FreeBSD Mail Archives

Date:      Mon, 20 Jun 2022 23:49:32 +0000
From:      bugzilla-noreply@freebsd.org
To:        net@FreeBSD.org
Subject:   [Bug 264257] [tcp] Panic: Fatal trap 12: page fault while in kernel mode (if_io_tqg_4) - m_copydata ... at /usr/src/sys/kern/uipc_mbuf.c:659
Message-ID:  <bug-264257-7501-hu0TR4PCWL@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-264257-7501@https.bugs.freebsd.org/bugzilla/>
References:  <bug-264257-7501@https.bugs.freebsd.org/bugzilla/>

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264257

--- Comment #68 from Christos Chatzaras <chris@cretaforce.gr> ---
Today I had another crash in a different server.

Fatal trap 12: page fault while in kernel mode
cpuid =3D 7; apic id =3D 07
fault virtual address   =3D 0x18
fault code              =3D supervisor read data, page not present
instruction pointer     =3D 0x20:0xffffffff80cae31d
stack pointer           =3D 0x28:0xfffffe01141445c0
frame pointer           =3D 0x28:0xfffffe0114144630
code segment            =3D base 0x0, limit 0xfffff, type 0x1b
                        =3D DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        =3D interrupt enabled, resume, IOPL =3D 0
current process         =3D 0 (if_io_tqg_7)
trap number             =3D 12
panic: page fault
cpuid =3D 7
time =3D 1655767279
KDB: stack backtrace:
#0 0xffffffff80c69465 at kdb_backtrace+0x65
#1 0xffffffff80c1bb1f at vpanic+0x17f
#2 0xffffffff80c1b993 at panic+0x43
#3 0xffffffff810afdf5 at trap_fatal+0x385
#4 0xffffffff810afe4f at trap_pfault+0x4f
#5 0xffffffff81087528 at calltrap+0x8
#6 0xffffffff80de07c9 at tcp_output+0x1339
#7 0xffffffff80dd7eed at tcp_do_segment+0x2cfd
#8 0xffffffff80dd44b1 at tcp_input_with_port+0xb61
#9 0xffffffff80dd515b at tcp_input+0xb
#10 0xffffffff80dc691f at ip_input+0x11f
#11 0xffffffff80d53089 at netisr_dispatch_src+0xb9
#12 0xffffffff80d36ea8 at ether_demux+0x138
#13 0xffffffff80d38235 at ether_nh_input+0x355
#14 0xffffffff80d53089 at netisr_dispatch_src+0xb9
#15 0xffffffff80d372d9 at ether_input+0x69
#16 0xffffffff80ddeaa5 at tcp_push_and_replace+0x25
#17 0xffffffff80ddd74c at tcp_lro_flush+0x4c
Uptime: 29d3h36m11s
Dumping 4275 out of 65278 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..=
91%

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
warning: Source file is more recent than executable.
55              __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n" (offsetof(stru=
ct
pcpu,
(kgdb) #0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=3D<optimized out>)
    at /usr/src/sys/kern/kern_shutdown.c:399
#2  0xffffffff80c1b71c in kern_reboot (howto=3D260)
    at /usr/src/sys/kern/kern_shutdown.c:487
#3  0xffffffff80c1bb8e in vpanic (fmt=3D0xffffffff811b4fb9 "%s",
    ap=3D<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:920
#4  0xffffffff80c1b993 in panic (fmt=3D<unavailable>)
    at /usr/src/sys/kern/kern_shutdown.c:844
#5  0xffffffff810afdf5 in trap_fatal (frame=3D0xfffffe0114144500, eva=3D24)
    at /usr/src/sys/amd64/amd64/trap.c:944
#6  0xffffffff810afe4f in trap_pfault (frame=3D0xfffffe0114144500,
    usermode=3Dfalse, signo=3D<optimized out>, ucode=3D<optimized out>)
    at /usr/src/sys/amd64/amd64/trap.c:763
#7  <signal handler called>
#8  m_copydata (m=3D0x0, m@entry=3D0xfffff80c219ce500, off=3D0, len=3D1,
    cp=3D<optimized out>) at /usr/src/sys/kern/uipc_mbuf.c:659
#9  0xffffffff80de07c9 in tcp_output (tp=3D<optimized out>)
    at /usr/src/sys/netinet/tcp_output.c:1081
#10 0xffffffff80dd7eed in tcp_do_segment (m=3D<optimized out>,
    th=3D<optimized out>, so=3D<optimized out>, tp=3D0xfffffe01990a1000,
    drop_hdrlen=3D64, tlen=3D<optimized out>, iptos=3D0 '\000')
    at /usr/src/sys/netinet/tcp_input.c:2637
#11 0xffffffff80dd44b1 in tcp_input_with_port (mp=3D<optimized out>,
    offp=3D<optimized out>, proto=3D<optimized out>, port=3Dport@entry=3D0)
    at /usr/src/sys/netinet/tcp_input.c:1400
#12 0xffffffff80dd515b in tcp_input (mp=3D0xfffff80c219ce500, offp=3D0x0, p=
roto=3D1)
    at /usr/src/sys/netinet/tcp_input.c:1496
#13 0xffffffff80dc691f in ip_input (m=3D0x0)
    at /usr/src/sys/netinet/ip_input.c:839
#14 0xffffffff80d53089 in netisr_dispatch_src (proto=3D1,
    source=3Dsource@entry=3D0, m=3D0xfffff80e00395400)
    at /usr/src/sys/net/netisr.c:1143
#15 0xffffffff80d5345f in netisr_dispatch (proto=3D563930368, m=3D0x1)
    at /usr/src/sys/net/netisr.c:1234
#16 0xffffffff80d36ea8 in ether_demux (ifp=3Difp@entry=3D0xfffff80004659000,
    m=3D0x0) at /usr/src/sys/net/if_ethersubr.c:921
#17 0xffffffff80d38235 in ether_input_internal (ifp=3D0xfffff80004659000, m=
=3D0x0)
    at /usr/src/sys/net/if_ethersubr.c:707
#18 ether_nh_input (m=3D<optimized out>) at /usr/src/sys/net/if_ethersubr.c=
:737
#19 0xffffffff80d53089 in netisr_dispatch_src (proto=3Dproto@entry=3D5,
    source=3Dsource@entry=3D0, m=3Dm@entry=3D0xfffff80e00395400)
    at /usr/src/sys/net/netisr.c:1143
#20 0xffffffff80d5345f in netisr_dispatch (proto=3D563930368, proto@entry=
=3D5,
    m=3D0x1, m@entry=3D0xfffff80e00395400) at /usr/src/sys/net/netisr.c:1234
#21 0xffffffff80d372d9 in ether_input (ifp=3D<optimized out>,
    m=3D0xfffff80e00395400) at /usr/src/sys/net/if_ethersubr.c:828
#22 0xffffffff80ddeaa5 in tcp_push_and_replace (lc=3D0xfffff80c219ce500,
    lc@entry=3D0xfffff80003ef2830, le=3Dle@entry=3D0xfffffe0158387690,
    m=3Dm@entry=3D0xfffff80f2b178300) at /usr/src/sys/netinet/tcp_lro.c:923
#23 0xffffffff80ddd74c in tcp_lro_condense (lc=3D0xfffff80003ef2830,
    le=3D0xfffffe0158387690) at /usr/src/sys/netinet/tcp_lro.c:1011
#24 tcp_lro_flush (lc=3Dlc@entry=3D0xfffff80003ef2830, le=3D0xfffffe0158387=
690)
    at /usr/src/sys/netinet/tcp_lro.c:1374
#25 0xffffffff80dddd3b in tcp_lro_rx_done (lc=3D0xfffff80003ef2830)
    at /usr/src/sys/netinet/tcp_lro.c:566
#26 tcp_lro_flush_all (lc=3Dlc@entry=3D0xfffff80003ef2830)
    at /usr/src/sys/netinet/tcp_lro.c:1532
#27 0xffffffff80d4f503 in iflib_rxeof (rxq=3D<optimized out>,
    rxq@entry=3D0xfffff80003ef2800, budget=3D<optimized out>)
    at /usr/src/sys/net/iflib.c:3058
#28 0xffffffff80d49b22 in _task_fn_rx (context=3D0xfffff80003ef2800)
    at /usr/src/sys/net/iflib.c:3990
#29 0xffffffff80c67e9d in gtaskqueue_run_locked (
    queue=3Dqueue@entry=3D0xfffff80003cbf000)
    at /usr/src/sys/kern/subr_gtaskqueue.c:371
#30 0xffffffff80c67b12 in gtaskqueue_thread_loop (arg=3D<optimized out>,
    arg@entry=3D0xfffffe01142820b0) at /usr/src/sys/kern/subr_gtaskqueue.c:=
547
#31 0xffffffff80bd8a5e in fork_exit (
    callout=3D0xffffffff80c67a50 <gtaskqueue_thread_loop>,
    arg=3D0xfffffe01142820b0, frame=3D0xfffffe0114144f40)
    at /usr/src/sys/kern/kern_fork.c:1093
#32 <signal handler called>
#33 mi_startup () at /usr/src/sys/kern/init_main.c:322
Backtrace stopped: Cannot access memory at address 0x1d
(kgdb)

--=20
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264257-7501-hu0TR4PCWL>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation