https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=238326
--- Comment #22 from Zhenlei Huang <zlei.hu...@gmail.com> ---
(In reply to Kyle Evans from comment #20)
Steps to reproduce the kernel panic:
Host environment:
FreeBSD 12.2 Guest fresh install with kernel debug symbols, VMware Fusion
12.1.0, hardware configured with 4 Processor cores and 1G memory, system
updated to 12.2-RELEASE-p3.
Host and jail's /etc/rc.conf:
------------- rc.conf ------------------
# The jails share this rc.conf, let's disable the syslog service
syslogd_enable="NO"
#syslogd_flags="-ss"
sendmail_enable="NONE"
hostname=""
ifconfig_em0="DHCP"
dumpdev="AUTO"
zfs_enable="YES"
----------------------------------------
Host's /etc/jail.conf:
------------ jail.conf -----------------
# template for all test jails
# it is convenient to share host's filesystem
path = "/";
exec.clean;
vnet = new;
vnet.interface = "epair${ifnum}b";
exec.prepare = "/sbin/ifconfig epair${ifnum} create";
exec.prepare += "/sbin/ifconfig epair${ifnum}a inet 192.168.${ifnum}.1/24 up";
exec.start = "/bin/sh /etc/rc";
# I've no ideas why opening and binding a socket would trigger the kernel panic
more likely :(
exec.start += "/usr/sbin/daemon /usr/bin/nc -l 0.0.0.0 9999";
exec.start += "/sbin/ifconfig epair${ifnum}b inet 192.168.${ifnum}.2/24";
exec.start += "/sbin/route add default 192.168.${ifnum}.1";
exec.stop = "/bin/sh /etc/rc.shutdown";
exec.poststop += "/sbin/ifconfig epair${ifnum}a destroy";
test1 {
$ifnum = 10;
}
# with more jails it seems crash the host more likely
test2 {
$ifnum = 20;
}
----------------------------------------
Then repeat stopping and starting jail service, the host crashes about once in
2 or 3 times.
# service jail onestart && service jail onestop
...
The kernel panic message:
Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 04
fault virtual address = 0x410
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80b9f237
stack pointer = 0x28:0xfffffe0015b55370
frame pointer = 0x28:0xfffffe0015b553f0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 93087 (ifconfig)
trap number = 12
panic: page fault
cpuid = 2
time = 1612193992
KDB: stack backtrace:
#0 0xffffffff80c0aa85 at kdb_backtrace+0x65
#1 0xffffffff80bbed3b at vpanic+0x17b
#2 0xffffffff80bbebb3 at panic+0x43
#3 0xffffffff8108e911 at trap_fatal+0x391
#4 0xffffffff8108e96f at trap_pfault+0x4f
#5 0xffffffff8108dfb6 at trap+0x286
#6 0xffffffff81066938 at calltrap+0x8
#7 0xffffffff80bb9591 at _rm_rlock_hard+0x3c1
#8 0xffffffff80ce5ce6 at rtinit+0x2a6
#9 0xffffffff80d3873e at in_scrubprefix+0x29e
#10 0xffffffff80d5001d at rip_ctlinput+0x8d
#11 0xffffffff80c4922c at pfctlinput+0x5c
#12 0xffffffff80cbb4fa at if_down+0x12a
#13 0xffffffff80cb90d0 at if_detach_internal+0x150
#14 0xffffffff80cb8df0 at if_detach+0x50
#15 0xffffffff82b1ebb1 at epair_clone_destroy+0x81
#16 0xffffffff80cc0c4d at if_clone_destroyif+0xdd
#17 0xffffffff80cc0b12 at if_clone_destroy+0x1a2
Uptime: 1m22s
Dumping 160 out of 982 MB:..10%..20%..30%..40%..50%..60%..70%..80%..90%..100%
To be clear, after update to 12.2-RELEASE-p3, it's difficult to crash the host
without the below line in jail.conf:
exec.start += "/usr/sbin/daemon /usr/bin/nc -l 0.0.0.0 9999";
I'll attach full core text dump later.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-jail@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-jail
To unsubscribe, send any mail to "freebsd-jail-unsubscr...@freebsd.org"
