[Bug 219251] [Panic] [VIMAGE] [pf] panic when creating/destroying multiple vnet jails

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sat May 13 07:50:14 UTC 2017 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=219251

            Bug ID: 219251
           Summary: [Panic] [VIMAGE] [pf] panic when creating/destroying
                    multiple vnet jails
           Product: Base System
           Version: CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: reshadpatuck1 at gmail.com

Created attachment 182558
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=182558&action=edit
core.txt file for the panic

While trying a workaround for bug #219250 - [Panic] [VIMAGE] panic:
in6_ifattach_linklocal (assigning ipv6 addresses in vnet jail)

I disabled ipv6 in the jails.

Now, while ruining the same tests to create and destroy 20 vnet jails with pf
and netgraph I get this panic (pf_state_expires).

I have attached the core.txt for the panic to this post.

The issue seems to be during cleaning up existing pf states.

Pleas let me know if there is any other information you require.

Thanks

---

(kgdb) backtrace
#0  __curthread () at ./machine/pcpu.h:232
#1  doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:318
#2  0xffffffff803a308b in db_dump (dummy=<optimized out>, dummy2=<error reading
variable: access outside bounds of object referenced via synthetic pointer>,
dummy3=<unavailable>, dummy4=<unavailable>) at
/usr/src/sys/ddb/db_command.c:546
#3  0xffffffff803a2e7f in db_command (last_cmdp=<optimized out>,
cmd_table=<optimized out>, dopager=<optimized out>) at
/usr/src/sys/ddb/db_command.c:453
#4  0xffffffff803a2bb4 in db_command_loop () at
/usr/src/sys/ddb/db_command.c:506
#5  0xffffffff803a5c7f in db_trap (type=<optimized out>, code=<optimized out>)
at /usr/src/sys/ddb/db_main.c:248
#6  0xffffffff80a95673 in kdb_trap (type=9, code=0, tf=<optimized out>) at
/usr/src/sys/kern/subr_kdb.c:654
#7  0xffffffff80ef15b2 in trap_fatal (frame=0xfffffe10433a17f0, eva=0) at
/usr/src/sys/amd64/amd64/trap.c:796
#8  0xffffffff80ef0bbd in trap (frame=0xfffffe10433a17f0) at
/usr/src/sys/amd64/amd64/trap.c:197
#9  <signal handler called>
#10 counter_u64_fetch_inline (p=<optimized out>) at ./machine/counter.h:57
#11 counter_u64_fetch (c=0xdeadc0dedeadc0de) at
/usr/src/sys/kern/subr_counter.c:55
#12 0xffffffff82666c8f in pf_state_expires (state=0xfffff80570246cb8) at
/usr/src/sys/netpfil/pf/pf.c:1529
#13 0xffffffff82666618 in pf_purge_expired_states (i=5026, maxcheck=<optimized
out>) at /usr/src/sys/netpfil/pf/pf.c:1689
#14 0xffffffff82666469 in pf_purge_thread (unused=<optimized out>) at
/usr/src/sys/netpfil/pf/pf.c:1451
#15 0xffffffff80a147d4 in fork_exit (callout=0xffffffff82666320
<pf_purge_thread>, arg=0x0, frame=0xfffffe10433a19c0) at
/usr/src/sys/kern/kern_fork.c:1038
#16 <signal handler called>

---

-- 
You are receiving this mail because:
You are the assignee for the bug.

More information about the freebsd-bugs mailing list