[Bug 210391] [panic] [jail] [vnet] [vlan] destroying vnet jail with vlan and loaded ipfw_nat causes kernel panic
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Jun 19 18:07:39 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210391
Bug ID: 210391
Summary: [panic] [jail] [vnet] [vlan] destroying vnet jail with
vlan and loaded ipfw_nat causes kernel panic
Product: Base System
Version: 11.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: a.skurihin at gmail.com
Destroying a jail with vnet networking and vlan interface causes kernel panic
if
ipfw_nat module is loaded.
Tested on 10.3, 11-CURRENT.
## Steps to Reproduce:
* Compile kernel with "options VIMAGE"
* kldload ipfw_nat
* jail -i -c name=test vnet persist
* ifconfig epair create
* ifconfig epair0b vnet test
* jexec test ifconfig vlan create
* jexec test ifconfig vlan0 192.168.100.2/24 vlandev epair0b vlan 10
* jail -r test
## Panic:
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x378
fault code = supervisor read data, page not present
instruction pointer = 0X20:0xffffffff8069012d
stack pointer = 0x28:0x0fffffe003d5b0520
frame pointer = 0x28:0x0fffffe003d5b05b0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 983 (jail)
trap number = 12
panic: page fault
## Stack trace:
#8 0xffffffff80947c4d in __rw_wlock_hard (c=0xfffffe0001306218,
tid=18446735277677514752, file=0x6 <Address 0x6 out of bounds>, line=0) at
/usr/src/sys/kern/kern_rwlock.c:787
#9 0xffffffff80947a7a in _rw_wlock_cookie (c=<value optimized out>, file=0x0,
line=6) at /usr/src/sys/kern/kern_rwlock.c:267
#10 0xffffffff81a17210 in ifaddr_change (arg=<value optimized out>,
ifp=0xfffff80003d30000) at
/usr/src/sys/modules/ipfw_nat/../../netpfil/ipfw/ip_fw_nat.c:68
#11 0xffffffff80a6faf6 in in_control (so=<value optimized out>,
cmd=969435729749183252, data=<value optimized out>, ifp=0xfffff80003d30000,
td=<value optimized out>) at /usr/src/sys/netinet/in.c:544
#12 0xffffffff80a09851 in if_purgeaddrs (ifp=0xfffff80003d30000) at
/usr/src/sys/net/if.c:846
#13 0xffffffff80a09bc3 in if_detach_internal (ifp=0xfffff80003d30000, vmove=0,
ifcp=<value optimized out>) at /usr/src/sys/net/if.c:947
#14 0xffffffff80a0999b in if_detach (ifp=0xfffffe0001306200) at
/usr/src/sys/net/if.c:893
#15 0xffffffff80a183b3 in vlan_clone_destroy (ifc=0xfffff8000345a680,
ifp=0xfffff80003d30000) at /usr/src/sys/net/if_vlan.c:1004
#16 0xffffffff80a10562 in if_clone_destroyif (ifc=0xfffff8000345a680,
ifp=0xfffff80003d30000) at /usr/src/sys/net/if_clone.c:333
#17 0xffffffff80a10d08 in if_clone_detach (ifc=<value optimized out>) at
/usr/src/sys/net/if_clone.c:457
#18 0xffffffff80a247e7 in vnet_sysuninit () at /usr/src/sys/net/vnet.c:594
#19 0xffffffff80a246f3 in vnet_destroy (vnet=0xfffff80003443180) at
/usr/src/sys/net/vnet.c:291
#20 0xffffffff8091ad80 in prison_deref (pr=0xffffffff8149bd80, flags=<value
optimized out>) at /usr/src/sys/kern/kern_jail.c:2649
#21 0xffffffff8091c9ae in sys_jail_remove (td=<value optimized out>, uap=<value
optimized out>) at /usr/src/sys/kern/kern_jail.c:2315
#22 0xffffffff80d5d8b7 in amd64_syscall (td=0xfffff80003a29000, traced=0) at
subr_syscall.c:134
#23 0xffffffff80d42f9b in Xfast_syscall () at
/usr/src/sys/amd64/amd64/exception.S:396
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list