From owner-freebsd-virtualization@freebsd.org  Sun Jun 11 10:56:48 2017
Return-Path: <owner-freebsd-virtualization@freebsd.org>
Delivered-To: freebsd-virtualization@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 59E66C793C2
 for <freebsd-virtualization@mailman.ysv.freebsd.org>;
 Sun, 11 Jun 2017 10:56:48 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 46BC0152E
 for <freebsd-virtualization@FreeBSD.org>; Sun, 11 Jun 2017 10:56:48 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v5BAumk4024447
 for <freebsd-virtualization@FreeBSD.org>; Sun, 11 Jun 2017 10:56:48 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-virtualization@FreeBSD.org
Subject: [Bug 215740] [bhyve] utilizing passthru breaks raw device usage with
 virtio-blk | ahci-hd
Date: Sun, 11 Jun 2017 10:56:48 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Base System
X-Bugzilla-Component: misc
X-Bugzilla-Version: 11.0-STABLE
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Some People
X-Bugzilla-Who: bugzilla.freebsd@omnilan.de
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: freebsd-virtualization@FreeBSD.org
X-Bugzilla-Flags: 
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-215740-27103-ZoHToFZaJV@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-215740-27103@https.bugs.freebsd.org/bugzilla/>
References: <bug-215740-27103@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-virtualization@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Discussion of various virtualization techniques FreeBSD supports."
 <freebsd-virtualization.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-virtualization/>
List-Post: <mailto:freebsd-virtualization@freebsd.org>
List-Help: <mailto:freebsd-virtualization-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-virtualization>, 
 <mailto:freebsd-virtualization-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Jun 2017 10:56:48 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215740

--- Comment #7 from Harald Schmalzbauer <bugzilla.freebsd@omnilan.de> ---
Is there anybody who has checked whether the steps to reproduce show the
reported results? Meaning, is there anybody who can confirm correct behavio=
ur
in that case?

I observed many more, at first sight completely unrelated strange errors, b=
ut
all show up as soon as one condition is true: shutting down a bhyve-guest w=
hich
had ppt in use.

Latest example:
panic: Memory modified after free 0xfffff8002486a030(48) val=3D0 @
0xfffff8002486a030

cpuid =3D 5
KDB: stack backtrace:
#0 0xffffffff805bf327 at kdb_backtrace+0x67
#1 0xffffffff8057f266 at vpanic+0x186
#2 0xffffffff8057f2e3 at panic+0x43
#3 0xffffffff8082eaeb at trash_ctor+0x4b
#4 0xffffffff8082aaec at uma_zalloc_arg+0x52c
#5 0xffffffff813b54a6 at zio_add_child+0x26
#6 0xffffffff813b5a05 at zio_create+0x385
#7 0xffffffff813b6de2 at zio_vdev_child_io+0x232
#8 0xffffffff81396be0 at vdev_mirror_io_start+0x370
#9 0xffffffff813bc629 at zio_vdev_io_start+0x4a9
#10 0xffffffff813b76bc at zio_execute+0x36c
#11 0xffffffff813b6868 at zio_nowait+0xb8
#12 0xffffffff81396bec at vdev_mirror_io_start+0x37c
#13 0xffffffff813bc383 at zio_vdev_io_start+0x203
#14 0xffffffff813b76bc at zio_execute+0x36c
#15 0xffffffff805d10dd at taskqueue_run_locked+0x13d
#16 0xffffffff805d1e78 at taskqueue_thread_loop+0x88
#17 0xffffffff80543844 at fork_exit+0x84

#0  doadump (textdump=3D<value optimized out>) at pcpu.h:222
#1  0xffffffff8057ece0 in kern_reboot (howto=3D260) at
/usr/local/share/deploy-tools/RELENG_11/src/sys/kern/kern_shutdown.c:366
#2  0xffffffff8057f2a0 in vpanic (fmt=3D<value optimized out>, ap=3D<value
optimized out>)
    at /usr/local/share/deploy-tools/RELENG_11/src/sys/kern/kern_shutdown.c=
:759
#3  0xffffffff8057f2e3 in panic (fmt=3D<value optimized out>) at
/usr/local/share/deploy-tools/RELENG_11/src/sys/kern/kern_shutdown.c:690
#4  0xffffffff8082eaeb in trash_ctor (mem=3D<value optimized out>, size=3D<=
value
optimized out>, arg=3D<value optimized out>, flags=3D<value optimized out>)
    at /usr/local/share/deploy-tools/RELENG_11/src/sys/vm/uma_dbg.c:80
#5  0xffffffff8082aaec in uma_zalloc_arg (zone=3D0xfffff8001febc680,
udata=3D0xfffff8001ad5f340, flags=3D<value optimized out>)
    at /usr/local/share/deploy-tools/RELENG_11/src/sys/vm/uma_core.c:2152
#6  0xffffffff813b54a6 in zio_add_child (pio=3D0xfffff8026f350b88,
cio=3D0xfffff8002478b7b0)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:460
#7  0xffffffff813b5a05 in zio_create (pio=3D0xfffff8026f350b88, spa=3D<value
optimized out>, txg=3D433989, bp=3D<value optimized out>, data=3D0xfffffe00=
58afa000,=20
    size=3D1024, type=3D<value optimized out>, priority=3DZIO_PRIORITY_ASYN=
C_WRITE,
flags=3D<value optimized out>, vd=3D<value optimized out>,=20
    offset=3D<value optimized out>, zb=3D<value optimized out>, pipeline=3D=
<value
optimized out>)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:690
#8  0xffffffff813b6de2 in zio_vdev_child_io (pio=3D0xfffff8026f350b88, bp=
=3D<value
optimized out>, vd=3D<value optimized out>, offset=3D325398016,=20
    data=3D<value optimized out>, size=3D1024, type=3D<value optimized out>,
flags=3D1048704, done=3D<value optimized out>)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:1141
#9  0xffffffff81396be0 in vdev_mirror_io_start (zio=3D0xfffff8026f350b88)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/vdev_mirror.c:488
#10 0xffffffff813bc629 in zio_vdev_io_start (zio=3D0xfffff8026f350b88)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:3143
#11 0xffffffff813b76bc in zio_execute (zio=3D<value optimized out>)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:1681
#12 0xffffffff813b6868 in zio_nowait (zio=3D0xfffff8026f350b88)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:1739
#13 0xffffffff81396bec in vdev_mirror_io_start (zio=3D0xfffff8026f7a7b88)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/vdev_mirror.c:488
#14 0xffffffff813bc383 in zio_vdev_io_start (zio=3D0xfffff8026f7a7b88)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:3021
#15 0xffffffff813b76bc in zio_execute (zio=3D<value optimized out>)
    at
/usr/local/share/deploy-tools/RELENG_11/src/sys/cddl/contrib/opensolaris/ut=
s/common/fs/zfs/zio.c:1681
#16 0xffffffff805d10dd in taskqueue_run_locked (queue=3D0xfffff8001ab5a700)=
 at
/usr/local/share/deploy-tools/RELENG_11/src/sys/kern/subr_taskqueue.c:454
#17 0xffffffff805d1e78 in taskqueue_thread_loop (arg=3D<value optimized out=
>) at
/usr/local/share/deploy-tools/RELENG_11/src/sys/kern/subr_taskqueue.c:741
#18 0xffffffff80543844 in fork_exit (callout=3D0xffffffff805d1df0
<taskqueue_thread_loop>, arg=3D0xfffff8001aa90720, frame=3D0xfffffe043f609a=
c0)
    at /usr/local/share/deploy-tools/RELENG_11/src/sys/kern/kern_fork.c:1042
#19 0xffffffff808598ae in fork_trampoline () at
/usr/local/share/deploy-tools/RELENG_11/src/sys/amd64/amd64/exception.S:611
#20 0x0000000000000000 in ?? ()

I consider this as a severe problem, which shouldn't exist in 11.1-RELEASE.
If nobody can prove my findings wrong, using passthru should be disabled in
RELENG_11_1 until it can be ruled out as source of these strange problems (=
some
form of memory corruption).

Thanks,

-harry

--=20
You are receiving this mail because:
You are the assignee for the bug.=