Date: Wed, 14 Jun 2023 11:44:34 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 271991] Crash on some network packets with fresh stable Message-ID: <bug-271991-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271991 Bug ID: 271991 Summary: Crash on some network packets with fresh stable Product: Base System Version: 13.2-STABLE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: rozhuk.im@gmail.com System was run with uptime few month before first crash, then after few cra= shes it was updated to stable/13-n255603-6621273c100 (less than 1 day ago). Now it continue crash time to time. Unread portion of the kernel message buffer: [3032] [3032] [3032] Fatal trap 12: page fault while in kernel mode [3032] cpuid =3D 10; apic id =3D 0a [3032] fault virtual address =3D 0x1b96 [3032] fault code =3D supervisor read data, page not present [3032] instruction pointer =3D 0x20:0xffffffff808f2120 [3032] stack pointer =3D 0x28:0xfffffe0154f37620 [3032] frame pointer =3D 0x28:0xfffffe0154f37620 [3032] code segment =3D base 0x0, limit 0xfffff, type 0x1b [3032] =3D DPL 0, pres 1, long 1, def32 0, gran 1 [3032] processor eflags =3D interrupt enabled, resume, IOPL =3D 0 [3032] current process =3D 11 (swi1: netisr 10) [3032] trap number =3D 12 [3032] panic: page fault [3032] cpuid =3D 10 [3032] time =3D 1686742015 [3032] KDB: stack backtrace: [3032] #0 0xffffffff8062e65b at kdb_backtrace+0x6b [3032] #1 0xffffffff805e5282 at vpanic+0x152 [3032] #2 0xffffffff805e5123 at panic+0x43 [3032] #3 0xffffffff808f68b7 at trap_fatal+0x387 [3032] #4 0xffffffff808f690f at trap_pfault+0x4f [3032] #5 0xffffffff808cdbae at calltrap+0x8 [3032] #6 0xffffffff806682a5 at m_pullup+0x1b5 [3032] #7 0xffffffff817424df at ng_bpf_rcvdata+0x4f [3032] #8 0xffffffff81739777 at ng_apply_item+0x207 [3032] #9 0xffffffff8173925c at ng_snd_item+0x1cc [3032] #10 0xffffffff81733bdd at ng_ether_output+0x5d [3032] #11 0xffffffff807039b7 at ether_output+0x6c7 [3032] #12 0xffffffff80759cc6 at ip_output_send+0xe6 [3032] #13 0xffffffff807599f3 at ip_output+0xff3 [3032] #14 0xffffffff8076e688 at tcp_output+0x1cf8 [3032] #15 0xffffffff80764f08 at tcp_do_segment+0x2258 [3032] #16 0xffffffff807622d4 at tcp_input_with_port+0xa54 [3032] #17 0xffffffff80762c2b at tcp_input+0xb [3032] Uptime: 50m32s [3032] Dumping 2895 out of 65450 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91% __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 55 __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n" (offsetof(stru= ct pcpu, (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=3D<optimized out>) at ../../../sys/kern/kern_shutdown.c:396 #2 0xffffffff805e4e78 in kern_reboot (howto=3D260) at ../../../sys/kern/kern_shutdown.c:484 #3 0xffffffff805e52ef in vpanic (fmt=3D<optimized out>, ap=3Dap@entry=3D0xfffffe0154f37470) at ../../../sys/kern/kern_shutdown.= c:923 #4 0xffffffff805e5123 in panic (fmt=3D<unavailable>) at ../../../sys/kern/kern_shutdown.c:847 #5 0xffffffff808f68b7 in trap_fatal (frame=3D0xfffffe0154f37560, eva=3D706= 2) at ../../../sys/amd64/amd64/trap.c:942 #6 0xffffffff808f690f in trap_pfault (frame=3D0xfffffe0154f37560, usermode=3Dfalse, signo=3D<optimized out>, ucode=3D<optimized out>) at ../../../sys/amd64/amd64/trap.c:761 #7 <signal handler called> #8 memmove_std () at /usr/src/sys/amd64/amd64/support.S:535 #9 0xffffffff806682a5 in m_pullup (n=3D0xfffff80043a37e00, n@entry=3D0xfffff8027c962b00, len=3D101, len@entry=3D167) at ../../../sys/kern/uipc_mbuf.c:926 #10 0xffffffff817424df in ng_bpf_rcvdata (hook=3D<optimized out>, item=3D0xfffff800949d3680) at ../../../../../../../../../../sys/netgraph/ng_bpf.c:457 #11 0xffffffff81739777 in ng_apply_item (node=3Dnode@entry=3D0xfffff800021a= 1600, item=3Ditem@entry=3D0xfffff800949d3680, rw=3D101) at ../../../../../../../../../../sys/netgraph/ng_base.c:2406 #12 0xffffffff8173925c in ng_snd_item (item=3Ditem@entry=3D0xfffff800949d36= 80, flags=3Dflags@entry=3D0) at ../../../../../../../../../../sys/netgraph/ng_base.c:2323 #13 0xffffffff81733bdd in ng_ether_output (ifp=3D<optimized out>, mp=3D0xfffffe0154f377d8) at ../../../../../../../../../../sys/netgraph/ng_ether.c:294 #14 0xffffffff807039b7 in ether_output (ifp=3D<optimized out>, m=3D0xfffff8027c962b00, dst=3D<optimized out>, ro=3D<optimized out>) at ../../../sys/net/if_ethersubr.c:431 #15 0xffffffff80759cc6 in ip_output_send (inp=3Dinp@entry=3D0xfffff80043e9d= ba0, ifp=3D0xfffff8024fc0e89a, m=3D0x1b96, gw=3D0x65, gw@entry=3D0xfffff8002= 3a91d04, ro=3D0xfffff8024fc0cd04, ro@entry=3D0xfffff80043e9dd30, stamp_tag=3D<optimized out>) at ../../../sys/netinet/ip_output.c:277 #16 0xffffffff807599f3 in ip_output (m=3D<optimized out>, m@entry=3D0xfffff8027c962b00, opt=3D<optimized out>, ro=3D<optimized ou= t>, flags=3D0, imo=3Dimo@entry=3D0x0, inp=3D0xfffff80043e9dba0) at ../../../sys/netinet/ip_output.c:799 #17 0xffffffff8076e688 in tcp_output (tp=3D0xfffffe01664e3950) at ../../../sys/netinet/tcp_output.c:1541 #18 0xffffffff80764f08 in tcp_do_segment (m=3D0xfffff80320b4b100, th=3D<optimized out>, so=3D<optimized out>, tp=3D0xfffffe01664e3950, drop_hdrlen=3D52, tlen=3D<optimized out>, iptos=3D32 ' ') at ../../../sys/netinet/tcp_input.c:3339 #19 0xffffffff807622d4 in tcp_input_with_port (mp=3D<optimized out>, offp=3D<optimized out>, proto=3D<optimized out>, port=3Dport@entry=3D0) at ../../../sys/netinet/tcp_input.c:1179 #20 0xffffffff80762c2b in tcp_input (mp=3D0xfffff8024fc0e89a, offp=3D0x1b96, proto=3D101) at ../../../sys/netinet/tcp_input.c:1517 #21 0xffffffff80756325 in ip_input (m=3D0x0) at ../../../sys/netinet/ip_input.c:845 #22 0xffffffff80728948 in netisr_process_workstream_proto ( nwsp=3D0xfffffe006ce416c0, proto=3D1) at ../../../sys/net/netisr.c:919 #23 swi_net (arg=3D0xfffffe006ce416c0) at ../../../sys/net/netisr.c:966 #24 0xffffffff805b1101 in intr_event_execute_handlers (ie=3D0xfffff80001c8d= c00, p=3D<optimized out>) at ../../../sys/kern/kern_intr.c:1169 #25 ithread_execute_handlers (ie=3D0xfffff80001c8dc00, p=3D<optimized out>) at ../../../sys/kern/kern_intr.c:1182 #26 ithread_loop (arg=3D0xfffff80001cee340) at ../../../sys/kern/kern_intr.c:1270 #27 0xffffffff805ade66 in fork_exit ( callout=3D0xffffffff805b0ec0 <ithread_loop>, arg=3D0xfffff80001cee340, frame=3D0xfffffe0154f37f40) at ../../../sys/kern/kern_fork.c:1094 #28 <signal handler called> (kgdb) Netgraph: https://reviews.freebsd.org/D30175 ng_bpf_enable=3D"YES" ng_bpf_profiles=3D"vlan886" ng_bpf_vlan886_in=3D"ip and tcp and ip[6] & 64 =3D 0 and ip[8]>128 and tcp[tcpflags] =3D=3D tcp-rst" --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-271991-227>