Date: Thu, 11 Dec 2008 18:52:00 -0800 From: Jake Thalacker <antipsychic@gmail.com> To: freebsd-virtualization@freebsd.org Subject: SMP refcount_release panic Message-ID: <ACAFA13F-F8CC-48CE-975A-131D2B8A9D28@gmail.com>
next in thread | raw e-mail | index | archive | help
Sorry, this is overdue on being reported. I've encountered a panic with VIMAGE from a patched build of current from around mid September. I tracked the problem to the second call to refcount_release in kern_vimage.c:vi_td_ioctl(). Just for clarity I determined this by making 3 refcount_release functions to replace the calls including the one in kern_prot.c:crfree(). I noted that throughout the kernel code prior to all kern_prot.c:crcopy() calls there is a PROC_LOCK and proceeded by a PROC_UNLOCK afterward. I found that there was one occurrence where this was missing in netncp/ ncp_comm.c:ncp_conn_alloc(). I added it and that did not resolve the panic but figured it's still probably needed. It's probably poor form but I ended up commenting out the second call and have had no panics since, had to move on at that point. The panic is very reproducible with the following script on an SMP system. I have not observed any panics on non-SMP systems. _vimage="rc-panic-$$" vimage -c ${_vimage} _cnt=0 _fw=1 _loopcount=64 while [ ${_cnt} -lt ${_loopcount} ]; do vimage ${_vimage} sysctl net.inet.ip.forwarding=${_fw} if [ ${_fw} -eq 1 ]; then _fw=0 else _fw=1 fi _cnt=$(expr ${_cnt} '+' 1) done If there's any further information I can provide just let me know, or any testing of new code I'd gladly help out. Thanks for all your efforts! Jake
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ACAFA13F-F8CC-48CE-975A-131D2B8A9D28>