Site Navigation

Date:      Mon, 12 Feb 2024 11:23:54 +0100
From:      tuexen@freebsd.org
To:        Alexander Leidinger <alexleidingerde@gmail.com>
Cc:        current@freebsd.org
Subject:   Re: kernel crash in tcp_subr.c:2386
Message-ID:  <625E0EA4-9413-45AD-B05C-500833A1D527@freebsd.org>
In-Reply-To: <CAJg7qzH_c8JCKQvLPki6Cv7GRzaQs9vA-omSWBxnFTPy_9Rczw@mail.gmail.com>
References:  <1707730255-92643-mlmmj-52dbb05a@FreeBSD.org> <CAJg7qzH_c8JCKQvLPki6Cv7GRzaQs9vA-omSWBxnFTPy_9Rczw@mail.gmail.com>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

> On Feb 12, 2024, at 10:36, Alexander Leidinger =
<alexleidingerde@gmail.com> wrote:
>=20
> Hi,
>=20
> I got a coredump with sources from 2024-02-10-144617 (GMT+0100):
Hi Alexander,

we are aware of this problem, but haven't found a way to reproduce it.
Do you know how to reproduce this?

Best regards
Michael
> ---snip---
> __curthread () at =
/space/system/usr_src/sys/amd64/include/pcpu_aux.h:57
> 57              __asm("movq %%gs:%P1,%0" : "=3Dr" (td) : "n" =
(offsetof(struct pcpu,
> (kgdb) #0  __curthread () at =
/space/system/usr_src/sys/amd64/include/pcpu_aux.h:57
>        td =3D <optimized out>
> #1  doadump (textdump=3Dtextdump@entry=3D1)
>    at /space/system/usr_src/sys/kern/kern_shutdown.c:403
>        error =3D 0
>        coredump =3D <optimized out>
> #2  0xffffffff8052fe85 in kern_reboot (howto=3D260)
>    at /space/system/usr_src/sys/kern/kern_shutdown.c:521
>        once =3D 0
>        __pc =3D <optimized out>
> #3  0xffffffff80530382 in vpanic (
>    fmt=3D0xffffffff808df476 "Assertion %s failed at %s:%d",
>    ap=3Dap@entry=3D0xfffffe08a079ebf0)
>    at /space/system/usr_src/sys/kern/kern_shutdownc:973
>        buf =3D "Assertion !callout_active(&tp->t_callout) failed at =
/space/system/usr_src/sys/netinet/tcp_subr.c:2386", '\000' <repeats 154 =
times>
>        __pc =3D <optimized out>
>        __pc =3D <optimized out>
>        __pc =3D <optimized out>
>        other_cpus =3D {__bits =3D {14680063, 0 <repeats 15 times>}}
>        td =3D 0xfffff8068ef99740
>        bootopt =3D <unavailable>
>        newpanic =3D <optimized out>
> #4  0xffffffff805301d3 in panic (fmt=3D<unavailable>)
>    at /space/system/usr_src/sys/kern/kern_shutdown.c:889
>        ap =3D {{gp_offset =3D 32, fp_offset =3D 48,
>            overflow_arg_area =3D 0xfffffe08a079ec20,
>            reg_save_area =3D 0xfffffe08a079ebc0}}
> #5  0xffffffff806c9d8c in tcp_discardcb =
(tp=3Dtp@entry=3D0xfffff80af441ba80)
>    at /space/system/usr_src/sys/netinet/tcp_subr.c:2386
>        inp =3D 0xfffff80af441ba80
>        so =3D 0xfffff804d23d2780
>        m =3D <optimized out>
>        isipv6 =3D <optimized out>
> #6  0xffffffff806d6291 in tcp_usr_detach (so=3D0xfffff804d23d2780)
>    at /space/system/usr_src/sys/netinet/tcp_usrreq.c:214
>        inp =3D 0xfffff80af441ba80
>        tp =3D 0xfffff80af441ba80
> #7  0xffffffff805dba57 in sofree (so=3D0xfffff804d23d2780)
>    at /space/system/usr_src/sys/kern/uipc_socket.c:1205
>        pr =3D 0xffffffff80a8bd18 <tcp_protosw>
> #8  sorele_locked (so=3Dso@entry=3D0xfffff804d23d2780)
>    at /space/system/usr_src/sys/kern/uipc_socket.c:1232
> No locals.
> #9  0xffffffff805dc8c0 in soclose (so=3D0xfffff804d23d2780)
>    at /space/system/usr_src/sys/kern/uipc_socket.c:1302
>        lqueue =3D {tqh_first =3D 0xfffff8068ef99740,
>          tqh_last =3D 0xfffffe08a079ed40}
>        error =3D 0
>        saved_vnet =3D 0x0
>        last =3D <optimized out>
>        listening =3D <optimized out>
> #10 0xffffffff804ccbd1 in fo_close (fp=3D0xfffff805f2dfc500, =
td=3D<unavailable>)
>    at /space/system/usr_src/sys/sys/file.h:390
> No locals.
> #11 _fdrop (fp=3Dfp@entry=3D0xfffff805f2dfc500, td=3D<unavailable>,
>    td@entry=3D0xfffff8068ef99740)
>    at /space/system/usr_src/sys/kern/kern_descrip.c:3666
>        count =3D <unavailable>
>        error =3D <optimized out>
> #12 0xffffffff804d02f3 in closef (fp=3Dfp@entry=3D0xfffff805f2dfc500,
>    td=3Dtd@entry=3D0xfffff8068ef99740)
>    at /space/system/usr_src/sys/kern/kern_descrip.c:2839
>        _error =3D 0
>        _fp =3D 0xfffff805f2dfc500
>        lf =3D {l_start =3D -8791759350504, l_len =3D -8791759350528, =
l_pid =3D 0,
>          l_type =3D 0, l_whence =3D 0, l_sysid =3D 0}
>        vp =3D <optimized out>
>        fdtol =3D <optimized out>
>        fdp =3D <optimized out>
> #13 0xffffffff804cd50c in closefp_impl (fdp=3D0xfffffe07afebf860, =
fd=3D19,
>    fp=3D0xfffff805f2dfc500, td=3D0xfffff8068ef99740, audit=3D<optimized =
out>)
>    at /space/system/usr_src/sys/kern/kern_descrip.c:1315
>        error =3D <optimized out>
> #14 closefp (fdp=3D0xfffffe07afebf860, fd=3D19, fp=3D0xfffff805f2dfc500,=

>    td=3D0xfffff8068ef99740, holdleaders=3Dtrue, audit=3D<optimized =
out>)
>    at /space/system/usr_src/sys/kern/kern_descrip.c:1372
> No locals.
> #15 0xffffffff808597d6 in syscallenter (td=3D0xfffff8068ef99740)
>    at =
/space/system/usr_src/sys/amd64/amd64/../../kern/subr_syscall.c:186
>        se =3D 0xffffffff80a48330 <sysent+192>
>        p =3D 0xfffffe07f29995c0
>        sa =3D 0xfffff8068ef99b30
>        error =3D <optimized out>
>        sy_thr_static =3D <optimized out>
>        traced =3D <optimized out>
> #16 amd64_syscall (td=3D0xfffff8068ef99740, traced=3D0)
>    at /space/system/usr_src/sys/amd64/amd64/trap.c:1192
>        ksi =3D {ksi_link =3D {tqe_next =3D 0xfffffe08a079ef30,
>            tqe_prev =3D 0xffffffff808588af <trap+2351>}, ksi_info =3D =
{
>            si_signo =3D 1, si_errno =3D 0, si_code =3D 2015268872, =
si_pid =3D -512,
>            si_uid =3D 2398721856, si_status =3D -2042,
>            si_addr =3D 0xfffffe08a079ef40, si_value =3D {sival_int =3D =
-1602621824,
>              sival_ptr =3D 0xfffffe08a079ee80, sigval_int =3D =
-1602621824,
>              sigval_ptr =3D 0xfffffe08a079ee80}, _reason =3D {_fault =3D=
 {
>                _trapno =3D 1489045984}, _timer =3D {_timerid =3D =
1489045984,
>                _overrun =3D 17999}, _mesgq =3D {_mqd =3D 1489045984}, =
_poll =3D {
>                _band =3D 77306605406688}, _capsicum =3D {_syscall =3D =
1489045984},
>              __spare__ =3D {__spare1__ =3D 77306605406688, __spare2__ =
=3D {
>                  1489814048, 17999, 208, 0, 0, 0, 992191072}}}},
>          ksi_flags =3D 975329968, ksi_sigq =3D 0xffffffff8082f8f3 =
<Xinvlop+179>}
> #17 <signal handler called>
> No locals.
> #18 0x00003af13b17fc9a in ?? ()
> No symbol table info available.
> Backtrace stopped: Cannot access memory at address 0x3af13a225ab8
> ---snip---
>=20
> Any ideas?
>=20
> Due to another issue in userland, I updated to 2024-02-11-212006, but =
I have the above mentioned version and core still in a BE if needed
>=20
> Bye,
> Alexander.

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?625E0EA4-9413-45AD-B05C-500833A1D527>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact