[Bug 284606] Kernel Panic on wireguard VPN router with a Mikrotik peer

Thu, 06 Feb 2025 19:31:28 -0800 

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=284606

Zhenlei Huang <z...@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |z...@freebsd.org

--- Comment #2 from Zhenlei Huang <z...@freebsd.org> ---
% kgdb /boot/kernel/kernel vmcore.0
...
Reading symbols from /boot/kernel/zfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/zfs.ko.debug...
Reading symbols from /boot/kernel/intpm.ko...
Reading symbols from /usr/lib/debug//boot/kernel/intpm.ko.debug...
Reading symbols from /boot/kernel/smbus.ko...
Reading symbols from /usr/lib/debug//boot/kernel/smbus.ko.debug...
Reading symbols from /boot/kernel/vmci.ko...
Reading symbols from /usr/lib/debug//boot/kernel/vmci.ko.debug...
Reading symbols from /boot/kernel/if_epair.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_epair.ko.debug...
Reading symbols from /boot/kernel/ipfw.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ipfw.ko.debug...
Reading symbols from /boot/kernel/ipfw_nat.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ipfw_nat.ko.debug...
Reading symbols from /boot/kernel/libalias.ko...
Reading symbols from /usr/lib/debug//boot/kernel/libalias.ko.debug...
Reading symbols from /boot/kernel/ipfw_pmod.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ipfw_pmod.ko.debug...
Reading symbols from /boot/kernel/if_wg.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_wg.ko.debug...
...


(kgdb) frame 8
#8  0xffffffff80cfc37f in ip_tryforward (m=0x0) at
/usr/src/sys/netinet/ip_fastfwd.c:319
319             ip = mtod(m, struct ip *);      /* m may have changed by pfil
hook */
(kgdb) list
309             if (!PFIL_HOOKED_IN(V_inet_pfil_head))
310                     goto passin;
311     
312             if (pfil_mbuf_in(V_inet_pfil_head, &m, m->m_pkthdr.rcvif,
313                 NULL) != PFIL_PASS)
314                     goto drop;
315     
316             M_ASSERTVALID(m);
317             M_ASSERTPKTHDR(m);
318     
319             ip = mtod(m, struct ip *);      /* m may have changed by pfil
hook */
320             dest.s_addr = ip->ip_dst.s_addr;
321     
322             /*
323              * Destination address changed?
324              */
325             if (odest.s_addr != dest.s_addr) {
326                     /*
327                      * Is it now for a local address on this host?
328                      */
(kgdb) p m
$14 = (struct mbuf *) 0x0
(kgdb) p ip
$15 = (struct ip *) 0xfffff800057f6d70
(kgdb) 

I noticed that ipfw(4) and related modules were loaded. From the debug info of
core dump, pfil hook returns PFIL_PASS but set m to NULL ( the original mbuf be
freed ), it appears ipfw(4) is to be blamed.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to