Date: Wed, 12 Apr 2017 16:03:05 +0200 From: peter.blok@bsd4all.org To: Kristof Provost <kristof@sigsegv.be> Cc: Pavel Timofeev <timp87@gmail.com>, "Bjoern A. Zeeb" <bzeeb-lists@lists.zabbadoz.net>, freebsd-current <freebsd-current@freebsd.org>, ari@stonepile.fi Subject: panic with jail bug_id 213673 was: VNET branch destiny Message-ID: <1B59D667-DF9E-4F68-A024-FC96FAFEE747@bsd4all.org> In-Reply-To: <85718A56-E6B1-461F-A2BA-915B1AE43D06@bsd4all.org> References: <CAAoTqfuAvZfoC-j8JFTvrpxqFMM5DjxyDXgMhMZLj3DO2pCYTw@mail.gmail.com> <0136F3BE-4B47-4677-8D81-3FE0F5E67E79@lists.zabbadoz.net> <CAAoTqfvJ013NTQB75JeVCysfk-xk-hac-f73gXfvCt5bBo_QXA@mail.gmail.com> <CAAoTqfuQXvKAQNOwshY5mkt0dG7Z1jKC6Aae9TF4hum1aUrJsA@mail.gmail.com> <24B3E322-5B92-470D-A1D6-10DF8EF79490@bsd4all.org> <7B9879DE-7500-47CB-8471-38E2B899C324@sigsegv.be> <85718A56-E6B1-461F-A2BA-915B1AE43D06@bsd4all.org>
next in thread | previous in thread | raw e-mail | index | archive | help
The problem happens when stopping a jail. It doesn=E2=80=99t seem to be =
related to vnet at all.
When stopping a jail, pfr_cleanup calls uma_zdestroy(V_pfr_kentry_z). =
The dtor calls zone_release, which calls slab_free_item. The issue seems =
to be that the keg found in zone_release does not belong to the zone =
that is to be destroyed, but belongs to the zone that is created for the =
same purpose at the host. The zone belongs to the jail (verified). The =
added if (marked with XXX) fixes the problem.
I don=E2=80=99t understand how a keg ends up in a different zone.
zone_release(uma_zone_t zone, void **bucket, int cnt)
{
void *item;
uma_slab_t slab;
uma_keg_t keg;
uint8_t *mem;
int clearfull;
int i;
=20
clearfull =3D 0;
keg =3D zone_first_keg(zone);
KEG_LOCK(keg);
for (i =3D 0; i < cnt; i++) {
item =3D bucket[i];
if (!(zone->uz_flags & UMA_ZONE_VTOSLAB)) {
mem =3D (uint8_t *)((uintptr_t)item & =
(~UMA_SLAB_MASK));
if (zone->uz_flags & UMA_ZONE_HASH) {
slab =3D hash_sfind(&keg->uk_hash, mem);
} else {
mem +=3D keg->uk_pgoff;
slab =3D (uma_slab_t)mem;
}
} else {
slab =3D vtoslab((vm_offset_t)item);
if (slab->us_keg !=3D keg) {
KEG_UNLOCK(keg);
keg =3D slab->us_keg;
KEG_LOCK(keg);
}
}
if (keg =3D=3D slab->us_keg) =
// XXX seems to fix the problem
slab_free_item(keg, slab, item);
> On 11 Apr 2017, at 13:43, peter.blok@bsd4all.org wrote:
>=20
> Hi Kristof,
>=20
> I=E2=80=99m prety sure it is the same as =
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213673 =
<https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D213673>. It is =
unrelated to epair or ng_eiface (my case).
>=20
> I=E2=80=99ll dig some more.
>=20
> Peter
>=20
>=20
>> On 11 Apr 2017, at 08:47, Kristof Provost <kristof@sigsegv.be> wrote:
>>=20
>> On 10 Apr 2017, at 12:10, peter.blok@bsd4all.org wrote:
>>> There have been issues with pf if I recall correctly. I currently =
have issues with stable, pf and vnet. There is an issue with pf table =
entries when an interface is moved to a different vnet.
>>>=20
>>> Does anyone no if there is a specific fix for this that hasn=E2=80=99t=
been ported to stable? I haven=E2=80=99t had the time to test this on =
current.
>>>=20
>> I=E2=80=99m currently aware of at least some issues with pf and vnet, =
even in CURRENT.
>> Not that one though, so can you make sure there=E2=80=99s a bug =
report with as much detail as possible?
>> Please also cc me (kp@freebsd.org) on the report.
>>=20
>> Thanks,
>> Kristof
>=20
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to =
"freebsd-current-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1B59D667-DF9E-4F68-A024-FC96FAFEE747>