https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253587
--- Comment #3 from Kamigishi Rei <spam...@haruhiism.net> ---
It does not seem like pf specifically is at fault here. Got two more faults
over the past 12 hours and both were with mbufs being 0x0 in different code
paths:
Important note:
net.isr.maxthreads: -1
net.isr.bindthreads: 1
The CPU is a quad core AMD GX-412TC SoC.
I will now test with these set to defaults (1 and 0, correspondingly).
net.isr.dispatch is "direct" and was not touched.
#1:
(kgdb) bt
#0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1 doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399
#2 0xffffffff80c08e56 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:486
#3 0xffffffff80c092d0 in vpanic (fmt=<optimized out>, ap=<optimized out>) at
/usr/src/sys/kern/kern_shutdown.c:919
#4 0xffffffff80c090d3 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:843
#5 0xffffffff810891a7 in trap_fatal (frame=0xfffffe0007f86710, eva=28) at
/usr/src/sys/amd64/amd64/trap.c:915
#6 0xffffffff810891ff in trap_pfault (frame=frame@entry=0xfffffe0007f86710,
usermode=false, signo=<optimized out>, signo@entry=0x0, ucode=<optimized out>,
ucode@entry=0x0)
at /usr/src/sys/amd64/amd64/trap.c:732
#7 0xffffffff8108885d in trap (frame=0xfffffe0007f86710) at
/usr/src/sys/amd64/amd64/trap.c:398
#8 <signal handler called>
#9 0xffffffff80c9ac8a in m_dup (m=0x0, m@entry=0xfffff80119f1b800,
how=<optimized out>, how@entry=1) at /usr/src/sys/kern/uipc_mbuf.c:686
#10 0xffffffff8297e8e8 in bridge_input (ifp=0xfffff800036d1800,
m=0xfffff80119f1b800) at /usr/src/sys/net/if_bridge.c:2415
#11 0xffffffff80d23c78 in ether_input_internal (ifp=0xfffff800036d1800,
m=0xfffff80104ebf100) at /usr/src/sys/net/if_ethersubr.c:673
#12 ether_nh_input (m=<optimized out>) at /usr/src/sys/net/if_ethersubr.c:739
#13 0xffffffff80d3e26a in netisr_dispatch_src (proto=proto@entry=5,
source=<optimized out>, source@entry=0, m=0xfffff80104ebf100,
m@entry=0xfffff80119f1b800)
at /usr/src/sys/net/netisr.c:1143
#14 0xffffffff80d3e55f in netisr_dispatch (proto=83019968, proto@entry=5,
m=0x1, m@entry=0xfffff80119f1b800) at /usr/src/sys/net/netisr.c:1234
#15 0xffffffff80d22e79 in ether_input (ifp=<optimized out>,
m=0xfffff80119f1b800) at /usr/src/sys/net/if_ethersubr.c:830
#16 0xffffffff80d3a9a8 in iflib_rxeof (rxq=<optimized out>,
rxq@entry=0xfffff800036d1000, budget=<optimized out>) at
/usr/src/sys/net/iflib.c:3008
#17 0xffffffff80d34d02 in _task_fn_rx (context=0xfffff800036d1000) at
/usr/src/sys/net/iflib.c:3951
#18 0xffffffff80c550fd in gtaskqueue_run_locked
(queue=queue@entry=0xfffff8000342ea00) at
/usr/src/sys/kern/subr_gtaskqueue.c:371
#19 0xffffffff80c54d9c in gtaskqueue_thread_loop (arg=<optimized out>,
arg@entry=0xfffffe0008d4f038) at /usr/src/sys/kern/subr_gtaskqueue.c:547
#20 0xffffffff80bc735e in fork_exit (callout=0xffffffff80c54cf0
<gtaskqueue_thread_loop>, arg=0xfffffe0008d4f038, frame=0xfffffe0007f86c00) at
/usr/src/sys/kern/kern_fork.c:1069
#21 <signal handler called>
#2:
Here m_nextpkt is 0x0, len is 1307, and m_nextpkt is assigned to next and gets
dereferenced:
(kgdb) bt
#0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
#1 doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:399
#2 0xffffffff80c08e56 in kern_reboot (howto=260) at
/usr/src/sys/kern/kern_shutdown.c:486
#3 0xffffffff80c092d0 in vpanic (fmt=<optimized out>, ap=<optimized out>) at
/usr/src/sys/kern/kern_shutdown.c:919
#4 0xffffffff80c090d3 in panic (fmt=<unavailable>) at
/usr/src/sys/kern/kern_shutdown.c:843
#5 0xffffffff810891a7 in trap_fatal (frame=0xfffffe0062c6e700, eva=8) at
/usr/src/sys/amd64/amd64/trap.c:915
#6 0xffffffff810891ff in trap_pfault (frame=frame@entry=0xfffffe0062c6e700,
usermode=false, signo=<optimized out>, signo@entry=0x0, ucode=<optimized out>,
ucode@entry=0x0)
at /usr/src/sys/amd64/amd64/trap.c:732
#7 0xffffffff8108885d in trap (frame=0xfffffe0062c6e700) at
/usr/src/sys/amd64/amd64/trap.c:398
#8 <signal handler called>
#9 sbcut_internal (sb=0xfffff800a75649c0, len=1307, len@entry=1475) at
/usr/src/sys/kern/uipc_sockbuf.c:1491
#10 0xffffffff80ca4eca in sbcut_locked (sb=0xfffff800a75649c0, len=-1390745600,
len@entry=1475) at /usr/src/sys/kern/uipc_sockbuf.c:1591
#11 0xffffffff80dbda2e in tcp_do_segment (m=0xfffff80042a5d800, th=<optimized
out>, so=<optimized out>, tp=<optimized out>, drop_hdrlen=52, tlen=<optimized
out>, iptos=0 '\000')
at /usr/src/sys/netinet/tcp_input.c:2924
#12 0xffffffff80dbbb9e in tcp_input (mp=<optimized out>, offp=<optimized out>,
proto=<optimized out>) at /usr/src/sys/netinet/tcp_input.c:1381
#13 0xffffffff80dae555 in ip_input (m=0x0) at
/usr/src/sys/netinet/ip_input.c:833
#14 0xffffffff80d3ea0b in netisr_process_workstream_proto (nwsp=<optimized
out>, proto=1) at /usr/src/sys/net/netisr.c:919
#15 swi_net (arg=<optimized out>) at /usr/src/sys/net/netisr.c:966
#16 0xffffffff80bca53d in intr_event_execute_handlers (p=<optimized out>,
ie=0xfffff80003418d00) at /usr/src/sys/kern/kern_intr.c:1168
#17 ithread_execute_handlers (p=<optimized out>, ie=0xfffff80003418d00) at
/usr/src/sys/kern/kern_intr.c:1181
#18 ithread_loop (arg=arg@entry=0xfffff8000341ed60) at
/usr/src/sys/kern/kern_intr.c:1269
#19 0xffffffff80bc735e in fork_exit (callout=0xffffffff80bca2f0 <ithread_loop>,
arg=0xfffff8000341ed60, frame=0xfffffe0062c6ec00) at
/usr/src/sys/kern/kern_fork.c:1069
#20 <signal handler called>
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
freebsd-pf@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-pf
To unsubscribe, send any mail to "freebsd-pf-unsubscr...@freebsd.org"
