Robert Watson wrote: > Just for my benefit, could you check and see if you still get the > reproduceable KSE panic without the MAC stuff compiled into the kernel? > If not, it could have gone away because the bug is in the MAC code, > because the bug was encouraged by the MAC code, or because it was a > ordering/timing thing and it was a fluke that it occured consistently. > Regardless, if you can reproduce it without MAC, it will also mean it's > likely not my fault :-). Congratulations, the child is yours! :-) No panics without mac. Sorry. :-) At least I got a backtrace: GNU gdb 5.2.1 (FreeBSD) Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-undermydesk-freebsd"... panic: from debugger panic messages: --- panic: No strategy on dev null responsible for buffer 0xc77a6050 Stack backtrace: panic: from debugger Uptime: 56s Dumping 255 MB ata0: resetting devices .. done 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240 --- Reading symbols from /boot/kernel/snd_cmi.ko...done. Loaded symbols for /boot/kernel/snd_cmi.ko Reading symbols from /boot/kernel/snd_pcm.ko...done. Loaded symbols for /boot/kernel/snd_pcm.ko Reading symbols from /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/mac_biba/mac_biba.ko.debug...done. Loaded symbols for /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/mac_biba/mac_biba.ko.debug Reading symbols from /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/mac_mls/mac_mls.ko.debug...done. Loaded symbols for /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/mac_mls/mac_mls.ko.debug Reading symbols from /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/acpi/acpi.ko.debug...done. Loaded symbols for /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/acpi/acpi.ko.debug Reading symbols from /boot/kernel/green_saver.ko...done. Loaded symbols for /boot/kernel/green_saver.ko Reading symbols from /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/linux/linux.ko.debug...done. Loaded symbols for /usr/obj/usr/src/sys/DCS/modules/usr/src/sys/modules/linux/linux.ko.debug #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:238 238 dumping++; (kgdb) bt full #0 doadump () at /usr/src/sys/kern/kern_shutdown.c:238 No locals. #1 0xc01e7353 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:370 No locals. #2 0xc01e769b in panic () at /usr/src/sys/kern/kern_shutdown.c:543 td = (struct thread *) 0xc2a72000 bootopt = 260 newpanic = 0 buf = "from debugger\0 dev null responsible for buffer 0xc77a6050\n", '\0' <repeats 197 times> #3 0xc0128812 in db_panic () at /usr/src/sys/ddb/db_command.c:448 No locals. #4 0xc0128792 in db_command (last_cmdp=0xc033e120, cmd_table=0x0, aux_cmd_tablep=0xc0339460, aux_cmd_tablep_end=0xc0339464) at /usr/src/sys/ddb/db_command.c:346 cmd = (struct command *) 0xc0302d60 t = 0 modif = "\0j6Àh}<À\220ÅiÒ\r\0\0\0àh;À\r\0\0\0\001\0\0\0°ÅiÒfç,À_at_O:À\aK\0 `i;À \035:À j6Àx\0\0\0 j6Àh}<ÀÔÅiÒ±¤\022Àku1À £\022À\0\0\0\0\020\0\0\0h}<À j6À\036\235\022À j6Ààa6Àx\0\0\0\003\0\0" addr = -1070757260 count = -1 have_addr = 0 result = 0 #5 0xc01288a6 in db_command_loop () at /usr/src/sys/ddb/db_command.c:470 No locals. #6 0xc012b63a in db_trap (type=3, code=0) at /usr/src/sys/ddb/db_trap.c:72 bkpt = 0 #7 0xc02d87d5 in kdb_trap (type=3, code=0, regs=0xd269c6cc) at /usr/src/sys/i386/i386/db_interface.c:170 ef = 70 ddb_mode = 1 #8 0xc02ea17c in trap (frame= {tf_fs = 24, tf_es = 16, tf_ds = 16, tf_edi = 256, tf_esi = -1029234688, tf_ebp = -764819688, tf_isp = -764819720, tf_ebx = 0, tf_edx = 0, tf_ecx = 1920, tf_eax = 18, tf_trapno = 3, tf_err = 0, tf_eip = -1070757260, tf_cs = 8, tf_eflags = 642, tf_esp = -1070382643, tf_ss = -1070452718}) at /usr/src/sys/i386/i386/trap.c:593 td = (struct thread *) 0xc2a72000 p = (struct proc *) 0xc2adc780 sticks = 926376246 ---Type <return> to continue, or q <return> to quit--- i = 0 ucode = 0 type = 3 code = 0 eva = 0 #9 0xc02da128 in calltrap () at {standard input}:96 No locals. #10 0xc01e763b in panic (fmt=0x0) at /usr/src/sys/kern/kern_shutdown.c:527 td = (struct thread *) 0xc2a72000 bootopt = 256 newpanic = 1 buf = "from debugger\0 dev null responsible for buffer 0xc77a6050\n", '\0' <repeats 197 times> #11 0xc019fca0 in spec_xstrategy (vp=0xc2b94a44, bp=0xc77a6050) at /usr/src/sys/fs/specfs/spec_vnops.c:506 mp = (struct mount *) 0x0 error = 0 dsw = (struct cdevsw *) 0x0 td = (struct thread *) 0xc2a72000 #12 0xc019feeb in spec_specstrategy (ap=0x0) at /usr/src/sys/fs/specfs/spec_vnops.c:550 No locals. #13 0xc019ee88 in spec_vnoperate (ap=0x0) at /usr/src/sys/fs/specfs/spec_vnops.c:123 No locals. #14 0xc029dc88 in ufs_vnoperatespec (ap=0x0) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2805 No locals. #15 0xc022babe in breadn (vp=0xc2b94a44, blkno=0, size=0, rablkno=0x0, rabsize=0x0, cnt=0, cred=0x0, bpp=0x0) at vnode_if.h:1089 bp = (struct buf *) 0xc77a6050 rabp = (struct buf *) 0xc2b94a44 i = 256 rv = 0 readwait = 0 #16 0xc022b98c in bread (vp=0x0, blkno=0, size=0, cred=0x0, bpp=0x0) at /usr/src/sys/kern/vfs_bio.c:683 No locals. #17 0xc028f735 in ffs_extread (vp=0xc2b94a44, uio=0xd269c8e0, ioflag=1028) at /usr/src/sys/ufs/ffs/ffs_vnops.c:1007 ip = (struct inode *) 0xc2bdabd0 ---Type <return> to continue, or q <return> to quit--- dp = (struct ufs2_dinode *) 0xc2bdcd00 fs = (struct fs *) 0xc27f1800 bp = (struct buf *) 0xc77a6050 lbn = 0 nextlbn = 1 bytesinfile = -3284878155370116540 size = 2048 xfersize = 256 blkoffset = 0 error = 0 orig_resid = 256 #18 0xc028ff69 in ffs_rdextattr (p=0x0, vp=0xc2b94a44, td=0x0, extra=0) at /usr/src/sys/ufs/ffs/ffs_vnops.c:1303 ip = (struct inode *) 0x0 dp = (struct ufs2_dinode *) 0x0 luio = {uio_iov = 0xd269c8d8, uio_iovcnt = 1, uio_offset = 0, uio_resid = 256, uio_segflg = UIO_SYSSPACE, uio_rw = UIO_READ, uio_td = 0xc2a72000} liovec = {iov_base = 0xc2733400, iov_len = 256} easize = 256 error = 256 eae = ( u_char *) 0xc2733400 "ÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞÞÀÞ"... #19 0xc028ffe6 in ffs_open_ea (vp=0x0, cred=0x0, td=0x0) at /usr/src/sys/ufs/ffs/ffs_vnops.c:1326 ip = (struct inode *) 0xc2bdabd0 dp = (struct ufs2_dinode *) 0xc2bdcd00 error = 0 #20 0xc02902f0 in ffs_getextattr (ap=0xd269c978) at /usr/src/sys/ufs/ffs/ffs_vnops.c:1495 ip = (struct inode *) 0xc2bdabd0 fs = (struct fs *) 0x0 eae = (u_char *) 0xd269c978 "\200S6ÀDJ¹Â\002" p = (u_char *) 0x0 pe = (u_char *) 0xc2bdabd0 "" pn = (u_char *) 0x0 ---Type <return> to continue, or q <return> to quit--- easize = 3267210192 ul = 3224917536 error = -1027748608 ealen = 0 stand_alone = -1070078640 #21 0xc024a8db in VOP_GETEXTATTR (vp=0x0, attrnamespace=0, name=0x0, uio=0x0, size=0x0, cred=0x0, td=0x0) at vnode_if.h:1543 a = {a_desc = 0xc0365380, a_vp = 0xc2b94a44, a_attrnamespace = 2, a_name = 0xc0471225 "mac_mls", a_uio = 0xd269c9d4, a_size = 0x0, a_cred = 0x0, a_td = 0xc2a72000} rc = 0 #22 0xc024a64f in vn_extattr_get (vp=0xc2b94a44, ioflg=8, attrnamespace=0, attrname=0x0, buflen=0xd269ca24, buf=0x0, td=0xc2a72000) at /usr/src/sys/kern/vfs_vnops.c:1077 auio = {uio_iov = 0xd269c9bc, uio_iovcnt = 1, uio_offset = 0, uio_resid = 112, uio_segflg = UIO_SYSSPACE, uio_rw = UIO_READ, uio_td = 0xc2a72000} iov = {iov_base = 0xd269ca2c, iov_len = 112} error = -764818900 #23 0xc046f759 in mac_mls_associate_vnode_extattr (mp=0xc2611a00, fslabel=0x0, vp=0x0, vlabel=0x0) at /usr/src/sys/security/mac_mls/mac_mls.c:894 temp = {mm_flags = 0, mm_single = {mme_type = 0, mme_level = 0, mme_compartments = '\0' <repeats 31 times>}, mm_rangelow = {mme_type = 0, mme_level = 0, mme_compartments = '\0' <repeats 31 times>}, mm_rangehigh = {mme_type = 0, mme_level = 0, mme_compartments = '\0' <repeats 31 times>}} source = (struct mac_mls *) 0xc27fae00 dest = (struct mac_mls *) 0xc2bd9580 buflen = 112 error = 0 #24 0xc01d1e52 in mac_associate_vnode_extattr (mp=0xc2611a00, vp=0xc2b94a44) at /usr/src/sys/kern/kern_mac.c:1437 mpc = (struct mac_policy_conf *) 0xc0472a40 error = 0 #25 0xc028d9a2 in ffs_vget (mp=0xc2611a00, ino=452761, flags=2, vpp=0xd269cc0c) at /usr/src/sys/ufs/ffs/ffs_vfsops.c:1370 td = (struct thread *) 0xc2a72000 fs = (struct fs *) 0xc27f1800 ip = (struct inode *) 0xc2bdabd0 ---Type <return> to continue, or q <return> to quit--- ump = (struct ufsmount *) 0xc2733800 bp = (struct buf *) 0xc77a33a0 vp = (struct vnode *) 0xc2b94a44 dev = (struct cdev *) 0x0 error = -1027757104 #26 0xc0299d6e in ufs_mknod (ap=0xd269cba8) at /usr/src/sys/ufs/ufs/ufs_vnops.c:248 vap = (struct vattr *) 0xd269cc48 vpp = (struct vnode **) 0xd269cc0c ip = (struct inode *) 0x6e899 ino = 452761 error = 0 #27 0xc029dc48 in ufs_vnoperate (ap=0x0) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2787 No locals. #28 0xc0242d94 in kern_mknod (td=0xc2a72000, path=---Can't read userspace from dump, or kernel process--- ) at vnode_if.h:179 vp = (struct vnode *) 0x0 mp = (struct mount *) 0xc2611a00 vattr = {va_type = VCHR, va_mode = 420, va_nlink = -1, va_uid = 4294967295, va_gid = 4294967295, va_fsid = 4294967295, va_fileid = -1, va_size = 18446744073709551615, va_blocksize = -1, va_atime = { tv_sec = -1, tv_nsec = -1}, va_mtime = {tv_sec = -1, tv_nsec = -1}, va_ctime = {tv_sec = -1, tv_nsec = -1}, va_birthtime = {tv_sec = -1, tv_nsec = -1}, va_gen = 4294967295, va_flags = 4294967295, va_rdev = 514, va_bytes = 18446744073709551615, va_filerev = 0, va_vaflags = 0, va_spare = 0} error = -1028001792 whiteout = 0 nd = {ni_dirp = 0xbfbffc86---Can't read userspace from dump, or kernel process--- I also enabled trace on panic, since I was expecting the KSE bug to hide everything again (it didn't -- I hope it comes back tomorrow for Julian's test :), and got the following, which preceded a backtrace that looks like the one above: VOP_SPECSTRATEGY on non-VCHR: 0xc2b94b68: tag ufs, type VCHR, usecount 1, writecount 0, refcount 1, lock type ufs: EXCL(count 1) by thread 0xc2a72000 Ino 452761, on dev ad0s2h (4,21) Stack backtrace: backtrace()+xxx vop_nospecstrategy()+0x2d vop_defaultop()+0x18 ufs_vnoperate()+0x18 bwrite()+0x337 ffs_extwrite()+0x319 ffs_close_ea()+0xf3 ffs_closeextattr()+0x50 mac_create_vnode_extattr()+0x23f ufs_makeinode()+0x3da ufs_mknod()+0x33a mknod()+0x30 syscall(2f,2f,2f,21b6,5)+0x26e Xint0x80_syscall()+0x1d > > I'll try installing the linux emulator base stuff on some test machines > today -- just installing it is enough to trigger it? Looks like it. -- Daniel C. Sobral (8-DCS) Gerencia de Operacoes Divisao de Comunicacao de Dados Coordenacao de Seguranca VIVO Centro Oeste Norte Fones: 55-61-313-7654/Cel: 55-61-9618-0904 E-mail: Daniel.Capo_at_tco.net.br Daniel.Sobral_at_tcoip.com.br dcs_at_tcoip.com.br Outros: dcs_at_newsguy.com dcs_at_freebsd.org capo_at_notorious.bsdconspiracy.net Must I hold a candle to my shames? -- William Shakespeare, "The Merchant of Venice"Received on Tue May 20 2003 - 14:11:38 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:37:08 UTC