Date: Wed, 19 Sep 2018 14:09:50 -0600 From: Samuel Chow <cyschow@shaw.ca> To: stable@freebsd.org Subject: Re: Kernel crash while deleting vimage jail Message-ID: <6782f11e-d329-7bd4-610f-a5b8140b2067@shaw.ca> In-Reply-To: <cb5d5769-5e58-7014-e6c9-ab2d088685e4@shaw.ca> References: <cb5d5769-5e58-7014-e6c9-ab2d088685e4@shaw.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
For the record, I was alerted to PR216613. I applied the diff, and had
since created and removed tens if not hundreds of VIMAGE-based jails.
Everything is working great.
Can I request an MFC please? Or if someone can show me how I can help
get this patch into 11-stable, that would be great. Thanks.
On 9/6/2018 12:49 PM, Samuel Chow wrote:
> I would like to report a kernel crash while tearing down a
> VIMAGE-based jail.This can be reproduced consistently. Thanks.
>
> ---
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 4; apic id = 08
> fault virtual address = 0xa8
> fault code = supervisor read data, page not present
> instruction pointer = 0x20:0xffffffff80dfddd4
> stack pointer = 0x28:0xfffffe08606b5960
> frame pointer = 0x28:0xfffffe08606b59b0
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 3788 (jail)
> trap number = 12
> panic: page fault
> cpuid = 4
> KDB: stack backtrace:
> #0 0xffffffff80b416b7 at kdb_backtrace+0x67
> #1 0xffffffff80afa697 at vpanic+0x177
> #2 0xffffffff80afa513 at panic+0x43
> #3 0xffffffff80f9314f at trap_fatal+0x35f
> #4 0xffffffff80f931a9 at trap_pfault+0x49
> #5 0xffffffff80f92984 at trap+0x2d4
> #6 0xffffffff80f7272c at calltrap+0x8
> #7 0xffffffff80dfee16 at uma_zdestroy+0x36
> #8 0xffffffff80cfdb92 at tcp_destroy+0x132
> #9 0xffffffff80c15b8c at vnet_destroy+0x13c
> #10 0xffffffff80ac52f0 at prison_deref+0x2b0
> #11 0xffffffff80ac6bc4 at sys_jail_remove+0x364
> #12 0xffffffff80f941d8 at amd64_syscall+0xa38
> #13 0xffffffff80f7300d at fast_syscall_common+0x101
> Uptime: 3m53s
>
> ---
> (kgdb) list *0xffffffff80dfddd4
> 0xffffffff80dfddd4 is in zone_dtor (uma_int.h:331).
> 326 static inline uma_keg_t
> 327 zone_first_keg(uma_zone_t zone)
> 328 {
> 329 uma_klink_t klink;
> 330
> 331 klink = LIST_FIRST(&zone->uz_kegs);
> 332 return (klink != NULL) ? klink->kl_keg : NULL;
> 333 }
> 334
> 335 #undef UMA_ALIGN
> Current language: auto; currently minimal
>
> ---
> (kgdb) backtrace
> #0 doadump (textdump=<value optimized out>) at pcpu.h:230
> #1 0xffffffff80afa2ab in kern_reboot (howto=260)
> at /usr/src/sys/kern/kern_shutdown.c:383
> #2 0xffffffff80afa6d1 in vpanic (fmt=<value optimized out>,
> ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:776
> #3 0xffffffff80afa513 in panic (fmt=<value optimized out>)
> at /usr/src/sys/kern/kern_shutdown.c:707
> #4 0xffffffff80f9314f in trap_fatal (frame=0xfffffe08606b58a0, eva=168)
> at /usr/src/sys/amd64/amd64/trap.c:877
> #5 0xffffffff80f931a9 in trap_pfault (frame=0xfffffe08606b58a0,
> usermode=0)
> at pcpu.h:230
> #6 0xffffffff80f92984 in trap (frame=0xfffffe08606b58a0)
> at /usr/src/sys/amd64/amd64/trap.c:415
> #7 0xffffffff80f7272c in calltrap ()
> at /usr/src/sys/amd64/amd64/exception.S:231
> #8 0xffffffff80dfddd4 in zone_dtor (arg=0x0, size=1664, udata=0x0)
> at /usr/src/sys/vm/uma_core.c:1691
> #9 0xffffffff80dfee16 in uma_zdestroy (zone=0x0)
> at /usr/src/sys/vm/uma_core.c:2920
> #10 0xffffffff80cfdb92 in tcp_destroy (unused=<value optimized out>)
> at /usr/src/sys/netinet/tcp_subr.c:749
> #11 0xffffffff80c15b8c in vnet_destroy (vnet=0xfffff800273612c0)
> at /usr/src/sys/net/vnet.c:596
> #12 0xffffffff80ac52f0 in prison_deref (pr=0xffffffff81a331d0, flags=23)
> at /usr/src/sys/kern/kern_jail.c:2647
> #13 0xffffffff80ac6bc4 in sys_jail_remove (td=<value optimized out>,
> uap=<value optimized out>) at /usr/src/sys/kern/kern_jail.c:2270
> #14 0xffffffff80f941d8 in amd64_syscall (td=0xfffff80058f54620, traced=0)
> at subr_syscall.c:132
> #15 0xffffffff80f7300d in fast_syscall_common ()
> at /usr/src/sys/amd64/amd64/exception.S:494
> #16 0x0000000800ea2a4a in ?? ()
>
> ---
> sm5018a> uname -a
> FreeBSD sm5018a.intranet.peyto.ca 11.2-STABLE FreeBSD 11.2-STABLE #0
> r337832: We
> d Aug 15 17:19:31 MDT 2018
> samuelc@sm5018a.intranet.peyto.ca:/usr/obj/usr/sr
> c/sys/SERVERS11 amd64
>
> ---
> sm5018a> cat SERVERS11
> include GENERIC
> ident SERVERS
>
> options ROUTETABLES=16
> options VIMAGE
> options TCP_RFC7413
>
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6782f11e-d329-7bd4-610f-a5b8140b2067>