git: c27113379e1e - stable/14 - kern_reboot(): don't clear kdb_active
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 08 Dec 2023 22:03:11 UTC
The branch stable/14 has been updated by mhorne:
URL: https://cgit.FreeBSD.org/src/commit/?id=c27113379e1e3d2b906c09be1070dcfcf942cdee
commit c27113379e1e3d2b906c09be1070dcfcf942cdee
Author: Mitchell Horne <mhorne@FreeBSD.org>
AuthorDate: 2023-11-23 15:28:26 +0000
Commit: Mitchell Horne <mhorne@FreeBSD.org>
CommitDate: 2023-12-08 22:02:45 +0000
kern_reboot(): don't clear kdb_active
It is possible to reach this function from ddb via the "reset" command.
When this happens, we don't actually exit kdb, meaning we never execute
the latter steps of kdb_break() to restore the system state (e.g.
re-enable scheduler).
Therefore, we should not clear the kdb_active flag in this function, as
the debugger is still active. Put differently, kern_reboot() is not an
authority on kdb state, and should not touch it. The original motivation
for this assignment is not clear; I have checked thoroughly and I am
convinced it is not required by any reset code.
This fixes an edge case where a panic can be triggered during reset from
ddb:
1. Enter ddb via keyboard break sequence (KERNEL_PANICKED() == false &&
td->td_critnest > 0)
2. Execute the "reset" command
3. kern_reboot() sets kdb_active = false
4. A witness_checkorder() call via shutdown handler sees !kdb_active
and panics
Reviewed by: imp, markj
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42684
(cherry picked from commit 4e78a766f607192698514d970ff4e9fa91d0482d)
---
share/man/man9/kern_reboot.9 | 7 -------
sys/kern/kern_shutdown.c | 3 ---
2 files changed, 10 deletions(-)
diff --git a/share/man/man9/kern_reboot.9 b/share/man/man9/kern_reboot.9
index f8513c0adf18..c86e9a6cbdb9 100644
--- a/share/man/man9/kern_reboot.9
+++ b/share/man/man9/kern_reboot.9
@@ -96,13 +96,6 @@ variable to
.Dv 1 ,
indicating that the reboot process has begun and cannot be stopped.
.It
-Set the
-.Va kdb_active
-variable to
-.Dv 0 ,
-indicating that execution has left the kernel debugger, if it was previously
-active.
-.It
Unless the
.Dv RB_NOSYNC
flag is set in
diff --git a/sys/kern/kern_shutdown.c b/sys/kern/kern_shutdown.c
index b69caebe17d9..ea86a7e24d06 100644
--- a/sys/kern/kern_shutdown.c
+++ b/sys/kern/kern_shutdown.c
@@ -492,9 +492,6 @@ kern_reboot(int howto)
rebooting = 1;
reboottrace(howto);
- /* We are out of the debugger now. */
- kdb_active = 0;
-
/*
* Do any callouts that should be done BEFORE syncing the filesystems.
*/