Date: Tue, 11 May 1999 18:59:56 +0200 From: Pierre Beyssac <beyssac@enst.fr> To: freebsd-bugs@freebsd.org, bob@pmr.com Cc: FreeBSD-gnats-submit@freebsd.org Subject: Re: kern/10872: Panic in sorecieve() Message-ID: <19990511185956.A12679@enst.fr>
next in thread | raw e-mail | index | archive | help
I was looking into PR kern/10872, hoping to find an easily fixable
occurence of NULL mbuf pointer. But it doesn't seem to be.
It's labelled "Panic in sorecieve() due to NULL mbuf pointer", but
from the debug data filed with the PR it seems the actual problem
is with so_rcv.sb_cc being 0, which triggers a KASSERT in uipc_socket.c:
if (m == 0 || (((flags & MSG_DONTWAIT) == 0 &&
so->so_rcv.sb_cc < uio->uio_resid) &&
(so->so_rcv.sb_cc < so->so_rcv.sb_lowat ||
((flags & MSG_WAITALL) && uio->uio_resid <= so->so_rcv.sb_hiwat)) &&
m->m_nextpkt == 0 && (pr->pr_flags & PR_ATOMIC) == 0)) {
KASSERT(m != 0 || !so->so_rcv.sb_cc, ("receive 1"));
(more data can be found in the PR)
I can't seem to be able to reproduce the problem on -current with
the script provided by Bob, and I don't have a -stable box to try
it on either.
Plus, I don't have (yet) much of a clue regarding the semantics of
sb_cc. I continue investigating this stuff, but if anyone has more
clue than I have, he's welcome to send me some directions to look
into :-)
--
Pierre Beyssac pb@enst.fr
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990511185956.A12679>