From owner-freebsd-bugs@FreeBSD.ORG Thu Oct 23 09:23:17 2014 Return-Path: Delivered-To: freebsd-bugs@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BEA974A6 for ; Thu, 23 Oct 2014 09:23:17 +0000 (UTC) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A64E9690 for ; Thu, 23 Oct 2014 09:23:17 +0000 (UTC) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.14.9/8.14.9) with ESMTP id s9N9NHAY041415 for ; Thu, 23 Oct 2014 09:23:17 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 194550] New: panic: race condition with epair and atmconfig Date: Thu, 23 Oct 2014 09:23:17 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-CURRENT X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: olevole@olevole.ru X-Bugzilla-Status: Needs Triage X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 7bit X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Oct 2014 09:23:17 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=194550 Bug ID: 194550 Summary: panic: race condition with epair and atmconfig Product: Base System Version: 11.0-CURRENT Hardware: Any OS: Any Status: Needs Triage Severity: Affects Some People Priority: --- Component: kern Assignee: freebsd-bugs@FreeBSD.org Reporter: olevole@olevole.ru When epair created fast enough the system got the panic when performing atmconfig (afexist in /etc/network.subr executed by devd) Work-around: kill devd process or in the afexists() in /etc/network.subr prevent atmconfig execution: ----- atm) ++ return 1 if [ -x /sbin/atmconfig ]; then /sbin/atmconfig diag list > /dev/null 2>&1 else return 1 fi ----- Panic is easy to reproduce via script: ----- #!/bin/sh for i in $( seq 0 300 ); do echo $i /sbin/ifconfig epair${i} create [ $? -ne 0 ] && exit 1 done ----- Significantly accelerate the emergence of panic if run in parallel: ----- #!/bin/sh while [ 1 ];do /sbin/atmconfig diag list done ----- KGDB Backtrace: -- GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x0 fault code = supervisor read instruction, page not present instruction pointer = 0x20:0x0 stack pointer = 0x28:0xfffffe007b5857b0 frame pointer = 0x28:0xfffffe007b5857e0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 3008 (atmconfig) Uptime: 1m47s Dumping 145 out of 2021 MB:..12%..23%..34%..45%..56%..67%..78%..89%..100% Reading symbols from /boot/kernel/pf.ko.symbols...done. Loaded symbols for /boot/kernel/pf.ko.symbols Reading symbols from /boot/kernel/nullfs.ko.symbols...done. Loaded symbols for /boot/kernel/nullfs.ko.symbols Reading symbols from /boot/kernel/fdescfs.ko.symbols...done. Loaded symbols for /boot/kernel/fdescfs.ko.symbols Reading symbols from /boot/kernel/if_epair.ko.symbols...done. Loaded symbols for /boot/kernel/if_epair.ko.symbols #0 doadump (textdump=1) at pcpu.h:219 219 __asm("movq %%gs:%1,%0" : "=r" (td) (kgdb) list 214 static __inline __pure2 struct thread * 215 __curthread(void) 216 { 217 struct thread *td; 218 219 __asm("movq %%gs:%1,%0" : "=r" (td) 220 : "m" (*(char *)OFFSETOF_CURTHREAD)); 221 return (td); 222 } 223 #ifdef __clang__ Current language: auto; currently minimal (kgdb) -- -- You are receiving this mail because: You are the assignee for the bug.