Date: Sat, 9 Jun 2018 16:49:35 -0500 From: Larry Rosenman <ler@FreeBSD.org> To: freebsd-current@freebsd.org Subject: rack: m_copydata: negative offset panic Message-ID: <20180609214935.ksi5ekifgcbbjg7f@ler-imac.local>
next in thread | raw e-mail | index | archive | help
--o6iy5q26i4wicoe2 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Got the following panic. vmcore IS available: borg.lerctr.org dumped core - see /var/crash/vmcore.0 Sat Jun 9 16:46:17 CDT 2018 FreeBSD borg.lerctr.org 12.0-CURRENT FreeBSD 12.0-CURRENT #35 r334894: Sat = Jun 9 15:53:46 CDT 2018 root@borg.lerctr.org:/usr/obj/usr/src/amd64.am= d64/sys/VT-LER amd64 panic: m_copydata, negative off -1 GNU gdb (GDB) 8.1 [GDB v8.1 for FreeBSD] Copyright (C) 2018 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.htm= l> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-portbld-freebsd12.0". Type "show configuration" for configuration details. For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>. Find the GDB manual and other documentation resources online at: <http://www.gnu.org/software/gdb/documentation/>. For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /boot/kernel/kernel...Reading symbols from /usr/lib/de= bug//boot/kernel/kernel.debug...done. done. Unread portion of the kernel message buffer: panic: m_copydata, negative off -1 cpuid =3D 20 time =3D 1528580395 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe344db49= 6d0 vpanic() at vpanic+0x1a3/frame 0xfffffe344db49730 doadump() at doadump/frame 0xfffffe344db497b0 m_copydata() at m_copydata+0x111/frame 0xfffffe344db497f0 rack_output() at rack_output+0x31fd/frame 0xfffffe344db49a60 tcp_hpts_thread() at tcp_hpts_thread+0x6ab/frame 0xfffffe344db49b20 intr_event_execute_handlers() at intr_event_execute_handlers+0x99/frame 0xf= ffffe344db49b60 ithread_loop() at ithread_loop+0xb7/frame 0xfffffe344db49bb0 fork_exit() at fork_exit+0x84/frame 0xfffffe344db49bf0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe344db49bf0 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- Uptime: 23m59s Dumping 6766 out of 130994 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%.= =2E91% __curthread () at ./machine/pcpu.h:231 231 __asm("movq %%gs:%1,%0" : "=3Dr" (td) (kgdb) #0 __curthread () at ./machine/pcpu.h:231 #1 doadump (textdump=3D1) at /usr/src/sys/kern/kern_shutdown.c:366 #2 0xffffffff80b844d2 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:446 #3 0xffffffff80b84ab3 in vpanic (fmt=3D<optimized out>, ap=3D0xfffffe344db= 49770) at /usr/src/sys/kern/kern_shutdown.c:863 #4 0xffffffff80b84820 in kassert_panic ( fmt=3D0xffffffff8125ae7e "m_copydata, negative off %d") at /usr/src/sys/kern/kern_shutdown.c:749 #5 0xffffffff80c107f1 in m_copydata (m=3D0xfffff801e3e5c400, off=3D-1, len= =3D15, cp=3D0xfffff801e3e686a4 "\336\300\255\336\336\300\255\336\336\300\255\3= 36\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\= 255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336= \300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\33= 6\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\2= 55\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\= 300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336= \336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\25= 5\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\3= 00\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\= 336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255= \336"...) at /usr/src/sys/kern/uipc_mbuf.c:582 #6 0xffffffff839a739d in rack_output (tp=3D<optimized out>) at /usr/src/sys/modules/tcp/rack/../../../netinet/tcp_stacks/rack.c:7922 #7 0xffffffff80da568b in tcp_hptsi (hpts=3D<optimized out>, ctick=3D0x59f) at /usr/src/sys/netinet/tcp_hpts.c:1615 #8 tcp_hpts_thread (ctx=3D<optimized out>) at /usr/src/sys/netinet/tcp_hpts.c:1808 #9 0xffffffff80b46369 in intr_event_execute_handlers (p=3D<optimized out>, ie=3D0xfffff80151f47d00) at /usr/src/sys/kern/kern_intr.c:1013 #10 0xffffffff80b46a57 in ithread_execute_handlers (ie=3D<optimized out>, p=3D<optimized out>) at /usr/src/sys/kern/kern_intr.c:1026 #11 ithread_loop (arg=3D0xfffff80151f47900) at /usr/src/sys/kern/kern_intr.c:1106 #12 0xffffffff80b43754 in fork_exit ( callout=3D0xffffffff80b469a0 <ithread_loop>, arg=3D0xfffff80151f47900, frame=3D0xfffffe344db49c00) at /usr/src/sys/kern/kern_fork.c:1039 #13 <signal handler called> (kgdb) --=20 Larry Rosenman https://people.FreeBSD.org/~ler/ Phone: +1 214-642-9640 E-Mail: ler@FreeBSD.org US Mail: 5708 Sabbia Drive, Round Rock, TX 78665-2106 --o6iy5q26i4wicoe2 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQHBBAABCgCrFiEEHjgknedhWzvJgwVzaXyZsatIp30FAlscS28tFIAAAAAAFQAP cGthLWFkZHJlc3NAZ251cGcub3JnbGVyQEZyZWVCU0Qub3JnXxSAAAAAAC4AKGlz c3Vlci1mcHJAbm90YXRpb25zLm9wZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxRTM4 MjQ5REU3NjE1QjNCQzk4MzA1NzM2OTdDOTlCMUFCNDhBNzdEAAoJEGl8mbGrSKd9 4ssH/jjLwLwxwjlZegcXADRqmIUTtNFNbWySRVLAbjcXqfH4eMDjCFdL5vMyytnU S/UovawUNKdHLJl8mSrsgXMMlirIDJy1hGf2O4i8NjoT7N+OIYPJ6HbJ7QuvbCZn TYsTHg8gXkGylXsJ1jwcMLZKeJhfYXVyy5zF5ecMFi5FVB7b2yrDqUlJuJpQl0JQ fznGXejmi5GEkfFIDDFby2fvsL85wXL+yZwJS2EAX297pCsHZL6fjQEmTCrKh1ob Xfqx2stfhyIIcj50atN/NJZd8hnZ3QfhiQCdcipFBYiqkg+ho+SDti/yxaiAs+xc 4DYmsSgPAPIKmBWjpK0BO0y5HXQ= =yCjI -----END PGP SIGNATURE----- --o6iy5q26i4wicoe2--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180609214935.ksi5ekifgcbbjg7f>