Date: Thu, 6 Sep 2018 12:49:50 -0600 From: Samuel Chow <cyschow@shaw.ca> To: stable@freebsd.org Subject: Kernel crash while deleting vimage jail Message-ID: <cb5d5769-5e58-7014-e6c9-ab2d088685e4@shaw.ca>
next in thread | raw e-mail | index | archive | help
I would like to report a kernel crash while tearing down a VIMAGE-based
jail.This can be reproduced consistently. Thanks.
---
Fatal trap 12: page fault while in kernel mode
cpuid = 4; apic id = 08
fault virtual address  = 0xa8
fault code             = supervisor read data, page not present
instruction pointer    = 0x20:0xffffffff80dfddd4
stack pointer          = 0x28:0xfffffe08606b5960
frame pointer          = 0x28:0xfffffe08606b59b0
code segment           = base 0x0, limit 0xfffff, type 0x1b
                       = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags       = interrupt enabled, resume, IOPL = 0
current process        = 3788 (jail)
trap number            = 12
panic: page fault
cpuid = 4
KDB: stack backtrace:
#0 0xffffffff80b416b7 at kdb_backtrace+0x67
#1 0xffffffff80afa697 at vpanic+0x177
#2 0xffffffff80afa513 at panic+0x43
#3 0xffffffff80f9314f at trap_fatal+0x35f
#4 0xffffffff80f931a9 at trap_pfault+0x49
#5 0xffffffff80f92984 at trap+0x2d4
#6 0xffffffff80f7272c at calltrap+0x8
#7 0xffffffff80dfee16 at uma_zdestroy+0x36
#8 0xffffffff80cfdb92 at tcp_destroy+0x132
#9 0xffffffff80c15b8c at vnet_destroy+0x13c
#10 0xffffffff80ac52f0 at prison_deref+0x2b0
#11 0xffffffff80ac6bc4 at sys_jail_remove+0x364
#12 0xffffffff80f941d8 at amd64_syscall+0xa38
#13 0xffffffff80f7300d at fast_syscall_common+0x101
Uptime: 3m53s
---
(kgdb) list *0xffffffff80dfddd4
0xffffffff80dfddd4 is in zone_dtor (uma_int.h:331).
326Â Â Â Â static inline uma_keg_t
327Â Â Â Â zone_first_keg(uma_zone_t zone)
328Â Â Â Â {
329Â Â Â Â Â Â Â Â Â Â Â Â uma_klink_t klink;
330
331Â Â Â Â Â Â Â Â Â Â Â Â klink = LIST_FIRST(&zone->uz_kegs);
332Â Â Â Â Â Â Â Â Â Â Â Â return (klink != NULL) ? klink->kl_keg : NULL;
333Â Â Â Â }
334
335Â Â Â Â #undef UMA_ALIGN
Current language:Â auto; currently minimal
---
(kgdb) backtrace
#0Â doadump (textdump=<value optimized out>) at pcpu.h:230
#1Â 0xffffffff80afa2ab in kern_reboot (howto=260)
   at /usr/src/sys/kern/kern_shutdown.c:383
#2Â 0xffffffff80afa6d1 in vpanic (fmt=<value optimized out>,
   ap=<value optimized out>) at /usr/src/sys/kern/kern_shutdown.c:776
#3Â 0xffffffff80afa513 in panic (fmt=<value optimized out>)
   at /usr/src/sys/kern/kern_shutdown.c:707
#4Â 0xffffffff80f9314f in trap_fatal (frame=0xfffffe08606b58a0, eva=168)
   at /usr/src/sys/amd64/amd64/trap.c:877
#5Â 0xffffffff80f931a9 in trap_pfault (frame=0xfffffe08606b58a0, usermode=0)
   at pcpu.h:230
#6Â 0xffffffff80f92984 in trap (frame=0xfffffe08606b58a0)
   at /usr/src/sys/amd64/amd64/trap.c:415
#7Â 0xffffffff80f7272c in calltrap ()
   at /usr/src/sys/amd64/amd64/exception.S:231
#8Â 0xffffffff80dfddd4 in zone_dtor (arg=0x0, size=1664, udata=0x0)
   at /usr/src/sys/vm/uma_core.c:1691
#9Â 0xffffffff80dfee16 in uma_zdestroy (zone=0x0)
   at /usr/src/sys/vm/uma_core.c:2920
#10 0xffffffff80cfdb92 in tcp_destroy (unused=<value optimized out>)
   at /usr/src/sys/netinet/tcp_subr.c:749
#11 0xffffffff80c15b8c in vnet_destroy (vnet=0xfffff800273612c0)
   at /usr/src/sys/net/vnet.c:596
#12 0xffffffff80ac52f0 in prison_deref (pr=0xffffffff81a331d0, flags=23)
   at /usr/src/sys/kern/kern_jail.c:2647
#13 0xffffffff80ac6bc4 in sys_jail_remove (td=<value optimized out>,
   uap=<value optimized out>) at /usr/src/sys/kern/kern_jail.c:2270
#14 0xffffffff80f941d8 in amd64_syscall (td=0xfffff80058f54620, traced=0)
   at subr_syscall.c:132
#15 0xffffffff80f7300d in fast_syscall_common ()
   at /usr/src/sys/amd64/amd64/exception.S:494
#16 0x0000000800ea2a4a in ?? ()
---
sm5018a> uname -a
FreeBSD sm5018a.intranet.peyto.ca 11.2-STABLE FreeBSD 11.2-STABLE #0
r337832: We
d Aug 15 17:19:31 MDT 2018 samuelc@sm5018a.intranet.peyto.ca:/usr/obj/usr/sr
c/sys/SERVERS11Â amd64
---
sm5018a> cat SERVERS11
include        GENERIC
ident          SERVERS
options        ROUTETABLES=16
options        VIMAGE
options        TCP_RFC7413
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cb5d5769-5e58-7014-e6c9-ab2d088685e4>