Re: kernel crash making a vlan on a wlan
- Reply: Warner Losh : "Re: kernel crash making a vlan on a wlan"
- In reply to: Eugene Grosbein : "Re: kernel crash making a vlan on a wlan"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 24 Apr 2022 07:01:47 UTC
From what I can tell, the vlan driver is calling ieee80211_output() with
the wrong ifnet context and dereferencing a bad pointer.
It looks like the passed in if_softc is pointing to a struct ifvlan instead
of the expected struct ieee80211_vap
Looking at vlan_output(), I wonder if the parents ifnet context should be
used when calling if_output()? something like:
diff --git a/sys/net/if_vlan.c b/sys/net/if_vlan.c
index 2bb5284c2129..5fbd7a79dccc 100644
--- a/sys/net/if_vlan.c
+++ b/sys/net/if_vlan.c
@@ -1318,7 +1318,7 @@ vlan_output(struct ifnet *ifp, struct mbuf *m, const
struct sockaddr *dst,
ifv = p->if_softc;
} while (p->if_type == IFT_L2VLAN);
- return p->if_output(ifp, m, dst, ro);
+ return ((*p->if_output)(p, m, dst, ro));
}
#ifdef ALTQ
On Sat, Apr 23, 2022 at 1:12 PM Eugene Grosbein <eugen@grosbein.net> wrote:
> 24.04.2022 3:28, Marek Zarychta wrote:
>
> > W dniu 23.04.2022 o 22:11, Craig Leres pisze:
> >>
> >> On 4/23/22 11:12, Craig Leres wrote:
> >>> I am able to reproduce the crash with 13.1-RC4.
> >>
> >> I'm also able to reproduce the crash on 12.3-RELEASE-p5. It seems wlan0
> is part of the recipe, I tried vlans_em0="vlan0" first but was not able to
> induce a crash.
> >>
> >> Craig
> >>
> >
> > I am curious what is this WiFi hardware that supports 802.1q tagging
> over the air? Could you please reveal this?
> >
> > That's rather not a bug when you are shooting yourself in the foot.
>
> Kernel panic due to ifconfig command is always a bug.
>
>
>
>