Date: Sat, 17 Nov 2012 10:23:56 -0800 From: Adrian Chadd <adrian@freebsd.org> To: Ian FREISLICH <ianf@clue.co.za> Cc: FreeBSD Net <freebsd-net@freebsd.org>, freebsd-current@freebsd.org Subject: Re: netisr panic? Message-ID: <CAJ-VmonGWFc3W528BJby_C%2B-J3B0Eb2D06GGLTajbgsHvHTfiA@mail.gmail.com> In-Reply-To: <E1TZmtO-0000Xg-Cv@clue.co.za> References: <E1TZjzu-0000R1-HA@clue.co.za> <CAJ-Vmon_AJCcatduf7c70wpCvHYm=v8ytsUwfzBwf0u65r0FwA@mail.gmail.com> <E1TZmtO-0000Xg-Cv@clue.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
Check what mtod() is doing.
mbuf.h:#define mtod(m, t) ((t)((m)->m_data))
.. so if m->m_data is NULL, bam.
The question is why is m_data NULL here. Someone mbuf cluey is going
to have to answer that. I don't know whether the MH_dat stuff is being
treated as valid but m_data isn't being updated, or something.
Adrian
On 17 November 2012 10:13, Ian FREISLICH <ianf@clue.co.za> wrote:
> Adrian Chadd wrote:
>> It's a NULL ponter deref. This is my line 484 in if_ethersubr.c:
>>
>> eh =3D mtod(m, struct ether_header *);
>>
>>
>> .. if that's yours, see if eh is NULL?
>
> (kgdb) frame 7
> #7 0xffffffff8050f534 in ether_nh_input (m=3D0xfffffe012521e700)
> at /usr/src/sys/net/if_ethersubr.c:484
> 484 eh =3D mtod(m, struct ether_header *);
> (kgdb) print eh
> No symbol "eh" in current context.
> (kgdb) print *m
> $2 =3D {m_hdr =3D {mh_next =3D 0x100000000000000, mh_nextpkt =3D 0x100000=
00000,
> mh_data =3D 0x0, mh_len =3D 60, mh_flags =3D 4259842, mh_type =3D 0,
> pad =3D "\000\000\000\000\000"}, M_dat =3D {MH =3D {MH_pkthdr =3D {
> rcvif =3D 0xfffffe000a1c2000, header =3D 0xffffffff, len =3D 60, =
flowid =3D 0,
> csum_flags =3D 3840, csum_data =3D 65535, tso_segsz =3D 0, PH_vt =
=3D {
> vt_vtag =3D 4, vt_nrecs =3D 4}, tags =3D {slh_first =3D 0x3c000=
000}},
> MH_dat =3D {MH_ext =3D {
> ext_buf =3D 0x69e5498600000000 <Address 0x69e5498600000000 out =
of bounds>, ext_free =3D 0x10602, ext_arg1 =3D 0xc000000070000, ext_arg2 =
=3D 0x100,
> ext_size =3D 2048, ref_cnt =3D 0xfffffe0125236d8c, ext_type =3D=
6},
> MH_databuf =3D "\000\000\000\000\206I=D0=B5i\002\006\001\000\000\=
000\000\000\000\000\a\000\000\000\f\000\000\001\000\000\000\000\000\000\000=
\b\000\000\000\000\000\000\214m#%\001=D1=8E=D1=8F=D1=8F\006", '\0' <repeats=
118 times>}},
> M_databuf =3D "\000 \034\n\000=D1=8E=D1=8F=D1=8F=D1=8F=D1=8F=D1=8F=D1=
=8F\000\000\000\000<\000\000\000\000\000\000\000\000\017\000\000=D1=8F=D1=
=8F\000\000\000\000\004\000\000\000\000\000\000\000\000<\000\000\000\000\00=
0\000\000\000\206I=D0=B5i\002\006\001\000\000\000\000\000\000\000\a\000\000=
\000\f\000\000\001\000\000\000\000\000\000\000\b\000\000\000\000\000\000\21=
4m#%\001=D1=8E=D1=8F=D1=8F\006", '\0' <repeats 118 times>}}
>
>
> Ian
>
> --
> Ian Freislich
>
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org=
"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-VmonGWFc3W528BJby_C%2B-J3B0Eb2D06GGLTajbgsHvHTfiA>