From owner-freebsd-current@FreeBSD.ORG Sat Jul 21 18:39:52 2007 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AB58116A41A for ; Sat, 21 Jul 2007 18:39:52 +0000 (UTC) (envelope-from asmrookie@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.174]) by mx1.freebsd.org (Postfix) with ESMTP id 1F74013C461 for ; Sat, 21 Jul 2007 18:39:51 +0000 (UTC) (envelope-from asmrookie@gmail.com) Received: by ug-out-1314.google.com with SMTP id o4so1013800uge for ; Sat, 21 Jul 2007 11:39:50 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding:sender; b=YWUvqNRUPf7LisvVuWmT4hpRISqWk9hT2e84VGtf9LpzQjTNVvWYnO9pxPkcMmYHuaWyHZMsITuaiz3tNbZ+PKa+mn/dpbQNHHO6bswn7PF1srwtunKyGezvF9GngPysoU0AWaNwMbhsgjScdhQfvVzxdpNqQUw4zcdro2GwyD0= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding:sender; b=oMiNhTVuX9lMXT8+J3geawuFIOn/paft3SB1Ym4as8JM0UvdZXqIm65Pc2LLsUbLWGKz31LeprZvA43LNsmxDlwEFM7o1S0HyrPwIqAw3MiWAqbnsj/u32W3+lLmpn7zkGfrL1naykxImeHpwZZgqu7qRQ7svFso56R1x36Z/3M= Received: by 10.67.28.9 with SMTP id f9mr2894549ugj.1185043190366; Sat, 21 Jul 2007 11:39:50 -0700 (PDT) Received: from ?151.75.233.217? ( [151.75.233.217]) by mx.google.com with ESMTPS id l20sm4478573uga.2007.07.21.11.39.49 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sat, 21 Jul 2007 11:39:50 -0700 (PDT) Message-ID: <46A252C3.5050804@FreeBSD.org> Date: Sat, 21 Jul 2007 20:38:59 +0200 From: Attilio Rao User-Agent: Thunderbird 1.5 (X11/20060526) MIME-Version: 1.0 To: Doug Rabson References: <200707211925.59698.dfr@rabson.org> In-Reply-To: <200707211925.59698.dfr@rabson.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Sender: Attilio Rao Cc: current@freebsd.org Subject: Re: if_bridge crash X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: attilio@FreeBSD.org List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Jul 2007 18:39:52 -0000 Doug Rabson wrote: > I've been using if_bridge and if_tap to join various qemu virtual > machines onto my local network. I use this script to set up the bridge: > > ifconfig bridge0 create > ifconfig tap0 create > ifconfig bridge0 addm vr0 addm tap0 up > > I had forgotten what stupid mac address qemu had made up for its > interface and I needed to adjust my dhcpd config so I typed 'ifconfig > bridge addr' to list the addresses on the bridge and got an instant > panic. Qemu was not running at this point. The kernel address where it > crashed was good - it was the userland address which faulted. > > The crash was in generic_copyout+0x36 called from bridge_ioctl+0x1ae. I > took a look at the code and as far as I can make out, trap() got a bit > confused and managed to ignore the pcb_onfault marker left by copyout. > Its hard to tell exactly what happened since the damn compiler has > optimised the crap out of the code there. > > As far as I can see, the bridge code is calling copyout with a mutex > held. Is that allowed? It doesn't sound like it should be allowed but > I'm not quite up-to-date on that aspect of the current kernel api. Since a copyout() can generate a page fault (which can let the thread sleep) it is not allowed to mantain neither a blockable lock (mutex, rwlock) or a spinlock over a copyout. In the case the lock is a sx or lockmgr it is allowed. Attilio