Date: Mon, 21 Jun 2021 16:11:07 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 256610] Kernel panic with ngtee Message-ID: <bug-256610-7501-efDJJVuMrd@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-256610-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-256610-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D256610 --- Comment #5 from Mark Johnston <markj@FreeBSD.org> --- (In reply to John Baldwin from comment #4) The full stack looks like this: #8 <signal handler called> #9 memmove_erms () at /usr/src/sys/amd64/amd64/support.S:547 #10 0xffffffff80c80f18 in m_dup (m=3D0xfffff8021e841200,=20 m@entry=3D0xfffff801345d9d00, how=3Dhow@entry=3D1) at /usr/src/sys/kern/uipc_mbuf.c:722 #11 0xffffffff834ab3c1 in ng_ipfw_input (m0=3D<optimized out>,=20 fwa=3D0xfffffe0144090300, tee=3Dfalse) at /usr/src/sys/netgraph/ng_ipfw= .c:324 #12 0xffffffff82936df0 in ipfw_check_packet (m0=3D0xfffffe01440904e8,=20 ifp=3D0xfffff80004e5b800, flags=3D131072, ruleset=3D<optimized out>,=20 inp=3D0xfffff8004cff35b8) at /usr/src/sys/netpfil/ipfw/ip_fw_pfil.c:297 #13 0xffffffff80d2a8c7 in pfil_run_hooks (head=3D<optimized out>, p=3D...,= =20 ifp=3Difp@entry=3D0xfffff80004e5b800, flags=3Dflags@entry=3D131072,=20 inp=3Dinp@entry=3D0xfffff8004cff35b8) at /usr/src/sys/net/pfil.c:187 #14 0xffffffff80d9f287 in ip_output_pfil (mp=3D0xfffffe01440904e8,=20 ifp=3D0xfffff80004e5b800, flags=3D0, inp=3D0xfffff8004cff35b8,=20 dst=3D0xfffff8004cff3760, fibnum=3D<optimized out>, error=3D<optimized = out>) at /usr/src/sys/netinet/ip_output.c:130 #15 ip_output (m=3Dm@entry=3D0xfffff801345d9d00, opt=3D<optimized out>,=20 ro=3D<optimized out>, flags=3D<optimized out>, imo=3Dimo@entry=3D0x0,=20 inp=3D<optimized out>) at /usr/src/sys/netinet/ip_output.c:705 #16 0xffffffff80db8cab in tcp_output (tp=3D<optimized out>) at /usr/src/sys/netinet/tcp_output.c:1544 #17 0xffffffff80dccfff in tcp_usr_ready (so=3D<optimized out>,=20 m=3D0xfffff802e78b3d00, count=3D<optimized out>) at /usr/src/sys/netinet/tcp_usrreq.c:1303 #18 0xffffffff80bef395 in sendfile_iodone (arg=3Darg@entry=3D0xfffff8035b9c= db00,=20 pa=3D<optimized out>, pa@entry=3D0x0, count=3D<optimized out>, count@en= try=3D0,=20 error=3D<optimized out>) at /usr/src/sys/kern/kern_sendfile.c:399 #19 0xffffffff80beebc9 in vn_sendfile (fp=3D<optimized out>, sockfd=3D34,=20 hdr_uio=3D0x0, trl_uio=3D0x0, offset=3D<optimized out>, nbytes=3D<optim= ized out>,=20 sent=3D0xfffffe0144090a88, flags=3D0, td=3D0xfffffe0145810ac0) at /usr/src/sys/kern/kern_sendfile.c:1194 #20 0xffffffff80bef7c7 in fo_sendfile (fp=3D0xfffff8002b911034, sockfd=3D0,= =20 hdr_uio=3D0x7cc, trl_uio=3D0x7cc, offset=3D-8795362095052,=20 nbytes=3D722828843999576199, sent=3D0xfffffe0144090a88, flags=3D7309271= 56,=20 td=3D0xfffffe0145810ac0) at /usr/src/sys/sys/file.h:411 #21 sendfile (td=3D0xfffffe0145810ac0, uap=3D0xfffffe0145810ea8,=20 compat=3D<optimized out>) at /usr/src/sys/kern/kern_sendfile.c:1324 #22 0xffffffff81083ede in syscallenter (td=3D<optimized out>) at /usr/src/sys/amd64/amd64/../../kern/subr_syscall.c:189 > While we could patch m_dup(), I don't know we want to enforce the policy = that the dup is always unmapped? Did you mean mapped? In any case, yeah, I was wondering if it's really a g= ood idea to return a mapped chain. But if a consumer is m_dup()ing something t= hen it probably intends to write to the dup anyway. m_copypacket() should be u= sed otherwise. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-256610-7501-efDJJVuMrd>