Date: Mon, 19 Jul 2021 07:43:56 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 257268] [Panic] Reproducible panic via kyua test netpfil/common/tos:ipfw_tos Message-ID: <bug-257268-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D257268 Bug ID: 257268 Summary: [Panic] Reproducible panic via kyua test netpfil/common/tos:ipfw_tos Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: gbe@FreeBSD.org When running the kyua test suite as root on a recent -CURRENT (virtualized = via Hyper-V) I get the following kernel panic. ---------------------------------------------------------------------------- Panic: Bad link elm 0xfffff8003d66ffd8 prev->next !=3D elm cpuid =3D 0 time =3D 1626335568 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe005b5cf= 770 vpanic() at vpanic+0x187/frame 0xfffffe005b5cf7d0 panic() at panic+0x43/frame 0xfffffe005b5cf830 zone_release() at zone_release+0x413/frame 0xfffffe005b5cf890 bucket_drain() at bucket_drain+0x1fd/frame 0xfffffe005b5cf8d0 bucket_free() at bucket_free+0x25/frame 0xfffffe005b5cf900 zone_dtor() at zone_dtor+0xd6/frame 0xfffffe005b5cf930 zone_free_item() at zone_free_item+0x13f/frame 0xfffffe005b5cf980 uma_zdestroy() at uma_zdestroy+0x53/frame 0xfffffe005b5cf9a0 in_pcbinfo_destroy() at in_pcbinfo_destroy+0x64/frame 0xfffffe005b5cf9c0 tcp_destroy() at tcp_destroy+0xd0/frame 0xfffffe005b5cf9f0 vnet_destroy() at vnet_destroy+0x170/frame 0xfffffe005b5cfa20 prison_deref() at prison_deref+0x9b0/frame 0xfffffe005b5cfa90 sys_jail_remove() at sys_jail_remove+0x119/frame 0xfffffe005b5cfac0 amd64_syscall() at amd64_syscall+0x5c0/frame 0xfffffe005b5cfbf0 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe005b5cfbf0 --- syscall (508, FreeBSD ELF64, sys_jail_remove), rip =3D 0x77b7a3746fa, r= sp =3D 0x7fffffbb1d98, rbp =3D 0x7fffffbb1e30 --- Uptime: 16h0m9s ---------------------------------------------------------------------------- Backtrace is the following #0 __curthread () at /boiler/nfs/src/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=3Dtextdump@entry=3D1) at /boiler/nfs/src/sys/kern/kern_shutdown.c:399 #2 0xffffffff80c20da0 in kern_reboot (howto=3D260) at /boiler/nfs/src/sys/kern/kern_shutdown.c:486 #3 0xffffffff80c21206 in vpanic (fmt=3D0xffffffff812e6754 "Bad link elm %p prev->next !=3D elm", ap=3D<optimized out>) at /boiler/nfs/src/sys/kern/kern_shutdown.c:919 #4 0xffffffff80c20f53 in panic (fmt=3D<unavailable>) at /boiler/nfs/src/sys/kern/kern_shutdown.c:843 #5 0xffffffff80f6f663 in slab_free_item (zone=3D0xfffff8000cb68280, slab=3D0xfffff8003d66ffd8, item=3D0xfffff8003d66fd90) at /boiler/nfs/src/sys/vm/uma_core.c:4733 #6 zone_release (arg=3D<optimized out>, bucket=3D0xfffff8003a339810, cnt=3D<optimized out>) at /boiler/nfs/src/sys/vm/uma_core.c:4729 #7 0xffffffff80f75e0d in bucket_drain (zone=3Dzone@entry=3D0xfffff8000cb68= 280, bucket=3Dbucket@entry=3D0xfffff8003a339800) at /boiler/nfs/src/sys/vm/uma_core.c:1308 #8 0xffffffff80f75b85 in bucket_free (zone=3Dzone@entry=3D0xfffff8000cb682= 80, bucket=3D0xfffff8003a339800, udata=3Dudata@entry=3D0x0) at /boiler/nfs/src/sys/vm/uma_core.c:520 #9 0xffffffff80f6e856 in cache_drain (zone=3D0xfffff8000cb68280) at /boiler/nfs/src/sys/vm/uma_core.c:1353 #10 zone_dtor (arg=3D0xfffff8000cb68280, arg@entry=3D<error reading variabl= e: value is not available>, size=3D<unavailable>, size@entry=3D<error reading variable: value is not available>, udata=3D<unavailable>, udata@entry=3D<error reading variable: value is not available>) at /boiler/nfs/src/sys/vm/uma_core.c:2970 #11 0xffffffff80f6f7bf in item_dtor (zone=3D0xfffff80002f01000, item=3D0xfffff8000cb68280, size=3D640, udata=3D0x0, skip=3DSKIP_NONE) at /boiler/nfs/src/sys/vm/uma_core.c:3433 #12 zone_free_item (zone=3D0xfffff80002f01000, item=3D<optimized out>, item@entry=3D0xfffff8000cb68280, udata=3Dudata@entry=3D0x0, skip=3Dskip@entry=3DSKIP_NONE) at /boiler/nfs/src/sys/vm/uma_core.c:4757 #13 0xffffffff80f6f223 in uma_zdestroy (zone=3D0xfffff8000cb68280) at /boiler/nfs/src/sys/vm/uma_core.c:3321 #14 0xffffffff80ddf674 in in_pcbinfo_destroy (pcbinfo=3D0xfffffe009a3b2788)= at /boiler/nfs/src/sys/netinet/in_pcb.c:573 #15 0xffffffff80e16820 in tcp_destroy (unused=3D<optimized out>) at /boiler/nfs/src/sys/netinet/tcp_subr.c:1554 #16 0xffffffff80d81730 in vnet_sysuninit () at /boiler/nfs/src/sys/net/vnet.c:601 #17 vnet_destroy (vnet=3D0xfffff8004c41b5c0) at /boiler/nfs/src/sys/net/vnet.c:287 #18 0xffffffff80be2dd0 in prison_deref (pr=3D<optimized out>, pr@entry=3D0xfffff8004a4dd000, flags=3D<optimized out>, flags@entry=3D84) at /boiler/nfs/src/sys/kern/kern_jail.c:2850 #19 0xffffffff80be3fa9 in sys_jail_remove (td=3D<optimized out>, td@entry= =3D<error reading variable: value is not available>, uap=3D<optimized out>, uap@entry=3D<error reading variable: value is not available>) at /boiler/nfs/src/sys/kern/kern_jail.c:2305 #20 0xffffffff810ecd60 in syscallenter (td=3D<optimized out>) at /boiler/nfs/src/sys/amd64/amd64/../../kern/subr_syscall.c:161 #21 amd64_syscall (td=3D0xfffffe00988041e0, traced=3D0) at /boiler/nfs/src/sys/amd64/amd64/trap.c:1185 #22 <signal handler called> #23 0x0000077b7a3746fa in ?? () Backtrace stopped: Cannot access memory at address 0x7fffffbb1d98 KERNCONF include GENERIC options RATELIMIT options TCPHPTS options KERN_TLS options ROUTE_MPATH options FIB_ALGO options RANDOM_FENESTRASX src.conf WITH_EXTRA_TCP_STACKS=3D1 WITH_BEARSSL=3D1 WITH_PIE=3D1 WITH_RETPOLINE=3D1 WITH_INIT_ALL_ZERO=3D1 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-257268-227>