Site Navigation

Date:      Sat, 19 Aug 2023 01:09:02 +0000
From:      bugzilla-noreply@freebsd.org
To:        bugs@FreeBSD.org
Subject:   [Bug 273207] pf_syncookie_mac for IPv6 random cause panic
Message-ID:  <bug-273207-227-d7cUyN2FVS@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-273207-227@https.bugs.freebsd.org/bugzilla/>
References:  <bug-273207-227@https.bugs.freebsd.org/bugzilla/>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D273207

--- Comment #12 from Rin Cat <dev@rincat.ch> ---
(kgdb) bt
#0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1  doadump (textdump=3Dtextdump@entry=3D1) at
/usr/src/sys/kern/kern_shutdown.c:396
#2  0xffffffff80c72724 in kern_reboot (howto=3D260) at
/usr/src/sys/kern/kern_shutdown.c:484
#3  0xffffffff80c72b8e in vpanic (fmt=3D<optimized out>,
ap=3Dap@entry=3D0xfffffe00c5f643f0) at /usr/src/sys/kern/kern_shutdown.c:923
#4  0xffffffff80c72913 in panic (fmt=3D<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:847
#5  0xffffffff811519c7 in trap_fatal (frame=3D0xfffffe00c5f644e0, eva=3D0) =
at
/usr/src/sys/amd64/amd64/trap.c:942
#6  0xffffffff81151a35 in trap_pfault (frame=3D0xfffffe00c5f644e0,
usermode=3Dfalse, signo=3D<optimized out>, ucode=3D<optimized out>) at
/usr/src/sys/amd64/amd64/trap.c:761
#7  <signal handler called>
#8  memmove_erms () at /usr/src/sys/amd64/amd64/support.S:539
#9  0xffffffff804b6ce9 in SipBuf (ctx=3Dctx@entry=3D0xfffffe00c5f64618,
src=3Dsrc@entry=3D0xfffffe00c5f645e0, len=3Dlen@entry=3D2, final=3D2, final=
@entry=3D0) at
/usr/src/sys/crypto/siphash/siphash.c:103
#10 0xffffffff804b6b20 in SipHash_Update (ctx=3Dctx@entry=3D0xfffffe00c5f64=
618,
src=3D<optimized out>, len=3Dlen@entry=3D2) at
/usr/src/sys/crypto/siphash/siphash.c:139
#11 0xffffffff823eac5a in pf_syncookie_mac (pd=3Dpd@entry=3D0xfffffe00c5f64=
870,
cookie=3D..., seq=3D<optimized out>) at /usr/src/sys/netpfil/pf/pf_syncooki=
es.c:444
#12 0xffffffff823eab48 in pf_syncookie_check (pd=3Dpd@entry=3D0xfffffe00c5f=
64870)
at /usr/src/sys/netpfil/pf/pf_syncookies.c:321
#13 0xffffffff823b7e93 in pf_test_state_tcp
(state=3Dstate@entry=3D0xfffffe00c5f64948, direction=3Ddirection@entry=3D1,
kif=3Dkif@entry=3D0xfffff80001fed500, m=3Dm@entry=3D0xfffff80125df2400,
off=3Doff@entry=3D40, h=3D<optimized out>, pd=3Dpd@entry=3D0xfffffe00c5f648=
70,
reason=3D0xfffffe00c5f64954)
    at /usr/src/sys/netpfil/pf/pf.c:4958
#14 0xffffffff823c0bca in pf_test6 (dir=3Ddir@entry=3D1, pflags=3D65536,
ifp=3D0xfffff80001fe1800, m0=3Dm0@entry=3D0xfffffe00c5f64a30, inp=3D0x0) at
/usr/src/sys/netpfil/pf/pf.c:6947
#15 0xffffffff823d66ab in pf_check6_in (m=3D0xfffffe00c5f64a30, ifp=3D<opti=
mized
out>, flags=3D0, ruleset=3D<optimized out>, inp=3D0x2) at
/usr/src/sys/netpfil/pf/pf_ioctl.c:5604
#16 0xffffffff80dbc537 in pfil_run_hooks (head=3D<optimized out>, p=3D...,
ifp=3Difp@entry=3D0xfffff80001fe1800, flags=3Dflags@entry=3D65536, inp=3Din=
p@entry=3D0x0)
at /usr/src/sys/net/pfil.c:187
#17 0xffffffff80e97828 in ip6_tryforward (m=3D0xfffff80125df2400) at
/usr/src/sys/netinet6/ip6_fastfwd.c:167
#18 0xffffffff80e99889 in ip6_input (m=3D0xfffffe00c5f64638) at
/usr/src/sys/netinet6/ip6_input.c:723
#19 0xffffffff80db8ca3 in netisr_dispatch_src (proto=3D<optimized out>,
source=3Dsource@entry=3D0, m=3D0xfffff80125df2400) at /usr/src/sys/net/neti=
sr.c:1194
#20 0xffffffff80db8e6f in netisr_dispatch (proto=3D3321251384, m=3D0x2) at
/usr/src/sys/net/netisr.c:1234
#21 0xffffffff80d9aecc in ether_demux (ifp=3Difp@entry=3D0xfffff80001fe1800=
, m=3D0x0)
at /usr/src/sys/net/if_ethersubr.c:921
#22 0xffffffff80d9c51d in ether_input_internal (ifp=3D0xfffff80001fe1800, m=
=3D0x0)
at /usr/src/sys/net/if_ethersubr.c:707
#23 ether_nh_input (m=3D<optimized out>) at /usr/src/sys/net/if_ethersubr.c=
:737
#24 0xffffffff80db8b11 in netisr_dispatch_src (proto=3Dproto@entry=3D5,
source=3Dsource@entry=3D0, m=3Dm@entry=3D0xfffff80125df2400) at
/usr/src/sys/net/netisr.c:1143
#25 0xffffffff80db8e6f in netisr_dispatch (proto=3D3321251384, proto@entry=
=3D5,
m=3D0x2, m@entry=3D0xfffff80125df2400) at /usr/src/sys/net/netisr.c:1234
#26 0xffffffff80d9b379 in ether_input (ifp=3D0xfffff80001fe1800,
m=3D0xfffff80125df2400) at /usr/src/sys/net/if_ethersubr.c:828
#27 0xffffffff80db4631 in iflib_rxeof (rxq=3Drxq@entry=3D0xfffff80001fd4000,
budget=3D<optimized out>) at /usr/src/sys/net/iflib.c:3048
#28 0xffffffff80dae5aa in _task_fn_rx (context=3D0xfffff80001fd4000) at
/usr/src/sys/net/iflib.c:4122
#29 0xffffffff80cbe947 in gtaskqueue_run_locked
(queue=3Dqueue@entry=3D0xfffff80001962a00) at
/usr/src/sys/kern/subr_gtaskqueue.c:371
#30 0xffffffff80cbe772 in gtaskqueue_thread_loop
(arg=3Darg@entry=3D0xfffffe001fff1008) at /usr/src/sys/kern/subr_gtaskqueue=
.c:547
#31 0xffffffff80c2b830 in fork_exit (callout=3D0xffffffff80cbe6b0
<gtaskqueue_thread_loop>, arg=3D0xfffffe001fff1008, frame=3D0xfffffe00c5f64=
f40) at
/usr/src/sys/kern/kern_fork.c:1093
#32 <signal handler called>
#33 0x0f04f983480f74cb in ?? ()

--=20
You are receiving this mail because:
You are the assignee for the bug.=

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-273207-227-d7cUyN2FVS>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact