panic: sbappendstream 1 [head/amd64 @r293419]
Jonathan T. Looney
jtl at freebsd.org
Fri Jan 8 18:09:27 UTC 2016
On 1/8/16, 9:05 AM, "David Wolfskill" <owner-freebsd-current at freebsd.org
on behalf of david at catwhisker.org> wrote:
>After the first panic, I rebuilt the kernel without -DNO_CLEAN; the
>crash dump & other diagnostic info is from the clean build.
>
>January 8, 2016 at 05:57:27 AM PST
>
>FreeBSD freebeast.catwhisker.org 11.0-CURRENT FreeBSD 11.0-CURRENT #1954
>r293419M/293420:1100093: Fri Jan 8 05:09:57 PST 2016
>root at freebeast.catwhisker.org:/common/S4/obj/usr/src/sys/GENERIC amd64
>
>panic: sbappendstream 1
>
>...
>Unread portion of the kernel message buffer:
>panic: sbappendstream 1
>cpuid = 7
>KDB: stack backtrace:
>db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame
>0xfffffe085e0595b0
>vpanic() at vpanic+0x182/frame 0xfffffe085e059630
>kassert_panic() at kassert_panic+0x126/frame 0xfffffe085e0596a0
>sbappendstream_locked() at sbappendstream_locked+0xa5/frame
>0xfffffe085e0596d0
>uipc_send() at uipc_send+0x942/frame 0xfffffe085e059780
>sosend_generic() at sosend_generic+0x42f/frame 0xfffffe085e059840
>kern_sendit() at kern_sendit+0x21b/frame 0xfffffe085e0598f0
>sendit() at sendit+0x126/frame 0xfffffe085e059940
>sys_sendmsg() at sys_sendmsg+0x61/frame 0xfffffe085e0599a0
>amd64_syscall() at amd64_syscall+0x2db/frame 0xfffffe085e059ab0
>Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe085e059ab0
The likely suspect here looks like r293405, which changed uipc_send() to
use sbappendstream_locked() instead of sbappend_locked().
However, I can't explain *why* that change is causing this problem without
further investigation.
Can you try reverting the change to see if that solves the problem you are
seeing?
Thanks!
Jonathan
>--- syscall (28, FreeBSD ELF64, sys_sendmsg), rip = 0x801270dfa, rsp =
>0x7fffffffa098, rbp = 0x7fffffffa0d0 ---
>KDB: enter: panic
>...
>Loaded symbols for /boot/kernel/autofs.ko
>#0 doadump (textdump=0) at pcpu.h:221
>221 pcpu.h: No such file or directory.
> in pcpu.h
>(kgdb) #0 doadump (textdump=0) at pcpu.h:221
>#1 0xffffffff8038205b in db_dump (dummy=<value optimized out>,
>dummy2=false,
> dummy3=0, dummy4=0x0) at /usr/src/sys/ddb/db_command.c:533
>#2 0xffffffff80381e4e in db_command (cmd_table=0x0)
> at /usr/src/sys/ddb/db_command.c:440
>#3 0xffffffff80381be4 in db_command_loop ()
> at /usr/src/sys/ddb/db_command.c:493
>#4 0xffffffff8038467b in db_trap (type=<value optimized out>, code=0)
> at /usr/src/sys/ddb/db_main.c:251
>#5 0xffffffff80a5cfe3 in kdb_trap (type=3, code=0, tf=<value optimized
>out>)
> at /usr/src/sys/kern/subr_kdb.c:654
>#6 0xffffffff80e6a2a8 in trap (frame=0xfffffe085e0594e0)
> at /usr/src/sys/amd64/amd64/trap.c:549
>#7 0xffffffff80e4a317 in calltrap ()
> at /usr/src/sys/amd64/amd64/exception.S:234
>#8 0xffffffff80a5c6cb in kdb_enter (why=0xffffffff8137af3c "panic",
> msg=0x80 <Address 0x80 out of bounds>) at cpufunc.h:63
>#9 0xffffffff80a1fb8f in vpanic (fmt=<value optimized out>,
> ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:750
>#10 0xffffffff80a1f9e6 in kassert_panic (fmt=<value optimized out>)
> at /usr/src/sys/kern/kern_shutdown.c:647
>#11 0xffffffff80aa3375 in sbappendstream_locked (sb=0xfffff80044212378,
> m=0xfffff800108c7200, flags=0) at /usr/src/sys/kern/uipc_sockbuf.c:642
>#12 0xffffffff80ab1a42 in uipc_send (so=0xfffff80044212000, flags=0,
> m=<value optimized out>, nam=0x0, control=<value optimized out>,
> td=0xfffff8001078e9a0) at /usr/src/sys/kern/uipc_usrreq.c:984
>#13 0xffffffff80aa5f5f in sosend_generic (so=0xfffff80044212000,
>addr=0x0,
> uio=0xfffffe085e059890, top=<value optimized out>,
> control=<value optimized out>, flags=<value optimized out>,
> td=0xfffffe085e059880) at /usr/src/sys/kern/uipc_socket.c:1349
>#14 0xffffffff80aac36b in kern_sendit (td=0xfffff8001078e9a0, s=6,
> mp=<value optimized out>, flags=0, control=0x0, segflg=UIO_USERSPACE)
> at /usr/src/sys/kern/uipc_syscalls.c:906
>#15 0xffffffff80aac666 in sendit (td=0xfffff8001078e9a0,
> s=<value optimized out>, mp=0xfffffe085e059958, flags=0)
> at /usr/src/sys/kern/uipc_syscalls.c:833
>#16 0xffffffff80aac6f1 in sys_sendmsg (td=0xfffff8001078e9a0,
> uap=0xfffffe085e059a40) at /usr/src/sys/kern/uipc_syscalls.c:1035
>#17 0xffffffff80e6b13b in amd64_syscall (td=0xfffff8001078e9a0, traced=0)
> at subr_syscall.c:135
>#18 0xffffffff80e4a5fb in Xfast_syscall ()
> at /usr/src/sys/amd64/amd64/exception.S:394
>#19 0x0000000801270dfa in ?? ()
>Previous frame inner to this frame (corrupt stack?)
>Current language: auto; currently minimal
>(kgdb)
>.....
>
>As indicated above, this is with a GENERIC kernel. My laptop (running
>a kernel built with the same sources, but a slightly customized kernel
>config) gets to the point of allowing me to login (via xdm), but when I
>fire off a command that creates xterms & tries to run tmux(1) in them,
>locks up (as far as I can tell), and a power-cycle is needed to recover.
>
>I can poke at the crash dump (given hints), make the dump and core.txt
>file
>available.
>
>Peace,
>david
>--
>David H. Wolfskill david at catwhisker.org
>Those who would murder in the name of God or prophet are blasphemous
>cowards.
>
>See http://www.catwhisker.org/~david/publickey.gpg for my public key.
More information about the freebsd-current
mailing list