[Bug 229222] 11.2-PRERELEASE panic-General Protection Fault, aesni_encrypt_cbc implicated

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Fri Jun 22 13:19:14 UTC 2018 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229222

--- Comment #3 from dewayne at heuristicsystems.com.au ---
(In reply to Konstantin Belousov from comment #2)
Thank-you for looking into this.  I should clarify an earlier observation.  It
appears that the ssh connection was initiated from within an i386 jail that
resides on the amd64 base system.  i386 jails run openssl and not libressl.

To you request Konstantin
(kgdb) disassemble 0xffffffff80df76ee
Dump of assembler code for function aesni_encrypt_cbc:
0xffffffff80df76b0 <aesni_encrypt_cbc+0>:       push   %rbp
0xffffffff80df76b1 <aesni_encrypt_cbc+1>:       mov    %rsp,%rbp
0xffffffff80df76b4 <aesni_encrypt_cbc+4>:       sub    $0x90,%rsp
0xffffffff80df76bb <aesni_encrypt_cbc+11>:      mov    %edi,-0x2c(%rbp)
0xffffffff80df76be <aesni_encrypt_cbc+14>:      mov    %rsi,-0x38(%rbp)
0xffffffff80df76c2 <aesni_encrypt_cbc+18>:      mov    %rdx,-0x40(%rbp)
0xffffffff80df76c6 <aesni_encrypt_cbc+22>:      mov    %rcx,-0x48(%rbp)
0xffffffff80df76ca <aesni_encrypt_cbc+26>:      mov    %r8,-0x50(%rbp)
0xffffffff80df76ce <aesni_encrypt_cbc+30>:      mov    %r9,-0x58(%rbp)
0xffffffff80df76d2 <aesni_encrypt_cbc+34>:      mov    -0x40(%rbp),%rcx
0xffffffff80df76d6 <aesni_encrypt_cbc+38>:      shr    $0x4,%rcx
0xffffffff80df76da <aesni_encrypt_cbc+42>:      mov    %rcx,-0x40(%rbp)
0xffffffff80df76de <aesni_encrypt_cbc+46>:      mov    -0x58(%rbp),%rcx
0xffffffff80df76e2 <aesni_encrypt_cbc+50>:      mov    %rcx,-0x28(%rbp)
0xffffffff80df76e6 <aesni_encrypt_cbc+54>:      mov    -0x28(%rbp),%rcx
0xffffffff80df76ea <aesni_encrypt_cbc+58>:      movdqu (%rcx),%xmm0
0xffffffff80df76ee <aesni_encrypt_cbc+62>:      movdqa %xmm0,-0x80(%rbp)
0xffffffff80df76f3 <aesni_encrypt_cbc+67>:      movq   $0x0,-0x88(%rbp)
0xffffffff80df76fe <aesni_encrypt_cbc+78>:      mov    -0x88(%rbp),%rax
0xffffffff80df7705 <aesni_encrypt_cbc+85>:      cmp    -0x40(%rbp),%rax
0xffffffff80df7709 <aesni_encrypt_cbc+89>:      jae    0xffffffff80df7795
<aesni_encrypt_cbc+229>
0xffffffff80df770f <aesni_encrypt_cbc+95>:      mov    -0x2c(%rbp),%eax
0xffffffff80df7712 <aesni_encrypt_cbc+98>:      sub    $0x1,%eax
0xffffffff80df7715 <aesni_encrypt_cbc+101>:     mov    -0x38(%rbp),%rcx
0xffffffff80df7719 <aesni_encrypt_cbc+105>:     mov    -0x48(%rbp),%rdx
0xffffffff80df771d <aesni_encrypt_cbc+109>:     mov    %rdx,-0x8(%rbp)
0xffffffff80df7721 <aesni_encrypt_cbc+113>:     mov    -0x8(%rbp),%rdx
0xffffffff80df7725 <aesni_encrypt_cbc+117>:     movdqu (%rdx),%xmm0
0xffffffff80df7729 <aesni_encrypt_cbc+121>:     pxor   -0x80(%rbp),%xmm0
0xffffffff80df772e <aesni_encrypt_cbc+126>:     mov    %eax,%edi
0xffffffff80df7730 <aesni_encrypt_cbc+128>:     mov    %rcx,%rsi
0xffffffff80df7733 <aesni_encrypt_cbc+131>:     callq  0xffffffff80df77a0
<aesni_enc>
0xffffffff80df7738 <aesni_encrypt_cbc+136>:     movdqa %xmm0,-0x70(%rbp)
0xffffffff80df773d <aesni_encrypt_cbc+141>:     movdqa -0x70(%rbp),%xmm0
0xffffffff80df7742 <aesni_encrypt_cbc+146>:     movdqa %xmm0,-0x80(%rbp)
0xffffffff80df7747 <aesni_encrypt_cbc+151>:     mov    -0x50(%rbp),%rcx
---Type <return> to continue, or q <return> to quit---
0xffffffff80df774b <aesni_encrypt_cbc+155>:     movdqa -0x70(%rbp),%xmm0
0xffffffff80df7750 <aesni_encrypt_cbc+160>:     mov    %rcx,-0x10(%rbp)
0xffffffff80df7754 <aesni_encrypt_cbc+164>:     movdqa %xmm0,-0x20(%rbp)
0xffffffff80df7759 <aesni_encrypt_cbc+169>:     movdqa -0x20(%rbp),%xmm0
0xffffffff80df775e <aesni_encrypt_cbc+174>:     mov    -0x10(%rbp),%rcx
0xffffffff80df7762 <aesni_encrypt_cbc+178>:     movdqu %xmm0,(%rcx)
0xffffffff80df7766 <aesni_encrypt_cbc+182>:     mov    -0x48(%rbp),%rcx
0xffffffff80df776a <aesni_encrypt_cbc+186>:     add    $0x10,%rcx
0xffffffff80df776e <aesni_encrypt_cbc+190>:     mov    %rcx,-0x48(%rbp)
0xffffffff80df7772 <aesni_encrypt_cbc+194>:     mov    -0x50(%rbp),%rcx
0xffffffff80df7776 <aesni_encrypt_cbc+198>:     add    $0x10,%rcx
0xffffffff80df777a <aesni_encrypt_cbc+202>:     mov    %rcx,-0x50(%rbp)
0xffffffff80df777e <aesni_encrypt_cbc+206>:     mov    -0x88(%rbp),%rax
0xffffffff80df7785 <aesni_encrypt_cbc+213>:     add    $0x1,%rax
0xffffffff80df7789 <aesni_encrypt_cbc+217>:     mov    %rax,-0x88(%rbp)
0xffffffff80df7790 <aesni_encrypt_cbc+224>:     jmpq   0xffffffff80df76fe
<aesni_encrypt_cbc+78>
0xffffffff80df7795 <aesni_encrypt_cbc+229>:     add    $0x90,%rsp
0xffffffff80df779c <aesni_encrypt_cbc+236>:     pop    %rbp
0xffffffff80df779d <aesni_encrypt_cbc+237>:     retq
End of assembler dump.
Current language:  auto; currently minimal
(kgdb) p/x *(struct frame *)0xfffffe0688f57d30
No struct type named frame.

Happy to provide any information that will help. I'm GMT+10, 23:18 local, so
may take awhile.

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list