Bug 241718 - rack_tcp: page fault/kernel panic in rack_output when installing Vivaldi browser via wine
Summary: rack_tcp: page fault/kernel panic in rack_output when installing Vivaldi brow...
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 12.1-RELEASE
Hardware: amd64 Any
: --- Affects Only Me
Assignee: freebsd-net mailing list
URL:
Keywords: panic
Depends on:
Blocks:
 
Reported: 2019-11-05 02:29 UTC by Joshua Kinard
Modified: 2019-11-07 13:47 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Joshua Kinard 2019-11-05 02:29:12 UTC
Running 12.1-RC2 on an Intel NUC8i5BEH with a custom kernel config, and using the TCP RACK stack (from Netflix), I was attempting to install the Vivaldi web browser (Chrome clone) as a standard user via i386-wine-devel in an Enlightenment instance.  At some point in Vivaldi's install, it must be making a callout back home (telemetry/stats logging??), and when it does this, there is a page fault, the kernel panics, and the system immediately reboots.  This issue is also reproducible using 64-bit wine and Vivaldi's 64-bit installer.

Partial log is below, manually transcribed from an image I took of the screen.  I didn't get all of the "WARNING" lines due to not having much time to get a picture.  I set dumpon to compress the dump, and this is what bought me a few extra seconds.  However, savecore reports on reboot that no dump was saved (I think).

And although the drm-kmod drivers below do not appear to be a factor, I want to note that I am using rebuilt drm-fbsd12.0-kmod from ports in package format, in an attempt to get a working X11 up on this NUC device.  In case there is any curiosity about the "WARNING" lines.

Log:

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 02
Fault virtual address   = 0x18
fault code              = supervisor read data, page not present
instruction pointer     = 0x20:0xffffffff808dd95d
stack pointer           = 0x0:0xfffffe008dced500
frame pointer           = 0x0:0xfffffe008dced530
code segment            = base rx0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 52969
trap number             = 12
WARNING !drm_modeset_is_locked(&crtc->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic <truncated>
WARNING !drm_modeset_is_locked(&crtc->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic <truncated>
WARNING !drm_modeset_is_locked(&crtc->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic <truncated>
WARNING !drm_modeset_is_locked(&dev->mode_config.connection_mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/driver <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
WARNING !drm_modeset_is_locked(&plane->mutex) failed at /usr/ports/graphics/drm-fbsd12.0-kmod/work/kms-drm-9e308e6/drivers/gpu/drm/drm_atomic_h <truncated>
                           panic: page fault
cpuid = 1
time = 1572918827
KDB: stack backtrace:
#0 0xffffffff8089de97 at kdb_backtrace+0x67
#1 0xffffffff80850c9d at vpanic+0x19d
#2 0xffffffff80850af3 at panic+0x43
#3 0xffffffff80ba7c2c at trap_fatal+0x39c
#4 0xffffffff80ba7c78 at trap_pfault+0x48
#5 0xffffffff80ba7277 at trap+0x207
#6 0xffffffff80b8279c at calltrap+0x8
#7 0xffffffff81c76066 at rack_output+0x2e86
#8 0xffffffff80a41e31 at tcp_usr_shutdown+0xa1
#9 0xffffffff808eb5b0 at soshutdown+0xc0
#10 0xffffffff808f0e85 at kern_shutdown+0x65
#11 0xffffffff80c0852a at ia32_syscall+0x2aa
#12 0xffffffff80b8388f at int0x80_syscall_common+0x9c
Uptime: 4m52s
Comment 1 Joshua Kinard 2019-11-05 02:37:45 UTC
Forgot to add, if I change back to the stock FreeBSD TCP stack, the crash does not happen.  Hence why I suspect it's something with the RACK code.