From nobody Tue Sep 30 02:38:10 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cbMgN0Zs3z69FdL; Tue, 30 Sep 2025 02:38:24 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4cbMgM6VM7z3cy1; Tue, 30 Sep 2025 02:38:23 +0000 (UTC) (envelope-from zlei@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759199903; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dGFwm9q4CWj4Hcvr6F8dD31Vy/UcGCKsWGwQ7J+KlRo=; b=AIKo57OpqLa/83SzIB2QtLZQuxzXyDFGkSQ7YVluZK+3DKoA65rYiMDVLexAAwq+Pq4ki7 eYxsIA2M9j9zM/malx10Cuxg4ocD+1O19MgXF4UHsJD8p4z+Vg+d7zytT2kcV8SeYoTtLl SBTRgD6JH8ONB/5+PvSC5jGHTj3Zq8cOTsxHr3+oAdlj9Ky5xHH92luh7mwuE7i0gcs56o 6C+lDAvVmYvuGLUGorC9X+NnDKg2gw8fcTAbnE79oFCtC1pnaN9olayEzLvMb3BSIoIdkh HKzXPdD4JmZh8v3fWQ8E7CC9fFDD2AtgQr3dXj7VQ6i8p3PW3z3Q9Sqpu0aBkA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1759199903; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=dGFwm9q4CWj4Hcvr6F8dD31Vy/UcGCKsWGwQ7J+KlRo=; b=GVHvWZVyFLk41uzRYu5oeV0E4hzexLoSUXVF8PRFx6DPSRbwCugbLHK6J8OLFSegJuu4tA UIzGc3hmxfauJQmDly6kCdTuKDLPDIBnx9QrAXvI3s+oXW0y6qtlcjfn/1YdaUg6Luzd+9 du+OH+zowDTVZSEEGIGXLn/lfXnAmgL45IQKS7O0i992FzOOIeyBUWs396tB9dicHECojT B2FHzdrtvGIEw6o4KlIW0CAZ6SA/wstCrGRtZy2l1vcf+4ryXyYinIjg+kbWHVKzaqfU+G dU71FNXxyDktL737TyHNjf7cZUXjsAnfcGJ7QWI9Hk+5I8UDyikx3uiIcaovtg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1759199903; a=rsa-sha256; cv=none; b=fFGkN7tppGvmSr2syMaGT2PHdGtSNXRLAJem75NwbSMHEgl60ZLkMCtYs15L4UXks6DS8n ZsaVjZf1PEQbH3O392W7mqbR0sHIHo2v5TLc1KzKxESDHGP8MjjhY3jNvWrDIDi+Blu1/j GGqfIpFh+ATAQsK2mqQogcUhnIQpw0GZqqumL2LYg1DaRBzkq0U3gvMNhoqh+C3WDxMdXW fsYzYVxRbM+82F5izA1Kyz9jZsELxwMX1yUK470WKeDDg10spDBjDMQeN6VhQEEWRPS8qH AR2IRcJ5nTGP6kgRsSTTpMwyk0ZZ1aBvTIenYpHxQVxiu102W+Ex416bRqu+TQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from smtpclient.apple (unknown [IPv6:2001:19f0:6001:9db:98f0:9fe0:3545:10]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) (Authenticated sender: zlei/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4cbMgL1qQszP38; Tue, 30 Sep 2025 02:38:21 +0000 (UTC) (envelope-from zlei@FreeBSD.org) Content-Type: text/plain; charset=utf-8 List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.10\)) Subject: Re: svn commit: r256519 - in head/sys: net netatalk netinet netinet6 netipx From: Zhenlei Huang In-Reply-To: Date: Tue, 30 Sep 2025 10:38:10 +0800 Cc: Gleb Smirnoff , src-committers@freebsd.org, "" , "dev-commits-src-main@FreeBSD.org" Content-Transfer-Encoding: quoted-printable Message-Id: <35D99D40-5534-402A-8479-64C71604206B@FreeBSD.org> References: <201310151031.r9FAVgRP008282@svn.freebsd.org> To: Mateusz Guzik X-Mailer: Apple Mail (2.3696.120.41.1.10) > On Sep 29, 2025, at 10:29 PM, Mateusz Guzik wrote: >=20 > On Tue, Oct 15, 2013 at 12:31=E2=80=AFPM Gleb Smirnoff = wrote: >>=20 >> Author: glebius >> Date: Tue Oct 15 10:31:42 2013 >> New Revision: 256519 >> URL: http://svnweb.freebsd.org/changeset/base/256519 >>=20 >> Log: >> Remove ifa_init() and provide ifa_alloc() that will allocate and = setup >> struct ifaddr internally. >>=20 >> Sponsored by: Netflix >> Sponsored by: Nginx, Inc. >>=20 >> Modified: >> head/sys/net/if.c >> head/sys/net/if_var.h >> head/sys/netatalk/at_control.c >> head/sys/netinet/in.c >> head/sys/netinet6/in6.c >> head/sys/netipx/ipx.c >>=20 >> Modified: head/sys/net/if.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/net/if.c Tue Oct 15 10:19:24 2013 (r256518) >> +++ head/sys/net/if.c Tue Oct 15 10:31:42 2013 (r256519) >> @@ -633,8 +633,7 @@ if_attach_internal(struct ifnet *ifp, in >> socksize =3D sizeof(*sdl); >> socksize =3D roundup2(socksize, sizeof(long)); >> ifasize =3D sizeof(*ifa) + 2 * socksize; >> - ifa =3D malloc(ifasize, M_IFADDR, M_WAITOK | M_ZERO); >> - ifa_init(ifa); >> + ifa =3D ifa_alloc(ifasize, M_WAITOK); >> sdl =3D (struct sockaddr_dl *)(ifa + 1); >> sdl->sdl_len =3D socksize; >> sdl->sdl_family =3D AF_LINK; >> @@ -1417,13 +1416,23 @@ if_maddr_runlock(struct ifnet *ifp) >> /* >> * Initialization, destruction and refcounting functions for ifaddrs. >> */ >> -void >> -ifa_init(struct ifaddr *ifa) >> +struct ifaddr * >> +ifa_alloc(size_t size, int flags) >> { >> + struct ifaddr *ifa; >> + >> + KASSERT(size >=3D sizeof(struct ifaddr), >> + ("%s: invalid size %zu", __func__, size)); >> + >=20 > We have crashes stemming from this: >=20 > panic: ifa_alloc: invalid size 16 >=20 > panic() at panic+0x43/frame 0xfffffe009e777760 > ifa_alloc() at ifa_alloc+0xd6/frame 0xfffffe009e777780 > in6_ifadd() at in6_ifadd+0xd8/frame 0xfffffe009e7778a0 > nd6_ra_input() at nd6_ra_input+0x1023/frame 0xfffffe009e777a80 > icmp6_input() at icmp6_input+0x5b6/frame 0xfffffe009e777c00 > ip6_input() at ip6_input+0xc94/frame 0xfffffe009e777ce0 > sppp_input() at sppp_input+0x502/frame 0xfffffe009e777d70 > pppoe_data_input() at pppoe_data_input+0x1e7/frame 0xfffffe009e777de0 > swi_net() at swi_net+0x19b/frame 0xfffffe009e777e60 > ithread_loop() at ithread_loop+0x266/frame 0xfffffe009e777ef0 > fork_exit() at fork_exit+0x82/frame 0xfffffe009e777f30 > fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe009e777f30 >=20 > in6_ifadd has: > struct in6_addr taddr; > ifa =3D ifa_alloc(sizeof(taddr), M_WAITOK); >=20 > should the assert be simply removed? Hi Mateusz, I believe you just found a bug. Try the following patch please, --- a/sys/netinet6/nd6_rtr.c +++ b/sys/netinet6/nd6_rtr.c @@ -1243,8 +1243,7 @@ in6_ifadd(struct nd_prefixctl *pr, int mcast) =20 /* No suitable LL address, get the ifid directly */ if (ifid_addr =3D=3D NULL) { - struct in6_addr taddr; - ifa =3D ifa_alloc(sizeof(taddr), M_WAITOK); + ifa =3D ifa_alloc(sizeof(struct in6_ifaddr), = M_WAITOK); if (ifa) { ib =3D (struct in6_ifaddr *)ifa; ifid_addr =3D &ib->ia_addr.sin6_addr; Best regards, Zhenlei >=20 >> + ifa =3D malloc(size, M_IFADDR, M_ZERO | flags); >> + if (ifa =3D=3D NULL) >> + return (NULL); >>=20 >> mtx_init(&ifa->ifa_mtx, "ifaddr", NULL, MTX_DEF); >> refcount_init(&ifa->ifa_refcnt, 1); >> ifa->if_data.ifi_datalen =3D sizeof(ifa->if_data); >> + >> + return (ifa); >> } >>=20 >> void >>=20 >> Modified: head/sys/net/if_var.h >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/net/if_var.h Tue Oct 15 10:19:24 2013 = (r256518) >> +++ head/sys/net/if_var.h Tue Oct 15 10:31:42 2013 = (r256519) >> @@ -819,8 +819,8 @@ struct ifaddr { >> #define IFA_LOCK(ifa) mtx_lock(&(ifa)->ifa_mtx) >> #define IFA_UNLOCK(ifa) mtx_unlock(&(ifa)->ifa_mtx) >>=20 >> +struct ifaddr * ifa_alloc(size_t size, int flags); >> void ifa_free(struct ifaddr *ifa); >> -void ifa_init(struct ifaddr *ifa); >> void ifa_ref(struct ifaddr *ifa); >> #endif >>=20 >>=20 >> Modified: head/sys/netatalk/at_control.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/netatalk/at_control.c Tue Oct 15 10:19:24 2013 = (r256518) >> +++ head/sys/netatalk/at_control.c Tue Oct 15 10:31:42 2013 = (r256519) >> @@ -199,16 +199,10 @@ at_control(struct socket *so, u_long cmd >> * allocate a fresh one. >> */ >> if (aa =3D=3D NULL) { >> - aa =3D malloc(sizeof(struct at_ifaddr), = M_IFADDR, >> - M_NOWAIT | M_ZERO); >> - if (aa =3D=3D NULL) { >> - error =3D ENOBUFS; >> - goto out; >> - } >> - callout_init(&aa->aa_callout, = CALLOUT_MPSAFE); >> + ifa =3D ifa_alloc(sizeof(struct at_ifaddr), = M_WAITOK); >> + aa =3D (struct at_ifaddr *)ifa; >>=20 >> - ifa =3D (struct ifaddr *)aa; >> - ifa_init(ifa); >> + callout_init(&aa->aa_callout, = CALLOUT_MPSAFE); >>=20 >> /* >> * As the at_ifaddr contains the actual = sockaddrs, >>=20 >> Modified: head/sys/netinet/in.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/netinet/in.c Tue Oct 15 10:19:24 2013 = (r256518) >> +++ head/sys/netinet/in.c Tue Oct 15 10:31:42 2013 = (r256519) >> @@ -404,16 +404,8 @@ in_control(struct socket *so, u_long cmd >> goto out; >> } >> if (ia =3D=3D NULL) { >> - ia =3D (struct in_ifaddr *) >> - malloc(sizeof *ia, M_IFADDR, M_NOWAIT = | >> - M_ZERO); >> - if (ia =3D=3D NULL) { >> - error =3D ENOBUFS; >> - goto out; >> - } >> - >> - ifa =3D &ia->ia_ifa; >> - ifa_init(ifa); >> + ifa =3D ifa_alloc(sizeof(struct in_ifaddr), = M_WAITOK); >> + ia =3D (struct in_ifaddr *)ifa; >> ifa->ifa_addr =3D (struct sockaddr = *)&ia->ia_addr; >> ifa->ifa_dstaddr =3D (struct sockaddr = *)&ia->ia_dstaddr; >> ifa->ifa_netmask =3D (struct sockaddr = *)&ia->ia_sockmask; >>=20 >> Modified: head/sys/netinet6/in6.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/netinet6/in6.c Tue Oct 15 10:19:24 2013 = (r256518) >> +++ head/sys/netinet6/in6.c Tue Oct 15 10:31:42 2013 = (r256519) >> @@ -1141,12 +1141,9 @@ in6_update_ifa(struct ifnet *ifp, struct >> * RA, it is called under an interrupt context. So, = we should >> * call malloc with M_NOWAIT. >> */ >> - ia =3D (struct in6_ifaddr *) malloc(sizeof(*ia), = M_IFADDR, >> - M_NOWAIT); >> + ia =3D (struct in6_ifaddr *)ifa_alloc(sizeof(*ia), = M_NOWAIT); >> if (ia =3D=3D NULL) >> return (ENOBUFS); >> - bzero((caddr_t)ia, sizeof(*ia)); >> - ifa_init(&ia->ia_ifa); >> LIST_INIT(&ia->ia6_memberships); >> /* Initialize the address and masks, and put time = stamp */ >> ia->ia_ifa.ifa_addr =3D (struct sockaddr = *)&ia->ia_addr; >>=20 >> Modified: head/sys/netipx/ipx.c >> = =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D >> --- head/sys/netipx/ipx.c Tue Oct 15 10:19:24 2013 = (r256518) >> +++ head/sys/netipx/ipx.c Tue Oct 15 10:31:42 2013 = (r256519) >> @@ -190,13 +190,8 @@ ipx_control(struct socket *so, u_long cm >> if (td && (error =3D priv_check(td, = PRIV_NET_SETLLADDR)) !=3D 0) >> goto out; >> if (ia =3D=3D NULL) { >> - ia =3D malloc(sizeof(*ia), M_IFADDR, M_NOWAIT = | M_ZERO); >> - if (ia =3D=3D NULL) { >> - error =3D ENOBUFS; >> - goto out; >> - } >> - ifa =3D (struct ifaddr *)ia; >> - ifa_init(ifa); >> + ifa =3D ifa_alloc(sizeof(struct ipx_ifaddr), = M_WAITOK); >> + ia =3D (struct ipx_ifaddr *)ifa; >> ia->ia_ifp =3D ifp; >> ifa->ifa_addr =3D (struct sockaddr = *)&ia->ia_addr; >> ifa->ifa_netmask =3D (struct sockaddr = *)&ipx_netmask;