[Bug 215011] kqueue: notification race condition between open and kqueue
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 13 Jul 2025 12:51:47 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215011
Charlie Li <vishwin@freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |vishwin@freebsd.org
--- Comment #2 from Charlie Li <vishwin@freebsd.org> ---
After the above commit (everything rebuilt), I'm getting panics immediately
upon starting both xfce and cinnamon:
Sun Jul 13 08:30:38 EDT 2025
FreeBSD lehman 15.0-CURRENT FreeBSD 15.0-CURRENT #2 main-n278710-f5dba673345e:
Sat Jul 12 19:18:59 EDT 2025
root@lehman:/usr/obj/usr/src/amd64.amd64/sys/ODYSSEY amd64
panic: Assertion *eofflag != 0 failed at /usr/src/sys/kern/vfs_vnops.c:4058
Reading symbols from /boot/kernel/kernel...
Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug...
Reading symbols from /boot/kernel/zfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug...
Reading symbols from /boot/modules/i915kms.ko...
(No debugging symbols found in /boot/modules/i915kms.ko)
Reading symbols from /boot/modules/drm.ko...
(No debugging symbols found in /boot/modules/drm.ko)
Reading symbols from /boot/kernel/iic.ko...
Reading symbols from /usr/lib/debug//boot/kernel/iic.ko.debug...
Reading symbols from /boot/kernel/linuxkpi_video.ko...
Reading symbols from /usr/lib/debug//boot/kernel/linuxkpi_video.ko.debug...
Reading symbols from /boot/modules/dmabuf.ko...
(No debugging symbols found in /boot/modules/dmabuf.ko)
Reading symbols from /boot/kernel/lindebugfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/lindebugfs.ko.debug...
Reading symbols from /boot/modules/ttm.ko...
(No debugging symbols found in /boot/modules/ttm.ko)
Reading symbols from /boot/kernel/if_iwlwifi.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_iwlwifi.ko.debug...
Reading symbols from /boot/kernel/if_iwm.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_iwm.ko.debug...
Reading symbols from /boot/kernel/cuse.ko...
Reading symbols from /usr/lib/debug//boot/kernel/cuse.ko.debug...
Reading symbols from /boot/kernel/uplcom.ko...
Reading symbols from /usr/lib/debug//boot/kernel/uplcom.ko.debug...
Reading symbols from /boot/kernel/nlsysevent.ko...
Reading symbols from /usr/lib/debug//boot/kernel/nlsysevent.ko.debug...
__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
57 __asm("movq %%gs:%c1,%0" : "=r" (td)
(kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
td = <optimized out>
#1 doadump (textdump=textdump@entry=1)
at /usr/src/sys/kern/kern_shutdown.c:399
error = 0
coredump = <optimized out>
#2 0xffffffff80b98983 in kern_reboot (howto=260)
at /usr/src/sys/kern/kern_shutdown.c:519
once = 0
__pc = 0x0
#3 0xffffffff80b98ea7 in vpanic (
fmt=0xffffffff8131e855 "Assertion %s failed at %s:%d",
ap=ap@entry=0xfffffe00c4797a50) at /usr/src/sys/kern/kern_shutdown.c:974
buf = "Assertion *eofflag != 0 failed at
/usr/src/sys/kern/vfs_vnops.c:4058", '\000' <repeats 187 times>
__pc = 0x0
__pc = 0x0
__pc = 0x0
other_cpus = {__bits = {13, 0 <repeats 15 times>}}
td = 0xfffff800375c1780
bootopt = <unavailable>
newpanic = <optimized out>
#4 0xffffffff80b98cd3 in panic (fmt=<unavailable>)
at /usr/src/sys/kern/kern_shutdown.c:887
ap = {{gp_offset = 32, fp_offset = 48,
overflow_arg_area = 0xfffffe00c4797a80,
reg_save_area = 0xfffffe00c4797a20}}
#5 0xffffffff80cbaebc in vn_dir_next_dirent (vp=0xfffff80104d3ddc0,
td=<optimized out>, dirbuf=0xfffffe00c45c9000 "\001",
dirbuflen=<optimized out>, dpp=0xfffffe00c4797c58, len=0xfffffe00c4797c48,
off=0xfffffe00c4797c40, eofflag=0xfffffe00c4797c60)
at /usr/src/sys/kern/vfs_vnops.c:4058
uio = {uio_iov = 0xfffffe00c4797ae8, uio_iovcnt = 1, uio_offset = 128,
uio_resid = 35840, uio_segflg = UIO_SYSSPACE, uio_rw = UIO_READ,
uio_td = 0xfffff800375c1780}
iov = {iov_base = 0xfffffe00c45c9000, iov_len = 35840}
dp = 0x0
reclen = <optimized out>
error = <optimized out>
success = <optimized out>
#6 0xffffffff80c89ba5 in vn_inotify_add_watch (vp=0xfffff80104d3ddc0,
vp@entry=<error reading variable: value is not available>,
sc=0xfffff80003115600,
sc@entry=<error reading variable: value is not available>, mask=16789454,
mask@entry=<error reading variable: value is not available>,
wdp=0xfffffe00c4797dd4,
wdp@entry=<error reading variable: value is not available>,
td=0xfffff800375c1780,
td@entry=<error reading variable: value is not available>)
at /usr/src/sys/kern/vfs_inotify.c:747
nd = {ni_dirp = 0xfffffe00c45c9058 "efi", ni_segflg = UIO_SYSSPACE,
ni_rightsneeded = 0xffffffff814f2010 <cap_no_rights>,
ni_startdir = 0x0, ni_rootdir = 0xfffff8000938a898, ni_topdir = 0x0,
ni_dirfd = -100, ni_lcf = 0, ni_filecaps = {fc_rights = {
cr_rights = {0, 0}}, fc_ioctls = 0x0, fc_nioctls = -1,
fc_fcntls = 0}, ni_vp = 0xfffff80104d3dc08,
ni_dvp = 0xfffff80104d3ddc0, ni_resflags = 0, ni_debugflags = 7,
ni_loopcnt = 0, ni_pathlen = 1, ni_next = 0xfffff80074c8a403 "",
ni_cnd = {cn_flags = 8925478912, cn_cred = 0xfffff80003100a00,
cn_nameiop = LOOKUP, cn_lkflags = 2097152,
cn_pnbuf = 0xfffff80074c8a400 "efi",
cn_nameptr = 0xfffff80074c8a400 "efi", cn_namelen = 3},
ni_cap_tracker = {tqh_first = 0x0, tqh_last = 0xfffffe00c4797c08},
ni_rbeneath_dpp = 0x0, ni_nctrack_mnt = 0x0, ni_dvp_seqc = 493,
ni_vp_seqc = 0}
dp = 0xfffffe00c45c9040
off = 128
len = 0
buflen = 35840
buf = 0xfffffe00c45c9000 "\001"
eof = 0
error = 0
watch = <optimized out>
watch1 = <optimized out>
wd = <optimized out>
#7 0xffffffff812321c9 in VOP_INOTIFY_ADD_WATCH_APV (vop=<optimized out>,
a=a@entry=0xfffffe00c4797da0) at vnode_if.c:4410
rc = <optimized out>
#8 0xffffffff80c8a50a in VOP_INOTIFY_ADD_WATCH (vp=0xfffff80104d3ddc0,
vp@entry=<error reading variable: value is not available>,
sc=0xfffff80003115600,
sc@entry=<error reading variable: value is not available>, mask=16789454,
mask@entry=<error reading variable: value is not available>,
wdp=0xfffffe00c4797dd4, td=0xfffff800375c1780,
td@entry=<error reading variable: value is not available>)
at ./vnode_if.h:2552
a = {a_gen = {
a_desc = 0xffffffff81b86ad0 <vop_inotify_add_watch_desc>},
a_vp = 0xfffff80104d3ddc0, a_sc = 0xfffff80003115600,
a_mask = 16789454, a_wdp = 0xfffffe00c4797dd4,
a_td = 0xfffff800375c1780}
#9 kern_inotify_add_watch (fd=<unavailable>,
fd@entry=<error reading variable: value is not available>,
dfd=<unavailable>,
dfd@entry=<error reading variable: value is not available>,
path=<unavailable>,
path@entry=<error reading variable: value is not available>,
mask=16789454,
mask@entry=<error reading variable: value is not available>,
td=0xfffff800375c1780,
td@entry=<error reading variable: value is not available>)
at /usr/src/sys/kern/vfs_inotify.c:935
nd = {
ni_dirp = 0xc45bf800090 <error: Cannot access memory at address
0xc45bf800090>, ni_segflg = UIO_USERSPACE,
ni_rightsneeded = 0xffffffff814f2010 <cap_no_rights>,
ni_startdir = 0x0, ni_rootdir = 0xfffff8000938a898, ni_topdir = 0x0,
ni_dirfd = -100, ni_lcf = 0, ni_filecaps = {fc_rights = {
cr_rights = {0, 0}}, fc_ioctls = 0x0, fc_nioctls = -1,
fc_fcntls = 0}, ni_vp = 0xfffff80104d3ddc0,
ni_dvp = 0xfffff80003179370, ni_resflags = 1, ni_debugflags = 3,
ni_loopcnt = 0, ni_pathlen = 1,
ni_next = 0xfffff80074c8a409
"\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336",
<incomplete sequence \336>...,
ni_cnd = {cn_flags = 8925741380, cn_cred = 0xfffff80003100a00,
cn_nameiop = LOOKUP, cn_lkflags = 2097152, cn_pnbuf = 0x0,
cn_nameptr = 0xfffff80074c8a406
"\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300"...,
cn_namelen = 3},
ni_cap_tracker = {tqh_first = 0x0, tqh_last = 0xfffffe00c4797d70},
ni_rbeneath_dpp = 0x0, ni_nctrack_mnt = 0x0, ni_dvp_seqc = 0,
ni_vp_seqc = 0}
wd = 2
fp = 0xfffff8003757d230
vp = 0xfffff80104d3ddc0
error = <optimized out>
sc = 0xfffff80003115600
count = <optimized out>
#10 0xffffffff8116998e in syscallenter (td=0xfffff800375c1780)
at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:193
se = 0xffffffff81ac83f0 <sysent+18976>
p = 0xfffffe00831515c0
sa = 0xfffff800375c1b98
error = <optimized out>
sy_thr_static = true
traced = <optimized out>
_audit_entered = <optimized out>
#11 amd64_syscall (td=0xfffff800375c1780, traced=0)
at /usr/src/sys/amd64/amd64/trap.c:1215
ksi = {ksi_link = {tqe_next = 0xfffff800375c1780,
tqe_prev = 0xffffffff8316d400}, ksi_info = {
si_signo = -2127967715, si_errno = -1, si_code = 928782208,
si_pid = -2048, si_uid = 2199311360, si_status = -1,
si_addr = 0xffffffff00000000, si_value = {sival_int = 0,
sival_ptr = 0x60100000000, sigval_int = 0,
sigval_ptr = 0x60100000000}, _reason = {_fault = {
_trapno = 1537}, _timer = {_timerid = 1537, _overrun = 0},
_mesgq = {_mqd = 1537}, _poll = {_band = 1537}, _capsicum = {
_syscall = 1537}, __spare__ = {__spare1__ = 1537,
__spare2__ = {0, 0, -1082124768, 3141, 928782208, -2048,
1}}}}, ksi_flags = -998670704, ksi_sigq = 0x46}
#12 <signal handler called>
No locals.
#13 0x000000082c4d29aa in ?? ()
No symbol table info available.
Backtrace stopped: Cannot access memory at address 0x831746818
(kgdb) /usr/libexec/kgdb/acttrace.py:8: Error in sourced command file:
Undefined command: "import". Try "help".
(kgdb) Undefined command: "acttrace". Try "help".
(kgdb)
There is also a flood of "fstat: znode_t size mismatch, data could be wrong".
--
You are receiving this mail because:
You are the assignee for the bug.