Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: crash in in6_cksum

On Tue, 26 Feb 2008, Tatoku Ogaito wrote:

> >> In Message <>
>  at Tue, 26 Feb 2008 08:37:54 +0900
>  Izumi Tsutsui <> wrote:
>  > I also see the same panic with re(4) on i386 and I'm using
>  > in6_cksum.c rev 1.22. (though I don't use ipv6)
> In my case, I use ath(4) at cardbus and wm(4) at pci on i386.

[probably not the interface driver then]

> A bunch of KASSERTs reveal the assertion fails at the second
> KASSERT in the following piece of code, which begins with the
> line 346 in revision 1.113.

So, it seems that pfil_run_hooks() has modified the mbuf chain and left it
without the complete ip6_hdr addressable, and I'm guessing that since
ip6_input() already made some effort to pull it up that this is unwanted
behaviour (though pfil(9) does not say so).

(I think that the previous versions of in6_cksum() also required this but
did no validation, I don't know if that means the calculations were
sometimes wrong.. ?)

Is there a way to know which hooks are being run?

> # In my kernel, I set PFIL_HOOKS and FAST_IPSEC.

does this mean that FAST_IPSEC is the packet filter?

The only places I see hooks being added are in:

I don't really know what the hooks are supposed to be doing, but some of
them use m_makewriteable() which does not guarantee that data is left


Home | Main Index | Thread Index | Old Index