Date: Tue, 22 Nov 2016 01:11:41 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 214705] Kernel panic trying to playback encrypted DVD, "Fatal trap 12: page fault while in kernel mode" Message-ID: <bug-214705-8-zpDdtcrv1p@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-214705-8@https.bugs.freebsd.org/bugzilla/> References: <bug-214705-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D214705 --- Comment #2 from Joshua Kinard <kumba@gentoo.org> --- (In reply to Konstantin Belousov from comment #1) Well, I am running GENERIC-11.0-p2, but it looks like I can only find the d= ebug symbols from the original RELEASE kernel. Doesn't seem that kgdb minds tha= t, though: # kgdb kernel.debug /var/crash/vmcore.last GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain condition= s. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: panic: page fault cpuid =3D 1 KDB: stack backtrace: #0 0xffffffff80b24077 at kdb_backtrace+0x67 #1 0xffffffff80ad93e2 at vpanic+0x182 #2 0xffffffff80ad9253 at panic+0x43 #3 0xffffffff80fa0d51 at trap_fatal+0x351 #4 0xffffffff80fa0f43 at trap_pfault+0x1e3 #5 0xffffffff80fa04ec at trap+0x26c #6 0xffffffff80f84141 at calltrap+0x8 #7 0xffffffff8110b469 at VOP_READ_APV+0x89 #8 0xffffffff80bc0977 at vn_read+0x157 #9 0xffffffff80bbc18d at vn_io_fault+0x10d #10 0xffffffff80b40df8 at dofileread+0x98 #11 0xffffffff80b40ac8 at kern_readv+0x68 #12 0xffffffff80b40a54 at sys_read+0x84 #13 0xffffffff80fa16ae at amd64_syscall+0x4ce #14 0xffffffff80f8442b at Xfast_syscall+0xfb Uptime: 6m21s Dumping 529 out of 7743 MB:..4%..13%..22%..31%..43%..52%..61%..73%..82%..91% Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/zfs.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/zfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/opensolaris.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/opensolaris.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/amdtemp.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/amdtemp.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/tmpfs.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/tmpfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/ums.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/ums.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/uftdi.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/uftdi.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/ucom.ko.debug...don= e. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/ucom.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/fdescfs.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/fdescfs.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkms.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkms.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/drm2.ko.debug...don= e. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/drm2.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iicbus.ko.debug...d= one. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iicbus.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iic.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iic.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/iicbb.ko.debug...do= ne. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/iicbb.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_pfp.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_pfp.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_me.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_PALM_me.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_SUMO_rlc.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/radeonkmsfw_SUMO_rlc.ko.debug Reading symbols from /usr/obj/usr/lib/debug/boot/kernel/udf.ko.debug...done. Loaded symbols for /usr/obj/usr/lib/debug/boot/kernel/udf.ko.debug #0 doadump (textdump=3D<value optimized out>) at pcpu.h:221 221 pcpu.h: No such file or directory. in pcpu.h Backtrace: (kgdb) bt #0 doadump (textdump=3D<value optimized out>) at pcpu.h:221 #1 0xffffffff80ad8e69 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80ad941b in vpanic (fmt=3D<value optimized out>, ap=3D<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:759 #3 0xffffffff80ad9253 in panic (fmt=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:690 #4 0xffffffff80fa0d51 in trap_pfault (frame=3D0x0, usermode=3D0) at /usr/src/sys/amd64/amd64/trap.c:642 #5 0xffffffff80fa0f43 in trap_pfault (frame=3D0xfffffe0220881780, usermode=3D<value optimized out>) at /usr/src/sys/amd64/amd64/trap.c:750 #6 0xffffffff80fa04ec in trap (frame=3D0xfffffe0220881780) at /usr/src/sys/amd64/amd64/trap.c:576 #7 0xffffffff80f84141 in calltrap () at /usr/src/sys/amd64/amd64/exception.S:236 #8 0xffffffff82bc6fb3 in udf_read (ap=3D0xfffffe0220881910) at /usr/src/sys/modules/udf/../../fs/udf/udf_vnops.c:490 #9 0xffffffff8110b469 in VOP_READ_APV (vop=3D<value optimized out>, a=3D<v= alue optimized out>) at vnode_if.c:936 #10 0xffffffff80bc0977 in vn_read (fp=3D<value optimized out>, uio=3D0xfffffe0220881aa0, active_cred=3D0x800, flags=3D<value optimized out= >, td=3D0x0) at vnode_if.h:384 #11 0xffffffff80bbc18d in vn_io_fault (fp=3D<value optimized out>, uio=3D<v= alue optimized out>, active_cred=3D<value optimized out>, flags=3D0, td=3D<value= optimized out>) at /usr/src/sys/kern/vfs_vnops.c:1168 #12 0xffffffff80b40df8 in dofileread (td=3D0xfffff800c8ecfa00, fd=3D<value optimized out>, fp=3D0xfffff801160b7780, auio=3D0xfffffe0220881aa0, offset= =3D<value optimized out>, flags=3D<value optimized out>) at file.h:303 #13 0xffffffff80b40ac8 in kern_readv (td=3D0xfffff800c8ecfa00, fd=3D21, auio=3D0xfffffe0220881aa0) at /usr/src/sys/kern/sys_generic.c:293 #14 0xffffffff80b40a54 in sys_read (td=3D0x0, uap=3D<value optimized out>) = at /usr/src/sys/kern/sys_generic.c:206 #15 0xffffffff80fa16ae in amd64_syscall (td=3D<value optimized out>, traced= =3D0) at subr_syscall.c:139 #16 0xffffffff80f8442b in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:396 #17 0x0000000800dbd75a in ?? () Previous frame inner to this frame (corrupt stack?) Current language: auto; currently minimal Tracing the address at the instruction pointer: (kgdb) l *(0xffffffff82bc6fb3) 0xffffffff82bc6fb3 is in udf_read (/usr/src/sys/modules/udf/../../fs/udf/udf_vnops.c:490). 485 error =3D bread(vp, lbn, size, NOCR= ED, &bp); 486 } 487 } else { 488 error =3D bread(vp, lbn, size, NOCRED, &bp); 489 } 490 n =3D min(n, size - bp->b_resid); 491 if (error) { 492 brelse(bp); 493 return (error); 494 } (kgdb) This code looks remarkably similar to the cd9660_read() code from #208275, = just in this instance, it's in udf_read(). So my bet is udf_read needs the same= fix that solved #208275 applied, to check 'bp' for NULL before attempting to dereference it and the 'min' call moved to come after the conditional. Also maybe swap 'min()' out for 'MIN()', unless that's a local macro specif= ic to the UDF driver. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-214705-8-zpDdtcrv1p>