[Bug 202351] [ip6] [panic] Kernel panic in ip6_forward (different from 128247, 131038)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Aug 17 09:13:38 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202351
--- Comment #1 from dennis.noordsij at helsinki.fi ---
It appears that m->m_pkthdr.rcvif is NULL, and the kernel panics in the
if_name(m->m_pkthdr.rcvif)
part of:
log(LOG_DEBUG,
"cannot forward "
"from %s to %s nxt %d received on %s\n",
ip6_sprintf(ip6bufs, &ip6->ip6_src),
ip6_sprintf(ip6bufd, &ip6->ip6_dst),
ip6->ip6_nxt,
if_name(m->m_pkthdr.rcvif));
(kgdb) print m
$2 = (struct mbuf *) 0xfffff80293e80900
(kgdb) print *m
$3 = {m_hdr = {mh_next = 0xfffff80293e7d700, mh_nextpkt = 0x0, mh_data =
0xfffff80293e80968 "`", mh_len = 48, mh_type = 1, mh_flags = 16674}, M_dat = {
MH = {MH_pkthdr = {rcvif = 0x0, tags = {slh_first = 0x0}, len = 1280,
flowid = 0, csum_flags = 0, fibnum = 0, cosqos = 0 '\0', rsstype = 0 '\0',
l2hlen = 0 '\0', l3hlen = 0 '\0', l4hlen = 0 '\0', l5hlen = 0 '\0',
PH_per = {eigth = "\000\000\000\000\000\000\000", sixteen = {0, 0, 0, 0},
thirtytwo = {0, 0}, sixtyfour = {0}, unintptr = {0}, ptr = 0x0},
PH_loc = {eigth = "\000\000\000\000\000\000\000", sixteen = {0, 0, 0, 0},
thirtytwo = {0, 0}, sixtyfour = {0}, unintptr = {0}, ptr = 0x0}},
MH_dat = {MH_ext = {ref_cnt = 0x73cfb0000003333,
ext_buf = 0x60dd861f776354 <Address 0x60dd861f776354 out of bounds>,
ext_size = 96, ext_type = 4, ext_flags = 16723160, ext_free = 0x80fe,
ext_arg1 = 0x1f7763feff54073e, ext_arg2 = 0x2ff},
Replacing the above log message with something safe shows that it does get
called at roughly the same frequency as the previous panics, but without
panicking.
Of course I don't know if it is valid for rcvif to be NULL, or if some
corruption occurs elsewhere. If anyone wants to debug this further I am happy
to assist.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list