Re: kern/39777: NFS client triggers kernel panics

[Matthias Scheler <tron%zhadum.org.uk@localhost>]

I've looked at the faulting bit of code:

db{0}> examine/i netbsd:_bus_dmamap_load_mbuf,10
netbsd:_bus_dmamap_load_mbuf:   pushq   %rbp
netbsd:_bus_dmamap_load_mbuf+0x1:       movq    %rsp,%rbp
netbsd:_bus_dmamap_load_mbuf+0x4:       pushq   %r15
netbsd:_bus_dmamap_load_mbuf+0x6:       pushq   %r14
netbsd:_bus_dmamap_load_mbuf+0x8:       pushq   %r13
netbsd:_bus_dmamap_load_mbuf+0xa:       pushq   %r12
netbsd:_bus_dmamap_load_mbuf+0xc:       movq    %rsi,%r12
netbsd:_bus_dmamap_load_mbuf+0xf:       pushq   %rbx
netbsd:_bus_dmamap_load_mbuf+0x10:      subq    $0x58,%rsp
netbsd:_bus_dmamap_load_mbuf+0x14:      movq    %rdi,0xffffffffffffffb0(%rbp)
netbsd:_bus_dmamap_load_mbuf+0x18:      movq    %rdx,0xffffffffffffffa8(%rbp)
netbsd:_bus_dmamap_load_mbuf+0x1c:      movl    %ecx,0xffffffffffffffa4(%rbp)
netbsd:_bus_dmamap_load_mbuf+0x1f:      movq    0x30(%rsi),%rax
netbsd:_bus_dmamap_load_mbuf+0x23:      movq    %rax,0xffffffffffffffb8(%rbp)
netbsd:_bus_dmamap_load_mbuf+0x27:      movq    $0,0x40(%rsi)
netbsd:_bus_dmamap_load_mbuf+0x2f:      movl    $0,0x48(%rsi)

The kernel crashes at netbsd:_bus_dmamap_load_mbuf+0x14 which tries
to access the stack space it previously created.

This looks like a stack overflow to me.

        Kind regards

-- 
Matthias Scheler                                  http://zhadum.org.uk/