From owner-freebsd-hackers Thu Oct 10 14:44:06 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA18353 for hackers-outgoing; Thu, 10 Oct 1996 14:44:06 -0700 (PDT) Received: from Kitten.mcs.com (Kitten.mcs.com [192.160.127.90]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA18284; Thu, 10 Oct 1996 14:43:58 -0700 (PDT) Received: from mailbox.mcs.com (Mailbox.mcs.com [192.160.127.87]) by Kitten.mcs.com (8.8.0/8.8.Beta.3) with SMTP id QAA24912; Thu, 10 Oct 1996 16:43:32 -0500 (CDT) Received: by mailbox.mcs.com (/\==/\ Smail3.1.28.1 #28.15) id ; Thu, 10 Oct 96 16:43 CDT Received: (from karl@localhost) by Jupiter.Mcs.Net (8.8.Beta.6/8.8.Beta.3) id QAA13666; Thu, 10 Oct 1996 16:43:30 -0500 (CDT) From: Karl Denninger Message-Id: <199610102143.QAA13666@Jupiter.Mcs.Net> Subject: Re: Crash in -current (from the current SNAP) To: fenner@parc.xerox.com (Bill Fenner) Date: Thu, 10 Oct 1996 16:43:30 -0500 (CDT) Cc: fenner@parc.xerox.com, karl@Mcs.Net, current@freebsd.org, hackers@freebsd.org In-Reply-To: <96Oct10.144023pdt.177476@crevenia.parc.xerox.com> from "Bill Fenner" at Oct 10, 96 02:40:12 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > >(kgdb) > >(kgdb) select-frame 14 > >(kgdb) print ip_protox[ip->ip_p] > >$1 = 2 '\002' > > > >That's "INET", if I'm reading the headers correctly. > > No, it's "TCP" (ip_protox[] is an offset into the inetsw[], and inetsw[2] > is TCP). > > >(kgdb) print inetsw[ip_protox[ip->ip_p]].pr_input > >$2 = (void (*)()) 0xf01477ec > > Looks fine. Perhaps the trap didn't actually happen in ip_input? > Try "select-frame 12" and then "frame frame->tf_ebp frame->tf_eip", > which should tell you where the crash really happened. > > Bill Oh oh.... (kgdb) select-frame 12 (kgdb) frame frame->tf_ebp frame->tf_eip #0 0xf0147ae5 in tcp_input (m=0xf2782900, iphlen=20) at ../../netinet/tcp_input.c:438 ../../netinet/tcp_input.c:438: No such file or directory. Which is.... inp = (struct inpcb *)so->so_pcb; >>>>>>> inp->inp_laddr = ti->ti_dst; inp->inp_lport = ti->ti_dport; in_pcbrehash(inp); Right in the middle of the "dropsocket" area. Me smells a problem with the SYN flood patch. -- -- Karl Denninger (karl@MCS.Net)| MCSNet - The Finest Internet Connectivity http://www.mcs.net/~karl | T1 from $600 monthly; speeds to DS-3 available | 23 Chicagoland Prefixes, 13 ISDN, much more Voice: [+1 312 803-MCS1 x219]| Email to "info@mcs.net" WWW: http://www.mcs.net/ Fax: [+1 312 248-9865] | Home of Chicago's only FULL Clarinet feed!