Date: Wed, 18 May 2005 15:52:33 -0700 (PDT) From: Doug White <dwhite@gumbysoft.com> To: Jeremie Le Hen <jeremie@le-hen.org> Cc: freebsd-stable@FreeBSD.org Subject: Re: panic in recent RELENG_5 tcp code path Message-ID: <20050518155130.H87264@carver.gumbysoft.com> In-Reply-To: <20050515120007.GA777@obiwan.tataz.chchile.org> References: <20050515120007.GA777@obiwan.tataz.chchile.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 15 May 2005, Jeremie Le Hen wrote: > Sorry, I couldn't get a dump. > > %%% > obiwan:tataz$ uname -a > FreeBSD obiwan.tataz.chchile.org 5.4-STABLE FreeBSD 5.4-STABLE #16: Fri May 13 01:01:50 CEST 2005 root@obiwan.tataz.chchile.org:/usr/src/sys/i386/compile/OBIWAN i386 > %%% > > %%% > Fatal trap 12: page fault while in kernel mode > fault virtual address = 0xc > fault code = supervisor read, page not present > instruction pointer = 0x8:0xc05aa4e0 > stack pointer = 0x10:0xd6dbfaa4 > frame pointer = 0x10:0xd6dbfabc > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, def32 1, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = 25637 (sshd) > [thread pid 25637 tid 100131 ] > Stopped at m_copydata+0x28: movl 0xc(%esi),%ebx > db> trace > Tracing pid 25637 tid 100131 td 0xc23bc180 > m_copydata(c211aa00,0,40,c211aaa8,c21422ec) at m_copydata+0x28 > tcp_output(c1d74534,c211aa00,c211aa30,40,0) at tcp_output+0xb49 > tcp_usr_send(c1ec9144,0,c211aa00,0,0) at tcp_usr_send+0x1ca > sosend(c1ec9144,0,d6dbfc6c,c211aa00,0) at sosend+0x6dc > soo_write(c21422ec,d6dbfc6c,c2c2dd89,0,c23bc180) at soo_write+0x9e > dofilewrite(c23bc180,c21422ec,4,807d000,40) at dofilewrite+0xb6 > write(c23bc180,d6dbfd04,c,c23bc180,c21264b0) at write+0x6a > syscall(807002f,bfbf002f,bfbf002f,806eca8,40) at syscall+0x340 > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (4, FreeBSD ELF32, write), eip = 0x2826cd0b, esp = 0xbfbfe4fc, ebp = 0xbfbfr518 --- > %%% > > Please Cc: me in replies, I'm not subscribed to this list. Can you load a kernel.debug into gdb and do "l *(tcp_output+0xb49)" and post the output? that offset isn't a function call in my kernel. tcp_output() doesn't call m_copypacket directly so the exact spot is difficult to find. -- Doug White | FreeBSD: The Power to Serve dwhite@gumbysoft.com | www.FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050518155130.H87264>