[Bug 268086] spin lock held too long in icmp6_rip6_input

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 30 Nov 2022 17:58:52 UTC

            Bug ID: 268086
           Summary: spin lock held too long in icmp6_rip6_input
           Product: Base System
           Version: 13.1-RELEASE
          Hardware: amd64
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: kern
          Assignee: bugs@FreeBSD.org
          Reporter: vegeta@tuxpowered.net

Created attachment 238458
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=238458&action=edit
kgdb output


I had this kernel crash on 2 of my routers running a GENERIC 13.1-RELEASE-p3
kernel. This is probably related to adding some new tunnels, starting BGP
sessions with BIRD and adding some routes. A few hours after this change the
both routers crashed just minutes apart with identical stack trace. Once the
change was undone, the routers operate stable for days.

I understand that icmp6_rip6_input's job is to deliver ICMP6 packets to open
sockets. In case of my routers the raw sockets would be held by radvd, fping
(from smokeping) and some python program I use as a smokeping replacement.

Looking at the mbuf at frames 33 icmp6_rip6_input, 34 icmp6_input, 35 ip6_input
I can see ICMPv6 Neighbor Solicitation messages.

Please find attached kgdb bt output. I have the whole memory dump and I can get
other data from it if necessary.

You are receiving this mail because:
You are the assignee for the bug.