[Bug 272319] FreeBSD kernel crash on MPD5 restart with PPP configuration.
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 02 Jul 2023 11:52:40 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272319 Aleksandr Fedorov <afedorov@FreeBSD.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |afedorov@FreeBSD.org --- Comment #7 from Aleksandr Fedorov <afedorov@FreeBSD.org> --- Evgeniy, sent p priv->so to mee: $24 = {so_lock = {lock_object = {lo_name = 0xffffffff807f7904 "socket", lo_flags = 21168128, lo_data = 0, lo_witness = 0xfffff8007cd5a800}, mtx_lock = 0}, so_count = 1, so_rdsel = { si_tdlist = {tqh_first = 0x0, tqh_last = 0x0}, si_note = {kl_list = {slh_first = 0x0}, kl_lock = 0xffffffff80555a00 <so_rdknl_lock>, kl_unlock = 0xffffffff80555a40 <so_rdknl_unlock>, kl_assert_locked = 0xffffffff80555a80 <so_rdknl_assert_locked>, kl_assert_unlocked = 0xffffffff80555ac0 <so_rdknl_assert_unlocked>, kl_lockarg = 0xfffff8004da77a38, kl_autodestroy = 0}, si_mtx = 0x0}, so_wrsel = { si_tdlist = {tqh_first = 0x0, tqh_last = 0x0}, si_note = {kl_list = {slh_first = 0x0}, kl_lock = 0xffffffff80555b00 <so_wrknl_lock>, kl_unlock = 0xffffffff80555b40 <so_wrknl_unlock>, kl_assert_locked = 0xffffffff80555b80 <so_wrknl_assert_locked>, kl_assert_unlocked = 0xffffffff80555bc0 <so_wrknl_assert_unlocked>, kl_lockarg = 0xfffff8004da77a38, kl_autodestroy = 0}, si_mtx = 0x0}, so_type = 1, so_options = 514, so_linger = 0, so_state = 256, so_pcb = 0xfffff800355bd988, so_vnet = 0xfffff8000203e8c0, so_proto = 0xffffffff80a62460 <inetsw+192>, so_timeo = 0, so_error = 0, so_rerror = 0, so_sigio = 0x0, so_cred = 0xfffff8005f954400, so_label = 0x0, so_gencnt = 11170, so_emuldata = 0x0, so_dtor = 0x0, osd = {osd_nslots = 0, osd_slots = 0x0, osd_next = {le_next = 0x0, le_prev = 0x0}}, so_fibnum = 0, so_user_cookie = 0, so_ts_clock = 0, so_max_pacing_rate = 0, {{so_rcv = {sb_mtx = {lock_object = {lo_name = 0x0, lo_flags = 1302821776, lo_data = 4294965248, lo_witness = 0x0}, mtx_lock = 18446735278919351200}, sb_sx = {lock_object = {lo_name = 0x0, lo_flags = 1, lo_data = 0, lo_witness = 0x0}, sx_lock = 0}, sb_sel = 0x0, sb_state = 0, sb_mb = 0x0, sb_mbtail = 0x80000000001, sb_lastrecord = 0x800000010000, sb_sndptr = 0x8200820, sb_fnrdy = 0x0, sb_sndptroff = 0, sb_acc = 0, sb_ccc = 0, sb_hiwat = 0, sb_mbcnt = 0, sb_mcnt = 0, sb_ccnt = 0, sb_mbmax = 0, sb_ctl = 0, sb_lowat = 0, sb_timeo = 0, sb_flags = 0, sb_upcall = 0x0, sb_upcallarg = 0x0, sb_aiojobq = {tqh_first = 0x0, tqh_last = 0x0}, sb_aiotask = {ta_link = { stqe_next = 0x0}, ta_pending = 0, ta_priority = 0, ta_func = 0x0, ta_context = 0x0}}, so_snd = {sb_mtx = {lock_object = {lo_name = 0x0, lo_flags = 0, lo_data = 0, lo_witness = 0x0}, mtx_lock = 0}, sb_sx = {lock_object = {lo_name = 0x0, lo_flags = 0, lo_data = 0, lo_witness = 0x0}, sx_lock = 0}, sb_sel = 0x0, sb_state = 0, sb_mb = 0x0, sb_mbtail = 0x0, sb_lastrecord = 0x0, sb_sndptr = 0x0, sb_fnrdy = 0x0, sb_sndptroff = 0, sb_acc = 0, sb_ccc = 0, sb_hiwat = 0, sb_mbcnt = 0, sb_mcnt = 0, sb_ccnt = 0, sb_mbmax = 0, sb_ctl = 0, sb_lowat = 0, sb_timeo = 0, sb_flags = 0, sb_upcall = 0x0, sb_upcallarg = 0x0, sb_aiojobq = {tqh_first = 0x0, tqh_last = 0x0}, sb_aiotask = {ta_link = {stqe_next = 0x0}, ta_pending = 0, ta_priority = 0, ta_func = 0x0, ta_context = 0x0}}, so_list = {tqe_next = 0x0, tqe_prev = 0x0}, so_listen = 0x0, so_qstate = SQ_NONE, so_peerlabel = 0x0, so_oobmark = 0}, {sol_incomp = {tqh_first = 0x0, tqh_last = 0xfffff8004da77b90}, sol_comp = {tqh_first = 0x0, tqh_last = 0xfffff8004da77ba0}, sol_qlen = 0, sol_incqlen = 0, sol_qlimit = 1, sol_accept_filter = 0x0, sol_accept_filter_arg = 0x0, sol_accept_filter_str = 0x0, sol_upcall = 0x0, sol_upcallarg = 0x0, sol_sbrcv_lowat = 1, sol_sbsnd_lowat = 2048, sol_sbrcv_hiwat = 65536, sol_sbsnd_hiwat = 32768, sol_sbrcv_flags = 2080, sol_sbsnd_flags = 2080, sol_sbrcv_timeo = 0, sol_sbsnd_timeo = 0}}} (kgdb) priv->so->so_options == 512 (0x202 - SO_ACCPTCONN | SO_REUSEADDR), so this is a LISTENNING type of socket. After this commit: https://github.com/freebsd/freebsd-src/commit/779f106aa169256b7010a1d8f963ff656b881e92 Access to so_rcv, so_snd fields is invalid for listening sockets. Because they share the same place with sol_* fields. -- You are receiving this mail because: You are the assignee for the bug.