From nobody Sun Aug 28 19:52:29 2022 X-Original-To: net@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MG43g25rCz4bFls for ; Sun, 28 Aug 2022 19:52:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MG43g14nDz3dhC for ; Sun, 28 Aug 2022 19:52:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MG43g08fwz1BRx for ; Sun, 28 Aug 2022 19:52:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 27SJqUwD053147 for ; Sun, 28 Aug 2022 19:52:30 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 27SJqUoA053146 for net@FreeBSD.org; Sun, 28 Aug 2022 19:52:30 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 260393] [tcp] Page Fault tcp_output/tcp_input Date: Sun, 28 Aug 2022 19:52:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-STABLE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Only Me X-Bugzilla-Who: ddobrev85@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: net@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Networking and TCP/IP with FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-net List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-net@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1661716351; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=rumcSB/MVL9f3xfQdyG8wxAo9Pj+pfXoiM+vT0hfKrY=; b=oJDFGCpNJWQ7CatMh9SA7Jyrg5ap9t7aRuY88rRlXNjBgBFvRpNnharackAcfjVWpywlWp l5nFggXu6NrG9/8S+2zdHYaUPcrC67OCx+p3wdlLAEShhOYi/DkXPZCk8Bc9Fu9jBarZrD nSLAtShYDDzWIBf8p3OUcnh275uxnxr9QKowZsC31QlanuTcy9iNv2beFdd7DOLJvVYJ2k dNyjneHwsiqC9IoRR6wh4hzV15pRr8xyjmqEG7u3PyWWRNQ1+PbRDMJuAP9rhYuwvHmA2S wYF2jceBm4l4oeND1fsxsU/Gx8yvnjhOqesY4fRtVullf5E0o+HRhTpztUnP6Q== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1661716351; a=rsa-sha256; cv=none; b=HOT97QtpAsfUN4Mlm2E+Su4iRKNUU5Jm/KAwi9h1mW6nustGnmj6fUFH73V2uVUKqTqgPW 9JqpUcuOMi1ZJQDHMqYih17Y/yXsvvZ6xHl8AxnrbAK3F/rzVBrZGVJ6x/eauPX4v9euIs wF2NxkXaZYQWMd96n4tsh8wQbvJHaR1/NEZVKya8r2CZJf7n5EetMMyKMOGWWHszhmTwb6 sj3WPeyB9s+yUXXxLaQPOdz+YqKoqHQDJSd0AHoQc+aj50kmVdWtQ+sdrN8ENW/OHktBLt xlG3KjVvRDGoqCdrHoTvlBW1PsvIqN6V83DBL6c+GP6a/AbSvwNq80+YAyhIpA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260393 --- Comment #94 from Dobri Dobrev --- Just got a crash on 13.1 -- stable/13-n252201 And this is with net.inet.tcp.rfc6675_pipe=3D0 Here's kgdb: # kgdb /boot/kernel/kernel /var/crash/vmcore.4=20 GNU gdb (GDB) 11.1 [GDB v11.1 for FreeBSD] Copyright (C) 2021 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-portbld-freebsd13.0". Type "show configuration" for configuration details. For bug reporting instructions, please see: . Find the GDB manual and other documentation resources online at: . For help, type "help". Type "apropos word" to search for commands related to "word"... Reading symbols from /boot/kernel/kernel... Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug... Unread portion of the kernel message buffer: [91] frame pointer =3D 0x28:0xfffffe0069f536e0 [91] code segment =3D base 0x0, limit 0xfffff, type 0x1b [91] =3D DPL 0, pres 1, long 1, def32 0, gran 1 [92] processor eflags =3D interrupt enabled, resume, IOPL =3D 0 [92] current process =3D 0 (if_io_tqg_5) [92] trap number =3D 12 [92] panic: page fault [92] cpuid =3D 5 [92] time =3D 1661715643 [92] KDB: stack backtrace: [92] #0 0xffffffff80c50045 at kdb_backtrace+0x65 [92] #1 0xffffffff80c02e81 at vpanic+0x151 [92] #2 0xffffffff80c02d23 at panic+0x43 [92] #3 0xffffffff8109fd57 at trap_fatal+0x387 [92] #4 0xffffffff8109fdaf at trap_pfault+0x4f [92] #5 0xffffffff81077288 at calltrap+0x8 [92] #6 0xffffffff80dc7699 at tcp_output+0x1339 [92] #7 0xffffffff80dbedab at tcp_do_segment+0x2c9b [92] #8 0xffffffff80dbb3e1 at tcp_input_with_port+0xb61 [92] #9 0xffffffff80dbc07b at tcp_input+0xb [92] #10 0xffffffff80dad8f8 at ip_input+0x118 [92] #11 0xffffffff80d3a729 at netisr_dispatch_src+0xb9 [92] #12 0xffffffff80d1e974 at ether_demux+0x144 [92] #13 0xffffffff80d1fcd6 at ether_nh_input+0x346 [92] #14 0xffffffff80d3a729 at netisr_dispatch_src+0xb9 [92] #15 0xffffffff80d1ed99 at ether_input+0x69 [92] #16 0xffffffff80d36c3b at iflib_rxeof+0xbcb [92] #17 0xffffffff80d314c2 at _task_fn_rx+0x72 [92] Uptime: 1m32s [92] Dumping 2355 out of 65425 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91% __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 55 __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n" (offsetof(stru= ct pcpu, (kgdb) where #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 #1 dump_savectx () at /usr/src/sys/kern/kern_shutdown.c:394 #2 0xffffffff80c02a78 in dumpsys (di=3D0x0) at /usr/src/sys/x86/include/dump.h:87 #3 doadump (textdump=3D) at /usr/src/sys/kern/kern_shutdown= .c:423 #4 kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:497 #5 0xffffffff80c02eee in vpanic (fmt=3D, ap=3Dap@entry=3D0xfffffe0069f534c0) at /usr/src/sys/kern/kern_shutdown.c:930 #6 0xffffffff80c02d23 in panic (fmt=3D) at /usr/src/sys/kern/kern_shutdown.c:854 #7 0xffffffff8109fd57 in trap_fatal (frame=3D0xfffffe0069f535b0, eva=3D24)= at /usr/src/sys/amd64/amd64/trap.c:940 #8 0xffffffff8109fdaf in trap_pfault (frame=3D0xfffffe0069f535b0, usermode=3Dfalse, signo=3D, ucode=3D) at /usr/src/sys/amd64/amd64/trap.c:759 #9 #10 m_copydata (m=3D0x0, m@entry=3D0xfffff8000dc30e00, off=3D0, len=3D1, cp= =3D) at /usr/src/sys/kern/uipc_mbuf.c:659 #11 0xffffffff80dc7699 in tcp_output (tp=3D0xfffffe019e765950) at /usr/src/sys/netinet/tcp_output.c:1084 #12 0xffffffff80dbedab in tcp_do_segment (m=3D0xfffff8002ad7e100, th=3D0xfffff8002ad7e17a, so=3D0xfffff801cb635000, tp=3D0xfffffe019e765950, drop_hdrlen=3D64, tlen=3D, iptos=3D0 '\000') at /usr/src/sys/netinet/tcp_input.c:2822 #13 0xffffffff80dbb3e1 in tcp_input_with_port (mp=3D, offp=3D, proto=3D, port=3Dport@entry=3D0) at /usr/src/sys/netinet/tcp_input.c:1400 #14 0xffffffff80dbc07b in tcp_input (mp=3D0xfffff8000dc30e00, offp=3D0x0, p= roto=3D1) at /usr/src/sys/netinet/tcp_input.c:1496 #15 0xffffffff80dad8f8 in ip_input (m=3D0x0) at /usr/src/sys/netinet/ip_input.c:839 #16 0xffffffff80d3a729 in netisr_dispatch_src (proto=3D1, source=3Dsource@e= ntry=3D0, m=3D0xfffff8002ad7e100) at /usr/src/sys/net/netisr.c:1143 #17 0xffffffff80d3aaff in netisr_dispatch (proto=3D230886912, m=3D0x1) at /usr/src/sys/net/netisr.c:1234 #18 0xffffffff80d1e974 in ether_demux (ifp=3Difp@entry=3D0xfffff800023a6800= , m=3D0x0) at /usr/src/sys/net/if_ethersubr.c:921 #19 0xffffffff80d1fcd6 in ether_input_internal (ifp=3D0xfffff800023a6800, m= =3D0x0) at /usr/src/sys/net/if_ethersubr.c:707 #20 ether_nh_input (m=3D) at /usr/src/sys/net/if_ethersubr.c= :737 #21 0xffffffff80d3a729 in netisr_dispatch_src (proto=3Dproto@entry=3D5, source=3Dsource@entry=3D0, m=3Dm@entry=3D0xfffff8002ad7e100) at /usr/src/sys/net/netisr.c:1143 #22 0xffffffff80d3aaff in netisr_dispatch (proto=3D230886912, proto@entry= =3D5, m=3D0x1, m@entry=3D0xfffff8002ad7e100) at /usr/src/sys/net/netisr.c:1234 #23 0xffffffff80d1ed99 in ether_input (ifp=3D, m=3D0xfffff8002ad7e100) at /usr/src/sys/net/if_ethersubr.c:828 #24 0xffffffff80d36c3b in iflib_rxeof (rxq=3Drxq@entry=3D0xfffffe0114b0f040, budget=3D) at /usr/src/sys/net/iflib.c:3046 #25 0xffffffff80d314c2 in _task_fn_rx (context=3D0xfffffe0114b0f040) at /usr/src/sys/net/iflib.c:3989 #26 0xffffffff80c4ea5d in gtaskqueue_run_locked (queue=3Dqueue@entry=3D0xfffff80001d6b800) at /usr/src/sys/kern/subr_gtaskqueue.c:371 #27 0xffffffff80c4e6c3 in gtaskqueue_thread_loop (arg=3Darg@entry=3D0xfffffe0114a7f080) at /usr/src/sys/kern/subr_gtaskqueue= .c:547 #28 0xffffffff80bbfafe in fork_exit (callout=3D0xffffffff80c4e600 , arg=3D0xfffffe0114a7f080, frame=3D0xfffffe0069f53= f40) at /usr/src/sys/kern/kern_fork.c:1103 #29 #30 mi_startup () at /usr/src/sys/kern/init_main.c:322 Backtrace stopped: Cannot access memory at address 0x17 (kgdb) --=20 You are receiving this mail because: You are the assignee for the bug.=