kern_sig.c pfault with non-sleepable locks held

Reply: Tomoaki AOKI : "Re: kern_sig.c pfault with non-sleepable locks held"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Bjoern A. Zeeb <bzeeb-lists_at_lists.zabbadoz.net>
Date: Mon, 23 Mar 2026 03:53:51 UTC

Hi,

this is at main 8cc1c0f35ec8 . I'll update later and see if I can repro this.
It's been a long time since I've seen something like this...

I cannot help much more as bhyve stopped with a triple fault on this.


Kernel page fault with the following non-sleepable locks held:
exclusive sleep mutex sigacts (sigacts) r = 0 (0xfffff800370b1ca8) locked @ /sys/kern/kern_sig.c:311
exclusive sleep mutex process lock (process lock) r = 0 (0xfffffe00a3162bd8) locked @ /sys/kern/kern_sig.c:308
stack backtrace:
#0 0xffffffff80c2e51c at witness_debugger+0x6c
#1 0xffffffff80c2fe29 at witness_warn+0x4c9
#2 0xffffffff8109bcec at trap_pfault+0x8c
#3 0xffffffff8106a6b8 at calltrap+0x8
#4 0xffffffff8106d6b7 at end_exceptions+0x167
#5 0xffffffff80bb896b at postsig+0x28b
#6 0xffffffff80bbcdab at ast_sig+0x1bb
#7 0xffffffff80c22d08 at ast_handler+0xe8
#8 0xffffffff80c22c10 at ast+0x20
#9 0xffffffff8106d1a6 at doreti_ast+0x1c


Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 03
fault virtual address   = 0xfffffe00b0aa9000
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff810979d5
stack pointer           = 0:0xfffffe00b0aa88f0
frame pointer           = 0:0xfffffe00b0aa88f0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 2326 (iperf3)
rdi: fffffe00b0aa8a38 rsi: fffffe00b0aa9000 rdx: 000000000000003b
rcx: 0000000000000010  r8: fffffffffffffa38  r9: fffffe00b0aa8950
rax: fffffe00b0aa8978 rbx: fffffe00b0aa8f40 rbp: fffffe00b0aa88f0
r10: 0000000000000000 r11: fffffe00b0aa8d78 r12: 0000000000000000
r13: fffffe00b0aa8de8 r14: 0000000000000004 r15: fffff800047ef780
trap number             = 12




Fatal trap 9: general protection fault while in kernel mode
Fatal trap 9: general protection fault while in kernel mode


(gdb) l *0xffffffff810979d5
0xffffffff810979d5 is at /sys/amd64/amd64/support.S:537.
532     ENTRY(memmove_std)
533             MEMMOVE erms=0 overlap=1 begin=MEMMOVE_BEGIN end=MEMMOVE_END
534     END(memmove_std)
535
536     ENTRY(memmove_erms)
537             MEMMOVE erms=1 overlap=1 begin=MEMMOVE_BEGIN end=MEMMOVE_END
538     END(memmove_erms)
539
540     /*
541      * memcpy(dst, src, len)

-- 
Bjoern A. Zeeb                                                     r15:7