic trying to playback encrypted DVD, "Fatal trap 12: page fault while in kernel mode" Date: Tue, 22 Nov 2016 01:11:41 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: kumba@gentoo.org X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Nov 2016 01:11:42 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214705 --- Comment #2 from Joshua Kinard --- (In reply to Konstantin Belousov from comment #1) Well, I am running GENERIC-11.0-p2, but it looks like I can only find the d= ebug symbols from the original RELEASE kernel. Doesn't seem that kgdb minds tha= t, though: # kgdb kernel.debug /var/crash/vmcore.last GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: panic: page fault cpuid =3D 1 KDB: stack backtrace: #0 0xffffffff80b24077 at kdb_backtrace+0x67 #1 0xffffffff80ad93e2 at vpanic+0x182 #2 0xffffffff80ad9253 at panic+0x43 #3 0xffffffff80fa0d51 at trap_fatal+0x351 #4 0xffffffff80fa0f43 at trap_pfault+0x1e3 #5 0xffffffff80fa04ec at trap+0x26c #6 0xffffffff80f84141 at calltrap+0x8 #7 0xffffffff8110b469 at VOP_READ_APV+0x89 #8 0xffffffff80bc0977 at vn_read+0x157 #9 0xffffffff80bbc18d at vn_io_fault+0x10d #10 0xffffffff80b40df8 at dofileread+0x98 #11 0xffffffff80b40ac8 at kern_readv+0x68 #12 0xffffffff80b40a54 at sys_read+0x84 #13 0xffffffff80fa16ae at amd64_syscall+0x4ce #14 0xffffffff80f8442b at Xfast_syscall+0xfb Uptime: 6m21s Dumping 529 out of 7743 MB:..4%..13%..22%..31%..43%..52%..61%..73%..82%..91% Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/zfs.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/zfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/opensolaris.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/opensolaris.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/amdtemp.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/amdtemp.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/tmpfs.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/tmpfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/ums.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/ums.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/uftdi.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/uftdi.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/ucom.ko.debug...don= e. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/ucom.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/fdescfs.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/fdescfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkms.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkms.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/drm2.ko.debug...don= e. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/drm2.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iicbus.ko.debug...d= one. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iicbus.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iic.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iic.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iicbb.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iicbb.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_pfp.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_pfp.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_me.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_me.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_SUMO_rlc.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_SUMO_rlc.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/udf.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/udf.ko.debug #0 doadump (textdump=3D) at pcpu.h:221 221 pcpu.h: No such file or directory. in pcpu.h Backtrace: (kgdb) bt #0 doadump (textdump=3D) at pcpu.h:221 #1 0xffffffff80ad8e69 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80ad941b in vpanic (fmt=3D, ap=3D) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80ad9253 in panic (fmt=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80fa0d51 in trap_pfault (frame=3D0x0, usermode=3D0) at /usr/src/sys/amd64/amd64/trap.c:642 #5 0xffffffff80fa0f43 in trap_pfault (frame=3D0xfffffe0220881780, usermode=3D) at /usr/src/sys/amd64/amd64/trap.c:750 #6 0xffffffff80fa04ec in trap (frame=3D0xfffffe0220881780) at /usr/src/sys/amd64/amd64/trap.c:576 #7 0xffffffff80f84141 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff82bc6fb3 in udf_read (ap=3D0xfffffe0220881910) at /usr/src/sys/modules/udf/../../fs/udf/udf_vnops.c:490 #9 0xffffffff8110b469 in VOP_READ_APV (vop=3D, a=3D) at vnode_if.c:936 #10 0xffffffff80bc0977 in vn_read (fp=3D, uio=3D0xfffffe0220881aa0, active_cred=3D0x800, flags=3D, td=3D0x0) at vnode_if.h:384 #11 0xffffffff80bbc18d in vn_io_fault (fp=3D, uio=3D, active_cred=3D, flags=3D0, td=3D) at /usr/src/sys/kern/vfs_vnops.c:1168 #12 0xffffffff80b40df8 in dofileread (td=3D0xfffff800c8ecfa00, fd=3D, fp=3D0xfffff801160b7780, auio=3D0xfffffe0220881aa0, offset= =3D, flags=3D) at file.h:303 #13 0xffffffff80b40ac8 in kern_readv (td=3D0xfffff800c8ecfa00, fd=3D21, auio=3D0xfffffe0220881aa0) at /usr/src/sys/kern/sys_generic.c:293 #14 0xffffffff80b40a54 in sys_read (td=3D0x0, uap=3D) = at /usr/src/sys/kern/sys_generic.c:206 #15 0xffffffff80fa16ae in amd64_syscall (td=3D, traced= =3D0) at subr_syscall.c:139 #16 0xffffffff80f8442b in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:396 #17 0x0000000800dbd75a in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal Tracing the address at the instruction pointer: (kgdb) l *(0xffffffff82bc6fb3) 0xffffffff82bc6fb3 is in udf_read (/usr/src/sys/modules/udf/../../fs/udf/udf_vnops.c:490). 485 error =3D bread(vp, lbn, size, NOCR= ED, &bp); 486 } 487 } else { 488 error =3D bread(vp, lbn, size, NOCRED, &bp); 489 } 490 n =3D min(n, size - bp->b_resid); 491 if (error) { 492 brelse(bp); 493 return (error); 494 } (kgdb) This code looks remarkably similar to the cd9660_read() code from #208275, = just in this instance, it's in udf_read(). So my bet is udf_read needs the same= fix that solved #208275 applied, to check 'bp' for NULL before attempting to dereference it and the 'min' call moved to come after the conditional. Also maybe swap 'min()' out for 'MIN()', unless that's a local macro specif= ic to the UDF driver. --=20 You are receiving this mail because: You are the assignee for the bug.=