From owner-freebsd-current@FreeBSD.ORG  Sun Feb 15 10:49:40 2004
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id BBE9216A4CF
	for <current@freebsd.org>; Sun, 15 Feb 2004 10:49:40 -0800 (PST)
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 75CE443D1D
	for <current@freebsd.org>; Sun, 15 Feb 2004 10:49:40 -0800 (PST)
	(envelope-from robert@fledge.watson.org)
Received: from fledge.watson.org (localhost [127.0.0.1])
	by fledge.watson.org (8.12.10/8.12.10) with ESMTP id i1FInEDL058246;
	Sun, 15 Feb 2004 13:49:14 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Received: from localhost (robert@localhost)i1FInDNw058243;
	Sun, 15 Feb 2004 13:49:13 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Sun, 15 Feb 2004 13:49:13 -0500 (EST)
From: Robert Watson <rwatson@freebsd.org>
X-Sender: robert@fledge.watson.org
To: Maxim Konovalov <maxim@macomnet.ru>
In-Reply-To: <20040215191756.P49729@news1.macomnet.ru>
Message-ID: <Pine.NEB.3.96L.1040215134633.56481K-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: current@freebsd.org
Subject: Re: Jails that keep hanging around
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Feb 2004 18:49:40 -0000


On Sun, 15 Feb 2004, Maxim Konovalov wrote:

> On Sun, 15 Feb 2004, 17:14+0100, Melvyn Sopacua wrote:
> 
> > Hi,
> >
> > I have yet to figure out what triggers the bug, but I end up with 'running'
> > jails, without any processes. So I thought I'd create 'jld' to remove a jail.
> > However - prison_find isn't exported to userland. Probably for good reason.
> >
> > Should I worry about these jails or is it harmless:
> [...]
> 
> Yes, it is a known bug, see kern/54163 for example.  It seems we are
> leaking ucred reference somewhere.  TIME_WAIT handling is involved too. 
> You can reproduce it easily: 

This seems to be consistent with my comments in a later message about
'struct tcpcb' references to credentials -- struct proc's reference is
inheritted by struct socket, which passes it down to struct tcptw
(mis-labeled as tcpcb in my earlier e-mail), which lives until the TCP
connection's TIME_WAIT state finishes.

Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
robert@fledge.watson.org      Senior Research Scientist, McAfee Research