Date: Wed, 21 May 2003 22:17:15 +0900 From: AIDA Shinra <shinra@j10n.org> To: current@freebsd.org Subject: Re: Reproducable panic in in6_pcbbind Message-ID: <86k7ck4exw.wl@j10n.org> In-Reply-To: <20030521065152.GA725@laptop.6bone.nl> References: <1053466303.815.22.camel@owen1492.uf.corelab.com> <20030521065152.GA725@laptop.6bone.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
> > On Tue, May 20, 2003 at 04:31:44PM -0500, Craig Boston wrote: > > td=0x0 looks bad, and it seems really weird that nam and td change in > > the call to tcp6_usr_bind since sobind just calls it with the same > > arguments it was given. Stack corruption maybe? sobind should have > > choked on the null pointer long before it ever got to tcp6_usr_bind... > > I had something similar some weeks/months ago. It also happened with > closing and reopening an ssh forwarding session (no socks however afaik). > > I'm running with some debugging statements in my tree for the event that > it happens again. Are you running -current as of recent or an older one? > > My stack was also corrupted as that code can't be reached at all with > td==0. > > Mark > I experienced the same kgdb trace last manth. I found the crashdump lied about where the trap occured. What DDB prints? If the true trap point is at in6_pcbbind() in netinet6/in6_pcb.c, the problem may be same to kern/50621.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?86k7ck4exw.wl>