FreeBSD Mail Archives

Date:      Sun, 9 Aug 2015 12:28:22 +0200
From:      Kristof Provost <kp@FreeBSD.org>
To:        freebsd-current@freebsd.org
Cc:        Gleb Smirnoff <glebius@freebsd.org>
Subject:   sysctl -a panic on VIMAGE kernels
Message-ID:  <B09833EB-ABE0-44BF-A53A-554207B92637@FreeBSD.org>

next in thread | raw e-mail | index | archive | help

Hi,

I=E2=80=99ve run into a reproducible panic on a VIMAGE kernel with =
=E2=80=98sysctl -a=E2=80=99.

Relevant backtrace bits:
#8  0xffffffff80e7dd28 in trap (frame=3D0xfffffe01f16b26a0)
    at /usr/src/sys/amd64/amd64/trap.c:426
#9  0xffffffff80e5e6a2 in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:235
#10 0xffffffff80cea67d in uma_zone_get_cur (zone=3D0x0)
    at /usr/src/sys/vm/uma_core.c:3006
#11 0xffffffff80cec029 in sysctl_handle_uma_zone_cur (
    oidp=3D0xffffffff818a7c90, arg1=3D0xfffffe00010c0438, arg2=3D0,
    req=3D0xfffffe01f16b2868) at /usr/src/sys/vm/uma_core.c:3580
#12 0xffffffff80a28614 in sysctl_root_handler_locked =
(oid=3D0xffffffff818a7c90,
    arg1=3D0xfffffe00010c0438, arg2=3D0, req=3D0xfffffe01f16b2868)
    at /usr/src/sys/kern/kern_sysctl.c:183
#13 0xffffffff80a27d70 in sysctl_root (arg1=3D<value optimized out>,
    arg2=3D<value optimized out>) at =
/usr/src/sys/kern/kern_sysctl.c:1694
#14 0xffffffff80a28372 in userland_sysctl (td=3D0x0, =
name=3D0xfffffe01f16b2930,
    namelen=3D<value optimized out>, old=3D<value optimized out>,
    oldlenp=3D<value optimized out>, inkernel=3D<value optimized out>,
    new=3D<value optimized out>, newlen=3D<value optimized out>,
    retval=3D<value optimized out>, flags=3D0)
    at /usr/src/sys/kern/kern_sysctl.c:1798
#15 0xffffffff80a28144 in sys___sysctl (td=3D0xfffff8000b1e49a0,
    uap=3D0xfffffe01f16b2a40) at /usr/src/sys/kern/kern_sysctl.c:1724

In essence, what happens is that we end up in =
sysctl_handle_uma_zone_cur() and arg1 is a pointer to NULL,=20
so we call uma_zone_get_cur(zone); with zone =3D=3D NULL.

There=E2=80=99s been a bit of churn around tcp_reass_zone, and I think =
the latest version is wrong.
It marks the sysctl as CTLFLAG_VNET, but the exposed variable is not =
VNET_DEFINE().

The following fixes it for me:

diff --git a/sys/netinet/tcp_reass.c b/sys/netinet/tcp_reass.c
index 77d8940..3913ef3 100644
--- a/sys/netinet/tcp_reass.c
+++ b/sys/netinet/tcp_reass.c
@@ -84,7 +84,7 @@ SYSCTL_INT(_net_inet_tcp_reass, OID_AUTO, maxsegments, =
CTLFLAG_RDTUN,
     "Global maximum number of TCP Segments in Reassembly Queue");

 static uma_zone_t tcp_reass_zone;
-SYSCTL_UMA_CUR(_net_inet_tcp_reass, OID_AUTO, cursegments, =
CTLFLAG_VNET,
+SYSCTL_UMA_CUR(_net_inet_tcp_reass, OID_AUTO, cursegments, 0,
     &tcp_reass_zone,
     "Global number of TCP Segments currently in Reassembly Queue=E2=80=9D=
);

Regards,
Kristof=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B09833EB-ABE0-44BF-A53A-554207B92637>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation