Date: Sun, 11 Aug 1996 06:22:30 +1000 From: Bruce Evans <bde@zeta.org.au> To: freebsd-current@FreeBSD.org, j@uriah.heep.sax.de Cc: fenner@parc.xerox.com Subject: Re: Crash in rtrequest() Message-ID: <199608102022.GAA07492@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>Anyway, the stacktrace i've been quoting was fairly complete:
>(kgdb) backtrace
>[...]
>#10 0xf01bab61 in calltrap ()
>#11 0xf0143967 in rt_setgate (rt0=0xf0f39800, dst=0xf0f3a730, gate=0xf0e17450)
> at ../../net/route.c:682
>#12 0xf01435be in rtrequest (req=11, dst=0xf0f3a730, gateway=0x0, netmask=0x0,
> flags=0, ret_nrt=0xefbffe68) at ../../net/route.c:468
>#13 0xf0142f21 in rtalloc1 (dst=0xf0f3a730, report=1, ignflags=0)
> at ../../net/route.c:130
>#14 0xf0142e6b in rtalloc (ro=0xf0f3a72c) at ../../net/route.c:98
>#15 0xf01490fd in in_pcbladdr ()
>#16 0xf015197e in tcp_connect ()
>#17 0xf0151363 in tcp_usr_connect ()
>#18 0xf012458f in soconnect ()
>#19 0xf01270ef in connect ()
>[...]
>The ``calltrap'' is actually the crashing instance of rtrequest(), but
The bogus backtrace was supposed to be fixed in rev.1.10 of i386/exception.s,
but the fix got deleted in rev.1.14. Backtraces for NULL pointers and the
like will always show `calltrap' instead of the routine where the fault
occurred until this is fixed.
>rt_setgate() has been called by another instance of rtrequest:
> makeroute:
> R_Malloc(rt, struct rtentry *, sizeof(*rt));
> if (rt == 0)
> senderr(ENOBUFS);
> Bzero(rt, sizeof(*rt));
> rt->rt_flags = RTF_UP | flags;
> if (rt_setgate(rt, dst, gateway)) { <<=== here
> Free(rt);
> senderr(ENOBUFS);
> }
Apparently rt_key(rt0) is NULL in rt_setgate().
Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199608102022.GAA07492>