Date: Tue, 14 Jun 2022 15:34:43 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 264257] [tcp] Panic: Fatal trap 12: page fault while in kernel mode (if_io_tqg_4) - m_copydata ... at /usr/src/sys/kern/uipc_mbuf.c:659 Message-ID: <bug-264257-7501-jcJDGnYbMb@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-264257-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-264257-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264257 --- Comment #50 from Dmitriy <supportme@ukr.net> --- After applying the patch comment#34 and with options INVARIANTS options INVARIANT_SUPPORT in kernel, system goin to panic in 5-40 minutes (tried 3 times, all the same place), with following trace: Unread portion of the kernel message buffer: panic: tcp_output: snd_max beyond so_snd cpuid =3D 12 time =3D 1655213044 KDB: stack backtrace: #0 0xffffffff808d8f01 at kdb_backtrace+0x71 #1 0xffffffff8086f797 at vpanic+0x227 #2 0xffffffff8086f2be at panic+0x4e #3 0xffffffff80ab3551 at tcp_output+0x32a1 #4 0xffffffff80aa2722 at tcp_do_segment+0x2e72 #5 0xffffffff80a9ec35 at tcp_input_with_port+0x1be5 #6 0xffffffff80a9f777 at tcp_input+0x27 #7 0xffffffff80a87061 at ip_input+0xdd1 #8 0xffffffff80a4023f at netisr_dispatch_src+0x1df #9 0xffffffff80a407a1 at netisr_dispatch+0x21 #10 0xffffffff80a11266 at ether_demux+0x306 #11 0xffffffff80a13c10 at ether_input_internal+0x9e0 #12 0xffffffff80a13221 at ether_nh_input+0xb1 #13 0xffffffff80a4023f at netisr_dispatch_src+0x1df #14 0xffffffff80a407a1 at netisr_dispatch+0x21 #15 0xffffffff80a11b09 at ether_input+0x1a9 #16 0xffffffff80a3a925 at iflib_rxeof+0x895 #17 0xffffffff80a2e4e5 at _task_fn_rx+0xd5 Uptime: 43m43s Dumping 9369 out of 261999 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%.= .91% doadump (textdump=3D1) at /usr/src/sys/kern/kern_shutdown.c:399 399 dumptid =3D curthread->td_tid; (kgdb) bt #0 doadump (textdump=3D1) at /usr/src/sys/kern/kern_shutdown.c:399 #1 0xffffffff8086efd3 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:487 #2 0xffffffff8086f84f in vpanic (fmt=3D0xffffffff80f390c8 "%s: snd_max bey= ond so_snd", ap=3D0xfffffe027ac92320) at /usr/src/sys/kern/kern_shutdown.c:920 #3 0xffffffff8086f2be in panic (fmt=3D0xffffffff80f390c8 "%s: snd_max beyo= nd so_snd") at /usr/src/sys/kern/kern_shutdown.c:844 #4 0xffffffff80ab3551 in tcp_output (tp=3D0xfffffe04709abca8) at /usr/src/sys/netinet/tcp_output.c:1583 #5 0xffffffff80aa2722 in tcp_do_segment (m=3D0xfffff801ef8be500, th=3D0xfffff801ef8be57a, so=3D0xfffff8061cdc8b10, tp=3D0xfffffe04709abca8, drop_hdrlen=3D41, tlen=3D0, iptos=3D0 '\000') at /usr/src/sys/netinet/tcp_input.c:2713 #6 0xffffffff80a9ec35 in tcp_input_with_port (mp=3D0xfffffe027ac929c8, offp=3D0xfffffe027ac92968, proto=3D6, port=3D0) at /usr/src/sys/netinet/tcp_input.c:1400 #7 0xffffffff80a9f777 in tcp_input (mp=3D0xfffffe027ac929c8, offp=3D0xfffffe027ac92968, proto=3D6) at /usr/src/sys/netinet/tcp_input.c:1= 496 #8 0xffffffff80a87061 in ip_input (m=3D0x0) at /usr/src/sys/netinet/ip_input.c:839 #9 0xffffffff80a4023f in netisr_dispatch_src (proto=3D1, source=3D0, m=3D0xfffff801ef8be500) at /usr/src/sys/net/netisr.c:1143 #10 0xffffffff80a407a1 in netisr_dispatch (proto=3D1, m=3D0xfffff801ef8be50= 0) at /usr/src/sys/net/netisr.c:1234 #11 0xffffffff80a11266 in ether_demux (ifp=3D0xfffff820816e3800, m=3D0xfffff801ef8be500) at /usr/src/sys/net/if_ethersubr.c:921 #12 0xffffffff80a13c10 in ether_input_internal (ifp=3D0xfffff820816e3800, m=3D0xfffff801ef8be500) at /usr/src/sys/net/if_ethersubr.c:707 #13 0xffffffff80a13221 in ether_nh_input (m=3D0xfffff801ef8be500) at /usr/src/sys/net/if_ethersubr.c:737 #14 0xffffffff80a4023f in netisr_dispatch_src (proto=3D5, source=3D0, m=3D0xfffff801ef8be500) at /usr/src/sys/net/netisr.c:1143 #15 0xffffffff80a407a1 in netisr_dispatch (proto=3D5, m=3D0xfffff801ef8be50= 0) at /usr/src/sys/net/netisr.c:1234 #16 0xffffffff80a11b09 in ether_input (ifp=3D0xfffff8010650a000, m=3D0xfffff801ef8be500) at /usr/src/sys/net/if_ethersubr.c:828 #17 0xffffffff80a3a925 in iflib_rxeof (rxq=3D0xfffffe01b7551080, budget=3D1= 6) at /usr/src/sys/net/iflib.c:3047 #18 0xffffffff80a2e4e5 in _task_fn_rx (context=3D0xfffffe01b7551080) at /usr/src/sys/net/iflib.c:3990 #19 0xffffffff808d7427 in gtaskqueue_run_locked (queue=3D0xfffff80104d7e200= ) at /usr/src/sys/kern/subr_gtaskqueue.c:371 #20 0xffffffff808d6fad in gtaskqueue_thread_loop (arg=3D0xfffffe01b71a7128)= at /usr/src/sys/kern/subr_gtaskqueue.c:547 #21 0xffffffff808053f2 in fork_exit (callout=3D0xffffffff808d6f00 <gtaskqueue_thread_loop>, arg=3D0xfffffe01b71a7128, frame=3D0xfffffe027ac92= f40) at /usr/src/sys/kern/kern_fork.c:1093 #22 <signal handler called> #23 0xffffffff8129ea18 in periodic_resettodr_sys_init () Backtrace stopped: Cannot access memory at address 0x0 (kgdb) fr 4 #4 0xffffffff80ab3551 in tcp_output (tp=3D0xfffffe04709abca8) at /usr/src/sys/netinet/tcp_output.c:1583 1583 KASSERT(SEQ_LEQ(tp->snd_max, top+1), (kgdb) p tp->snd_max $1 =3D 3141897257 (kgdb) p top $2 =3D 3141897255 (kgdb) No KTLS enabled\used. Adapter is Intel X710 (if_ixl). If there is anything else we can help with, please just let me know. --=20 You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264257-7501-jcJDGnYbMb>