Project

General

Profile

Bug #6394

::mac_flow -s segfaults

Added by Ryan Zezeski over 4 years ago. Updated over 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
mdb - modular debugger
Start date:
2015-10-24
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

# mdb -k
Loading modules: [ unix genunix specfs dtrace mac cpu.generic uppc apix scsi_vhci ufs ip hook neti sockfs arp usba stmf_sbd stmf zfs sd lofs idm crypto random cpc logindmux ptm kvm sppp nsmb smbsrv nfs sata ]
> ::mac_flow -s
            ADDR FLOW NAME                                  RBYTES           OBYTES

*** mdb: received signal SEGV at:
    [1] mac.so`mac_flow_dcmd_output+0x247()
    [2] mac.so`mac_flow_dcmd+0x166()
    [3] mdb`dcmd_invoke+0x7c()
    [4] mdb`mdb_call_idcmd+0x112()
    [5] mdb`walk_dcmd+0x4e()
    [6] mac.so`mac_common_walk_step+0x2a()
    [7] mdb`layered_walk_step+0x26()
    [8] genunix.so`kmem_walk_callback+0x1e()
    [9] genunix.so`kmem_walk_step+0x4e0()
    [10] mdb`layered_walk_step+0x26()
    [11] genunix.so`kmem_hash_walk_step+0x89()
    [12] mdb`walk_step+0x7f()
    [13] mdb`walk_step+0x28()
    [14] mdb`walk_step+0x28()
    [15] mdb`walk_common+0x77()
    [16] mdb`mdb_pwalk_dcmd+0xfc()
    [17] mdb`mdb_walk_dcmd+0x20()
    [18] mac.so`mac_flow_dcmd+0x177()
    [19] mdb`dcmd_invoke+0x7c()
    [20] mdb`mdb_call_idcmd+0x112()
    [21] mdb`mdb_call+0x3e1()
    [22] mdb`yyparse+0xda6()
    [23] mdb`mdb_run+0x2cd()
    [24] mdb`main+0xc9d()
    [25] mdb`_start+0x6c()

mdb: (c)ore dump, (q)uit, (r)ecover, or (s)top for debugger [cqrs]?
mdb: attempting to dump core ...
Segmentation Fault (core dumped)

This is because it's trying to read kernel memory it hasn't mdb_vread() yet.

# echo "::status" | mdb /zones/global/cores/core.mdb.3754
mdb: debugger failed with error: fatal signal received
debugging core file of mdb (64-bit) from sys76
file: /usr/bin/amd64/mdb
initial argv: mdb -k
threading model: native threads
status: process terminated by SIGSEGV (Segmentation Fault), addr=
ffffff09160cfe78
<GZ> root@sys76 [~]
# echo "\$C" | mdb /zones/global/cores/core.mdb.3754
mdb: debugger failed with error: fatal signal received
fffffd7fffdfe210 mac.so`mac_flow_dcmd_output+0x247(ffffff090e68eaf0, 7, 40)
fffffd7fffdfe340 mac.so`mac_flow_dcmd+0x166(ffffff090e68eaf0, 7, 1, 510510)
fffffd7fffdfe3c0 dcmd_invoke+0x7c(b7d740, ffffff090e68eaf0, 7, 1, 510510, 0)
fffffd7fffdfe460 mdb_call_idcmd+0x112(b7d740, ffffff090e68eaf0, 1, 7,
fffffd7fffdfe7e8, 0)
fffffd7fffdfe4b0 walk_dcmd+0x4e(ffffff090e68eaf0, 0, fffffd7fffdfe7e0)
fffffd7fffdfe4d0 mac.so`mac_common_walk_step+0x2a(547da0)
fffffd7fffdfe500 layered_walk_step+0x26(ffffff090e68eaf0, 0, 547da0)
fffffd7fffdfe520 genunix.so`kmem_walk_callback+0x1e(547d30, ffffff090e68eaf0)
fffffd7fffdfe650 genunix.so`kmem_walk_step+0x4e0(547d30)
fffffd7fffdfe680 layered_walk_step+0x26(ffffff090d47e660, ccaa68, 547d30)
fffffd7fffdfe6c0 genunix.so`kmem_hash_walk_step+0x89(547cc0)
fffffd7fffdfe700 walk_step+0x7f(547cc0)
fffffd7fffdfe740 walk_step+0x28(547d30)
fffffd7fffdfe780 walk_step+0x28(547da0)
fffffd7fffdfe7b0 walk_common+0x77(547da0)
fffffd7fffdfe870 mdb_pwalk_dcmd+0xfc(fffffd7ffdb743f9, fffffd7ffdb743f9, 1,
510550, 0)
fffffd7fffdfe8a0 mdb_walk_dcmd+0x20(fffffd7ffdb743f9, fffffd7ffdb743f9, 1,
510550)
fffffd7fffdfe9d0 mac.so`mac_flow_dcmd+0x177(0, 0, 1, 510550)
fffffd7fffdfea50 dcmd_invoke+0x7c(b7d740, 0, 0, 1, 510550, 0)
fffffd7fffdfeaf0 mdb_call_idcmd+0x112(b7d740, 0, 1, 0, 547e28, 547e40)
fffffd7fffdfec00 mdb_call+0x3e1(0, 1, 0)
fffffd7fffdfecf0 yyparse+0xda6()
fffffd7fffdfee20 mdb_run+0x2cd()
fffffd7fffdffbb0 main+0xc9d(2, fffffd7fffdffbd8, fffffd7fffdffbf0)
fffffd7fffdffbc0 _start+0x6c()
> ffffff090e68eaf0::print flow_entry_t fe_rx_srs[0] | ::print -a mac_soft_ring_set_t srs_rx.sr_stat ! grep ffffff09160cfe78
    ffffff09160cfe78 srs_rx.sr_stat.mrs_pollbytes = 0

History

#1

Updated by Electric Monk over 4 years ago

  • % Done changed from 0 to 100
  • Status changed from New to Closed

git commit 78b013d7a408ae8e9eacdb67cae24fc8ecab1ebf

commit  78b013d7a408ae8e9eacdb67cae24fc8ecab1ebf
Author: Ryan Zezeski <ryan@zinascii.com>
Date:   2015-10-25T01:55:05.000Z

    6394 ::mac_flow -s segfaults
    Reviewed by: Jason King <jason.brian.king@gmail.com>
    Reviewed by: Robert Mustacchi <rm@joyent.com>
    Approved by: Dan McDonald <danmcd@omniti.com>

Also available in: Atom PDF