From nobody@FreeBSD.org  Sun May 11 14:46:18 2014
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
	(using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by hub.freebsd.org (Postfix) with ESMTPS id 3523BB6
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 11 May 2014 14:46:18 +0000 (UTC)
Received: from cgiserv.freebsd.org (cgiserv.freebsd.org [IPv6:2001:1900:2254:206a::50:4])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 16565289E
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 11 May 2014 14:46:18 +0000 (UTC)
Received: from cgiserv.freebsd.org ([127.0.1.6])
	by cgiserv.freebsd.org (8.14.8/8.14.8) with ESMTP id s4BEkHnn082518
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 11 May 2014 14:46:17 GMT
	(envelope-from nobody@cgiserv.freebsd.org)
Received: (from nobody@localhost)
	by cgiserv.freebsd.org (8.14.8/8.14.8/Submit) id s4BEkH10082517;
	Sun, 11 May 2014 14:46:17 GMT
	(envelope-from nobody)
Message-Id: <201405111446.s4BEkH10082517@cgiserv.freebsd.org>
Date: Sun, 11 May 2014 14:46:17 GMT
From: Pete Long <pete@nrth.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: Using arcconf on FreeBSD 11 Current Causes Dumps Root User To DB> Prompt
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         189668
>Category:       amd64
>Synopsis:       Using arcconf on FreeBSD 11 Current Causes Dumps Root User To DB> Prompt
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jhb
>State:          patched
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 11 14:50:00 UTC 2014
>Closed-Date:    
>Last-Modified:  Sat May 17 02:52:22 UTC 2014
>Originator:     Pete Long
>Release:        10.0-STABLE FreeBSD
>Organization:
n/a
>Environment:
FreeBSD frak.nrth.lab 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r265678: Thu May  8 15:37:57 BST 2014     root@frak.nrth.lab:/usr/obj/usr/src/sys/RAWSEX  amd64

Previously running the kernel below with no issues:

FreeBSD frak.nrth.lab 10.0-RELEASE-p2 FreeBSD 10.0-RELEASE-p2 #0: Tue Apr 29 17:06:01 UTC 2014     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
>Description:
Hi all,

More than likely a case of PEBKAC but here goes.

I have an HP Proliant ML110 G5 server using an Adaptec 3405 RAID controller (3 x SATA drives. Cannot afford SAS). I updated my kernel to 11.0-CURRENT using svn and also updated the ports tree in the same manner.

Everything I need to run works fine except for one program in ports; namely arcconf. 

Running '/usr/local/sbin/arcconf GETCONFIG 1' drops my root prompt to a 'DB>' prompt with some talk of a KDB backtrace.

Apologies if this isn't any help but here is the output generated right after that command (whilst running the 11.0-CURRENT kernel) in dmesg:

[Begin dmesg stdout]

May 10 23:21:41 frak kernel: KDB: stack backtrace:
May 10 23:21:41 frak kernel: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe023334bdb0
May 10 23:21:41 frak kernel: kdb_backtrace() at kdb_backtrace+0x39/frame 0xfffffe023334be60
May 10 23:21:41 frak kernel: witness_checkorder() at witness_checkorder+0xdc2/frame 0xfffffe023334bef0
May 10 23:21:41 frak kernel: __lockmgr_args() at __lockmgr_args+0x9ca/frame 0xfffffe023334c020
May 10 23:21:41 frak kernel: ffs_lock() at ffs_lock+0x84/frame 0xfffffe023334c070
May 10 23:21:41 frak kernel: VOP_LOCK1_APV() at VOP_LOCK1_APV+0xfc/frame 0xfffffe023334c0a0
May 10 23:21:41 frak kernel: _vn_lock() at _vn_lock+0xaa/frame 0xfffffe023334c110
May 10 23:21:41 frak kernel: vget() at vget+0x67/frame 0xfffffe023334c150
May 10 23:21:41 frak kernel: vfs_hash_get() at vfs_hash_get+0xe1/frame 0xfffffe023334c1a0
May 10 23:21:41 frak kernel: ffs_vgetf() at ffs_vgetf+0x40/frame 0xfffffe023334c230
May 10 23:21:41 frak kernel: softdep_sync_buf() at softdep_sync_buf+0xafc/frame 0xfffffe023334c310
May 10 23:21:41 frak kernel: ffs_syncvnode() at ffs_syncvnode+0x286/frame 0xfffffe023334c390
May 10 23:21:41 frak kernel: ffs_truncate() at ffs_truncate+0x6ae/frame 0xfffffe023334c570
May 10 23:21:41 frak kernel: ufs_direnter() at ufs_direnter+0x81a/frame 0xfffffe023334c630
May 10 23:21:41 frak kernel: ufs_makeinode() at ufs_makeinode+0x560/frame 0xfffffe023334c7e0
May 10 23:21:41 frak kernel: VOP_CREATE_APV() at VOP_CREATE_APV+0xf1/frame 0xfffffe023334c810
May 10 23:21:41 frak kernel: vn_open_cred() at vn_open_cred+0x2eb/frame 0xfffffe023334c960
May 10 23:21:41 frak kernel: kern_openat() at kern_openat+0x26f/frame 0xfffffe023334cae0
May 10 23:21:41 frak kernel: amd64_syscall() at amd64_syscall+0x25a/frame 0xfffffe023334cbf0
May 10 23:21:41 frak kernel: Xfast_syscall() at Xfast_syscall+0xfb/frame 0xfffffe023334cbf0
May 10 23:21:41 frak kernel: --- syscall (5, FreeBSD ELF64, sys_open), rip = 0x800de47ca, rsp = 0x7fffffffd608, rbp = 0x7fffffffd6f0

[End dmesg stdout]

If I type 'reboot' at the prompt my server reboots fine and all is well.

Reverting back to 10.0-STABLE with a ports tree update as well solves the issue. I already know it works on 10.0-RELEASE.

I can now run '/usr/local/sbin/arcconf GETCONFIG 1' and receive the following (edited here for brevity output):

Controllers found: 1
----------------------------------------------------------------------
Controller information
----------------------------------------------------------------------
   Controller Status                        : Optimal
   Channel description                      : SAS/SATA
   Controller Model                         : Adaptec 3405
   Controller Serial Number                 : 7C2510D7488
   Physical Slot                            : 3
   Temperature                              : 48 C/ 118 F (Normal)
   Installed memory                         : 128 MB
   Copyback                                 : Disabled
   Background consistency check             : Disabled
   Automatic Failover                       : Enabled
   Stayawake period                         : Disabled
   Spinup limit internal drives             : 0
   Spinup limit external drives             : 0
   Defunct disk drive count                 : 0
   Logical devices/Failed/Degraded          : 1/0/0
   --------------------------------------------------------
   Controller Version Information

 [...]


I'm completely happy with the configuration I've got now (on 10.0-STABLE) but thought it might be beneficial to report the problem. I realise CURRENT is fairly hot.

Many thanks for a superior OS.

Regards,

Pete.

>How-To-Repeat:
Install Adaptec 3405 RAID controller on a server running FreeBSD 11.0-CURRENT amd64 and attempt to run the 'arcconf' command available in /usr/ports/sysutils/arcconf.


>Fix:
Revert to FreeBSD 10.0-STABLE or 10.0-CURRENT and re-install the 'arcconf' port.

>Release-Note:
>Audit-Trail:

From: John Baldwin <jhb@FreeBSD.org>
To: Pete Long <pete@nrth.org>, freebsd-gnats-submit@FreeBSD.org
Cc:  
Subject: Re: amd64/189668: Using arcconf on FreeBSD 11 Current Causes Dumps
 Root User To DB> Prompt
Date: Thu, 15 May 2014 07:11:21 -0400

 A WITNESS warning shouldn't drop to db>.  Also, if you reboot from db>,
 usually any messages you get from DDB don't get logged.  I suspect this
 is just an unrelated LOR warning before the actual crash you are seeing.
  Can you ensure your system is configured for crashdumps and get a dump?
  It would be good to get the message just before the db> prompt (which
 is likely a panic message) as well as the stack trace of the dump from kgdb.
 
 -- 
 John Baldwin

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: amd64/189668: commit references a PR
Date: Sat, 17 May 2014 02:45:07 +0000 (UTC)

 Author: jhb
 Date: Sat May 17 02:45:04 2014
 New Revision: 266281
 URL: http://svnweb.freebsd.org/changeset/base/266281
 
 Log:
   Clear the data buffer length field when freeing a command structure so that
   it doesn't leak through when the command structure is reused for a user
   command without a data buffer.
   
   PR:		amd64/189668
   Tested by:	Pete Long <pete@nrth.org>
   MFC after:	1 week
 
 Modified:
   head/sys/dev/aac/aac.c
 
 Modified: head/sys/dev/aac/aac.c
 ==============================================================================
 --- head/sys/dev/aac/aac.c	Sat May 17 02:39:20 2014	(r266280)
 +++ head/sys/dev/aac/aac.c	Sat May 17 02:45:04 2014	(r266281)
 @@ -1408,6 +1408,7 @@ aac_release_command(struct aac_command *
  	fwprintf(sc, HBA_FLAGS_DBG_FUNCTION_ENTRY_B, "");
  
  	/* (re)initialize the command/FIB */
 +	cm->cm_datalen = 0;
  	cm->cm_sgtable = NULL;
  	cm->cm_flags = 0;
  	cm->cm_complete = NULL;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: jhb 
State-Changed-When: Sat May 17 02:51:07 UTC 2014 
State-Changed-Why:  
Fix committed to HEAD. 


Responsible-Changed-From-To: freebsd-amd64->jhb 
Responsible-Changed-By: jhb 
Responsible-Changed-When: Sat May 17 02:51:07 UTC 2014 
Responsible-Changed-Why:  
Fix committed to HEAD. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=189668 
>Unformatted:
