|
Description
|
Since upgrading Ferrari 5000 laptop from snv_91 to snv_92 the following panic ensues regularly.
panic[cpu1]/thread=ffffff022ac500c0:
BAD TRAP: type=e (#pf Page fault) rp=ffffff0005f3f3b0 addr=8 occurred in module "nfs" due to a NULL pointer dereference
gvfsd-trash:
#pf Page fault
Bad kernel fault at addr=0x8
pid=4292, pc=0xfffffffff86b3490, sp=0xffffff0005f3f4a0, eflags=0x10246
cr0: 8005003b<pg,wp,ne,et,ts,mp,pe> cr4: 6f8<xmme,fxsr,pge,mce,pae,pse,de>
cr2: 8
cr3: 2b8d000
cr8: c
rdi: 4b02ec15 rsi: 402a344 rdx: 32397b00
rcx: 32397b00 r8: 0 r9: 1f112ce8
rax: 0 rbx: 20000000 rbp: ffffff0005f3f4d0
r10: 0 r11: 1 r12: ffffff014e992000
r13: ffffff014ea27000 r14: ffffff0150f943f8 r15: ffffff014c1d22b8
fsb: 0 gsb: ffffff0149d55080 ds: 4b
es: 4b fs: 0 gs: 1c3
trp: e err: 0 rip: fffffffff86b3490
cs: 30 rfl: 10246 rsp: ffffff0005f3f4a0
ss: 38
ffffff0005f3f290 unix:die+c8 ()
ffffff0005f3f3a0 unix:trap+13b9 ()
ffffff0005f3f3b0 unix:_cmntrap+e9 ()
ffffff0005f3f4d0 nfs:nfs4_record_ephemeral_mount+c0 ()
ffffff0005f3f5b0 nfs:nfs4_mount+9d6 ()
ffffff0005f3f5e0 genunix:fsop_mount+21 ()
ffffff0005f3f750 genunix:domount+9c1 ()
ffffff0005f3f7f0 nfs:nfs4_trigger_domount+270 ()
ffffff0005f3f870 nfs:nfs4_trigger_mount+201 ()
ffffff0005f3f900 nfs:nfs4_trigger_lookup+5c ()
ffffff0005f3f9a0 genunix:fop_lookup+f2 ()
ffffff0005f3fbf0 genunix:lookuppnvp+351 ()
ffffff0005f3fc90 genunix:lookuppnat+125 ()
ffffff0005f3fd70 genunix:lookupnameat+82 ()
ffffff0005f3fe00 genunix:cstatat_getvp+160 ()
ffffff0005f3fea0 genunix:cstatat64_32+7d ()
ffffff0005f3fec0 genunix:lstat64_32+31 ()
ffffff0005f3ff10 unix:brand_sys_syscall32+197 ()
nfs4_record_ephemeral_mount+0x73: call +0x3310ce8 <kmem_zalloc>
nfs4_record_ephemeral_mount+0x78: movq %rax,%r14
nfs4_record_ephemeral_mount+0x7b: movq %r12,(%r14)
nfs4_record_ephemeral_mount+0x7e: call +0x31710fd <gethrestime_sec>
nfs4_record_ephemeral_mount+0x83: movq %rax,0x20(%r14)
nfs4_record_ephemeral_mount+0x87: movl 0x8(%r15),%eax
nfs4_record_ephemeral_mount+0x8b: movl %eax,0x28(%r14)
nfs4_record_ephemeral_mount+0x8f: movl 0x3c(%r12),%eax
nfs4_record_ephemeral_mount+0x94: orl $0x4000,%eax
nfs4_record_ephemeral_mount+0x99: movl %eax,0x3c(%r12)
nfs4_record_ephemeral_mount+0x9e: movq %r14,0xb70(%r12)
nfs4_record_ephemeral_mount+0xa6: movq 0xb78(%r13),%r8
nfs4_record_ephemeral_mount+0xad: movq %r8,0xb78(%r12)
nfs4_record_ephemeral_mount+0xb5: movl 0x3c(%r13),%eax
nfs4_record_ephemeral_mount+0xb9: andl $0x4000,%eax
nfs4_record_ephemeral_mount+0xbe: jne +0x24 <nfs4_record_ephemeral_mount+0xe4>
nfs4_record_ephemeral_mount+0xc0: movq 0x8(%r8),%r9
%r13 is mi_parent
prior = mi_parent->mi_ephemeral;
> 0xffffff014ea27000::print -aCLt mntinfo4_t mi_ephemeral
ffffff014ea27b70 struct nfs4_ephemeral *mi_ephemeral = 0
we die trying to access ne_child via a NULL mi_ephemeral ptr.
> ::print -aCLt nfs4_ephemeral_t
{
0 mntinfo4_t *ne_mount
8 struct nfs4_ephemeral *ne_child
/*
* We need to tack together the ephemeral mount
* with this new mntinfo.
*/
eph = kmem_zalloc(sizeof (*eph), KM_SLEEP);
eph->ne_mount = mi;
eph->ne_ref_time = gethrestime_sec();
/*
* We need to tell the ephemeral mount when
* to time out.
*/
eph->ne_mount_to = ntg->ntg_mount_to;
mi->mi_flags |= MI4_EPHEMERAL;
mi->mi_ephemeral = eph;
net = mi->mi_ephemeral_tree =
mi_parent->mi_ephemeral_tree;
ASSERT(net != NULL);
/*
* If the enclosing mntinfo4 is also ephemeral,
* then we need to point to its enclosing parent.
* Else the enclosing mntinfo4 is the enclosing parent.
*
* We also need to weave this ephemeral node
* into the tree.
*/
if (mi_parent->mi_flags & MI4_EPHEMERAL) {
/*
* We need to decide if we are
* the root node of this branch
* or if we are a sibling of this
* branch.
*/
prior = mi_parent->mi_ephemeral;
ASSERT(prior != NULL);
if (prior->ne_child == NULL) {
|
