From owner-freebsd-hackers Thu Mar 23 2:47:49 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from mailbox.reptiles.org (mailbox.reptiles.org [198.96.117.155]) by hub.freebsd.org (Postfix) with ESMTP id F293837B6BA for ; Thu, 23 Mar 2000 02:47:41 -0800 (PST) (envelope-from jim@reptiles.org) Received: from localhost (11743 bytes) by mailbox.reptiles.org via sendmail with P:stdio/R:bind_hosts/T:inet_zone_bind_smtp (sender: ) (ident using unix) id for ; Thu, 23 Mar 2000 05:47:32 -0500 (EST) (Smail-3.2.0.108 1999-Sep-19 #3 built 1999-Oct-27) Date: Thu, 23 Mar 2000 05:47:32 -0500 From: Jim Mercer To: Matthew Dillon Cc: hackers@FreeBSD.ORG Subject: Re: possible bug in kernel/if_ether.c Message-ID: <20000323054731.W983@reptiles.org> References: <20000322225639.T983@reptiles.org> <200003230515.VAA96507@apollo.backplane.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="LpQ9ahxlCli8rRTG" X-Mailer: Mutt 1.0i In-Reply-To: <200003230515.VAA96507@apollo.backplane.com>; from dillon@apollo.backplane.com on Wed, Mar 22, 2000 at 09:15:27PM -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG --LpQ9ahxlCli8rRTG Content-Type: text/plain; charset=us-ascii On Wed, Mar 22, 2000 at 09:15:27PM -0800, Matthew Dillon wrote: > :#5 0xc01997c8 in arpintr () at ../../netinet/if_ether.c:447 > > Very, very weird. Can you disassemble the 'arpintr' function from your > kernel binary? > > gdb -k /kernel (or kernel.debug if you have it) > disassemble arpintr no problem (although much of this appears well over my head). thanx for having a look. > I can't pinpoint the fault point since my kernel is compiled up > differently, but I suspect it's at the line I've indicated below. > > Unfortunately, it makes no sense whatsoever because %ebx would have to > be NULL and that case already checked. I suspect the actual fault > address is somewhere else if you do the dissassembly it should help. just to clarify, i'm running 4.0-RELEASE, with a cvsup 4.x-stable-supfile as at approx Mar 21 02:00 i've attached my kernel config file as well. FreeBSD snuffy.nag.ca 4.0-STABLE FreeBSD 4.0-STABLE #2: Tue Mar 21 03:48:14 EST 2000 toor@snuffy.nag.ca:/usr/src/sys/compile/NAG-ORANGE i386 also, as at 23:00 last night (currently 05:30) i ifconfig'd the rl0 to 10mbps and rebooted, and i haven't had a reboot yet. mind you, it hasn't been rebooting with any regular frequency, nor do the reboots appear to be related to system load. (ie, i had some heavy database processing happening and a "make world" at the same time, without a reboot, then got a reboot later during an idle period). from kernel.debug: (kgdb) disassemble arpintr Dump of assembler code for function arpintr: 0xc019972c : pushl %ebp 0xc019972d : movl %esp,%ebp 0xc019972f : pushl %esi 0xc0199730 : pushl %ebx 0xc0199731 : cmpl $0x0,0xc0270084 0xc0199738 : je 0xc019986c 0xc019973e : call 0xc0232224 0xc0199743 : movl %eax,%edx 0xc0199745 : movl 0xc0270084,%ebx 0xc019974b : testl %ebx,%ebx 0xc019974d : je 0xc0199775 0xc019974f : movl 0x4(%ebx),%eax 0xc0199752 : movl %eax,0xc0270084 0xc0199757 : testl %eax,%eax 0xc0199759 : jne 0xc0199768 0xc019975b : movl $0x0,0xc0270088 0xc0199765 : leal 0x0(%esi),%esi 0xc0199768 : movl $0x0,0x4(%ebx) 0xc019976f : decl 0xc027008c 0xc0199775 : pushl %edx 0xc0199776 : call 0xc02320f4 0xc019977b : addl $0x4,%esp 0xc019977e : testl %ebx,%ebx 0xc0199780 : je 0xc0199788 0xc0199782 : testb $0x2,0x12(%ebx) 0xc0199786 : jne 0xc0199794 0xc0199788 : pushl $0xc024bace 0xc019978d : call 0xc0154968 0xc0199792 : movl %esi,%esi 0xc0199794 : cmpl $0x7,0xc(%ebx) 0xc0199798 : ja 0xc01997c8 0xc019979a : pushl $0x8 0xc019979c : pushl %ebx 0xc019979d : call 0xc016e4b8 0xc01997a2 : addl $0x8,%esp 0xc01997a5 : testl %eax,%eax 0xc01997a7 : sete %al 0xc01997aa : movzbl %al,%ebx 0xc01997ad : testl %ebx,%ebx 0xc01997af : je 0xc01997c8 0xc01997b1 : pushl $0xc024bae0 0xc01997b6 : pushl $0x3 0xc01997b8 : call 0xc015f524 0xc01997bd : addl $0x8,%esp 0xc01997c0 : jmp 0xc0199731 0xc01997c5 : leal 0x0(%esi),%esi 0xc01997c8 : movl 0x8(%ebx),%ecx 0xc01997cb : movzwl (%ecx),%eax 0xc01997ce : xchgb %ah,%al 0xc01997d0 : cmpw $0x1,%ax 0xc01997d4 : je 0xc0199804 0xc01997d6 : movzwl (%ecx),%eax 0xc01997d9 : xchgb %ah,%al 0xc01997db : cmpw $0x6,%ax 0xc01997df : je 0xc0199804 0xc01997e1 : pushl $0xc024ba8e 0xc01997e6 : pushl %ecx 0xc01997e7 : pushl $0xc024bb20 0xc01997ec : pushl $0x3 0xc01997ee : call 0xc015f524 0xc01997f3 : pushl %ebx 0xc01997f4 : call 0xc016d99c 0xc01997f9 : addl $0x14,%esp 0xc01997fc : jmp 0xc0199731 0xc0199801 : leal 0x0(%esi),%esi 0xc0199804 : movl %ebx,%eax 0xc0199806 : xorl %esi,%esi 0xc0199808 : testl %ebx,%ebx 0xc019980a : je 0xc0199815 0xc019980c : addl 0xc(%eax),%esi 0xc019980f : movl (%eax),%eax 0xc0199811 : testl %eax,%eax 0xc0199813 : jne 0xc019980c 0xc0199815 : movzbl 0x4(%ecx),%edx 0xc0199819 : movzbl 0x5(%ecx),%eax 0xc019981d : leal 0x8(,%eax,2),%eax 0xc0199824 : leal (%eax,%edx,2),%edx 0xc0199827 : cmpl %edx,%esi 0xc0199829 : jae 0xc0199848 0xc019982b : pushl $0xc024bb4b 0xc0199830 : pushl $0x3 0xc0199832 : call 0xc015f524 0xc0199837 : pushl %ebx 0xc0199838 : call 0xc016d99c 0xc019983d : addl $0xc,%esp 0xc0199840 : jmp 0xc0199731 0xc0199845 : leal 0x0(%esi),%esi 0xc0199848 : movzwl 0x2(%ecx),%eax 0xc019984c : xchgb %ah,%al 0xc019984e : cmpw $0x800,%ax 0xc0199852 : jne 0xc019985c 0xc0199854 : pushl %ebx 0xc0199855 : call 0xc0199874 0xc019985a : jmp 0xc0199862 0xc019985c : pushl %ebx 0xc019985d : call 0xc016d99c 0xc0199862 : addl $0x4,%esp 0xc0199865 : jmp 0xc0199731 0xc019986a : movl %esi,%esi 0xc019986c : leal 0xfffffff8(%ebp),%esp 0xc019986f : popl %ebx 0xc0199870 : popl %esi 0xc0199871 : leave 0xc0199872 : ret End of assembler dump. -- [ Jim Mercer jim@reptiles.org +1 416 506-0654 ] [ Reptilian Research -- Longer Life through Colder Blood ] [ Don't be fooled by cheap Finnish imitations; BSD is the One True Code. ] --LpQ9ahxlCli8rRTG Content-Type: text/plain; charset=us-ascii Content-Description: kernel config Content-Disposition: attachment; filename=NAG-ORANGE # machine i386 cpu I586_CPU cpu I686_CPU ident "NAG-ORANGE" maxusers 64 makeoptions DEBUG=-g #Build kernel with gdb(1) debug symbols options INET #InterNETworking #options INET6 #IPv6 communications protocols options FFS #Berkeley Fast Filesystem options FFS_ROOT #FFS usable as root device [keep this!] options MFS #Memory Filesystem options MD_ROOT #MD is a potential root device options NFS #Network Filesystem options NFS_ROOT #NFS usable as root device, NFS required options MSDOSFS #MSDOS Filesystem options CD9660 #ISO 9660 Filesystem options CD9660_ROOT #CD-ROM usable as root, CD9660 required options PROCFS #Process filesystem options COMPAT_43 #Compatible with BSD 4.3 [KEEP THIS!] options SCSI_DELAY=15000 #Delay (in ms) before probing SCSI options UCONSOLE #Allow users to grab the console options USERCONFIG #boot -c editor options VISUAL_USERCONFIG #visual boot -c editor options KTRACE #ktrace(1) support options SYSVSHM #SYSV-style shared memory options SYSVMSG #SYSV-style message queues options SYSVSEM #SYSV-style semaphores options P1003_1B #Posix P1003_1B real-time extentions options _KPOSIX_PRIORITY_SCHEDULING options ICMP_BANDLIM #Rate limit bad replies options INCLUDE_CONFIG_FILE # Include this file in kernel options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about # dropped packets options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options TCP_DROP_SYNFIN #drop TCP packets with SYN+FIN options TCP_RESTRICT_RST #restrict emission of TCP RST options DUMMYNET options MD5 # To make an SMP kernel, the next two are needed options SMP # Symmetric MultiProcessor Kernel options APIC_IO # Symmetric (APIC) I/O # Optionally these may need tweaked, (defaults shown): #options NCPU=2 # number of CPUs #options NBUS=4 # number of busses #options NAPIC=1 # number of IO APICs #options NINTR=24 # number of INTs device isa device pci # Floppy drives device fdc0 at isa? port IO_FD1 irq 6 drq 2 device fd0 at fdc0 drive 0 # SCSI Controllers device ahc # AHA2940 and onboard AIC7xxx devices # SCSI peripherals device scbus # SCSI bus (required) device da # Direct Access (disks) device sa # Sequential Access (tape etc) device cd # CD device pass # Passthrough device (direct SCSI access) # atkbdc0 controls both the keyboard and the PS/2 mouse device atkbdc0 at isa? port IO_KBD device atkbd0 at atkbdc? irq 1 device vga0 at isa? # splash screen/screen saver pseudo-device splash # syscons is the default console driver, resembling an SCO console device sc0 at isa? # Floating point support - do not disable. device npx0 at nexus? port IO_NPX irq 13 # Serial (COM) ports device sio0 at isa? port IO_COM1 flags 0x10 irq 4 device sio1 at isa? port IO_COM2 irq 3 # Parallel port device ppc0 at isa? irq 7 device ppbus # Parallel port bus (required) device lpt # Printer device plip # TCP/IP over parallel device ppi # Parallel port interface device # PCI Ethernet NICs that use the common MII bus controller code. device miibus # MII bus support device rl # RealTek 8129/8139 # Pseudo devices - the number indicates how many units to allocated. pseudo-device loop # Network loopback pseudo-device ether # Ethernet support pseudo-device pty # Pseudo-ttys (telnet etc) pseudo-device md # Memory "disks" pseudo-device bpf #Berkeley packet filter --LpQ9ahxlCli8rRTG-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message