m_get_tag returns same tag address when called multiple times
Sreenivasa Honnur
shonnur at chelsio.com
Wed May 14 06:54:08 UTC 2014
Hi,
In FreeBSd-11 Current i am seeing that m_tag_get() returns same tag address for two subsequent calls, and m_tag_find() results in panic with below stack trace. Anything wrong here?
Fatal trap 9: general protection fault while in kernel mode
cpuid = 4; apic id = 04
instruction pointer = 0x20:0xffffffff80959ff0
stack pointer = 0x28:0xfffffe01acfa09a0
frame pointer = 0x28:0xfffffe01acfa09d0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 12 (irq277: t5nex0:0,5)
[ thread pid 12 tid 100128 ]
Stopped at m_tag_locate+0x40: cmpl %ebx,0xc(%rcx)
Here is the calling sequence;
1. get_mbuf_mtag: m:0xfffff8005b3e4c00 mtag:0xfffff8002c47d180
2. get_mbuf_mtag: m:0xfffff8005b3e5000 mtag:0xfffff8002c47d180
3. find_mbuf_mtag(0xfffff8005b3e4c00) results in above trace.
Note that the same code works fine in FBSD-9.1.
struct my_mbuf_cb * get_mbuf_mtag(struct mbuf *m)
{
struct m_tag *mtag;
mtag = m_tag_get(PACKET_TAG_PF, sizeof(struct my_mbuf_cb), M_NOWAIT);
if (mtag == NULL) {
os_log_info("Error allocating mtag\n","");
return (NULL);
}
bzero(mtag + 1, sizeof(struct my_mbuf_cb));
m_tag_prepend(m, mtag);
return ((struct my_mbuf_cb *)(mtag + 1));
}
static struct my_mbuf_cb * find_mbuf_mtag(struct mbuf *m)
{
struct m_tag *mtag;
if ((mtag = m_tag_find(m, PACKET_TAG_PF, NULL)) == NULL)
return (NULL);
return ((struct my_mbuf_cb *)(mtag + 1));
}
Thanks
Sreenivas
More information about the freebsd-current
mailing list