Re: fxp0 and vlan panic

From: Maxime Henrion <mux_at_FreeBSD.org>
Date: Sun, 6 Mar 2005 04:44:26 +0100
Randy Bush wrote:
> # addr2line -e kernel.debug -f 0xc047d2d0
> fxp_intr_body
> /usr/src/sys/dev/fxp/if_fxp.c:1662
> 
> this was a feb 6 kernel

Hmmm...  With an if_fxp.c file from Feb 6 line 1662 is :

	if ((le16toh(rfa->rfa_status) & FXP_RFA_STATUS_C) == 0)

So it would mean that rfa points to an invalid memory address and that
the page fault occurs when we dereference it.  However, rfa is taken
from here (RFA_ALIGNMENT_FUDGE is 2):

	rfa = (struct fxp_rfa *)(m->m_ext.ext_buf + RFA_ALIGNMENT_FUDGE);

Thus it means that m->m_ext.ext_buf points to a foobar'ed memory address
too.  I have no idea why such a thing would happen, given that every
access to the descriptor ring looks properly locked down.  A core dump
would really be useful here...

Cheers,
Maxime
Received on Sun Mar 06 2005 - 02:44:26 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:29 UTC