Bug 215963 - panic after restart ppp process in nonzero FIB //locking problem ?
Summary: panic after restart ppp process in nonzero FIB //locking problem ?
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: CURRENT
Hardware: Any Any
: --- Affects Only Me
Assignee: Andrey V. Elsukov
URL:
Keywords: regression
Depends on:
Blocks:
 
Reported: 2017-01-11 09:36 UTC by devel
Modified: 2017-06-20 05:58 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description devel 2017-01-11 09:36:51 UTC
This bug is introduce between March 2015 and November 2016:

How to reproduce:
setfib 1 ppp -quiet -ddial abcd  //everything OK
killall -9 ppp
setfib 1 ppp -quiet -ddial abcd  //kernel panic 

Here is backtrace:

(kgdb) bt
#0  doadump (textdump=1) at pcpu.h:222
#1  0xffffffff80a3be25 in kern_reboot (howto=<value optimized out>) at 
/var/src/sys/kern/kern_shutdown.c:366
#2  0xffffffff80a3c400 in vpanic (fmt=<value optimized out>, ap=<value optimized 
out>) at /var/src/sys/kern/kern_shutdown.c:759
#3  0xffffffff80a3c236 in kassert_panic (fmt=<value optimized out>) at 
/var/src/sys/kern/kern_shutdown.c:649
#4  0xffffffff80a38622 in __rw_rlock (c=0xfffff80003dfeaf8, file=0xffffffff8141c14a 
"/var/src/sys/net/route.c", line=457) at /var/src/sys/kern/kern_rwlock.c:411
#5  0xffffffff80b46e66 in rtalloc1_fib (dst=0xfffff800046b78b8, report=0, 
ignflags=<value optimized out>, fibnum=1) at /var/src/sys/net/route.c:457
#6  0xffffffff80b481b3 in ifa_ifwithroute (flags=<value optimized out>, 
dst=0xfffff800046b7898, gateway=0xfffff800046b78b8, fibnum=1) at 
/var/src/sys/net/route.c:752
#7  0xffffffff80b48be4 in rt_getifa_fib (info=0xfffffe00f61bf560, fibnum=1) at 
/var/src/sys/net/route.c:1298
#8  0xffffffff80b478af in rtrequest1_fib (req=<value optimized out>, 
info=0xfffffe00f61bf560, ret_nrt=<value optimized out>, fibnum=Cannot access 
memory at address 0x0
) at /var/src/sys/net/route.c:1843
#9  0xffffffff80b4bc69 in route_output (m=<value optimized out>, so=<value 
optimized out>) at /var/src/sys/net/rtsock.c:683
#10 0xffffffff80aca485 in sosend_generic (so=<value optimized out>, addr=0x0, 
uio=0xfffffe00f61bf8f0, top=<value optimized out>, control=<value optimized 
out>, 
    flags=<value optimized out>, td=<value optimized out>) at 
/var/src/sys/kern/uipc_socket.c:1359
#11 0xffffffff80aa8542 in soo_write (fp=<value optimized out>, 
uio=0xfffffe00f61bf8f0, active_cred=<value optimized out>, flags=<value optimized 
out>, td=<value optimized out>)
    at /var/src/sys/kern/sys_socket.c:146
#12 0xffffffff80a9fa44 in dofilewrite (td=0xfffff80004e0f000, fd=2, 
fp=0xfffff80004763f00, auio=0xfffffe00f61bf8f0, offset=<value optimized out>, 
flags=0) at file.h:311
#13 0xffffffff80a9f6e8 in kern_writev (td=0xfffff80004e0f000, fd=2, 
auio=0xfffffe00f61bf8f0) at /var/src/sys/kern/sys_generic.c:508
#14 0xffffffff80a9f674 in sys_write (td=<value optimized out>, uap=<value 
optimized out>) at /var/src/sys/kern/sys_generic.c:421
#15 0xffffffff80ea7b19 in amd64_syscall (td=0xfffff80004e0f000, traced=0) at 
subr_syscall.c:135
#16 0xffffffff80e86efb in Xfast_syscall () at 
/var/src/sys/amd64/amd64/exception.S:396
#17 0x0000000801dd9d9a in ?? ()
Previous frame inner to this frame (corrupt stack?)
Current language:  auto; currently minimal
Comment 1 commit-hook freebsd_committer 2017-06-13 10:52:51 UTC
A commit references this bug:

Author: ae
Date: Tue Jun 13 10:52:31 UTC 2017
New revision: 319895
URL: https://svnweb.freebsd.org/changeset/base/319895

Log:
  Resurrect RTF_RNH_LOCKED flag and restore ability to call rtalloc1_fib()
  with acquired RIB lock.

  This fixes a possible panic due to trying to acquire RIB rlock when it is
  already exclusive locked.

  PR:		215963, 215122
  MFC after:	1 week
  Sponsored by:	Yandex LLC

Changes:
  head/sys/net/route.c
  head/sys/net/route.h
Comment 2 commit-hook freebsd_committer 2017-06-20 05:58:26 UTC
A commit references this bug:

Author: ae
Date: Tue Jun 20 05:57:28 UTC 2017
New revision: 320134
URL: https://svnweb.freebsd.org/changeset/base/320134

Log:
  MFC r319895:
    Resurrect RTF_RNH_LOCKED flag and restore ability to call rtalloc1_fib()
    with acquired RIB lock.

    This fixes a possible panic due to trying to acquire RIB rlock when it is
    already exclusive locked.

    PR:		215963, 215122
    Sponsored by:	Yandex LLC
  Approved by:	re (delphij)

Changes:
_U  stable/11/
  stable/11/sys/net/route.c
  stable/11/sys/net/route.h