https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246819
Mark Johnston <ma...@freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|New |Open
CC| |ma...@freebsd.org
--- Comment #3 from Mark Johnston <ma...@freebsd.org> ---
(In reply to Ashish Gupta from comment #2)
Looks like we are panicking because the counters in the in6_ifstat block are
freed. In particular, the panic happens while executing:
790 in6_ifstat_inc(ifp, ifs6_out_request);
which expands to
545 #define in6_ifstat_inc(ifp, tag) \
546 do { \
547 if (ifp) \
548 counter_u64_add(((struct in6_ifextra *) \
549 ((ifp)->if_afdata[AF_INET6]))->in6_ifstat[ \
550 offsetof(struct in6_ifstat, tag) / sizeof(uint64_t)],
1);\
551 } while (/*CONSTCOND*/ 0)
and the fault address is 0, so it shouldn't be from the if_afdata dereference
or the in6_ifstat dereference (since ifs6_out_request is not the first counter
in the block).
So the interface is already destroyed, but we are sending TCP keepalives
through it.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
