On amd64 13-CURRENT r365579M, running "truss -f sh" results in the following panic: panic: pgrp 9501 0xfffff8006654a780 pg_jobc 1 cnt 2 cpuid = 2 time = 1599852655 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe00652068f0 vpanic() at vpanic+0x182/frame 0xfffffe0065206940 panic() at panic+0x43/frame 0xfffffe00652069a0 check_pgrp_jobc() at check_pgrp_jobc+0x124/frame 0xfffffe00652069e0 doenterpgrp() at doenterpgrp+0xc6/frame 0xfffffe0065206a30 enterpgrp() at enterpgrp+0x39e/frame 0xfffffe0065206a80 sys_setpgid() at sys_setpgid+0x219/frame 0xfffffe0065206ad0 amd64_syscall() at amd64_syscall+0x140/frame 0xfffffe0065206bf0 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe0065206bf0 --- syscall (82, FreeBSD ELF64, sys_setpgid), rip = 0x80036f96a, rsp = 0x7fffffffe0d8, rbp = 0x7fffffffe110 --- KDB: enter: panic __curthread () at /usr/home/trasz/svn/syscall/sys/amd64/include/pcpu_aux.h:55 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu, (kgdb) bt #0 __curthread () at /usr/home/trasz/svn/syscall/sys/amd64/include/pcpu_aux.h:55 #1 doadump (textdump=0) at /usr/home/trasz/svn/syscall/sys/kern/kern_shutdown.c:394 #2 0xffffffff8049f9ea in db_dump (dummy=<optimized out>, dummy2=<optimized out>, dummy3=<unavailable>, dummy4=<unavailable>) at /usr/home/trasz/svn/syscall/sys/ddb/db_command.c:575 #3 0xffffffff8049f7b0 in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=1) at /usr/home/trasz/svn/syscall/sys/ddb/db_command.c:482 #4 0xffffffff8049f50d in db_command_loop () at /usr/home/trasz/svn/syscall/sys/ddb/db_command.c:535 #5 0xffffffff804a2826 in db_trap (type=<optimized out>, code=<optimized out>) at /usr/home/trasz/svn/syscall/sys/ddb/db_main.c:270 #6 0xffffffff80c22954 in kdb_trap (type=3, code=0, tf=<optimized out>) at /usr/home/trasz/svn/syscall/sys/kern/subr_kdb.c:699 #7 0xffffffff8101e63e in trap (frame=0xfffffe0065206820) at /usr/home/trasz/svn/syscall/sys/amd64/amd64/trap.c:576 #8 <signal handler called> #9 kdb_enter (why=0xffffffff811eca2f "panic", msg=<optimized out>) at /usr/home/trasz/svn/syscall/sys/kern/subr_kdb.c:486 #10 0xffffffff80bd71be in vpanic (fmt=<optimized out>, ap=<optimized out>) at /usr/home/trasz/svn/syscall/sys/kern/kern_shutdown.c:902 #11 0xffffffff80bd6f63 in panic (fmt=0xffffffff81c8dbc8 <cnputs_mtx> "\250\357\032\201\377\377\377\377") at /usr/home/trasz/svn/syscall/sys/kern/kern_shutdown.c:839 #12 0xffffffff80bbe174 in check_pgrp_jobc (pgrp=0xfffff8006654a780) at /usr/home/trasz/svn/syscall/sys/kern/kern_proc.c:667 #13 0xffffffff80bba476 in doenterpgrp (p=0xfffff8016a7d0000, pgrp=0xfffff80008ba7880) at /usr/home/trasz/svn/syscall/sys/kern/kern_proc.c:691 #14 0xffffffff80bba2ee in enterpgrp (p=0xfffff8016a7d0000, pgid=<optimized out>, pgrp=0xfffff80008ba7880, sess=0x0) at /usr/home/trasz/svn/syscall/sys/kern/kern_proc.c:606 #15 0xffffffff80bc2389 in sys_setpgid (td=0xfffffe0064d1fa00, uap=<optimized out>) at /usr/home/trasz/svn/syscall/sys/kern/kern_prot.c:434 #16 0xffffffff8101f480 in syscallenter (td=<optimized out>) at /usr/home/trasz/svn/syscall/sys/amd64/amd64/../../kern/subr_syscall.c:162 #17 amd64_syscall (td=0xfffffe0064d1fa00, traced=0) at /usr/home/trasz/svn/syscall/sys/amd64/amd64/trap.c:1156 #18 <signal handler called> #19 0x000000080036f96a in ?? () Backtrace stopped: Cannot access memory at address 0x7fffffffe0d8
Correction: to reproduce, do "truss -f sh", then run id(1) in the sh(1) instance opened in the previous step.
https://reviews.freebsd.org/D26416
A commit references this bug: Author: kib Date: Wed Sep 16 21:46:57 UTC 2020 New revision: 365814 URL: https://svnweb.freebsd.org/changeset/base/365814 Log: Fix fixjobc+orhpanage. Orphans affect job control state, we must account for them when changing pg_jobc. Instead of p_pptr, use proc_realparent() to get parent relevant for job control. Use correct calculation of the parent for exiting process. For jobc purposes, we must use realparent, but if it is also exiting, we should fall to reaper, then recursively find non-exiting reaper. Reported by: trasz PR: 249257 Tested by: pho Sponsored by: The FreeBSD Foundation MFC after: 1 week Differential revision: https://reviews.freebsd.org/D26416 Changes: head/sys/kern/kern_proc.c
The MFC was in r366082.