kern/83885: Kernel panic when received ICMP TOO_BIG by ping6 -m
Ryota Hirose
hirose at comm.yamaha.co.jp
Thu Jul 21 23:50:33 GMT 2005
>Number: 83885
>Category: kern
>Synopsis: Kernel panic when received ICMP TOO_BIG by ping6 -m
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Thu Jul 21 23:50:24 GMT 2005
>Closed-Date:
>Last-Modified:
>Originator: Ryota Hirose
>Release: 5.4-RC4
>Organization:
Yamaha Corporation
>Environment:
FreeBSD thebe.comm.yamaha.co.jp 5.4-RC4 FreeBSD 5.4-RC4 #13: Fri Jul 22 08:19:44 JST 2005 hirose at thebe.comm.yamaha.co.jp:/usr/src/sys/i386/compile/THEBE i386
>Description:
Kernel will panic when execute ping6 -m and receive ICMP TOO_BIG error for that ICMP Echo.
>How-To-Repeat:
PC1---------------ROUTER--------------PC2
MTU=1500 MTU=1280
PC1# ping6 -m -s 1300 PC2
>Fix:
--- uipc_socket.c.orig Fri Jul 22 08:26:08 2005
+++ uipc_socket.c Fri Jul 22 08:03:39 2005
@@ -1174,7 +1174,10 @@
}
cm = cmn;
}
- nextrecord = so->so_rcv.sb_mb->m_nextpkt;
+ if (so->so_rcv.sb_mb)
+ nextrecord = so->so_rcv.sb_mb->m_nextpkt;
+ else
+ nextrecord = NULL;
orig_resid = 0;
}
if (m != NULL) {
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list