Date: Sun, 02 Jul 2023 11:52:40 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 272319] FreeBSD kernel crash on MPD5 restart with PPP configuration. Message-ID: <bug-272319-7501-I1PGyasG9x@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-272319-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-272319-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D272319 Aleksandr Fedorov <afedorov@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |afedorov@FreeBSD.org --- Comment #7 from Aleksandr Fedorov <afedorov@FreeBSD.org> --- Evgeniy, sent p priv->so to mee: $24 =3D {so_lock =3D {lock_object =3D {lo_name =3D 0xffffffff807f7904 "sock= et", lo_flags =3D 21168128, lo_data =3D 0, lo_witness =3D 0xfffff8007cd5a800}, mtx_lock =3D 0}, s= o_count =3D 1, so_rdsel =3D { si_tdlist =3D {tqh_first =3D 0x0, tqh_last =3D 0x0}, si_note =3D {kl_li= st =3D {slh_first =3D 0x0}, kl_lock =3D 0xffffffff80555a00 <so_rdknl_lock>, kl_unlock =3D 0xffffffff80555a40 <so_rdknl_unlock>, kl_assert_locked =3D 0xffffffff80555a80 <so_rdknl_assert_locked>, kl_assert_unlocked =3D 0xffffffff80555ac0 <so_rdknl_assert_unlocked>, kl_lockarg =3D 0xfffff8004da77a38, kl_autodestroy =3D 0}, si_mtx =3D = 0x0}, so_wrsel =3D { si_tdlist =3D {tqh_first =3D 0x0, tqh_last =3D 0x0}, si_note =3D {kl_li= st =3D {slh_first =3D 0x0}, kl_lock =3D 0xffffffff80555b00 <so_wrknl_lock>, kl_unlock =3D 0xffffffff80555b40 <so_wrknl_unlock>, kl_assert_locked =3D 0xffffffff80555b80 <so_wrknl_assert_locked>, kl_assert_unlocked =3D 0xffffffff80555bc0 <so_wrknl_assert_unlocked>, kl_lockarg =3D 0xfffff8004da77a38, kl_autodestroy =3D 0}, si_mtx =3D = 0x0}, so_type =3D 1, so_options =3D 514, so_linger =3D 0, so_state =3D 256, so_pcb =3D 0xfffff= 800355bd988, so_vnet =3D 0xfffff8000203e8c0, so_proto =3D 0xffffffff80a62460 <inetsw+1= 92>, so_timeo =3D 0, so_error =3D 0, so_rerror =3D 0, so_sigio =3D 0x0, so_cred =3D 0xfffff800= 5f954400, so_label =3D 0x0, so_gencnt =3D 11170, so_emuldata =3D 0x0, so_dtor =3D 0x0, osd =3D {osd_n= slots =3D 0, osd_slots =3D 0x0, osd_next =3D {le_next =3D 0x0, le_prev =3D 0x0}}, so_fibnum =3D 0, so_u= ser_cookie =3D 0, so_ts_clock =3D 0, so_max_pacing_rate =3D 0, {{so_rcv =3D {sb_mtx =3D {lo= ck_object =3D {lo_name =3D 0x0, lo_flags =3D 1302821776, lo_data =3D 4294965248, lo_witness =3D= 0x0}, mtx_lock =3D 18446735278919351200}, sb_sx =3D {lock_object =3D {l= o_name =3D 0x0, lo_flags =3D 1, lo_data =3D 0, lo_witness =3D 0x0}, sx_lock =3D 0}, sb_sel =3D = 0x0, sb_state =3D 0, sb_mb =3D 0x0, sb_mbtail =3D 0x80000000001, sb_lastrecord =3D 0x800= 000010000, sb_sndptr =3D 0x8200820, sb_fnrdy =3D 0x0, sb_sndptroff =3D 0, sb_a= cc =3D 0, sb_ccc =3D 0, sb_hiwat =3D 0, sb_mbcnt =3D 0, sb_mcnt =3D 0, sb_ccnt =3D 0, sb_mb= max =3D 0, sb_ctl =3D 0, sb_lowat =3D 0, sb_timeo =3D 0, sb_flags =3D 0, sb_upcall =3D 0x0, = sb_upcallarg =3D 0x0, sb_aiojobq =3D {tqh_first =3D 0x0, tqh_last =3D 0x0}, sb_aiotask = =3D {ta_link =3D { stqe_next =3D 0x0}, ta_pending =3D 0, ta_priority =3D 0, ta_fun= c =3D 0x0, ta_context =3D 0x0}}, so_snd =3D {sb_mtx =3D {lock_object =3D {lo_name =3D 0x0, lo_flags = =3D 0, lo_data =3D 0, lo_witness =3D 0x0}, mtx_lock =3D 0}, sb_sx =3D {lock_object = =3D {lo_name =3D 0x0, lo_flags =3D 0, lo_data =3D 0, lo_witness =3D 0x0}, sx_lock =3D= 0}, sb_sel =3D 0x0, sb_state =3D 0, sb_mb =3D 0x0, sb_mbtail =3D 0x0, sb_lastrecord =3D= 0x0, sb_sndptr =3D 0x0, sb_fnrdy =3D 0x0, sb_sndptroff =3D 0, sb_acc =3D 0, sb_ccc =3D 0, s= b_hiwat =3D 0, sb_mbcnt =3D 0, sb_mcnt =3D 0, sb_ccnt =3D 0, sb_mbmax =3D 0, sb_ctl =3D 0, sb_lowa= t =3D 0, sb_timeo =3D 0, sb_flags =3D 0, sb_upcall =3D 0x0, sb_upcallarg =3D 0x0, sb_aiojobq= =3D {tqh_first =3D 0x0, tqh_last =3D 0x0}, sb_aiotask =3D {ta_link =3D {stqe_next =3D 0x0= }, ta_pending =3D 0, ta_priority =3D 0, ta_func =3D 0x0, ta_context =3D 0x0}}, so_list= =3D {tqe_next =3D 0x0, tqe_prev =3D 0x0}, so_listen =3D 0x0, so_qstate =3D SQ_NONE, so_pee= rlabel =3D 0x0, so_oobmark =3D 0}, {sol_incomp =3D {tqh_first =3D 0x0, tqh_last =3D 0xfffff8004da77b90}, sol_comp =3D {tqh_first =3D 0x0, tqh_last =3D 0xfffff8004da77ba0}, so= l_qlen =3D 0, sol_incqlen =3D 0, sol_qlimit =3D 1, sol_accept_filter =3D 0x0, sol_accept_filter_arg = =3D 0x0, sol_accept_filter_str =3D 0x0, sol_upcall =3D 0x0, sol_upcallarg =3D = 0x0, sol_sbrcv_lowat =3D 1, sol_sbsnd_lowat =3D 2048, sol_sbrcv_hiwat =3D 65536, sol_sbsnd_hiwat = =3D 32768, sol_sbrcv_flags =3D 2080, sol_sbsnd_flags =3D 2080, sol_sbrcv_timeo = =3D 0, sol_sbsnd_timeo =3D 0}}} (kgdb) priv->so->so_options =3D=3D 512 (0x202 - SO_ACCPTCONN | SO_REUSEADDR), so t= his is a LISTENNING type of socket. After this commit: https://github.com/freebsd/freebsd-src/commit/779f106aa169256b7010a1d8f963f= f656b881e92 Access to so_rcv, so_snd fields is invalid for listening sockets. Because t= hey share the same place with sol_* fields. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-272319-7501-I1PGyasG9x>