Re: 2.0.33 - Line 1669 in net/ipv4/tcp.c ?

Dan Hollis (goemon@sasami.anime.net)
Tue, 20 Jan 1998 16:26:53 -0800 (PST)

On Tue, 20 Jan 1998, Mike Leddy wrote:
> I'm using a standard 2.0.33 kernel uptime 5 days, on my stable server
> with ECC memory (more later) and observed the following three general
> protections with squid, tproxyd and apache. The server is still up and
> running without any noticable problems.
>
> I managed to locate the code and source line in question in the hope
> that it can help with bug tracking...

I can confirm this bug report as I got the exact same oops in the exact
same line number on our machine also:

general protection: 0000
CPU: 0
EIP: 0010:[<00146f8c>]
EFLAGS: 00010213
eax: f000e987 ebx: 00000000 ecx: 037e703c edx: f000f84d
esi: 037e70d8 edi: 000001a2 ebp: 037e7018 esp: 016ddee8
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process roxen (pid: 18054, process nr: 13, stackpage=016dd000)
Stack: 037e7018 016ddf7c 00000000 00000000 20a0dfd5 037e703c 00000000 000001a2
0035fc0c 01263248 10a1d680 001511a2 037e7018 016ddf78 00001e5e 00000000
00000000 016ddf7c 00002000 01263200 bfffdb64 01263290 0013799f 01263290
Call Trace: [<001511a2>] [<0013799f>] [<00122d14>] [<0010a61d>]
Code: 8a 40 0d a8 02 74 04 ff 4c 24 10 8b 7c 24 10 39 7b 30 0f 87
(gdb) l *0x146f8c
0x146f8c is in tcp_recvmsg (tcp.c:1669).
1664 while (skb != (struct sk_buff *)&sk->receive_queue)
1665 {
1666 if (before(*seq, skb->seq))
1667 break;
1668 offset = *seq - skb->seq;
1669 if (skb->h.th->syn)
1670 offset--;
1671 if (offset < skb->len)
1672 goto found_ok_skb;
1673 if (skb->h.th->fin)

(gdb) l *0x001511a2
0x1511a2 is in inet_recvmsg (af_inet.c:867).
862
863 /* We may need to bind the socket. */
864 if(inet_autobind(sk) != 0)
865 return(-EAGAIN);
866
867 return(sk->prot->recvmsg(sk, ubuf, size, noblock, flags,addr_len));
868 }
869
870
871 static int inet_sendmsg(struct socket *sock, struct msghdr *msg, int size, int noblock,

(gdb) l *0x0013799f
0x13799f is in sock_read (socket.c:353).
348 msg.msg_iovlen=1;
349 msg.msg_control=NULL;
350 iov.iov_base=ubuf;
351 iov.iov_len=size;
352
353 return(sock->ops->recvmsg(sock, &msg, size,(file->f_flags & O_NONBLOCK), 0,&msg.msg_namelen));
354 }
355
356 /*
357 * Write data to a socket. We verify that the user area ubuf..ubuf+size-1 is

(gdb) l *0x00122d14
0x122d14 is in sys_read (read_write.c:132).
127 if (error)
128 goto out;
129 error = verify_area(VERIFY_WRITE,buf,count);
130 if (error)
131 goto out;
132 error = file->f_op->read(inode,file,buf,count);
133 out:
134 fput(file, inode);
135 bad_file:
136 return error;

(gdb) l *0x0010a61d
No source file for address 0x10a61d.

-Dan