Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 12 Feb 2024 10:36:32 +0100
From:      Alexander Leidinger <alexleidingerde@gmail.com>
To:        current@freebsd.org
Subject:   kernel crash in tcp_subr.c:2386
Message-ID:  <CAJg7qzH_c8JCKQvLPki6Cv7GRzaQs9vA-omSWBxnFTPy_9Rczw@mail.gmail.com>
In-Reply-To: <1707730255-92643-mlmmj-52dbb05a@FreeBSD.org>
References:  <1707730255-92643-mlmmj-52dbb05a@FreeBSD.org>
index | next in thread | previous in thread | raw e-mail 

[-- Attachment #1 --]
Hi,

I got a coredump with sources from 2024-02-10-144617 (GMT+0100):
---snip---
__curthread () at /space/system/usr_src/sys/amd64/include/pcpu_aux.h:57
57              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) #0  __curthread () at
/space/system/usr_src/sys/amd64/include/pcpu_aux.h:57
        td = <optimized out>
#1  doadump (textdump=textdump@entry=1)
    at /space/system/usr_src/sys/kern/kern_shutdown.c:403
        error = 0
        coredump = <optimized out>
#2  0xffffffff8052fe85 in kern_reboot (howto=260)
    at /space/system/usr_src/sys/kern/kern_shutdown.c:521
        once = 0
        __pc = <optimized out>
#3  0xffffffff80530382 in vpanic (
    fmt=0xffffffff808df476 "Assertion %s failed at %s:%d",
    ap=ap@entry=0xfffffe08a079ebf0)
    at /space/system/usr_src/sys/kern/kern_shutdownc:973
        buf = "Assertion !callout_active(&tp->t_callout) failed at
/space/system/usr_src/sys/netinet/tcp_subr.c:2386", '\000' <repeats 154
times>
        __pc = <optimized out>
        __pc = <optimized out>
        __pc = <optimized out>
        other_cpus = {__bits = {14680063, 0 <repeats 15 times>}}
        td = 0xfffff8068ef99740
        bootopt = <unavailable>
        newpanic = <optimized out>
#4  0xffffffff805301d3 in panic (fmt=<unavailable>)
    at /space/system/usr_src/sys/kern/kern_shutdown.c:889
        ap = {{gp_offset = 32, fp_offset = 48,
            overflow_arg_area = 0xfffffe08a079ec20,
            reg_save_area = 0xfffffe08a079ebc0}}
#5  0xffffffff806c9d8c in tcp_discardcb (tp=tp@entry=0xfffff80af441ba80)
    at /space/system/usr_src/sys/netinet/tcp_subr.c:2386
        inp = 0xfffff80af441ba80
        so = 0xfffff804d23d2780
        m = <optimized out>
        isipv6 = <optimized out>
#6  0xffffffff806d6291 in tcp_usr_detach (so=0xfffff804d23d2780)
    at /space/system/usr_src/sys/netinet/tcp_usrreq.c:214
        inp = 0xfffff80af441ba80
        tp = 0xfffff80af441ba80
#7  0xffffffff805dba57 in sofree (so=0xfffff804d23d2780)
    at /space/system/usr_src/sys/kern/uipc_socket.c:1205
        pr = 0xffffffff80a8bd18 <tcp_protosw>
#8  sorele_locked (so=so@entry=0xfffff804d23d2780)
    at /space/system/usr_src/sys/kern/uipc_socket.c:1232
No locals.
#9  0xffffffff805dc8c0 in soclose (so=0xfffff804d23d2780)
    at /space/system/usr_src/sys/kern/uipc_socket.c:1302
        lqueue = {tqh_first = 0xfffff8068ef99740,
          tqh_last = 0xfffffe08a079ed40}
        error = 0
        saved_vnet = 0x0
        last = <optimized out>
        listening = <optimized out>
#10 0xffffffff804ccbd1 in fo_close (fp=0xfffff805f2dfc500, td=<unavailable>)
    at /space/system/usr_src/sys/sys/file.h:390
No locals.
#11 _fdrop (fp=fp@entry=0xfffff805f2dfc500, td=<unavailable>,
    td@entry=0xfffff8068ef99740)
    at /space/system/usr_src/sys/kern/kern_descrip.c:3666
        count = <unavailable>
        error = <optimized out>
#12 0xffffffff804d02f3 in closef (fp=fp@entry=0xfffff805f2dfc500,
    td=td@entry=0xfffff8068ef99740)
    at /space/system/usr_src/sys/kern/kern_descrip.c:2839
        _error = 0
        _fp = 0xfffff805f2dfc500
        lf = {l_start = -8791759350504, l_len = -8791759350528, l_pid = 0,
          l_type = 0, l_whence = 0, l_sysid = 0}
        vp = <optimized out>
        fdtol = <optimized out>
        fdp = <optimized out>
#13 0xffffffff804cd50c in closefp_impl (fdp=0xfffffe07afebf860, fd=19,
    fp=0xfffff805f2dfc500, td=0xfffff8068ef99740, audit=<optimized out>)
    at /space/system/usr_src/sys/kern/kern_descrip.c:1315
        error = <optimized out>
#14 closefp (fdp=0xfffffe07afebf860, fd=19, fp=0xfffff805f2dfc500,
    td=0xfffff8068ef99740, holdleaders=true, audit=<optimized out>)
    at /space/system/usr_src/sys/kern/kern_descrip.c:1372
No locals.
#15 0xffffffff808597d6 in syscallenter (td=0xfffff8068ef99740)
    at /space/system/usr_src/sys/amd64/amd64/../../kern/subr_syscall.c:186
        se = 0xffffffff80a48330 <sysent+192>
        p = 0xfffffe07f29995c0
        sa = 0xfffff8068ef99b30
        error = <optimized out>
        sy_thr_static = <optimized out>
        traced = <optimized out>
#16 amd64_syscall (td=0xfffff8068ef99740, traced=0)
    at /space/system/usr_src/sys/amd64/amd64/trap.c:1192
        ksi = {ksi_link = {tqe_next = 0xfffffe08a079ef30,
            tqe_prev = 0xffffffff808588af <trap+2351>}, ksi_info = {
            si_signo = 1, si_errno = 0, si_code = 2015268872, si_pid = -512,
            si_uid = 2398721856, si_status = -2042,
            si_addr = 0xfffffe08a079ef40, si_value = {sival_int =
-1602621824,
              sival_ptr = 0xfffffe08a079ee80, sigval_int = -1602621824,
              sigval_ptr = 0xfffffe08a079ee80}, _reason = {_fault = {
                _trapno = 1489045984}, _timer = {_timerid = 1489045984,
                _overrun = 17999}, _mesgq = {_mqd = 1489045984}, _poll = {
                _band = 77306605406688}, _capsicum = {_syscall =
1489045984},
              __spare__ = {__spare1__ = 77306605406688, __spare2__ = {
                  1489814048, 17999, 208, 0, 0, 0, 992191072}}}},
          ksi_flags = 975329968, ksi_sigq = 0xffffffff8082f8f3
<Xinvlop+179>}
#17 <signal handler called>
No locals.
#18 0x00003af13b17fc9a in ?? ()
No symbol table info available.
Backtrace stopped: Cannot access memory at address 0x3af13a225ab8
---snip---

Any ideas?

Due to another issue in userland, I updated to 2024-02-11-212006, but I
have the above mentioned version and core still in a BE if needed.

Bye,
Alexander.

[-- Attachment #2 --]
<div dir="ltr">Hi,<div class="gmail_quote"><div dir="ltr"><br>I got a coredump with sources from 2024-02-10-144617 (GMT+0100):<br>---snip---<br>__curthread () at /space/system/usr_src/sys/amd64/include/pcpu_aux.h:57<br>57              __asm(&quot;movq %%gs:%P1,%0&quot; : &quot;=r&quot; (td) : &quot;n&quot; (offsetof(struct pcpu,<br>(kgdb) #0  __curthread () at /space/system/usr_src/sys/amd64/include/pcpu_aux.h:57<br>        td = &lt;optimized out&gt;<br>#1  doadump (textdump=textdump@entry=1)<br>    at /space/system/usr_src/sys/kern/kern_shutdown.c:403<br>        error = 0<br>        coredump = &lt;optimized out&gt;<br>#2  0xffffffff8052fe85 in kern_reboot (howto=260)<br>    at /space/system/usr_src/sys/kern/kern_shutdown.c:521<br>        once = 0<br>        __pc = &lt;optimized out&gt;<br>#3  0xffffffff80530382 in vpanic (<br>    fmt=0xffffffff808df476 &quot;Assertion %s failed at %s:%d&quot;,<br>    ap=ap@entry=0xfffffe08a079ebf0)<br>    at /space/system/usr_src/sys/kern/kern_shutdownc:973<br>        buf = &quot;Assertion !callout_active(&amp;tp-&gt;t_callout) failed at /space/system/usr_src/sys/netinet/tcp_subr.c:2386&quot;, &#39;\000&#39; &lt;repeats 154 times&gt;<br>        __pc = &lt;optimized out&gt;<br>        __pc = &lt;optimized out&gt;<br>        __pc = &lt;optimized out&gt;<br>        other_cpus = {__bits = {14680063, 0 &lt;repeats 15 times&gt;}}<br>        td = 0xfffff8068ef99740<br>        bootopt = &lt;unavailable&gt;<br>        newpanic = &lt;optimized out&gt;<br>#4  0xffffffff805301d3 in panic (fmt=&lt;unavailable&gt;)<br>    at /space/system/usr_src/sys/kern/kern_shutdown.c:889<br>        ap = {{gp_offset = 32, fp_offset = 48,<br>            overflow_arg_area = 0xfffffe08a079ec20,<br>            reg_save_area = 0xfffffe08a079ebc0}}<br>#5  0xffffffff806c9d8c in tcp_discardcb (tp=tp@entry=0xfffff80af441ba80)<br>    at /space/system/usr_src/sys/netinet/tcp_subr.c:2386<br>        inp = 0xfffff80af441ba80<br>        so = 0xfffff804d23d2780<br>        m = &lt;optimized out&gt;<br>        isipv6 = &lt;optimized out&gt;<br>#6  0xffffffff806d6291 in tcp_usr_detach (so=0xfffff804d23d2780)<br>    at /space/system/usr_src/sys/netinet/tcp_usrreq.c:214<br>        inp = 0xfffff80af441ba80<br>        tp = 0xfffff80af441ba80<br>#7  0xffffffff805dba57 in sofree (so=0xfffff804d23d2780)<br>    at /space/system/usr_src/sys/kern/uipc_socket.c:1205<br>        pr = 0xffffffff80a8bd18 &lt;tcp_protosw&gt;<br>#8  sorele_locked (so=so@entry=0xfffff804d23d2780)<br>    at /space/system/usr_src/sys/kern/uipc_socket.c:1232<br>No locals.<br>#9  0xffffffff805dc8c0 in soclose (so=0xfffff804d23d2780)<br>    at /space/system/usr_src/sys/kern/uipc_socket.c:1302<br>        lqueue = {tqh_first = 0xfffff8068ef99740,<br>          tqh_last = 0xfffffe08a079ed40}<br>        error = 0<br>        saved_vnet = 0x0<br>        last = &lt;optimized out&gt;<br>        listening = &lt;optimized out&gt;<br>#10 0xffffffff804ccbd1 in fo_close (fp=0xfffff805f2dfc500, td=&lt;unavailable&gt;)<br>    at /space/system/usr_src/sys/sys/file.h:390<br>No locals.<br>#11 _fdrop (fp=fp@entry=0xfffff805f2dfc500, td=&lt;unavailable&gt;,<br>    td@entry=0xfffff8068ef99740)<br>    at /space/system/usr_src/sys/kern/kern_descrip.c:3666<br>        count = &lt;unavailable&gt;<br>        error = &lt;optimized out&gt;<br>#12 0xffffffff804d02f3 in closef (fp=fp@entry=0xfffff805f2dfc500,<br>    td=td@entry=0xfffff8068ef99740)<br>    at /space/system/usr_src/sys/kern/kern_descrip.c:2839<br>        _error = 0<br>        _fp = 0xfffff805f2dfc500<br>        lf = {l_start = -8791759350504, l_len = -8791759350528, l_pid = 0,<br>          l_type = 0, l_whence = 0, l_sysid = 0}<br>        vp = &lt;optimized out&gt;<br>        fdtol = &lt;optimized out&gt;<br>        fdp = &lt;optimized out&gt;<br>#13 0xffffffff804cd50c in closefp_impl (fdp=0xfffffe07afebf860, fd=19,<br>    fp=0xfffff805f2dfc500, td=0xfffff8068ef99740, audit=&lt;optimized out&gt;)<br>    at /space/system/usr_src/sys/kern/kern_descrip.c:1315<br>        error = &lt;optimized out&gt;<br>#14 closefp (fdp=0xfffffe07afebf860, fd=19, fp=0xfffff805f2dfc500,<br>    td=0xfffff8068ef99740, holdleaders=true, audit=&lt;optimized out&gt;)<br>    at /space/system/usr_src/sys/kern/kern_descrip.c:1372<br>No locals.<br>#15 0xffffffff808597d6 in syscallenter (td=0xfffff8068ef99740)<br>    at /space/system/usr_src/sys/amd64/amd64/../../kern/subr_syscall.c:186<br>        se = 0xffffffff80a48330 &lt;sysent+192&gt;<br>        p = 0xfffffe07f29995c0<br>        sa = 0xfffff8068ef99b30<br>        error = &lt;optimized out&gt;<br>        sy_thr_static = &lt;optimized out&gt;<br>        traced = &lt;optimized out&gt;<br>#16 amd64_syscall (td=0xfffff8068ef99740, traced=0)<br>    at /space/system/usr_src/sys/amd64/amd64/trap.c:1192<br>        ksi = {ksi_link = {tqe_next = 0xfffffe08a079ef30,<br>            tqe_prev = 0xffffffff808588af &lt;trap+2351&gt;}, ksi_info = {<br>            si_signo = 1, si_errno = 0, si_code = 2015268872, si_pid = -512,<br>            si_uid = 2398721856, si_status = -2042,<br>            si_addr = 0xfffffe08a079ef40, si_value = {sival_int = -1602621824,<br>              sival_ptr = 0xfffffe08a079ee80, sigval_int = -1602621824,<br>              sigval_ptr = 0xfffffe08a079ee80}, _reason = {_fault = {<br>                _trapno = 1489045984}, _timer = {_timerid = 1489045984,<br>                _overrun = 17999}, _mesgq = {_mqd = 1489045984}, _poll = {<br>                _band = 77306605406688}, _capsicum = {_syscall = 1489045984},<br>              __spare__ = {__spare1__ = 77306605406688, __spare2__ = {<br>                  1489814048, 17999, 208, 0, 0, 0, 992191072}}}},<br>          ksi_flags = 975329968, ksi_sigq = 0xffffffff8082f8f3 &lt;Xinvlop+179&gt;}<br>#17 &lt;signal handler called&gt;<br>No locals.<br>#18 0x00003af13b17fc9a in ?? ()<br>No symbol table info available.<br>Backtrace stopped: Cannot access memory at address 0x3af13a225ab8<br>---snip---<br><br>Any ideas?<br><div><br></div><div>Due to another issue in userland, I updated to 2024-02-11-212006, but I have the above mentioned version and core still in a BE if needed.<br></div><div><br></div>Bye,<br>Alexander.<br></div>
</div></div>
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJg7qzH_c8JCKQvLPki6Cv7GRzaQs9vA-omSWBxnFTPy_9Rczw>