bpf_multi_read.c - OpenGrok history log for /freebsd/tests/sys/net/bpf/bpf_multi

Revision (<<< Hide revision tags) (Show revision tags >>>)	Date	Author	Comments
Revision tags: release/13.5.0
# dd49816b	26-Feb-2025	Kristof Provost <kp@FreeBSD.org>	bpf: avoid panic on multiple readers If we have multiple simultaneous readers on a single /dev/bpf fd it's possible for the assertion after the bpf_uiomove() in bpfread() to fail. Note that the bpf bpf: avoid panic on multiple readers If we have multiple simultaneous readers on a single /dev/bpf fd it's possible for the assertion after the bpf_uiomove() in bpfread() to fail. Note that the bpf_uiomove() is done outside of the BPFD_LOCK, because uiomove may sleep. As a result it's possible for another thread to have already reclaimed toe bd_hbuf, thus causing us to fail the assertion. Even without INVARIANTS this may provoke panics. That results (with INVARIANTS) in a panic such as: login: panic: bpfread: lost bd_hbuf cpuid = 13 time = 1740567635 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe003972db10 vpanic() at vpanic+0x136/frame 0xfffffe003972dc40 panic() at panic+0x43/frame 0xfffffe003972dca0 bpfread() at bpfread+0x2e8/frame 0xfffffe003972dce0 devfs_read_f() at devfs_read_f+0xe4/frame 0xfffffe003972dd40 dofileread() at dofileread+0x80/frame 0xfffffe003972dd90 sys_read() at sys_read+0xb7/frame 0xfffffe003972de00 amd64_syscall() at amd64_syscall+0x15a/frame 0xfffffe003972df30 fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe003972df30 --- syscall (3, FreeBSD ELF64, read), rip = 0x302787166afa, rsp = 0x302782638a78, rbp = 0x302782638aa0 --- Also add a test case replicating the known trigger for this panic. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D49135 show more ...

Revision (<<< Hide revision tags) (Show revision tags >>>)

Date

Author

Comments

Revision tags: release/13.5.0

# dd49816b

26-Feb-2025

Kristof Provost <kp@FreeBSD.org>

bpf: avoid panic on multiple readers

If we have multiple simultaneous readers on a single /dev/bpf fd it's possible
for the assertion after the bpf_uiomove() in bpfread() to fail.

Note that the bpf

bpf: avoid panic on multiple readers

If we have multiple simultaneous readers on a single /dev/bpf fd it's possible
for the assertion after the bpf_uiomove() in bpfread() to fail.

Note that the bpf_uiomove() is done outside of the BPFD_LOCK, because uiomove
may sleep. As a result it's possible for another thread to have already
reclaimed toe bd_hbuf, thus causing us to fail the assertion.
Even without INVARIANTS this may provoke panics.

That results (with INVARIANTS) in a panic such as:

login: panic: bpfread: lost bd_hbuf
cpuid = 13
time = 1740567635
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe003972db10
vpanic() at vpanic+0x136/frame 0xfffffe003972dc40
panic() at panic+0x43/frame 0xfffffe003972dca0
bpfread() at bpfread+0x2e8/frame 0xfffffe003972dce0
devfs_read_f() at devfs_read_f+0xe4/frame 0xfffffe003972dd40
dofileread() at dofileread+0x80/frame 0xfffffe003972dd90
sys_read() at sys_read+0xb7/frame 0xfffffe003972de00
amd64_syscall() at amd64_syscall+0x15a/frame 0xfffffe003972df30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe003972df30
--- syscall (3, FreeBSD ELF64, read), rip = 0x302787166afa, rsp = 0x302782638a78, rbp = 0x302782638aa0 ---

Also add a test case replicating the known trigger for this panic.

Sponsored by: Rubicon Communications, LLC ("Netgate")
Differential Revision: https://reviews.freebsd.org/D49135