[Bug 260393] Page Fault tcp_output/tcp_input
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 22 Dec 2021 23:26:53 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260393
--- Comment #67 from Dobri Dobrev <ddobrev85@gmail.com> ---
(In reply to Michael Tuexen from comment #66)
(kgdb) frame 12
#12 0xffffffff80e11a3b in tcp_m_copym (m=0x0, m@entry=0xfffff80bc680b500,
off0=1388, plen=<optimized out>, plen@entry=0xfffffe017fd6282c, seglimit=1,
seglimit@entry=0, segsize=segsize@entry=0, sb=<optimized out>,
hw_tls=<optimized out>) at /usr/src/sys/netinet/tcp_output.c:2011
2011 KASSERT(len == M_COPYALL,
(kgdb) print *(struct mbuf *)0xfffff80bc680b500
$1 = {{m_next = 0x0, m_slist = {sle_next = 0x0}, m_stailq = {stqe_next = 0x0}},
{m_nextpkt = 0x0, m_slistpkt = {sle_next = 0x0}, m_stailqpkt = {stqe_next =
0x0}},
m_data = 0xfffff8017874f000
"O\320mg\276\022\364u\353\271\061\270tI\356\063\227/\030\204\032d\\\252\274\261`PҲ\271\232F\343-\304\372\307<\031u\212\260\061ߐ\264\306i\361Vj\212\314ϓM\031R\257G\b\246\233\227\233,D\335C\220\273\022\025\223\251\361\211\222e+0M)\201\233\034e'\222\203\242h\201\017w\026\065\365\242خ\f\225\350\313\311\364$\244\262\265\370\375\237\f\206\303\r\"6\266F6\377\352\270\036?\022\fJ\032'\225\203Q\332Fy*d\225\373",
<incomplete sequence \303>, m_len = 1999, m_type = 1, m_flags = 1, {{{m_pkthdr
= {{snd_tag = 0x0, rcvif = 0x0}, tags = {slh_first = 0x0}, len = 1297, flowid =
0, csum_flags = 0, fibnum = 0, numa_domain = 255 '\377',
rsstype = 0 '\000', {rcv_tstmp = 0, {l2hlen = 0 '\000', l3hlen = 0
'\000', l4hlen = 0 '\000', l5hlen = 0 '\000', inner_l2hlen = 0 '\000',
inner_l3hlen = 0 '\000', inner_l4hlen = 0 '\000',
inner_l5hlen = 0 '\000'}}, PH_per = {eight =
"\000\000\000\000\377\377\000", sixteen = {0, 0, 65535, 0}, thirtytwo = {0,
65535}, sixtyfour = {281470681743360}, unintptr = {281470681743360},
ptr = 0xffff00000000}, PH_loc = {eight =
"\000\000\000\000\000\000\000", sixteen = {0, 0, 0, 0}, thirtytwo = {0, 0},
sixtyfour = {0}, unintptr = {0}, ptr = 0x0}}, {m_epg_npgs = 0 '\000',
m_epg_nrdy = 0 '\000',
m_epg_hdrlen = 0 '\000', m_epg_trllen = 0 '\000', m_epg_1st_off = 0,
m_epg_last_len = 0, m_epg_flags = 0 '\000', m_epg_record_type = 0 '\000',
__spare = "\000", m_epg_enc_cnt = 0, m_epg_tls = 0x511,
m_epg_so = 0xff000000000000, m_epg_seqno = 0, m_epg_stailq =
{stqe_next = 0xffff00000000}}}, {m_ext = {{ext_count = 2, ext_cnt =
0xdeadc0de00000002}, ext_size = 2048, ext_type = 6, ext_flags = 1, {{
ext_buf = 0xfffff8017874f000
"O\320mg\276\022\364u\353\271\061\270tI\356\063\227/\030\204\032d\\\252\274\261`PҲ\271\232F\343-\304\372\307<\031u\212\260\061ߐ\264\306i\361Vj\212\314ϓM\031R\257G\b\246\233\227\233,D\335C\220\273\022\025\223\251\361\211\222e+0M)\201\233\034e'\222\203\242h\201\017w\026\065\365\242خ\f\225\350\313\311\364$\244\262\265\370\375\237\f\206\303\r\"6\266F6\377\352\270\036?\022\fJ\032'\225\203Q\332Fy*d\225\373",
<incomplete sequence \303>, ext_arg2 = 0x0}, {extpg_pa = {18446735283932426240,
0, 16045693110842147038, 16045693110842147038, 16045693110842147038},
extpg_trail =
"\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255",
<incomplete sequence \336>, extpg_hdr =
"\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255\336\336\300\255"}},
ext_free = 0x0,
ext_arg1 = 0x0}, m_pktdat = 0xfffff80bc680b558 "\002"}}, m_dat =
0xfffff80bc680b520 ""}}
(kgdb) print *(int32_t *)0xfffffe017fd6282c
$2 = 612
(kgdb) frame 14
#14 0xffffffff80e0607a in tcp_do_segment (m=<optimized out>,
th=0xfffff80bc659e87a, so=<optimized out>, tp=0xfffffe0252e24000,
drop_hdrlen=40, tlen=<optimized out>, iptos=0 '\000') at
/usr/src/sys/netinet/tcp_input.c:2822
2822 tcp_sack_partialack(tp,
th);
(kgdb) print *th
$3 = {th_sport = 43204, th_dport = 63248, th_seq = 2812027976, th_ack =
324807354, th_x2 = 0 '\000', th_off = 5 '\005', th_flags = 16 '\020', th_win =
16103, th_sum = 0, th_urp = 0}
(kgdb) print *tp
$4 = {t_inpcb = 0xfffff8090099b1f0, t_fb = 0xffffffff81b414a0
<tcp_def_funcblk>, t_fb_ptr = 0x0, t_maxseg = 1400, t_logstate = 0, t_port = 0,
t_state = 6, t_idle_reduce = 0, t_delayed_ack = 0, t_fin_is_rst = 0,
t_log_state_set = 0, bits_spare = 0, t_flags = 554697333, snd_una =
324805966, snd_max = 324807967, snd_nxt = 324807967, snd_up = 324805966,
snd_wnd = 65800, snd_cwnd = 1400, t_peakrate_thr = 0, ts_offset = 0,
rfbuf_ts = 12071754, rcv_numsacks = 0, t_tsomax = 65535, t_tsomaxsegcount =
37, t_tsomaxsegsize = 4096, rcv_nxt = 2812027976, rcv_adv = 2812093832, rcv_wnd
= 65856, t_flags2 = 1024, t_srtt = 7549, t_rttvar = 947,
ts_recent = 0, snd_scale = 2 '\002', rcv_scale = 6 '\006', snd_limited = 0
'\000', request_r_scale = 6 '\006', last_ack_sent = 2812027976, t_rcvtime =
2159165013, rcv_up = 2812027976, t_segqlen = 0, t_segqmbuflen = 0,
t_segq = {tqh_first = 0x0, tqh_last = 0xfffffe0252e24090}, t_in_pkt = 0x0,
t_tail_pkt = 0x0, t_timers = 0xfffffe0252e242a8, t_vnet = 0xfffff8010582fec0,
snd_ssthresh = 2800, snd_wl1 = 2812027976, snd_wl2 = 324805966,
irs = 2812024397, iss = 324701574, t_acktime = 0, t_sndtime = 2159073224,
ts_recent_age = 0, snd_recover = 324807967, cl4_spare = 0, t_oobflags = 0
'\000', t_iobc = 0 '\000', t_rxtcur = 64000, t_rxtshift = 8,
t_rtttime = 0, t_rtseq = 324807965, t_starttime = 2158904990, t_fbyte_in =
2158905017, t_fbyte_out = 2158905018, t_pmtud_saved_maxseg = 0,
t_blackhole_enter = 0, t_blackhole_exit = 0, t_rttmin = 30, t_rttbest = 7842,
t_softerror = 0, max_sndwnd = 65800, snd_cwnd_prev = 5600, snd_ssthresh_prev
= 2800, snd_recover_prev = 324776566, t_sndzerowin = 0, t_rttupdated = 15,
snd_numholes = 1, t_badrxtwin = 2158964144, snd_holes = {
tqh_first = 0xfffff806d01890a0, tqh_last = 0xfffff806d01890b0}, snd_fack =
324807354, sackblks = {{start = 2812027975, end = 2812027976}, {start = 0, end
= 0}, {start = 0, end = 0}, {start = 0, end = 0}, {start = 0,
end = 0}, {start = 0, end = 0}}, sackhint = {nexthole =
0xfffff806d01890a0, sack_bytes_rexmit = 0, last_sack_ack = 324807354,
delivered_data = 1388, sacked_bytes = 611, recover_fs = 3400, prr_delivered =
6800,
prr_out = 7588}, t_rttlow = 190, rfbuf_cnt = 0, tod = 0x0, t_sndrexmitpack
= 47, t_rcvoopack = 0, t_toe = 0x0, cc_algo = 0xffffffff81b3e350
<newreno_cc_algo>, ccv = 0xfffffe0252e243f0, osd = 0xfffffe0252e24418,
t_bytes_acked = 0, t_maxunacktime = 0, t_keepinit = 0, t_keepidle = 0,
t_keepintvl = 0, t_keepcnt = 0, t_dupacks = 0, t_lognum = 0, t_loglimit = 5000,
t_pacing_rate = -1, t_logs = {stqh_first = 0x0,
stqh_last = 0xfffffe0252e24218}, t_lin = 0x0, t_lib = 0x0, t_output_caller
= 0x0, t_stats = 0x0, t_logsn = 0, gput_ts = 0, gput_seq = 0, gput_ack = 0,
t_stats_gput_prev = 0, t_maxpeakrate = 0, t_sndtlppack = 0,
t_sndtlpbyte = 0, t_sndbytes = 125990, t_snd_rxt_bytes = 40040,
t_tfo_client_cookie_len = 0 '\000', t_end_info_status = 0, t_tfo_pending = 0x0,
t_tfo_cookie = {client = '\000' <repeats 15 times>, server = 0}, {
t_end_info_bytes = "\000\000\000\000\000\000\000", t_end_info = 0}}
(kgdb)
--
You are receiving this mail because:
You are the assignee for the bug.