[Bug 279899] pf_unlink_state mutex unlock page fault panic

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 13 Jul 2024 12:27:32 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279899

Gyver Def <gdef@wp.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |gdef@wp.pl

--- Comment #11 from Gyver Def <gdef@wp.pl> ---
Bug still presents in latest 14.1-STABLE branch:

Unread portion of the kernel message buffer:
[47842] kernel trap 12 with interrupts disabled
[47842]
[47842]
[47842] Fatal trap 12: page fault while in kernel mode
[47842] cpuid = 9; apic id = 09
[47842] fault virtual address   = 0x20
[47842] fault code              = supervisor read data, page not present
[47842] instruction pointer     = 0x20:0xffffffff806fbd70
[47842] stack pointer           = 0x28:0xfffffe02059f8df0
[47842] frame pointer           = 0x28:0xfffffe02059f8e00
[47842] code segment            = base 0x0, limit 0xfffff, type 0x1b
[47842]                         = DPL 0, pres 1, long 1, def32 0, gran 1
[47842] processor eflags        = resume, IOPL = 0
[47842] current process         = 6 (pf purge)
[47842] rdi: 0000000000000000 rsi: 0000000000000000 rdx: fffff801172f2740
[47842] rcx: fffff801172f2740  r8: 0000000000000050  r9: 0000000000000028
[47842] rax: 0000000000000000 rbx: 0000000000000000 rbp: fffffe02059f8e00
[47842] r10: fffff801d6fcc6e0 r11: 0000000082d0b062 r12: 0000000000000000
[47842] r13: fffff801172f2740 r14: 0000000000000000 r15: 00000000000190d4
[47842] trap number             = 12
[47842] panic: page fault
[47842] cpuid = 9
[47842] time = 1720796553
[47842] KDB: stack backtrace:
[47842] #0 0xffffffff806e25bd at kdb_backtrace+0x5d
[47842] #1 0xffffffff806976f1 at vpanic+0x131
[47842] #2 0xffffffff806975b3 at panic+0x43
[47842] #3 0xffffffff80a5f0fb at trap_fatal+0x40b
[47842] #4 0xffffffff80a5f146 at trap_pfault+0x46
[47842] #5 0xffffffff80a37598 at calltrap+0x8
[47842] #6 0xffffffff80674603 at __mtx_unlock_sleep+0x73
[47842] #7 0xffffffff80899ff8 at pf_unlink_state+0x338
[47842] #8 0xffffffff80899558 at pf_purge_expired_states+0x178
[47842] #9 0xffffffff8089937b at pf_purge_thread+0x13b
[47842] #10 0xffffffff8065211f at fork_exit+0x7f
[47842] #11 0xffffffff80a385fe at fork_trampoline+0xe
[47842] Uptime: 13h17m22s
[47842] Dumping 8074 out of 130174
MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91%

Reading symbols from /boot/kernel/zfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug...
Reading symbols from /boot/kernel/fdescfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/fdescfs.ko.debug...
__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
warning: Source file is more recent than executable.
57              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:405
#2  0xffffffff80697287 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:523
#3  0xffffffff8069775e in vpanic (fmt=0xffffffff80acd933 "%s",
ap=ap@entry=0xfffffe02059f8c50)
    at /usr/src/sys/kern/kern_shutdown.c:967
#4  0xffffffff806975b3 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:891
#5  0xffffffff80a5f0fb in trap_fatal (frame=0xfffffe02059f8d30, eva=32) at
/usr/src/sys/amd64/amd64/trap.c:952
#6  0xffffffff80a5f146 in trap_pfault (frame=<unavailable>, usermode=false,
signo=<optimized out>, ucode=<optimized out>)
    at /usr/src/sys/amd64/amd64/trap.c:760
#7  <signal handler called>
#8  0xffffffff806fbd70 in turnstile_broadcast (ts=0x0, queue=queue@entry=0) at
/usr/src/sys/kern/subr_turnstile.c:900
#9  0xffffffff80674603 in __mtx_unlock_sleep (c=<optimized out>, v=<optimized
out>) at /usr/src/sys/kern/kern_mutex.c:1056
#10 0xffffffff80899ff8 in pf_unlink_state (s=s@entry=0xfffff801d6fcc6e0) at
/usr/src/sys/netpfil/pf/pf.c:2147
#11 0xffffffff80899558 in pf_purge_expired_states (i=102589, maxcheck=901) at
/usr/src/sys/netpfil/pf/pf.c:2207
#12 0xffffffff8089937b in pf_purge_thread (unused=<optimized out>) at
/usr/src/sys/netpfil/pf/pf.c:1950
#13 0xffffffff8065211f in fork_exit (callout=0xffffffff80899240
<pf_purge_thread>, arg=0x0, frame=0xfffffe02059f8f40)
    at /usr/src/sys/kern/kern_fork.c:1164
#14 <signal handler called>
#15 0x0a12d0230652d027 in ?? ()

-- 
You are receiving this mail because:
You are the assignee for the bug.