panic in recent RELENG_5 tcp code path
Doug White
dwhite at gumbysoft.com
Wed May 18 15:52:33 PDT 2005
On Sun, 15 May 2005, Jeremie Le Hen wrote:
> Sorry, I couldn't get a dump.
>
> %%%
> obiwan:tataz$ uname -a
> FreeBSD obiwan.tataz.chchile.org 5.4-STABLE FreeBSD 5.4-STABLE #16: Fri May 13 01:01:50 CEST 2005 root at obiwan.tataz.chchile.org:/usr/src/sys/i386/compile/OBIWAN i386
> %%%
>
> %%%
> Fatal trap 12: page fault while in kernel mode
> fault virtual address = 0xc
> fault code = supervisor read, page not present
> instruction pointer = 0x8:0xc05aa4e0
> stack pointer = 0x10:0xd6dbfaa4
> frame pointer = 0x10:0xd6dbfabc
> code segment = base 0x0, limit 0xfffff, type 0x1b
> = DPL 0, pres 1, def32 1, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 25637 (sshd)
> [thread pid 25637 tid 100131 ]
> Stopped at m_copydata+0x28: movl 0xc(%esi),%ebx
> db> trace
> Tracing pid 25637 tid 100131 td 0xc23bc180
> m_copydata(c211aa00,0,40,c211aaa8,c21422ec) at m_copydata+0x28
> tcp_output(c1d74534,c211aa00,c211aa30,40,0) at tcp_output+0xb49
> tcp_usr_send(c1ec9144,0,c211aa00,0,0) at tcp_usr_send+0x1ca
> sosend(c1ec9144,0,d6dbfc6c,c211aa00,0) at sosend+0x6dc
> soo_write(c21422ec,d6dbfc6c,c2c2dd89,0,c23bc180) at soo_write+0x9e
> dofilewrite(c23bc180,c21422ec,4,807d000,40) at dofilewrite+0xb6
> write(c23bc180,d6dbfd04,c,c23bc180,c21264b0) at write+0x6a
> syscall(807002f,bfbf002f,bfbf002f,806eca8,40) at syscall+0x340
> Xint0x80_syscall() at Xint0x80_syscall+0x1f
> --- syscall (4, FreeBSD ELF32, write), eip = 0x2826cd0b, esp = 0xbfbfe4fc, ebp = 0xbfbfr518 ---
> %%%
>
> Please Cc: me in replies, I'm not subscribed to this list.
Can you load a kernel.debug into gdb and do "l *(tcp_output+0xb49)" and
post the output? that offset isn't a function call in my kernel.
tcp_output() doesn't call m_copypacket directly so the exact spot is
difficult to find.
--
Doug White | FreeBSD: The Power to Serve
dwhite at gumbysoft.com | www.FreeBSD.org
More information about the freebsd-stable
mailing list