Date: Wed, 5 Apr 2006 10:35:01 +0100 (BST) From: Robert Watson <rwatson@FreeBSD.org> To: Kazuaki Oda <kaakun@highway.ne.jp> Cc: freebsd-current@freebsd.org Subject: Re: kernel panic: page fault Message-ID: <20060405103429.D82516@fledge.watson.org> In-Reply-To: <44334F5A.9060408@highway.ne.jp> References: <4430FAAF.2040809@highway.ne.jp> <20060403133210.U36756@fledge.watson.org> <44311AB5.2010407@highway.ne.jp> <20060404141813.H22854@fledge.watson.org> <44333063.70606@highway.ne.jp> <44334F5A.9060408@highway.ne.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 5 Apr 2006, Kazuaki Oda wrote: > I've read the source code: > > > /* > * XXXRW: Time wait state for inpcb has been recycled, but inpcb is > * still present. This is undesirable, but temporarily necessary > * until we work out how to handle inpcb's who's timewait state has > * been removed. > */ > if (tw == NULL) > goto drop; > > <snip> > > drop: > INP_UNLOCK(tw->tw_inpcb); > m_freem(m); > return (0); > > > Hmm, it seems to be null pointer dereference because tw is NULL... Indeed. I've inserted a NULL check here. Thanks again! Robert N M Watson
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060405103429.D82516>