Date: Wed, 18 Mar 2026 13:05:18 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 293897] USB unplug panics inside bhyve (PCI passthrough) Message-ID: <bug-293897-227@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=293897 Bug ID: 293897 Summary: USB unplug panics inside bhyve (PCI passthrough) Product: Base System Version: 16.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: christos@freebsd.org I have a bhyve VM running -CURRENT, using PCI passthrough to use my USB bus inside bhyve. The following panic happens after plugging a USB device, and simply unplugging it. Although I didn't track it down further, when I reboot using "reboot", as opposed to "reboot/s" inside KDB to restart the VM, it crashed my host machine as well and it had to reboot. But I don't have further information on this. --- root@freebsd:/mnt/src # ugen0.4: <AKAI professional LLC LPK25> at usbus0 uaudio0 on uhub0 uaudio0: <AKAI professional LLC LPK25, class 0/0, rev 1.10/1.00, addr 3> on usbus0 uaudio0: No playback. uaudio0: No recording. uaudio0: MIDI sequencer. uaudio0: No HID volume keys found. ugen0.4: <AKAI professional LLC LPK25> at usbus0 (disconnected) uaudio0: at uhub0, port 2, addr 3 (disconnected) uaudio0: detached Fatal trap 12: page fault while in kernel mode cpuid = 3; apic id = 03 fault virtual address = 0x8 fault code = supervisor read data, page not present instruction pointer = 0x20:0xffffffff80bf07ec stack pointer = 0x28:0xfffffe008d64db20 frame pointer = 0x28:0xfffffe008d64dcd0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 14 (usbus0) rdi: fffffe00cf510b50 rsi: 0000000000000009 rdx: ffffffff811dacda rcx: fffff8010247a780 r8: 0000000000000a6d r9: deadc0dedeadc0de rax: 0000000000000000 rbx: 0000000000000000 rbp: fffffe008d64dcd0 r10: ffffffff811dacda r11: 0000000000010000 r12: 0000000000000a6d r13: 0000000000000009 r14: ffffffff811dacda r15: fffffe00cf510b50 trap number = 12 panic: page fault cpuid = 3 time = 1773842470 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe008d64d850 vpanic() at vpanic+0x13f/frame 0xfffffe008d64d980 panic() at panic+0x43/frame 0xfffffe008d64d9e0 trap_pfault() at trap_pfault+0x422/frame 0xfffffe008d64da50 calltrap() at calltrap+0x8/frame 0xfffffe008d64da50 --- trap 0xc, rip = 0xffffffff80bf07ec, rsp = 0xfffffe008d64db20, rbp = 0xfffffe008d64dcd0 --- witness_checkorder() at witness_checkorder+0x7c/frame 0xfffffe008d64dcd0 __mtx_lock_flags() at __mtx_lock_flags+0x91/frame 0xfffffe008d64dd20 knlist_cleardel() at knlist_cleardel+0x57/frame 0xfffffe008d64dd70 usb_fifo_free() at usb_fifo_free+0x1e1/frame 0xfffffe008d64dda0 usb_unconfigure() at usb_unconfigure+0x95/frame 0xfffffe008d64dde0 usb_free_device() at usb_free_device+0x1aa/frame 0xfffffe008d64de20 uhub_explore() at uhub_explore+0x2ad/frame 0xfffffe008d64dea0 usb_bus_explore() at usb_bus_explore+0x119/frame 0xfffffe008d64dec0 usb_process() at usb_process+0xf0/frame 0xfffffe008d64def0 fork_exit() at fork_exit+0x82/frame 0xfffffe008d64df30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe008d64df30 --- trap 0, rip = 0, rsp = 0, rbp = 0 --- KDB: enter: panic [ thread pid 14 tid 100118 ] Stopped at kdb_enter+0x33: movq $0,0x1624902(%rip) db> -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-293897-227>