Date: Sat, 20 Mar 2021 01:19:44 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 254419] Fatal trap 12: page fault while in kernel mode, nginx + sendfile on Message-ID: <bug-254419-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D254419 Bug ID: 254419 Summary: Fatal trap 12: page fault while in kernel mode, nginx + sendfile on Product: Base System Version: 13.0-STABLE Hardware: amd64 OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: viaprog@gmail.com FreeBSD-13.0-RC3, git rev 8f731a397ad4dc7b17622c0e69ac045f4a7b9d5b nginx + sendfile on =3D kernel panic. With sendfile =3D off - working fine. Fatal trap 12: page fault while in kernel mode cpuid =3D 19; apic id =3D 13 fault virtual address =3D 0x0 fault code =3D supervisor read data, page not present instruction pointer =3D 0x20:0xffffffff8095fa46 stack pointer =3D 0x28:0xfffffe01533dd1a0 frame pointer =3D 0x28:0xfffffe01533dd1b0 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 3395 (nginx) trap number =3D 12 panic: page fault cpuid =3D 19 time =3D 1616197293 KDB: stack backtrace: #0 0xffffffff80687015 at kdb_backtrace+0x65 #1 0xffffffff8063a051 at vpanic+0x181 #2 0xffffffff80639ec3 at panic+0x43 #3 0xffffffff809830d7 at trap_fatal+0x387 #4 0xffffffff8098312f at trap_pfault+0x4f #5 0xffffffff8098278d at trap+0x27d #6 0xffffffff8095b938 at calltrap+0x8 #7 0xffffffff8095f957 at in_cksum_skip+0x77 #8 0xffffffff8079dc1d at in_delayed_cksum+0x3d #9 0xffffffff80823d03 at pf_test+0x1403 #10 0xffffffff8083ac6f at pf_check_out+0x1f #11 0xffffffff80770de7 at pfil_run_hooks+0x97 #12 0xffffffff8079d3f1 at ip_output+0xb61 #13 0xffffffff807b44e4 at tcp_output+0x1b04 #14 0xffffffff807ca379 at tcp_usr_send+0x229 #15 0xffffffff80637f6a at vn_sendfile+0x197a #16 0xffffffff80638967 at sendfile+0x127 #17 0xffffffff809839dc at amd64_syscall+0x10c Uptime: 1m0s Dumping 1632 out of 32637 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..= 91% __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 55 __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n" (offsetof(stru= ct pcpu, (kgdb) list *0xffffffff8095fa46 0xffffffff8095fa46 is in in_cksumdata (/usr/src/sys/amd64/amd64/in_cksum.c:113). 108 if ((offset =3D 3 & (long) lw) !=3D 0) { 109 const u_int32_t *masks =3D in_masks + (offset << 2); 110 lw =3D (u_int32_t *) (((long) lw) - offset); 111 sum =3D *lw++ & masks[len >=3D 3 ? 3 : len]; 112 len -=3D 4 - offset; 113 if (len <=3D 0) { 114 REDUCE32; 115 return sum; 116 } 117 } (kgdb)=20 (kgdb) bt #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=3D<optimized out>) at /usr/src/sys/kern/kern_shutdown= .c:399 #2 0xffffffff80639c46 in kern_reboot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c:486 #3 0xffffffff8063a0c0 in vpanic (fmt=3D<optimized out>, ap=3D<optimized ou= t>) at /usr/src/sys/kern/kern_shutdown.c:919 #4 0xffffffff80639ec3 in panic (fmt=3D<unavailable>) at /usr/src/sys/kern/kern_shutdown.c:843 #5 0xffffffff809830d7 in trap_fatal (frame=3D0xfffffe01533dd0e0, eva=3D0) = at /usr/src/sys/amd64/amd64/trap.c:915 #6 0xffffffff8098312f in trap_pfault (frame=3Dframe@entry=3D0xfffffe01533d= d0e0, usermode=3Dfalse, signo=3D<optimized out>, signo@entry=3D0x0, ucode=3D<opti= mized out>, ucode@entry=3D0x0) at /usr/src/sys/amd64/amd64/trap.c:732 #7 0xffffffff8098278d in trap (frame=3D0xfffffe01533dd0e0) at /usr/src/sys/amd64/amd64/trap.c:398 #8 <signal handler called> #9 0xffffffff8095fa46 in in_cksumdata (buf=3D<optimized out>, len=3Dlen@entry=3D1140) at /usr/src/sys/amd64/amd64/in_cksum.c:113 #10 0xffffffff8095f957 in in_cksum_skip (m=3D0xfffff80608d32300, m@entry=3D0xfffff804e6cab200, len=3D1140, skip=3D<optimized out>, skip@entr= y=3D20) at /usr/src/sys/amd64/amd64/in_cksum.c:224 #11 0xffffffff8079dc1d in in_delayed_cksum (m=3D0xfffff804e6cab200) at /usr/src/sys/netinet/ip_output.c:1083 #12 0xffffffff80823d03 in pf_route (m=3D0xfffffe01533dd4f8, r=3D0xfffff8000= d90cc00, dir=3D0, oifp=3D0xfffff8000d86c000, s=3D<optimized out>, pd=3D0xfffffe01533= dd288, inp=3D0xfffff8062603a988) at /usr/src/sys/netpfil/pf/pf.c:5558 #13 pf_test (dir=3D<optimized out>, dir@entry=3D2, pflags=3D<optimized out>, ifp=3D<optimized out>, m0=3D<optimized out>, m0@entry=3D0xfffffe01533dd4f8, inp=3D<optimized out>) at /usr/src/sys/netpfil/pf/pf.c:6269 #14 0xffffffff8083ac6f in pf_check_out (m=3D0xfffffe01533dd4f8, ifp=3D0x0, flags=3D1140, ruleset=3D<optimized out>, inp=3D0x0) at /usr/src/sys/netpfil/pf/pf_ioctl.c:4516 #15 0xffffffff80770de7 in pfil_run_hooks (head=3D<optimized out>, p=3D..., ifp=3D0xfffff8000d86c000, flags=3Dflags@entry=3D131072, inp=3Dinp@entry=3D0xfffff8062603a988) at /usr/src/sys/net/pfil.c:187 #16 0xffffffff8079d3f1 in ip_output_pfil (mp=3D0xfffffe01533dd4f8, ifp=3D0xfffff8000d86c000, flags=3D0, inp=3D0xfffff8062603a988, dst=3D0xfffff8062603ab30, fibnum=3D<optimized out>,=20 error=3D<optimized out>) at /usr/src/sys/netinet/ip_output.c:130 #17 ip_output (m=3Dm@entry=3D0xfffff804e6cab200, opt=3D<optimized out>, ro= =3D<optimized out>, flags=3D0, imo=3Dimo@entry=3D0x0, inp=3D<optimized out>) at /usr/src/sys/netinet/ip_output.c:705 #18 0xffffffff807b44e4 in tcp_output (tp=3D0xfffffe003fc5c890) at /usr/src/sys/netinet/tcp_output.c:1492 #19 0xffffffff807ca379 in tcp_usr_send (so=3D<optimized out>, flags=3D<opti= mized out>, m=3D0xfffff80626072800, nam=3D0x0, control=3D<optimized out>, td=3D0xfffffe0054f67500) at /usr/src/sys/netinet/tcp_usrreq.c:1210 #20 0xffffffff80637f6a in vn_sendfile (fp=3D<optimized out>, sockfd=3D97, hdr_uio=3D0x0, trl_uio=3D0x0, offset=3D<optimized out>, nbytes=3D<optimized= out>, sent=3D0xfffffe01533dda88, flags=3D1,=20 td=3D0xfffffe0054f67500) at /usr/src/sys/kern/kern_sendfile.c:1182 #21 0xffffffff80638967 in fo_sendfile (fp=3D0x0, sockfd=3D1140, hdr_uio=3D0= x0, trl_uio=3D0x0, offset=3D0, nbytes=3D1186733549, sent=3D0xfffffe01533dda88, = flags=3D75701, td=3D0xfffffe0054f67500) at /usr/src/sys/sys/file.h:409 #22 sendfile (td=3D0xfffffe0054f67500, uap=3D0xfffffe0054f678e8, compat=3D<= optimized out>) at /usr/src/sys/kern/kern_sendfile.c:1320 #23 0xffffffff809839dc in syscallenter (td=3D0xfffffe0054f67500) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:189 #24 amd64_syscall (td=3D0xfffffe0054f67500, traced=3D0) at /usr/src/sys/amd64/amd64/trap.c:1156 #25 <signal handler called> #26 0x00000008008c834a in ?? () Backtrace stopped: Cannot access memory at address 0x7fffffffd7c8 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-254419-227>