Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 10 Oct 1996 14:40:21 -0500 (CDT)
From:      Karl Denninger  <karl@Mcs.Net>
To:        hackers@freebsd.org, current@freebsd.org
Subject:   Crash in -current (from the current SNAP)
Message-ID:  <199610101940.OAA10151@Jupiter.Mcs.Net>
next in thread | raw e-mail | index | archive | help 
#0  boot (howto=260) at ../../kern/kern_shutdown.c:237
#1  0xf0113bf2 in panic (fmt=0xf01bc6af "page fault")
    at ../../kern/kern_shutdown.c:361
#2  0xf01bd20a in trap_fatal (frame=0xf01e3d0c) at ../../i386/i386/trap.c:741
#3  0xf01bccf8 in trap_pfault (frame=0xf01e3d0c, usermode=0)
    at ../../i386/i386/trap.c:652
#4  0xf01bc9df in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = 0, 
      tf_esi = -216777728, tf_ebp = -266453672, tf_isp = -266453708, 
      tf_ebx = -215471872, tf_edx = 0, tf_ecx = -218725632, 
      tf_eax = -216503296, tf_trapno = 12, tf_err = 0, tf_eip = -267181782, 
      tf_cs = 8, tf_eflags = 66118, tf_esp = 0, tf_ss = -215471872})
    at ../../i386/i386/trap.c:311
#5  0xf01b2051 in calltrap ()
#6  0xf0198fc8 in ffs_sync (mp=0xf2f9bc00, waitfor=2, cred=0xf1f5f880, 
    p=0xf0208e74) at ../../ufs/ffs/ffs_vfsops.c:817
#7  0xf01335cb in sync (p=0xf0208e74, uap=0x0, retval=0x0)
    at ../../kern/vfs_syscalls.c:357
#8  0xf011380d in boot (howto=256) at ../../kern/kern_shutdown.c:181
#9  0xf0113bf2 in panic (fmt=0xf01bc6af "page fault")
    at ../../kern/kern_shutdown.c:361
#10 0xf01bd20a in trap_fatal (frame=0xf01e3e90) at ../../i386/i386/trap.c:741
#11 0xf01bccf8 in trap_pfault (frame=0xf01e3e90, usermode=0)
    at ../../i386/i386/trap.c:652
---Type <return> to continue, or q <return> to quit---
#12 0xf01bc9df in trap (frame={tf_es = 16, tf_ds = 16, tf_edi = -227006164, 
      tf_esi = -215122688, tf_ebp = -266453184, tf_isp = -266453320, 
      tf_ebx = -211072256, tf_edx = 1073610751, tf_ecx = 0, 
      tf_eax = 201893069, tf_trapno = 12, tf_err = 2, tf_eip = -267093275, 
      tf_cs = 8, tf_eflags = 66050, tf_esp = 44, tf_ss = 20})
    at ../../i386/i386/trap.c:311
#13 0xf01b2051 in calltrap ()
#14 0xf01447b2 in ip_input (m=0xf2782900) at ../../netinet/ip_input.c:508
#15 0xf0144828 in ipintr () at ../../netinet/ip_input.c:529
#16 0xf01b336d in swi_net_next ()
#17 0xf0125827 in pffasttimo (arg=0x0) at ../../kern/uipc_domain.c:234
#18 0xf010afd4 in softclock () at ../../kern/kern_clock.c:665

Oh oh....

ip_input, at line 529, is this:

        /*
         * Switch out to protocol's input routine.
         */
        ipstat.ips_delivered++;
>>>>    (*inetsw[ip_protox[ip->ip_p]].pr_input)(m, hlen);
        return;

What's going on here?

These are somewhat frequent.  The address being passed to ip_input looks ok 
(it appears to be in kernel space)....

Given that it is a timeout call that is generating this, why do I think 
this has something to do with the anti-syn patches?

Did anyone check the spl() levels in those changes to make sure that the 
structures aren't getting mangled during processing?

--
--
Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity
http://www.mcs.net/~karl     | T1 from $600 monthly; speeds to DS-3 available
			     | 23 Chicagoland Prefixes, 13 ISDN, much more
Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net/
Fax:   [+1 312 248-9865]     | Home of Chicago's only FULL Clarinet feed!

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610101940.OAA10151>