Date: Sun, 15 Feb 2004 13:49:13 -0500 (EST) From: Robert Watson <rwatson@freebsd.org> To: Maxim Konovalov <maxim@macomnet.ru> Cc: current@freebsd.org Subject: Re: Jails that keep hanging around Message-ID: <Pine.NEB.3.96L.1040215134633.56481K-100000@fledge.watson.org> In-Reply-To: <20040215191756.P49729@news1.macomnet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 15 Feb 2004, Maxim Konovalov wrote: > On Sun, 15 Feb 2004, 17:14+0100, Melvyn Sopacua wrote: > > > Hi, > > > > I have yet to figure out what triggers the bug, but I end up with 'running' > > jails, without any processes. So I thought I'd create 'jld' to remove a jail. > > However - prison_find isn't exported to userland. Probably for good reason. > > > > Should I worry about these jails or is it harmless: > [...] > > Yes, it is a known bug, see kern/54163 for example. It seems we are > leaking ucred reference somewhere. TIME_WAIT handling is involved too. > You can reproduce it easily: This seems to be consistent with my comments in a later message about 'struct tcpcb' references to credentials -- struct proc's reference is inheritted by struct socket, which passes it down to struct tcptw (mis-labeled as tcpcb in my earlier e-mail), which lives until the TCP connection's TIME_WAIT state finishes. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040215134633.56481K-100000>