From owner-freebsd-net@FreeBSD.ORG  Thu Sep 25 13:58:46 2014
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@freebsd.org
Received: from mx2.freebsd.org (mx2.freebsd.org [8.8.178.116])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 773AAC36;
 Thu, 25 Sep 2014 13:58:46 +0000 (UTC)
Received: from butcher-nb.yandex.net (hub.freebsd.org
 [IPv6:2001:1900:2254:206c::16:88])
 by mx2.freebsd.org (Postfix) with ESMTP id 110C32D8B;
 Thu, 25 Sep 2014 13:58:44 +0000 (UTC)
Message-ID: <54241F1D.4080206@FreeBSD.org>
Date: Thu, 25 Sep 2014 17:56:45 +0400
From: "Andrey V. Elsukov" <ae@FreeBSD.org>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:24.0) Gecko/20100101 Thunderbird/24.5.0
MIME-Version: 1.0
To: sbruno@freebsd.org, Gleb Smirnoff <glebius@FreeBSD.org>
Subject: Re: svn commit: r272089 - head/sys/netpfil/ipfw
References: <201409250226.s8P2Q6AS055635@svn.freebsd.org>	
 <CAJ-VmomsRHxiUtDw8FpP=ZGcE136dBLpDyzcpnRVbVFyk0Jmnw@mail.gmail.com>	
 <20140925051808.GS884@FreeBSD.org> <1411643223.2161.2.camel@bruno>
In-Reply-To: <1411643223.2161.2.camel@bruno>
X-Enigmail-Version: 1.6
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: FreeBSD Net <freebsd-net@freebsd.org>, Adrian Chadd <adrian@freebsd.org>,
 David Carlier <david.carlier@hardenedbsd.org>
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net/>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
 <mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 25 Sep 2014 13:58:46 -0000

On 25.09.2014 15:07, Sean Bruno wrote:
> On Thu, 2014-09-25 at 09:18 +0400, Gleb Smirnoff wrote:
>> On Wed, Sep 24, 2014 at 07:40:23PM -0700, Adrian Chadd wrote:
>> A> Hm, I saw this from Kate on IRC. Did anyone figure out _where_ these
>> A> frames are coming from?
>> A> 
>> A> Just dropping them is cool, but I'd really like to see the contents of
>> A> the frames and what their origin is.
>> A> 
>> A> I'm worried that they're valid stack-generated frames..
>>
>> I agree on this. Fixing NULL pointer derefs with NULL check is not
>> always a right thing to do.
>> A> >
>> A> > Log:
>> A> >   Fix NULL pointer deref in ipfw when using dummynet at layer 2.
>> A> >   Drop packet if pkg->ifp is NULL, which is the case here.
>> A> >
>> A> >   ref. https://github.com/HardenedBSD/hardenedBSD
>> A> >   commit 4eef3881c64f6e3aa38eebbeaf27a947a5d47dd7
>> A> >
>> A> >   PR 193861 --  DUMMYNET LAYER2: kernel panic
>> A> >
>> A> >   in this case a kernel panic occurs. Hence, when we do not get an interface,
>> A> >   we just drop the packet in question.

> Ok, moving off to freebsd-net.  How should we proceded with debugging
> further?

Probably this can occurs when outgoing interface disappeared
(netgrapg/tun/tap/lagg/vlan/usb ethernet), but packets were not send yet
(delayed in the dummynet pipe). I think this is well known problem.

-- 
WBR, Andrey V. Elsukov