Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 May 2014 06:54:01 +0000
From:      Sreenivasa Honnur <shonnur@chelsio.com>
To:        "freebsd-current@freebsd.org" <freebsd-current@freebsd.org>
Subject:   m_get_tag returns same tag address when called multiple times
Message-ID:  <F2BBBB6E0068844991318A316F34795C382354@nice.asicdesigners.com>
In-Reply-To: <39CF6EA8C75D61takehara.mikihito@jp.panasonic.com>
References:  <39CF6EA8C75D61takehara.mikihito@jp.panasonic.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

Hi,
In FreeBSd-11 Current i am seeing that m_tag_get() returns same tag address for two subsequent calls, and m_tag_find() results in panic with below stack trace. Anything wrong here?

Fatal trap 9: general protection fault while in kernel mode
cpuid = 4; apic id = 04
instruction pointer     = 0x20:0xffffffff80959ff0
stack pointer           = 0x28:0xfffffe01acfa09a0
frame pointer           = 0x28:0xfffffe01acfa09d0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 12 (irq277: t5nex0:0,5)
[ thread pid 12 tid 100128 ]
Stopped at      m_tag_locate+0x40:      cmpl    %ebx,0xc(%rcx)

Here is the calling sequence;

1. get_mbuf_mtag: m:0xfffff8005b3e4c00 mtag:0xfffff8002c47d180

2. get_mbuf_mtag: m:0xfffff8005b3e5000 mtag:0xfffff8002c47d180

3. find_mbuf_mtag(0xfffff8005b3e4c00) results in above trace.

Note that the same code works fine in FBSD-9.1.

struct my_mbuf_cb * get_mbuf_mtag(struct mbuf *m)
{
        struct m_tag    *mtag;

        mtag = m_tag_get(PACKET_TAG_PF, sizeof(struct my_mbuf_cb), M_NOWAIT);
        if (mtag == NULL) {
            os_log_info("Error allocating mtag\n","");
            return (NULL);
        }
        bzero(mtag + 1, sizeof(struct my_mbuf_cb));
        m_tag_prepend(m, mtag);
     
        return ((struct my_mbuf_cb *)(mtag + 1));
}

static struct my_mbuf_cb * find_mbuf_mtag(struct mbuf *m)
{
        struct m_tag    *mtag;

        if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL)
                return (NULL);

        return ((struct my_mbuf_cb *)(mtag + 1));
}

Thanks
Sreenivas

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F2BBBB6E0068844991318A316F34795C382354>