Date: Sun, 12 May 2024 16:43:43 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 278936] mqueuefs: Crashes when removing queue as user Message-ID: <bug-278936-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D278936 Bug ID: 278936 Summary: mqueuefs: Crashes when removing queue as user Product: Base System Version: 15.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: rbranco@suse.com A mounted mqueuefs crashes when removing queue as user. To reproduce: $ sudo mount -t mqueuefs none /mnt $ sudo touch /mnt/queue1 $ sudo rm -f /mnt/queue1 This only seems to crash on -CURRENT as I couldn't reproduce on -RELEASE or -STABLE. You can use the QEMU VM at=20 https://download.freebsd.org/snapshots/VM-IMAGES/15.0-CURRENT/amd64/Latest/= FreeBSD-15.0-CURRENT-amd64-ufs.qcow2.xz dmesg log: Fatal trap 9: general protection fault while in kernel mode cpuid =3D 1; apic id =3D 01 instruction pointer =3D 0x20:0xffffffff80ba8aae stack pointer =3D 0x28:0xfffffe0068c12e50 frame pointer =3D 0x28:0xfffffe0068c12ec0 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 0 (thread taskq) rdi: deadc0dedeadc0de rsi: 000000000000c0de rdx: 0000000000000000 rcx: 0000000000000001 r8: 0000000000000001 r9: 0000000000000000 rax: 0000000000000001 rbx: fffff800034f6400 rbp: fffffe0068c12ec0 r10: 0000000000010000 r11: 0000000000000001 r12: 0000000000000001 r13: 000000000000c0de r14: fffff800034f6458 r15: fffff80104001020 trap number =3D 9 panic: general protection fault cpuid =3D 1 time =3D 1715530856 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0068c12= b90 vpanic() at vpanic+0x13f/frame 0xfffffe0068c12cc0 panic() at panic+0x43/frame 0xfffffe0068c12d20 trap_fatal() at trap_fatal+0x40b/frame 0xfffffe0068c12d80 calltrap() at calltrap+0x8/frame 0xfffffe0068c12d80 --- trap 0x9, rip =3D 0xffffffff80ba8aae, rsp =3D 0xfffffe0068c12e50, rbp = =3D 0xfffffe0068c12ec0 --- taskqueue_run_locked() at taskqueue_run_locked+0x1be/frame 0xfffffe0068c12e= c0 taskqueue_thread_loop() at taskqueue_thread_loop+0xd3/frame 0xfffffe0068c12= ef0 fork_exit() at fork_exit+0x82/frame 0xfffffe0068c12f30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0068c12f30 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- KDB: enter: panic --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-278936-227>