From owner-freebsd-hackers@FreeBSD.ORG Wed Apr 19 17:46:13 2006 Return-Path: X-Original-To: hackers@FreeBSD.org Delivered-To: freebsd-hackers@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0205C16A408 for ; Wed, 19 Apr 2006 17:46:13 +0000 (UTC) (envelope-from thomas@soete.info) Received: from smtp13.wanadoo.fr (smtp13.wanadoo.fr [193.252.22.54]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1A54443D78 for ; Wed, 19 Apr 2006 17:46:11 +0000 (GMT) (envelope-from thomas@soete.info) Received: from me-wanadoo.net (localhost [127.0.0.1]) by mwinf1304.wanadoo.fr (SMTP Server) with ESMTP id 22CC07000082 for ; Wed, 19 Apr 2006 19:46:11 +0200 (CEST) Received: from [192.168.1.15] (ALille-252-1-26-88.w83-192.abo.wanadoo.fr [83.192.110.88]) by mwinf1304.wanadoo.fr (SMTP Server) with ESMTP id CE9AB700008A for ; Wed, 19 Apr 2006 19:46:09 +0200 (CEST) X-ME-UUID: 20060419174609846.CE9AB700008A@mwinf1304.wanadoo.fr Message-ID: <44467768.2080809@soete.info> Date: Wed, 19 Apr 2006 19:46:16 +0200 From: Thomas SOETE User-Agent: Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: hackers@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit X-Mailman-Approved-At: Wed, 19 Apr 2006 17:50:11 +0000 Cc: Subject: Kernel Fatal Trap 12 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Apr 2006 17:46:13 -0000 Hi everybody Since a little time I began to have some kernel fatal trap 12 I had FreeBSD 5.3 and I decided to install 6.0 to avoid this problem (thinking that the bug was patched between these versions) But after installing all, the kernel panic is still there uname -a output : FreeBSD freebsd 6.0-RELEASE-p6 FreeBSD 6.0-RELEASE-p6 #0: Mon Apr 17 19:27:35 CEST 2006 root@freebsd:/usr/src/sys/i386/compile/TOMS i386 where kgdb : #0 doadump () at pcpu.h:165 #1 0xc04b4c76 in boot (howto=260) at ../../../kern/kern_shutdown.c:399 #2 0xc04b4f0c in panic (fmt=0xc05e963d "%s") at ../../../kern/kern_shutdown.c:555 #3 0xc05cce40 in trap_fatal (frame=0xd5cf9ad8, eva=88) at ../../../i386/i386/trap.c:831 #4 0xc05ccbab in trap_pfault (frame=0xd5cf9ad8, usermode=0, eva=88) at ../../../i386/i386/trap.c:742 #5 0xc05cc7e9 in trap (frame= {tf_fs = -1067712504, tf_es = -1048772568, tf_ds = 40, tf_edi = 0, tf_esi = 0, tf_ebp = -707814604, tf_isp = -707814652, tf_ebx = -707814256, tf_edx = -707814000, tf_ecx = 0, tf_eax = 8, tf_trapno = 12, tf_err = 2, tf_eip = -1068217761, tf_cs = 32, tf_eflags = 66183, tf_esp = -707814612, tf_ss = 8}) at ../../../i386/i386/trap.c:432 #6 0xc05bbfda in calltrap () at ../../../i386/i386/exception.s:139 #7 0xc0544a5f in ip_ctloutput (so=0x8, sopt=0xd5cf9c90) at ../../../netinet/ip_output.c:1208 #8 0xc0552c03 in tcp_ctloutput (so=0xc16ca164, sopt=0xd5cf9c90) at ../../../netinet/tcp_usrreq.c:1036 #9 0xc04ee3cc in sosetopt (so=0xc16ca164, sopt=0xd5cf9c90) at ../../../kern/uipc_socket.c:1553 #10 0xc04f3629 in kern_setsockopt (td=0xc17d2d80, s=14, level=8, name=8, val=0xd5cf9d90, valseg=UIO_USERSPACE, valsize=0) at ../../../kern/uipc_syscalls.c:1331 #11 0xc04f355a in setsockopt (td=0xc17d2d80, uap=0x8) at ../../../kern/uipc_syscalls.c:1287 #12 0xc05cd157 in syscall (frame= {tf_fs = 139264059, tf_es = 59, tf_ds = -1078001605, tf_edi = 39, tf_esi = 139367520, tf_ebp = -1077941204, tf_isp = -707814044, tf_ebx = 138942556, tf_edx = 14, tf_ecx = 139367616, tf_eax = 105, tf_trapno = 22, tf_err = 2, tf_eip = 677011411, tf_cs = 51, tf_eflags = 518, tf_esp = -1077941248, tf_ss = 59}) at ../../../i386/i386/trap.c:976 #13 0xc05bc02f in Xint0x80_syscall () at ../../../i386/i386/exception.s:200 #14 0x00000033 in ?? () I tried to investigate a little and I found that : *#7 0xc0544a5f in ip_ctloutput (so=0x8, sopt=0xd5cf9c90) at ../../../netinet/ip_output.c:1208 1208 inp->inp_ip_tos = optval; *and (kgdb) p inp $12 = (struct inpcb *) 0x0 ok ... p null pointer :-/ inp is : struct inpcb *inp = sotoinpcb(so); and so is : (kgdb) p so $13 = (struct socket *) 0x8 hum strange, a pointer with value as 8 ... and so was passed as parameter : #7 0xc0544a5f in ip_ctloutput (so=0x8.... , let see where it was called : #8 0xc0552c03 in tcp_ctloutput (so=0xc16ca164, sopt=0xd5cf9c90) at ../../../netinet/tcp_usrreq.c:1036 1036 error = ip_ctloutput(so, sopt); and between the call of tcp_ctloutput and ip_ctloutput so wasn't changed, so it's value should be 0xc16ca164 (kgdb) p so $14 = (struct socket *) 0xc16ca164 So why the value passed by the caller is different with the value in the called function ? If you could help me to find why my gateway crash allmost each time the adsl connection drop it'll be nice :) Thanks, -- Thomas SOETE Etudiant Ingénieur Télécom - Enic Télécom Lille 1 Etudiant Master Recherche, Conception de Systèmes Embarqués - LIFL WWW : http://toms.netcv.org/ Mail & MSN : thomas@soete.info GTalk : toms2809@gmail.com