From owner-freebsd-current@FreeBSD.ORG Wed May 21 06:17:29 2003 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1B64737B401 for ; Wed, 21 May 2003 06:17:29 -0700 (PDT) Received: from mx.j10n.org (203.141.155.228.user.ca.il24.net [203.141.155.228]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9379043F93 for ; Wed, 21 May 2003 06:17:27 -0700 (PDT) (envelope-from shinra@j10n.org) Received: from e-note.j10n.org (e-note.j10n.org [IPv6:2002:cb8d:9be4:1::1]) (authenticated bits=0) by mx.j10n.org (8.12.8p1/8.12.8) with ESMTP id h4LDHN3I048761 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 21 May 2003 22:17:25 +0900 (JST) (envelope-from shinra@j10n.org) Received: from e-note.j10n.org (localhost [IPv6:::1]) by e-note.j10n.org (8.12.9/8.12.9) with ESMTP id h4LDHGOD001156 for ; Wed, 21 May 2003 22:17:16 +0900 (JST) (envelope-from shinra@j10n.org) Date: Wed, 21 May 2003 22:17:15 +0900 Message-ID: <86k7ck4exw.wl@j10n.org> From: AIDA Shinra To: current@freebsd.org In-Reply-To: <20030521065152.GA725@laptop.6bone.nl> References: <1053466303.815.22.camel@owen1492.uf.corelab.com> <20030521065152.GA725@laptop.6bone.nl> User-Agent: Wanderlust/2.10.0 (Venus) SEMI/1.14.5 (Awara-Onsen) FLIM/1.14.5 (Demachiyanagi) APEL/10.4 MULE XEmacs/21.4 (patch 10) (Military Intelligence) (i386-unknown-freebsd4.7) MIME-Version: 1.0 (generated by SEMI 1.14.5 - "Awara-Onsen") Content-Type: text/plain; charset=US-ASCII Subject: Re: Reproducable panic in in6_pcbbind X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 May 2003 13:17:29 -0000 > > On Tue, May 20, 2003 at 04:31:44PM -0500, Craig Boston wrote: > > td=0x0 looks bad, and it seems really weird that nam and td change in > > the call to tcp6_usr_bind since sobind just calls it with the same > > arguments it was given. Stack corruption maybe? sobind should have > > choked on the null pointer long before it ever got to tcp6_usr_bind... > > I had something similar some weeks/months ago. It also happened with > closing and reopening an ssh forwarding session (no socks however afaik). > > I'm running with some debugging statements in my tree for the event that > it happens again. Are you running -current as of recent or an older one? > > My stack was also corrupted as that code can't be reached at all with > td==0. > > Mark > I experienced the same kgdb trace last manth. I found the crashdump lied about where the trap occured. What DDB prints? If the true trap point is at in6_pcbbind() in netinet6/in6_pcb.c, the problem may be same to kern/50621.