https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=292884
--- Comment #11 from Rick Macklem <[email protected]> --- (In reply to Mark Johnston from comment #10) Actually, I don't have a patch. When I first saw this, I thought that the xprt refcnt had somehow gone to 0 and I was going to add a SVC_ACQUIRE()/SVC_RELEASE(). But, as we now see, that is not the problem. There is also the weirdness that it crashes in svc_dg_recv() { "dg" refers to datagram or UDP if you prefer }. However, it seems that the socket would have been a TCP one, since that is what his mounts are? It definitely is a puzzle and something is getting confused. This code hasn't changed in at least a decade, so?? Is the OpenBSD client doing something really weird, like closing the socket and then sending an RPC on it or somehow his configuration of bhyve instances/bridges somehow confusing the TCP stack and resulting in a socket getting socose()'d by something else. --> And then, how did svc_vc_recv() get replaced by svc_dg_recv(). I'm pretty sure the svc_vc.c code only does soclose() once the xprt refcnt goes to 0, but I cannot be absolutely sure that can never happen prematurely, although I've never seen a crash like this before. Maybe I will generate the SVC_ACQUIRE()/SVC_RELEASE() patch wrapped around SVC_RECV(), so he can try it. -- You are receiving this mail because: You are the assignee for the bug.
