Linux 内核:SKB 共享信息损坏

Linux 内核:SKB 共享信息损坏

我看到内核崩溃了。这是因为skb_shared_infoskb 缓冲区的结构已损坏,因此导致内核崩溃。

您能否给我一些关于如何进一步看待这个问题的指导?

上面的问题是传递的 skb 的共享信息已损坏:skb_shinfo (skb)。请参见下文。

(gdb) print *skb
$1 = {next = 0x0, prev = 0x0, tstamp = {tv64 = 0}, sk = 0xffff880071c23700, dev = 0x0, cb = "\000\000\000\000\000\000\000\000\377\377\377\377\377\377\377\377", '\000' <repeats 31 times>, 
  cb2 = '\000' <repeats 103 times>, vrf = 0, src_class = 0, dst_class = 0, _skb_refdst = 0, sp = 0x0, len = 71, data_len = 0, mac_len = 0, hdr_len = 0, {csum = 0, {csum_start = 0, 
      csum_offset = 0}}, priority = 0, local_df = 0 '\000', cloned = 0 '\000', ip_summed = 0 '\000', nohdr = 0 '\000', nfctinfo = 0 '\000', pkt_type = 0 '\000', fclone = 0 '\000', 
  ipvs_property = 0 '\000', peeked = 0 '\000', nf_trace = 0 '\000', protocol = 0, destructor = 0xffffffff817615b0 <unix_destruct_scm>, nfct = 0x0, skb_iif = 0, rxhash = 0, vlan_proto = 0, 
  vlan_tci = 0, queue_mapping = 0, pfmemalloc = 0 '\000', ooo_okay = 0 '\000', l4_rxhash = 0 '\000', wifi_acked_valid = 0 '\000', wifi_acked = 0 '\000', no_fcs = 0 '\000', head_frag = 0 '\000', 
  encapsulation = 0 '\000', {napi_id = 0, dma_cookie = 0}, secmark = 0, {mark = 0, dropcount = 0, reserved_tailroom = 0}, inner_protocol = 0, inner_transport_header = 0, inner_network_header = 0, 
  inner_mac_header = 0, transport_header = 65535, network_header = 0, mac_header = 65535, tail = 71, end = 128, head = 0xffff88035f280ff8 'k' <repeats 200 times>..., 
  data = 0xffff88035f280ff8 'k' <repeats 200 times>..., truesize = 896, users = {counter = 1}}

(gdb) p *( ((struct skb_shared_info *) 0xFFFF88035F281078))
$2 = {nr_frags = 107 'k', tx_flags = 107 'k', gso_size = 27499, gso_segs = 27499, gso_type = 27499, frag_list = 0x6b6b6b6b6b6b6b6b, hwtstamps = {hwtstamp = {tv64 = 7740398493674204011}, 
    syststamp = {tv64 = 7740398493674204011}}, ip6_frag_id = 1802201963, dataref = {counter = 1802201963}, destructor_arg = 0x6b6b6b6b6b6b6b6b, uarg = {callback = 0x6b6b6b6b6b6b6b6b, 
    ctx = 0x6b6b6b6b6b6b6b6b, desc = 7740398493674204011}, ubufs = {1802201963, 1802201963, 1802201963, 1802201963, 1802201963, 1802201963, 1802201963}, bufpool_id = 1802201963, frags = {{page = {
        p = 0x6b6b6b6b6b6b6b6b}, page_offset = 1802201963, size = 1802201963} <repeats 17 times>}}

skb 共享信息中存在的片段数量 (nr_frags) 与最大值 16 相差甚远,并且我们看到 frag_list 也具有垃圾值。

相关内容