[Bug 236846] FreeBSD 12.0-STABLE-p3 r345567: panic: vm_fault_hold: fault on nofault entry

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=236846

--- Comment #2 from Viktor Dukhovni <ietf-dane at dukhovni.org> ---
With fantastic help from Mark Johnston, the issue has been plausibly narrowed
down to the new epoch_tracker code in 12.0 not handling IPv6 via stf0 robustly.
 The crash dump with "option INVARIANTS" looks like:

panic: Assertion etd->et_td == (struct thread *)td failed at
/usr/src/sys/sys/epoch_private.h:178
cpuid = 7
time = 1553806077
KDB: stack backtrace:
#0 0xffffffff80bbb047 at kdb_backtrace+0x67
#1 0xffffffff80b737c3 at vpanic+0x1a3
#2 0xffffffff80b735a3 at panic+0x43
#3 0xffffffff80c68357 at epoch_exit_preempt+0x1e7
#4 0xffffffff80c6b35d at if_addr_runlock+0x1d
#5 0xffffffff82e33b67 at stf_getsrcifa6+0x1a7
#6 0xffffffff82e33488 at stf_output+0x48
#7 0xffffffff80dc356f at ip6_output+0x1daf
#8 0xffffffff80d85d74 at tcp_output+0x1be4
#9 0xffffffff80d97739 at tcp_usr_disconnect+0x69
#10 0xffffffff80c07eec at soclose+0x9c
#11 0xffffffff80b1d86a at _fdrop+0x1a
#12 0xffffffff80b20abc at closef+0x1ec
#13 0xffffffff80b1dea0 at closefp+0xa0
#14 0xffffffff8103ca58 at amd64_syscall+0x278
#15 0xffffffff8101589d at fast_syscall_common+0x101

I am now testing a work-around patch...

-- 
You are receiving this mail because:
You are the assignee for the bug.