From owner-freebsd-net Sat Aug 10 16:28:53 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9406737B400; Sat, 10 Aug 2002 16:28:39 -0700 (PDT) Received: from tesla.distributel.net (nat.MTL.distributel.NET [66.38.181.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id C958943E3B; Sat, 10 Aug 2002 16:28:38 -0700 (PDT) (envelope-from bmilekic@unixdaemons.com) Received: (from bmilekic@localhost) by tesla.distributel.net (8.11.6/8.11.6) id g7ANSNf94039; Sat, 10 Aug 2002 19:28:23 -0400 (EDT) (envelope-from bmilekic@unixdaemons.com) Date: Sat, 10 Aug 2002 19:28:22 -0400 From: Bosko Milekic To: FUJITA Kazutoshi Cc: tlambert2@mindspring.com, freebsd-net@FreeBSD.ORG, freebsd-hackers@FreeBSD.ORG Subject: Re: m_freem() in tcp_respond() Message-ID: <20020810192822.A94017@unixdaemons.com> References: <20020811.040808.74720123.fujita@soum.co.jp> <3D557563.D1FC72B8@mindspring.com> <20020811.082259.74720252.fujita@soum.co.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable User-Agent: Mutt/1.2.5.1i In-Reply-To: <20020811.082259.74720252.fujita@soum.co.jp>; from fujita@soum.co.jp on Sun, Aug 11, 2002 at 08:22:59AM +0900 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Ian Dowse just fixed this. Please upgrade. On Sun, Aug 11, 2002 at 08:22:59AM +0900, FUJITA Kazutoshi wrote: > From: Terry Lambert > Subject: Re: m_freem() in tcp_respond() > Date: Sat, 10 Aug 2002 13:19:47 -0700 > Message-ID: <3D557563.D1FC72B8@mindspring.com> >=20 > > It is better to know that it's not NULL before it gets there. > >=20 > > If you check everything everywhere to see if it's NULL before > > you do anything, then you are going to speen all your time > > comparing things to NULL, rather than doing real work. >=20 > Hmmm... > But my -STABLE box crashes at here when boot. >=20 >=20 > # gdb -k kernel.debug vmcore.0 > GNU gdb 4.18 (FreeBSD) > Copyright 1998 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you = are > welcome to change it and/or distribute copies of it under certain conditi= ons. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for detail= s. > This GDB was configured as "i386-unknown-freebsd"... > IdlePTD at phsyical address 0x005d2000 > initial pcb at physical address 0x004e2880 > panicstr: from debugger > panic messages: > --- > Fatal trap 12: page fault while in kernel mode > fault virtual address =3D 0x0 > fault code =3D supervisor read, page not present > instruction pointer =3D 0x8:0xc021ef9c > stack pointer =3D 0x10:0xdc319cd0 > frame pointer =3D 0x10:0xdc319cd8 > code segment =3D base 0x0, limit 0xfffff, type 0x1b > =3D DPL 0, pres 1, def32 1, gran 1 > processor eflags =3D interrupt enabled, resume, IOPL =3D 0 > current process =3D 197 (wnnstat) > interrupt mask =3D net tty=20 > panic: from debugger >=20 >=20 > Fatal trap 3: breakpoint instruction fault while in kernel mode > instruction pointer =3D 0x8:0xc03b872c > stack pointer =3D 0x10:0xdc319ae4 > frame pointer =3D 0x10:0xdc319aec > code segment =3D base 0x0, limit 0xfffff, type 0x1b > =3D DPL 0, pres 1, def32 1, gran 1 > processor eflags =3D interrupt enabled, IOPL =3D 0 > current process =3D 197 (wnnstat) > interrupt mask =3D net tty=20 > panic: from debugger > Uptime: 38s >=20 > dumping to dev #ad/0x30001, offset 1311872 > dump ata0: resetting devices .. done > 639 638 637 636 635 634 633 632 631 630 629 628 627 626 625 624 623 622 6= 21 620 619 618 617 616 615 614 613 612 611 610 609 608 607 606 605 604 603 = 602 601 600 599 598 597 596 595 594 593 592 591 590 589 588 587 586 585 584= 583 582 581 580 579 578 577 576 575 574 573 572 571 570 569 568 567 566 56= 5 564 563 562 561 560 559 558 557 556 555 554 553 552 551 550 549 548 547 5= 46 545 544 543 542 541 540 539 538 537 536 535 534 533 532 531 530 529 528 = 527 526 525 524 523 522 521 520 519 518 517 516 515 514 513 512 511 510 509= 508 507 506 505 504 503 502 501 500 499 498 497 496 495 494 493 492 491 49= 0 489 488 487 486 485 484 483 482 481 480 479 478 477 476 475 474 473 472 4= 71 470 469 468 467 466 465 464 463 462 461 460 459 458 457 456 455 454 453 = 452 451 450 449 448 447 446 445 444 443 442 441 440 439 438 437 436 435 434= 433 432 431 430 429 428 427 426 425 424 423 422 421 420 419 418 417 416 41= 5 414 413 412 411 410 409 408 407 406 405 404 403 402 401 400 399 398 397 3= 96 395 394 393 39 > 2 391 390 389 388 387 386 385 384 383 382 381 380 379 378 377 376 375 37= 4 373 372 371 370 369 368 367 366 365 364 363 362 361 360 359 358 357 356 3= 55 354 353 352 351 350 349 348 347 346 345 344 343 342 341 340 339 338 337 = 336 335 334 333 332 331 330 329 328 327 326 325 324 323 322 321 320 319 318= 317 316 315 314 313 312 311 310 309 308 307 306 305 304 303 302 301 300 29= 9 298 297 296 295 294 293 292 291 290 289 288 287 286 285 284 283 282 281 2= 80 279 278 277 276 275 274 273 272 271 270 269 268 267 266 265 264 263 262 = 261 260 259 258 257 256 255 254 253 252 251 250 249 248 247 246 245 244 243= 242 241 240 239 238 237 236 235 234 233 232 231 230 229 228 227 226 225 22= 4 223 222 221 220 219 218 217 216 215 214 213 212 211 210 209 208 207 206 2= 05 204 203 202 201 200 199 198 197 196 195 194 193 192 191 190 189 188 187 = 186 185 184 183 182 181 180 179 178 177 176 175 174 173 172 171 170 169 168= 167 166 165 164 163 162 161 160 159 158 157 156 155 154 153 152 151 150 14= 9 148 147 146 145 > 144 143 142 141 140 139 138 137 136 135 134 133 132 131 130 129 128 127= 126 125 124 123 122 121 120 119 118 117 116 115 114 113 112 111 110 109 10= 8 107 106 105 104 103 102 101 100 99 98 97 96 95 94 93 92 91 90 89 88 87 86= 85 84 83 82 81 80 79 78 77 76 75 74 73 72 71 70 69 68 67 66 65 64 63 62 61= 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36= 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11= 10 9 8 7 6 5 4 3 2 1 0=20 > --- > #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487 > 487 if (dumping++) { > (kgdb) bt > #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487 > #1 0xc0202e73 in boot (howto=3D260) at /usr/src/sys/kern/kern_shutdown.c= :316 > #2 0xc02032b1 in panic (fmt=3D0xc03edd84 "from debugger") > at /usr/src/sys/kern/kern_shutdown.c:595 > #3 0xc014cbb9 in db_panic (addr=3D-1071517796, have_addr=3D0, count=3D-1= ,=20 > modif=3D0xdc319b3c "") at /usr/src/sys/ddb/db_command.c:435 > #4 0xc014cb59 in db_command (last_cmdp=3D0xc0463918, cmd_table=3D0xc0463= 758,=20 > aux_cmd_tablep=3D0xc04c0cb8) at /usr/src/sys/ddb/db_command.c:333 > #5 0xc014cc1e in db_command_loop () at /usr/src/sys/ddb/db_command.c:457 > #6 0xc014ed5b in db_trap (type=3D12, code=3D0) at /usr/src/sys/ddb/db_tr= ap.c:71 > #7 0xc03b84ce in kdb_trap (type=3D12, code=3D0, regs=3D0xdc319c90) > at /usr/src/sys/i386/i386/db_interface.c:158 > #8 0xc03c8e14 in trap_fatal (frame=3D0xdc319c90, eva=3D0) > at /usr/src/sys/i386/i386/trap.c:969 > #9 0xc03c8aed in trap_pfault (frame=3D0xdc319c90, usermode=3D0, eva=3D0) > at /usr/src/sys/i386/i386/trap.c:867 > #10 0xc03c8667 in trap (frame=3D{tf_fs =3D 16, tf_es =3D -600768496, tf_d= s =3D 16,=20 > tf_edi =3D -1048332032, tf_esi =3D 6422528, tf_ebp =3D -600728360,= =20 > tf_isp =3D -600728388, tf_ebx =3D 0, tf_edx =3D 6756410, tf_ecx =3D= 0,=20 > tf_eax =3D 0, tf_trapno =3D 12, tf_err =3D 0, tf_eip =3D -107151779= 6, tf_cs =3D 8,=20 > tf_eflags =3D 66199, tf_esp =3D -1048331972, tf_ss =3D -1048331972}) > at /usr/src/sys/i386/i386/trap.c:466 > #11 0xc021ef9c in m_freem (m=3D0x0) at /usr/src/sys/kern/uipc_mbuf.c:706 > ---Type to continue, or q to quit--- > #12 0xc0273a0f in tcp_respond (tp=3D0x0, ipgen=3D0xc183b93c, th=3D0xc183b= 950,=20 > m=3D0xc183b900, ack=3D2100704027, seq=3D0, flags=3D20) > at /usr/src/sys/netinet/tcp_subr.c:396 > #13 0xc0271eff in tcp_input (m=3D0xc183b900, off0=3D20, proto=3D6) > at /usr/src/sys/netinet/tcp_input.c:2204 > #14 0xc026b874 in ip_input (m=3D0xc183b900) > at /usr/src/sys/netinet/ip_input.c:821 > #15 0xc026b8d3 in ipintr () at /usr/src/sys/netinet/ip_input.c:842 > #16 0xc03ba809 in swi_net_next () > #17 0xc0224929 in connect (p=3D0xd86e1f20, uap=3D0xdc319f80) > at /usr/src/sys/kern/uipc_syscalls.c:396 > #18 0xc03c90f5 in syscall2 (frame=3D{tf_fs =3D 47, tf_es =3D 47, tf_ds = =3D 47,=20 > tf_edi =3D 22273, tf_esi =3D 3, tf_ebp =3D -1077938064, tf_isp =3D = -600727596,=20 > tf_ebx =3D 671650276, tf_edx =3D -1077938288, tf_ecx =3D 13, tf_eax= =3D 98,=20 > tf_trapno =3D 12, tf_err =3D 2, tf_eip =3D 672133692, tf_cs =3D 31,= =20 > tf_eflags =3D 659, tf_esp =3D -1077938252, tf_ss =3D 47}) > at /usr/src/sys/i386/i386/trap.c:1175 > #19 0xc03b93a5 in Xint0x80_syscall () > #20 0x2806fcbd in ?? () > #21 0x8048d88 in ?? () > #22 0x8048add in ?? () > (kgdb) frame 12 > #12 0xc0273a0f in tcp_respond (tp=3D0x0, ipgen=3D0xc183b93c, th=3D0xc183b= 950,=20 > m=3D0xc183b900, ack=3D2100704027, seq=3D0, flags=3D20) > at /usr/src/sys/netinet/tcp_subr.c:396 > 396 m_freem(m->m_next); > (kgdb) print m > $1 =3D (struct mbuf *) 0xc183b900 > (kgdb) print m->m_hdr.mh_next > $2 =3D (struct mbuf *) 0x0 > (kgdb) frame 11 > #11 0xc021ef9c in m_freem (m=3D0x0) at /usr/src/sys/kern/uipc_mbuf.c:706 > 706 if (mcl_pool_now < mcl_pool_max && m->m_next =3D=3D NULL = && > (kgdb)=20 >=20 >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message >=20 --=20 Bosko Milekic * bmilekic@unixdaemons.com * bmilekic@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message