Date: Thu, 5 Mar 2015 23:17:16 +0100 From: Florian Smeets <flo@smeets.im> To: "Andrey V. Elsukov" <ae@FreeBSD.org>, src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: Re: svn commit: r279588 - head/sys/netinet6 Message-ID: <54F8D5EC.8030800@smeets.im> In-Reply-To: <201503041120.t24BK2SG000709@svn.freebsd.org> References: <201503041120.t24BK2SG000709@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --QkPH8RHrE0JG75jXw33tsMMoV2WFBfCCB Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 04.03.15 12:20, Andrey V. Elsukov wrote: > Author: ae > Date: Wed Mar 4 11:20:01 2015 > New Revision: 279588 > URL: https://svnweb.freebsd.org/changeset/base/279588 >=20 > Log: > Fix deadlock in IPv6 PCB code. > =20 Hi, everything I'm going to mention is running world/kernel @r279675. I have a host running a couple of IPv6 only bhyves. It looks like I can e= asily panic them when trying to ssh into them. With my limited understand= ing I'd say the stack trace points to this commit. All the tap interfaces used by the bhyves are connected to one bridge int= erface. Every bhyve has its own IPv6 address configured on vtnet0. The br= idge interface on the host has an IPv6 address which is the default gatew= ay in all the bhyves. Let me know if you need anything else. It seems to be quite easy to repro= duce. Fatal trap 12: page fault while in kernel mode cpuid =3D 6; apic id =3D 06 fault virtual address =3D 0x0 fault code =3D supervisor read data, page not present instruction pointer =3D 0x20:0xffffffff80bda224 stack pointer =3D 0x28:0xfffffe01efbfd330 frame pointer =3D 0x28:0xfffffe01efbfd3d0 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 12 (irq265: virtio_pci0) [ thread pid 12 tid 100036 ] Stopped at in6_pcbnotify+0x254: movl (%rax),%edx db> where Tracing pid 12 tid 100036 td 0xfffff800063d0000 in6_pcbnotify() at in6_pcbnotify+0x254/frame 0xfffffe01efbfd3d0 tcp6_ctlinput() at tcp6_ctlinput+0xf0/frame 0xfffffe01efbfd470 icmp6_input() at icmp6_input+0x18d4/frame 0xfffffe01efbfd660 ip6_input() at ip6_input+0x488/frame 0xfffffe01efbfd740 netisr_dispatch_src() at netisr_dispatch_src+0x61/frame 0xfffffe01efbfd7b= 0 ether_demux() at ether_demux+0x15d/frame 0xfffffe01efbfd7e0 ether_nh_input() at ether_nh_input+0x377/frame 0xfffffe01efbfd840 netisr_dispatch_src() at netisr_dispatch_src+0x61/frame 0xfffffe01efbfd8b= 0 ether_input() at ether_input+0x26/frame 0xfffffe01efbfd8d0 vtnet_rxq_eof() at vtnet_rxq_eof+0x7ab/frame 0xfffffe01efbfd9a0 vtnet_rx_vq_intr() at vtnet_rx_vq_intr+0x94/frame 0xfffffe01efbfd9e0 intr_event_execute_handlers() at intr_event_execute_handlers+0x1d8/frame = 0xfffffe01efbfda20 ithread_loop() at ithread_loop+0x9c/frame 0xfffffe01efbfda70 fork_exit() at fork_exit+0x9a/frame 0xfffffe01efbfdab0 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe01efbfdab0 --- trap 0, rip =3D 0, rsp =3D 0xfffffe01efbfdb70, rbp =3D 0 --- (kgdb) list *0xffffffff80bda224 0xffffffff80bda224 is in in6_pcbnotify (/usr/src/sys/netinet6/in6_pcb.c:6= 49). 644 * and the application (associated with this sock= et) wanted to 645 * know the value, notify. 646 * XXX: should we avoid to notify the value to TC= P sockets? 647 */ 648 if (cmd =3D=3D PRC_MSGSIZE) 649 ip6_notify_pmtu(inp, (struct sockaddr_in6= *)dst, 650 *(u_int32_t *)cmdarg); 651 652 /* 653 * Detect if we should notify the error. If no so= urce and (kgdb) print dst $5 =3D (struct sockaddr *) 0xfffffe01efbfd590 (kgdb) print notify $6 =3D (struct inpcb *(*)(struct inpcb *, int)) 0xffffffff80bb5220 <tcp_mtudisc_notify> Florian --QkPH8RHrE0JG75jXw33tsMMoV2WFBfCCB Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2 iQJ8BAEBCgBmBQJU+NXvXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXRBNzAxMDMyMDNCQ0FCNDRBOThGRUM4NDRF NzA1M0RGOUZGODZGMDc2AAoJEOcFPfn/hvB2sWMP/2piGQjkX0lH7L4sA8PdRugU Mh/8AEGx5/oYClQEOu6ZlVi7q8ftKc55JgEXqGLXWDfQXGlR/ZJqjcntqGym/D0L n0V6F+FbnkwTRN0Dw2bONYHdyfZnt6iDJM7MOme2AumOTZ0AQvvvqJvcTWz5Zv8j XYZVJ2YqO9x+Buh/1012nWvG8K3+bseaBodRKQVfOXSd9MkxgSZ3d5oeAMTeYhME enOuaD5s+LSbJogz1KzwOwmPu3weg8ew/KOrLBov9qZtyl8qqWidFRb98biJgOEK ekHDRnsZSjx/kSR3liPUH11ydGcBsP2ZjHhrTHzCjXhYb9AqCWFJgd3ld6jkyyS5 EUhP3K2u6bsoL6GCmeJzdZds6rUQUBzTGhN1xwpq8bEX0ibiGH3OnJxP1LKAKoBP xMC8QCuOdPJo614PVgGT3xyy/7GzDTMN4LHMjGCZR9A/MMJseiSkw3QZHQlicJBo opMpu4b4Osc7WR+PHlx/ZpDatFicjSd7LhiWLOEV35n1BE4GVSmn1mxuRnzEpwk+ QwLTyyM1v34RyWs8eb924NVbOTFfwTcYj/kSVhkYaoy+HdAXT9+XIazgYXWp7Vvx Hb6Nk7PH/uabpFrnxg0Q31mD9ibiDxLkMNPjbZfUCW0egfft0dhthho5sx0bAYOc 89wc7iXq569qA+93KEOn =jKqm -----END PGP SIGNATURE----- --QkPH8RHrE0JG75jXw33tsMMoV2WFBfCCB--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54F8D5EC.8030800>