Bug 259239 - Kernel panic when using igmp forwarding (via igmpproxy)
Summary: Kernel panic when using igmp forwarding (via igmpproxy)
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 13.0-STABLE
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-bugs (Nobody)
Depends on:
Reported: 2021-10-17 22:43 UTC by leper
Modified: 2021-10-17 22:43 UTC (History)
0 users

See Also:

Backtrace (1007 bytes, text/plain)
2021-10-17 22:43 UTC, leper
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description leper 2021-10-17 22:43:46 UTC
Created attachment 228792 [details]

When using the igmpproxy to forward igmp traffic to another host and upon actually trying to use that the following panic occurs.

panic: Assertion in_epoch(net_epoch_preempt) failed at /usr/src/sys/netinet/ip_output.c:343
cpuid = 1
time = 1634507262
__HardenedBSD_version = 1300061 __FreeBSD_version = 1300515
version = FreeBSD 13.0-STABLE-HBSD #0 : Fri Oct  1 15:49:44 UTC 2021
KDB: stack backtrace:
#0 0xffffffff80c6ecbb at kdb_backtrace+0x6b
#1 0xffffffff80c24e7c at vpanic+0x18c
#2 0xffffffff80c24c43 at panic+0x43
#3 0xffffffff80dd7a8e at ip_output+0x16ee
#4 0xffffffff821242b0 at phyint_send+0x100
#5 0xffffffff8212352e at ip_mdq+0x25e
#6 0xffffffff8212199a at X_ip_mrouter_set+0x9ba
#7 0xffffffff80ddba6e at rip_ctloutput+0x29e
#8 0xffffffff80cc4466 at sosetopt+0xe6
#9 0xffffffff80cc9a9d at kern_setsockopt+0xad
#10 0xffffffff80cc99e4 at sys_setsockopt+0x24
#11 0xffffffff810cf83a at amd64_syscall+0x13a
#12 0xffffffff810a11fb at fast_syscall_common+0xf8
Uptime: 4m12s
PC Engines apu3
coreboot build 20193012
BIOS version v4.11.0.2

This is reproducible on every try. The same thing worked with 12 (including the same igmpproxy version) without any issues.

Steps to reproduce (these assume some external igmp source):
1. kldload ip_mroute.ko
2. service igmpproxy onestart
3. (On another machine) Use VLC to open an igmp network stream
4. Panic

Note: This happens on HardenedBSD 13, however none of the code locations indicated by the trace seem to be changed from the default. I'd also be happy to test patches.