I reproduced the bug and I'm giving it a look. Cheers, Nicolas
On 2 July 2010 19:27, Tero Jaasko <[email protected] > wrote: > Hello, > I am getting a "Fatal trap 12: page fault while in kernel mode" -panic on a > samba mount command, e.g. > "mount_smbfs -I 192.168.0.195 //[email protected]/share /mnt/share/". > > --8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8< > Fatal trap 12: page fault while in kernel mode > mp_lock = 00000000; cpuid = 0; lapic->id = 00000000 > fault virtual address = 0x60 > fault code = supervisor read data, page not present > instruction pointer = 0x8:0xffffffff80250e17 > stack pointer = 0x10:0xfffffffe37b62ab0 > frame pointer = 0x10:0xfffffffe37b62ad0 > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, long 0, def32 0, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = Idle > current thread = pri 44 (CRIT) > trap number = 12 > panic: page fault > mp_lock = 00000000; cpuid = 0 > Trace beginning at frame 0xfffffffe37b627f8 > panic() at panic+0x1fc > panic() at panic+0x1fc > trap_fatal() at trap_fatal+0x3f4 > trap_pfault() at trap_pfault+0x158 > trap() at trap+0x67e > calltrap() at calltrap+0x8 > --- trap 000000000000000c, rip = ffffffff80250e17, rsp = fffffffe37b62ab0, > rbp = fffffffe37b62ad0 --- > prison_replace_wildcards() at prison_replace_wildcards+0x1f > in_pcbbind() at in_pcbbind+0x2e1 > tcp_connect() at tcp_connect+0x52 > tcp_usr_connect() at tcp_usr_connect+0xe7 > netmsg_pru_connect() at netmsg_pru_connect+0x1b > netmsg_service() at netmsg_service+0x122 > tcpmsg_service_loop() at tcpmsg_service_loop+0x26 > boot() called on cpu#0 > Uptime: 4m23s > Physical memory: 8176 MB > --8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8<--8< > > There seems to be a problem in prison_replace_wildcards() at > sys/kern/kern_jail.c:, as the given "td->td_ucred" is NULL. The attached > kgdb.txt contains my attempt at debugging the situation. > > The panic is 100% reproducible on my system and I have a few kernel dumps > from the situation, if somebody needs tehm. I have attached a band-aid kind > of patch, which seems to work, at least with it the samba works as expected, > but perhaps it is not a correct solution. > I added a kprintf() on the "td->td_ucred == NULL" -case, and it seems > to be called only twice during the smb mount, not after. > > The machine and kernel is a regular Intel x86_64 SMP setup, build > from yesterday's master. > > Best regards, > Tero Jääskö >
