FreeBSD Bugzilla – Attachment 251786 Details for
Bug 280037
KTLS with Intel QAT may trigger kernel panics
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
kgdb #3 with clean kernel
ktls_qat_kgdb3.txt (text/plain), 8.05 KB, created by
ss3bsd
on 2024-06-30 04:41:36 UTC
(
hide
)
Description:
kgdb #3 with clean kernel
Filename:
MIME Type:
Creator:
ss3bsd
Created:
2024-06-30 04:41:36 UTC
Size:
8.05 KB
patch
obsolete
>#3 with clean kernel > >FreeBSD 14.1-RELEASE-p1 releng/14.1-n267682-0892dff10444 > >% kgdb kernel.debug vmcore.5 >GNU gdb (GDB) 14.1 [GDB v14.1 for FreeBSD] >Copyright (C) 2023 Free Software Foundation, Inc. >License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> >This is free software: you are free to change and redistribute it. >There is NO WARRANTY, to the extent permitted by law. >Type "show copying" and "show warranty" for details. >This GDB was configured as "x86_64-portbld-freebsd14.1". >Type "show configuration" for configuration details. >For bug reporting instructions, please see: ><https://www.gnu.org/software/gdb/bugs/>. >Find the GDB manual and other documentation resources online at: > <http://www.gnu.org/software/gdb/documentation/>. > >For help, type "help". >Type "apropos word" to search for commands related to "word"... >Reading symbols from kernel.debug... > >Unread portion of the kernel message buffer: > > >Fatal trap 12: page fault while in kernel mode >cpuid = 0; apic id = 00 >fault virtual address = 0x0 >fault code = supervisor read data, page not present >instruction pointer = 0x20:0xffffffff80c83372 >stack pointer = 0x28:0xfffffe00377f2320 >frame pointer = 0x28:0xfffffe00377f2330 >code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 >processor eflags = interrupt enabled, resume, IOPL = 0 >current process = 0 (if_io_tqg_0) >rdi: fffff8048790b700 rsi: fffff805761d9aa0 rdx: 0000000000000000 >rcx: fffff80001ab1740 r8: 000000000000004d r9: fffff80220587800 >rax: 0000000000000000 rbx: fffff8048790b700 rbp: fffffe00377f2330 >r10: 00000000000000de r11: fffffe00e2061270 r12: fffff805761d9a80 >r13: fffff80039aba3c0 r14: fffff80039aba3c0 r15: 0000000000000000 >trap number = 12 >panic: page fault >cpuid = 0 >time = 1719721047 >KDB: stack backtrace: >#0 0xffffffff809d2b5d at kdb_backtrace+0x5d >#1 0xffffffff809858c1 at vpanic+0x131 >#2 0xffffffff80985783 at panic+0x43 >#3 0xffffffff80e5f91b at trap_fatal+0x40b >#4 0xffffffff80e5f966 at trap_pfault+0x46 >#5 0xffffffff80e35ee8 at calltrap+0x8 >#6 0xffffffff80c8b492 at ktls_ocf_free+0x12 >#7 0xffffffff80a180e2 at ktls_destroy+0x272 >#8 0xffffffff80a25e72 at sbdestroy+0x42 >#9 0xffffffff80a28cc6 at sorele_locked+0xa6 >#10 0xffffffff80b6f5d0 at tcp_close+0x170 >#11 0xffffffff80b5db68 at tcp_do_segment+0xa58 >#12 0xffffffff80b5c749 at tcp_input_with_port+0xff9 >#13 0xffffffff80b5d0fb at tcp_input+0xb >#14 0xffffffff80b4bea9 at ip_input+0x239 >#15 0xffffffff80ac803e at netisr_dispatch_src+0x9e >#16 0xffffffff830446ff at ng_iface_rcvdata+0x14f >#17 0xffffffff80b2adae at ng_apply_item+0x13e >Uptime: 2m17s >Dumping 1764 out of 32693 MB:..1%..11%..21%..31%..41%..51%..61%..71%..81%..91% >: >: omit >: > >--Type <RET> for more, q to quit, c to continue without paging--q >Quit >(kgdb) bt >#0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57 >#1 doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:405 >#2 0xffffffff80985457 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:523 >#3 0xffffffff8098592e in vpanic (fmt=0xffffffff80f936bc "%s", ap=ap@entry=0xfffffe00377f2180) at /usr/src/sys/kern/kern_shutdown.c:967 >#4 0xffffffff80985783 in panic (fmt=<unavailable>) at /usr/src/sys/kern/kern_shutdown.c:891 >#5 0xffffffff80e5f91b in trap_fatal (frame=0xfffffe00377f2260, eva=0) at /usr/src/sys/amd64/amd64/trap.c:952 >#6 0xffffffff80e5f966 in trap_pfault (frame=<unavailable>, usermode=false, signo=<optimized out>, ucode=<optimized out>) at /usr/src/sys/amd64/amd64/trap.c:760 >#7 <signal handler called> >#8 crypto_freesession (cses=0xfffff8048790b700) at /usr/src/sys/opencrypto/crypto.c:1018 >#9 0xffffffff80c8b492 in ktls_ocf_free (tls=tls@entry=0xfffff8056e443500) at /usr/src/sys/opencrypto/ktls_ocf.c:978 >#10 0xffffffff80a180e2 in ktls_destroy (tls=0xfffff8056e443500) at /usr/src/sys/kern/uipc_ktls.c:1942 >#11 0xffffffff80a25e72 in ktls_free (tls=0xfffff8048790b700) at /usr/src/sys/sys/ktls.h:252 >#12 sbdestroy (so=so@entry=0xfffff80039aba3c0, which=(unknown: 0x761d9aa0), which@entry=SO_SND) at /usr/src/sys/kern/uipc_sockbuf.c:791 >#13 0xffffffff80a28cc6 in sofree (so=0xfffff80039aba3c0) at /usr/src/sys/kern/uipc_socket.c:1223 >#14 sorele_locked (so=so@entry=0xfffff80039aba3c0) at /usr/src/sys/kern/uipc_socket.c:1242 >#15 0xffffffff80b6f5d0 in tcp_close (tp=tp@entry=0xfffff805761d9a80) at /usr/src/sys/netinet/tcp_subr.c:2540 >#16 0xffffffff80b5db68 in tcp_do_segment (tp=0xfffff805761d9a80, m=0xfffff8021ff17900, th=0xfffff8021ff1798a, drop_hdrlen=40, tlen=0, iptos=<optimized out>) > at /usr/src/sys/netinet/tcp_input.c:2185 >#17 0xffffffff80b5c749 in tcp_input_with_port (mp=<optimized out>, offp=<optimized out>, proto=<optimized out>, port=port@entry=0) at /usr/src/sys/netinet/tcp_input.c:1168 >#18 0xffffffff80b5d0fb in tcp_input (mp=0xfffff8048790b700, offp=0xfffff805761d9aa0, proto=0) at /usr/src/sys/netinet/tcp_input.c:1500 >#19 0xffffffff80b4bea9 in ip_input (m=0x0) at /usr/src/sys/netinet/ip_input.c:863 >#20 0xffffffff80ac803e in netisr_dispatch_src (proto=1, source=18446735301073017504, m=0x0) at /usr/src/sys/net/netisr.c:1152 >#21 0xffffffff830446ff in ?? () from /boot/kernel/ng_iface.ko >#22 0x0000000000000005 in ?? () >#23 0x0000000000000000 in ?? () >(kgdb) frame 9 >#9 0xffffffff80c8b492 in ktls_ocf_free (tls=tls@entry=0xfffff8056e443500) at /usr/src/sys/opencrypto/ktls_ocf.c:978 >978 crypto_freesession(os->sid); >(kgdb) list >973 ktls_ocf_free(struct ktls_session *tls) >974 { >975 struct ktls_ocf_session *os; >976 >977 os = tls->ocf_session; >978 crypto_freesession(os->sid); >979 crypto_freesession(os->mac_sid); >980 crypto_freesession(os->recrypt_sid); >981 mtx_destroy(&os->lock); >982 zfree(os, M_KTLS_OCF); >(kgdb) p/x *tls >$1 = {ocf_session = 0xfffff80221c38480, snd_tag = 0x0, params = {cipher_key = 0xfffff800371c3de0, auth_key = 0x0, iv = {0x82, 0x0, 0x82, 0xd3, 0x0, 0x0, 0x0, 0x0, 0xa6, > 0xb3, 0xc6, 0x6a, 0xa4, 0x19, 0x5e, 0xfc}, cipher_algorithm = 0x19, auth_algorithm = 0x0, cipher_key_len = 0x20, iv_len = 0x4, auth_key_len = 0x0, > max_frame_len = 0x4000, tls_vmajor = 0x3, tls_vminor = 0x3, tls_hlen = 0xd, tls_tlen = 0x10, tls_bs = 0x1, flags = 0x0}, wq_index = 0x0, refcount = 0x0, mode = 0x1, > reset_tag_task = {ta_link = {stqe_next = 0x0}, ta_pending = 0x0, ta_priority = 0x0, ta_flags = 0x0, ta_func = 0xffffffff80a19510, ta_context = 0xfffff8056e443500}, > disable_ifnet_task = {ta_link = {stqe_next = 0x0}, ta_pending = 0x0, ta_priority = 0x0, ta_flags = 0x0, ta_func = 0x0, ta_context = 0x0}, {inp = 0xfffff805761d9a80, > so = 0xfffff805761d9a80}, rx_ifp = 0x0, rx_vlan_id = 0x0, reset_pending = 0x0, tx = 0x1, sync_dispatch = 0x0, sequential_records = 0x0, next_seqno = 0x0, > pending_records = {stqh_first = 0x0, stqh_last = 0x0}, destroy_task = {ta_link = {stqe_next = 0x0}, ta_pending = 0x0, ta_priority = 0x0, ta_flags = 0x0, ta_func = 0x0, > ta_context = 0x0}} >(kgdb) p/x *tls->ocf_session >$2 = {sw = 0xffffffff8112b508, sid = 0xfffff8048790b700, mac_sid = 0x0, recrypt_sid = 0xfffff80326d82680, lock = {lock_object = {lo_name = 0xffffffff80f34e94, > lo_flags = 0x1030000, lo_data = 0x0, lo_witness = 0x0}, mtx_lock = 0x0}, mac_len = 0x0, implicit_iv = 0x0, iv = {0x0 <repeats 16 times>}} >(kgdb) frame 8 >#8 crypto_freesession (cses=0xfffff8048790b700) at /usr/src/sys/opencrypto/crypto.c:1018 >1018 CRYPTODEV_FREESESSION(cap->cc_dev, cses); >(kgdb) list >1013 return; >1014 >1015 cap = cses->cap; >1016 >1017 /* Call the driver cleanup routine, if available. */ >1018 CRYPTODEV_FREESESSION(cap->cc_dev, cses); >1019 >1020 crypto_deletesession(cses); >1021 } >1022 >(kgdb) p/x *cses >$3 = {cap = 0x0, csp = {csp_mode = 0x0, csp_flags = 0x0, csp_ivlen = 0x0, csp_cipher_alg = 0x0, csp_cipher_klen = 0x0, csp_cipher_key = 0x0, csp_auth_alg = 0x0, > csp_auth_klen = 0x0, csp_auth_key = 0x0, csp_auth_mlen = 0x0}, id = 0x0} >(kgdb)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=251786">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 280037
:
251744
|
251776
| 251786 |
256331
|
256343