Date: Wed, 09 Oct 2019 17:39:50 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 241162] Panic in closefp() triggered by nginx Message-ID: <bug-241162-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D241162 Bug ID: 241162 Summary: Panic in closefp() triggered by nginx Product: Base System Version: 12.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: amdmi3@FreeBSD.org FreeBSD ihor-4.amdmi3.ru 12.0-RELEASE-p10 FreeBSD 12.0-RELEASE-p10 GENERIC= =20 amd64 running under KVM just panicked after 110d uptime. Reading symbols from /boot/kernel/kernel... Reading symbols from /usr/lib/debug//boot/kernel/kernel.debug... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid =3D 0; apic id =3D 00 fault virtual address =3D 0x8 fault code =3D supervisor read data, page not present instruction pointer =3D 0x20:0xffffffff80c2f0f0 stack pointer =3D 0x28:0xfffffe0022b15790 frame pointer =3D 0x28:0xfffffe0022b157c0 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 64606 (nginx) trap number =3D 12 panic: page fault cpuid =3D 0 time =3D 1570625343 KDB: stack backtrace: #0 0xffffffff80be7977 at kdb_backtrace+0x67 #1 0xffffffff80b9b563 at vpanic+0x1a3 #2 0xffffffff80b9b3b3 at panic+0x43 #3 0xffffffff81074bff at trap_fatal+0x35f #4 0xffffffff81074c59 at trap_pfault+0x49 #5 0xffffffff8107427e at trap+0x29e #6 0xffffffff8104f705 at calltrap+0x8 #7 0xffffffff80c2e1f8 at sbdestroy+0x28 #8 0xffffffff80c30a55 at sofree+0x285 #9 0xffffffff80c31600 at soclose+0x330 #10 0xffffffff80b4363a at _fdrop+0x1a #11 0xffffffff80b466e4 at closef+0x244 #12 0xffffffff80b43b69 at closefp+0x99 #13 0xffffffff810756d9 at amd64_syscall+0x369 #14 0xffffffff8104ffed at fast_syscall_common+0x101 Uptime: 110d17h32m42s Dumping 394 out of 3033 MB:..5%..13%..21%..33%..41%..53%..61%..74%..82%..94% 0xffffffff80b9b32b in __curthread () at ./machine/pcpu.h:234 234 ./machine/pcpu.h: No such file or directory. (kgdb) bt #0 0xffffffff80b9b32b in __curthread () at ./machine/pcpu.h:234 #1 vpanic (fmt=3D0x0, ap=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:808 #2 0xffffffff80b9b14b in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:449 #3 0xffffffff80b9b5c3 in kthread_shutdown (arg=3D0x100, howto=3D<optimized= out>) at /usr/src/sys/kern/kern_shutdown.c:940 #4 0xffffffff80b9b3b3 in vpanic (fmt=3D0xffffffff8127ebc7 "supervisor", ap=3D0xfffffe0022b154e0) at /usr/src/sys/kern/kern_shutdown.c:823 #5 0xffffffff81074bff in trap_fatal (frame=3D0xfffffe0022b156d0, eva=3D18446741875268343056) at /usr/src/sys/amd64/amd64/trap.c:929 #6 0xffffffff81074c59 in trap_pfault (frame=3D0xfffffe0022b156d0, usermode= =3D0) at /usr/src/sys/amd64/amd64/trap.c:765 #7 0xffffffff8107427e in trap (frame=3D0xfffffe0022b156d0) at /usr/src/sys/amd64/amd64/trap.c:441 #8 <signal handler called> #9 0xffffffff80c2f0f0 in sbcut_internal (sb=3D0xfffff800b351a828, len=3D<o= ptimized out>) at /usr/src/sys/kern/uipc_sockbuf.c:1163 #10 0xffffffff80c2e1f8 in sbappend_locked (sb=3D0xfffff800b351a828, m=3D0x1= 56f, flags=3D<optimized out>) at /usr/src/sys/kern/uipc_sockbuf.c:668 #11 0xffffffff80c30a55 in sofree (so=3D0xfffff800b351a828) at /usr/src/sys/kern/uipc_socket.c:1005 #12 0xffffffff80c31600 in atomic_fcmpset_long (dst=3D<optimized out>, src= =3D0, expect=3D<optimized out>) at ./machine/atomic.h:221 #13 soclose (so=3D<optimized out>) at /usr/src/sys/kern/uipc_socket.c:1141 #14 0xffffffff80b4363a in ia32_pause () at /usr/src/sys/sys/seq.h:130 #15 seq_read (seqp=3D0x0) at /usr/src/sys/sys/seq.h:131 #16 fget_unlocked (fdp=3D0xfffff8002268e4b0, fd=3D5487, needrightsp=3D0xfffff800aef35000, fpp=3D0xfffff8002268e4b0, seqp=3D0xfffff8008a975000) at /usr/src/sys/kern/kern_descrip.c:2652 #17 0xffffffff80b466e4 in atomic_fcmpset_long (src=3D1, dst=3D<optimized ou= t>, expect=3D<optimized out>) at ./machine/atomic.h:221 #18 __sx_xunlock (line=3D0, sx=3D<optimized out>, td=3D<optimized out>, file=3D<optimized out>) at /usr/src/sys/sys/sx.h:179 #19 fdclose (td=3D<optimized out>, fp=3D<optimized out>, idx=3D-1969795008)= at /usr/src/sys/kern/kern_descrip.c:2386 #20 0xffffffff80b43b69 in closefp (fdp=3D0xfffff8008a975000, fd=3D<optimize= d out>, fp=3D<optimized out>, td=3D0xfffff800aef35000, holdleaders=3D0) at /usr/src/sys/kern/kern_descrip.c:1202 #21 0xffffffff810756d9 in syscallenter (td=3D<optimized out>) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 #22 amd64_syscall (td=3D0xfffff800aef35000, traced=3D0) at /usr/src/sys/amd64/amd64/trap.c:1076 #23 <signal handler called> #24 0x000000080097009a in ?? () Backtrace stopped: Cannot access memory at address 0x7fffffffe6e8 (kgdb) bt full #0 0xffffffff80b9b32b in __curthread () at ./machine/pcpu.h:234 td =3D <optimized out> #1 vpanic (fmt=3D0x0, ap=3D0x0) at /usr/src/sys/kern/kern_shutdown.c:808 buf =3D "page fault", '\000' <repeats 245 times> td =3D <optimized out> bootopt =3D <optimized out> newpanic =3D <optimized out> other_cpus =3D <optimized out> #2 0xffffffff80b9b14b in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:449 _ep =3D 0x0 _t =3D <optimized out> _el =3D <optimized out> once =3D <error reading variable once (Cannot access memory at addr= ess 0x0)> #3 0xffffffff80b9b5c3 in kthread_shutdown (arg=3D0x100, howto=3D<optimized= out>) at /usr/src/sys/kern/kern_shutdown.c:940 td =3D 0x100 error =3D <optimized out> #4 0xffffffff80b9b3b3 in vpanic (fmt=3D0xffffffff8127ebc7 "supervisor", ap=3D0xfffffe0022b154e0) at /usr/src/sys/kern/kern_shutdown.c:823 buf =3D "page fault", '\000' <repeats 245 times> td =3D 0xfffff800aef35000 bootopt =3D <optimized out> newpanic =3D <optimized out> other_cpus =3D <optimized out> #5 0xffffffff81074bff in trap_fatal (frame=3D0xfffffe0022b156d0, eva=3D18446741875268343056) at /usr/src/sys/amd64/amd64/trap.c:929 softseg =3D {ssd_base =3D 0, ssd_limit =3D 1048575, ssd_type =3D 27= , ssd_dpl =3D 0, ssd_p =3D 1, ssd_long =3D 1, ssd_def32 =3D 0, ssd_gran =3D 1} msg =3D <optimized out> ss =3D 16 code =3D <optimized out> type =3D <optimized out> handled =3D <optimized out> #6 0xffffffff81074c59 in trap_pfault (frame=3D0xfffffe0022b156d0, usermode= =3D0) at /usr/src/sys/amd64/amd64/trap.c:765 td =3D 0xfffff800aef35000 p =3D <optimized out> eva =3D 8 va =3D <optimized out> map =3D <optimized out> ftype =3D <optimized out> rv =3D <optimized out> #7 0xffffffff8107427e in trap (frame=3D0xfffffe0022b156d0) at /usr/src/sys/amd64/amd64/trap.c:441 td =3D 0xfffff800aef35000 dr6 =3D <error reading variable dr6 (Cannot access memory at address 0x0)> addr =3D -8795947097504 ucode =3D <error reading variable ucode (Cannot access memory at ad= dress 0x3)> signo =3D <error reading variable signo (Cannot access memory at ad= dress 0xa)> p =3D <optimized out> type =3D 12 ksi =3D <optimized out> #8 <signal handler called> No locals. #9 0xffffffff80c2f0f0 in sbcut_internal (sb=3D0xfffff800b351a828, len=3D<o= ptimized out>) at /usr/src/sys/kern/uipc_sockbuf.c:1163 m =3D 0x0 next =3D <optimized out> mfree =3D <optimized out> #10 0xffffffff80c2e1f8 in sbappend_locked (sb=3D0xfffff800b351a828, m=3D0x1= 56f, flags=3D<optimized out>) at /usr/src/sys/kern/uipc_sockbuf.c:668 n =3D 0x1ff #11 0xffffffff80c30a55 in sofree (so=3D0xfffff800b351a828) at /usr/src/sys/kern/uipc_socket.c:1005 _tid =3D <optimized out> _v =3D <error reading variable _v (Cannot access memory at address = 0x0)> sol =3D <optimized out> pr =3D 0xffffffff81b23290 <localsw> #12 0xffffffff80c31600 in atomic_fcmpset_long (dst=3D<optimized out>, src= =3D0, expect=3D<optimized out>) at ./machine/atomic.h:221 res =3D <optimized out> #13 soclose (so=3D<optimized out>) at /usr/src/sys/kern/uipc_socket.c:1141 _v =3D <optimized out> sp =3D <optimized out> error =3D <error reading variable error (Cannot access memory at ad= dress 0x0)> saved_vnet =3D <optimized out> lqueue =3D <optimized out> listening =3D <optimized out> #14 0xffffffff80b4363a in ia32_pause () at /usr/src/sys/sys/seq.h:130 No locals. #15 seq_read (seqp=3D0x0) at /usr/src/sys/sys/seq.h:131 ret =3D 577299632 #16 fget_unlocked (fdp=3D0xfffff8002268e4b0, fd=3D5487, needrightsp=3D0xfffff800aef35000, fpp=3D0xfffff8002268e4b0, seqp=3D0xfffff8008a975000) at /usr/src/sys/kern/kern_descrip.c:2652 fdt =3D 0xfffff8008a975000 count =3D <optimized out> haverights =3D {cr_rights =3D {18446735280551710720, 18446735278193= 829040}} fp =3D <optimized out> seq =3D <optimized out> error =3D <optimized out> fde =3D <optimized out> #17 0xffffffff80b466e4 in atomic_fcmpset_long (src=3D1, dst=3D<optimized ou= t>, expect=3D<optimized out>) at ./machine/atomic.h:221 res =3D 255 '\377' #18 __sx_xunlock (line=3D0, sx=3D<optimized out>, td=3D<optimized out>, file=3D<optimized out>) at /usr/src/sys/sys/sx.h:179 x =3D 18446744071573878330 #19 fdclose (td=3D<optimized out>, fp=3D<optimized out>, idx=3D-1969795008)= at /usr/src/sys/kern/kern_descrip.c:2386 fdp =3D 0xfffff800aef35000 #20 0xffffffff80b43b69 in closefp (fdp=3D0xfffff8008a975000, fd=3D<optimize= d out>, fp=3D<optimized out>, td=3D0xfffff800aef35000, holdleaders=3D0) at /usr/src/sys/kern/kern_descrip.c:1202 error =3D 577299632 #21 0xffffffff810756d9 in syscallenter (td=3D<optimized out>) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:135 p =3D <optimized out> error =3D <optimized out> sa =3D 0xfffff800aef353b0 traced =3D <optimized out> _v =3D <optimized out> _tid =3D <optimized out> _v =3D <optimized out> _v =3D <optimized out> _tid =3D <optimized out> _v =3D <optimized out> _v =3D <optimized out> _tid =3D <optimized out> _v =3D <optimized out> _v =3D <optimized out> _tid =3D <optimized out> _v =3D <optimized out> #22 amd64_syscall (td=3D0xfffff800aef35000, traced=3D0) at /usr/src/sys/amd64/amd64/trap.c:1076 ksi =3D <optimized out> error =3D <optimized out> #23 <signal handler called> No locals. #24 0x000000080097009a in ?? () No symbol table info available. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-241162-227>