Created attachment 146696 [details] add CURVNET_SET() and CURVNET_RESTORE() where necessary. With VIMAGE enabled kernel, the system panics at running unbound. Kernel page fault with the following non-sleepable locks held: exclusive sleep mutex so_rcv (so_rcv) r = 0 (0xc713e5a0) locked @ /usr/local/poudriere/jails/head/usr/src/sys/kern/kern_event.c:2005 KDB: stack backtrace: db_trace_self_wrapper(c11a69af,72656b2f,656b2f6e,655f6e72,746e6576,...) at 0xc05296bd = db_trace_self_wrapper+0x2d/frame 0xe8f16710 kdb_backtrace(c11aaf80,0,c713e5a0,c119a9e8,7d5,...) at 0xc0b4b160 = kdb_backtrace+0x30/frame 0xe8f16778 witness_warn(5,0,c136b0a0,76e2000,c1833d58,...) at 0xc0b68a52 = witness_warn+0x402/frame 0xe8f167c8 trap_pfault(18,3fd,c0dcc2d0,c1f64a80,c75e1000,...) at 0xc102f46b = trap_pfault+0x5b/frame 0xe8f16840 trap(e8f16988) at 0xc102edcf = trap+0x6cf/frame 0xe8f1697c calltrap() at 0xc1017c4c = calltrap+0x6/frame 0xe8f1697c --- trap 0xc, eip = 0xc0b9837d, esp = 0xe8f169c8, ebp = 0xe8f169f0 --- filt_soread(c75d93f0,0,c119a9e8,48d,0,...) at 0xc0b9837d = filt_soread+0x9d/frame 0xe8f169f0 kqueue_register(c6e2d310,1,1,4f5,0,...) at 0xc0ad1457 = kqueue_register+0x807/frame 0xe8f16a68 kern_kevent(c6e2d310,7,1,40,e8f16c10,...) at 0xc0ad1ec2 = kern_kevent+0x1f2/frame 0xe8f16bc0 sys_kevent(c6e2d310,e8f16cc8,c152a610,14,c11a4905,...) at 0xc0ad1bc1 = sys_kevent+0x131/frame 0xe8f16c40 syscall(e8f16d08) at 0xc102fc4c = syscall+0x30c/frame 0xe8f16cfc Xint0x80_syscall() at 0xc1017ce1 = Xint0x80_syscall+0x21/frame 0xe8f16cfc --- syscall (363, FreeBSD ELF32, sys_kevent), eip = 0x2849ad3f, esp = 0xbfbfa224, ebp = 0xbfbfa288 --- Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x18 fault code = supervisor read, page not present instruction pointer = 0x20:0xc0b9837d stack pointer = 0x28:0xe8f169c8 code segment = base rx0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 428 (unbound-anchor) The page fault occurs at line 3268 of sys/kern/uipc_socket.c ---- 3263 } else { 3264 if (so->so_rcv.sb_cc >= so->so_rcv.sb_lowat) 3265 return 1; 3266 } 3267 3268 if (V_socket_hhh[HHOOK_FILT_SOREAD]->hhh_nhooks > 0) /* <-- HERE */ 3269 /* This hook returning non-zero indicates an event, not error */ 3270 return (hhook_run_socket(so, NULL, HHOOK_FILT_SOREAD)); ---- Attached patch to sys/kern/uipc_socket.c solved the problem. The solution was suggested by Garrett Cooper <yaneurabeya at gmail.com> in http://lists.freebsd.org/pipermail/freebsd-current/2014-September/051911.html
Created attachment 146837 [details] A revised patch to make hhook_run_socket() be vnet-aware and do a nhooks check. A revised patch is attached. Can you please give this a try and let me know if it works?
The patch worked. Thank you.
I test hrs's patch on FreeBSD/RaspberryPi. A patch works fine. Thanks.
A commit references this bug: Author: hrs Date: Mon Sep 8 09:04:22 UTC 2014 New revision: 271254 URL: http://svnweb.freebsd.org/changeset/base/271254 Log: - Make hhook_run_socket() vnet-aware instead of adding CURVNET_SET() around the function calls. - Fix a memory leak and stats in the case that hhook_run_socket() fails in soalloc(). PR: 193265 Changes: head/sys/kern/uipc_socket.c
Thank you for your testing. I committed a slightly-modified version of the patch because there were some more issues in the original code.
*** Bug 175370 has been marked as a duplicate of this bug. ***