From owner-freebsd-current@FreeBSD.ORG  Tue Dec  9 01:24:34 2014
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D9CBE17B
 for <freebsd-current@freebsd.org>; Tue,  9 Dec 2014 01:24:33 +0000 (UTC)
Received: from mail-ie0-f171.google.com (mail-ie0-f171.google.com
 [209.85.223.171])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id A6BD1F7C
 for <freebsd-current@freebsd.org>; Tue,  9 Dec 2014 01:24:33 +0000 (UTC)
Received: by mail-ie0-f171.google.com with SMTP id rl12so5643130iec.2
 for <freebsd-current@freebsd.org>; Mon, 08 Dec 2014 17:24:27 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc:content-type;
 bh=NlsfksWHF+dqgBCDQcCBYy64qZ5i7tMIqecr3QUuMhA=;
 b=MOWAVaBEQeI0zg31Zv5Xj+RMs3UPItlok7ZYkkNaMukfv0MrCmYxfgyODL1E+kq//W
 F6tZgJovgHzjncPcCkzFBli/4UAJAppknUYZbHBfvwX3lcPaTtsFZPyGeAgZUR2tHQ1u
 JEr7cIJaiE7reUtWt2vPsrzi9CSa32onNSExKoa8zUGCqbY3FikLxBLvONozFCLOdXSx
 U5nlRjZfP3mmDeldxuL5dVRenHdDQpv2qb6zHllgkSmzaakA+szp5w+iwLGeQHyiRF7i
 KV5L0hx8tFCbGLkFmcDoLy1OTrV3Pyyp4MKbyk5CVj/9/MiWCp4ZII2RQ0wxJz4ZPeTz
 C8Fw==
X-Gm-Message-State: ALoCoQkOZUwN0pdO/+fSRtVkyEu/UK0zRQ2jRtt0wafuEN5YTNsqjS1x7jv5sYOzKx2FsrlJy/SJ
X-Received: by 10.50.43.231 with SMTP id z7mr112777igl.36.1418088267287; Mon,
 08 Dec 2014 17:24:27 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.138.217 with HTTP; Mon, 8 Dec 2014 17:24:07 -0800 (PST)
X-Originating-IP: [216.240.30.5]
In-Reply-To: <1418081692.1493.2.camel@gmail.com>
References: <1418081692.1493.2.camel@gmail.com>
From: Bryan Venteicher <bryanv@daemoninthecloset.org>
Date: Mon, 8 Dec 2014 19:24:07 -0600
Message-ID: <CAMo0n6R72mZZbNgQgmW_D9FL=Bp2OVZEu28eZDQaCAetApoSMQ@mail.gmail.com>
Subject: Re: Bug in virtio-net
To: Shawn Webb <lattera@gmail.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
Cc: FreeBSD-current <freebsd-current@freebsd.org>,
 "freebsd-virtualization@freebsd.org" <freebsd-virtualization@freebsd.org>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Dec 2014 01:24:34 -0000

On Mon, Dec 8, 2014 at 5:34 PM, Shawn Webb <lattera@gmail.com> wrote:

> I was running Poudriere in bhyve. I got this kernel panic. I'm on a new
> 11-CURRENT as of this morning. Would this be a NULL pointer deref?
>
> `uname -a`: FreeBSD  11.0-CURRENT FreeBSD 11.0-CURRENT #1
> b5310d8(hardened/current/master)-dirty: Mon Dec  8 12:58:12 UTC 2014
> shawn@pkg-build-01:/usr/obj/usr/src/sys/LATT-SEC  amd64
>
> This bhyve VM is at r275606. The host is at r275575.
>
> Thanks,
>
> Shawn
>
> Kern panic backtrace:
>
> Fatal trap 12: page fault while in kernel mode
> cpuid =3D 0; apic id =3D 00
> fault virtual address   =3D 0x0
> fault code              =3D supervisor read instruction, page not present
> instruction pointer     =3D 0x20:0x0
> stack pointer           =3D 0x28:0xfffffe0469a0c830
> frame pointer           =3D 0x28:0xfffffe0469a0c8b0
> code segment            =3D base 0x0, limit 0xfffff, type 0x1b
>                         =3D DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags        =3D interrupt enabled, resume, IOPL =3D 0
> current process         =3D 12 (irq267: virtio_pci0)
> [ thread pid 12 tid 100040 ]
> Stopped at      0:KDB: reentering
> KDB: stack backtrace:
>       db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
> 0xfffffe0469a0bd90
> kdb_backtrace() at kdb_backtrace+0x39/frame 0xfffffe0469a0be40
> kdb_reenter() at kdb_reenter+0x33/frame 0xfffffe0469a0be50
> trap() at trap+0x54/frame 0xfffffe0469a0c060
> calltrap() at calltrap+0x8/frame 0xfffffe0469a0c060
> --- trap 0xc, rip =3D 0xffffffff80e06033, rsp =3D 0xfffffe0469a0c120, rbp=
 =3D
> 0xfffffe0469a0c1c0 ---
> db_read_bytes() at db_read_bytes+0x53/frame 0xfffffe0469a0c1c0
> db_get_value() at db_get_value+0x38/frame 0xfffffe0469a0c210
> db_disasm() at db_disasm+0x23/frame 0xfffffe0469a0c330
> db_trap() at db_trap+0xc0/frame 0xfffffe0469a0c3c0
> kdb_trap() at kdb_trap+0x191/frame 0xfffffe0469a0c460
> trap_fatal() at trap_fatal+0x34c/frame 0xfffffe0469a0c4c0
> trap_pfault() at trap_pfault+0x33c/frame 0xfffffe0469a0c560
> trap() at trap+0x45e/frame 0xfffffe0469a0c770
> calltrap() at calltrap+0x8/frame 0xfffffe0469a0c770
> --- trap 0xc, rip =3D 0, rsp =3D 0xfffffe0469a0c830, rbp =3D
> 0xfffffe0469a0c8b0 ---
> uart_sab82532_class() at 0/frame 0xfffffe0469a0c8b0
> ether_input() at ether_input+0x26/frame 0xfffffe0469a0c8d0
> vtnet_rxq_eof() at vtnet_rxq_eof+0x7be/frame 0xfffffe0469a0c9a0
> vtnet_rx_vq_intr() at vtnet_rx_vq_intr+0x94/frame 0xfffffe0469a0c9e0
> intr_event_execute_handlers() at intr_event_execute_handlers+0x1b8/frame
> 0xfffffe0469a0ca20
> ithread_loop() at ithread_loop+0x96/frame 0xfffffe0469a0ca70
> fork_exit() at fork_exit+0x9a/frame 0xfffffe0469a0cab0
> fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0469a0cab0
> --- trap 0, rip =3D 0, rsp =3D 0xfffffe0469a0cb70, rbp =3D 0 ---
>


=E2=80=8BI doubt this has anything to do with vtnet. My guess is that
netisr_proto[NETISR_ETHER].np_handler(m) is =E2=80=8BNULL for some reason. =
Do you
have a dump?



> *** error reading from address 0 ***
> KDB: reentering
> KDB: stack backtrace:
> db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
> 0xfffffe0469a0c100
> kdb_backtrace() at kdb_backtrace+0x39/frame 0xfffffe0469a0c1b0
> kdb_reenter() at kdb_reenter+0x33/frame 0xfffffe0469a0c1c0
> db_get_value() at db_get_value+0x52/frame 0xfffffe0469a0c210
> db_disasm() at db_disasm+0x23/frame 0xfffffe0469a0c330
> db_trap() at db_trap+0xc0/frame 0xfffffe0469a0c3c0
> kdb_trap() at kdb_trap+0x191/frame 0xfffffe0469a0c460
> trap_fatal() at trap_fatal+0x34c/frame 0xfffffe0469a0c4c0
> trap_pfault() at trap_pfault+0x33c/frame 0xfffffe0469a0c560
> trap() at trap+0x45e/frame 0xfffffe0469a0c770
> calltrap() at calltrap+0x8/frame 0xfffffe0469a0c770
> --- trap 0xc, rip =3D 0, rsp =3D 0xfffffe0469a0c830, rbp =3D
> 0xfffffe0469a0c8b0 ---
> uart_sab82532_class() at 0/frame 0xfffffe0469a0c8b0
> ether_input() at ether_input+0x26/frame 0xfffffe0469a0c8d0
> vtnet_rxq_eof() at vtnet_rxq_eof+0x7be/frame 0xfffffe0469a0c9a0
> vtnet_rx_vq_intr() at vtnet_rx_vq_intr+0x94/frame 0xfffffe0469a0c9e0
> intr_event_execute_handlers() at intr_event_execute_handlers+0x1b8/frame
> 0xfffffe0469a0ca20
> ithread_loop() at ithread_loop+0x96/frame 0xfffffe0469a0ca70
> fork_exit() at fork_exit+0x9a/frame 0xfffffe0469a0cab0
> fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0469a0cab0
> --- trap 0, rip =3D 0, rsp =3D 0xfffffe0469a0cb70, rbp =3D 0 ---
>
>