https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290039
--- Comment #3 from David Gilbert <[email protected]> --- I'm tempted to turn on invariants or somesuch, but I'm also wondering if this is a heizenbug w.r.t. invariants. So... I'm pretty much just feeling around Found the definiton of TAILQ_LAST() --- and sch->sch_bucket->tqh_fist is 0x0. I've included *sch and *sc below. I do note that the size element isn't sensible: (kgdb) p sch->sch_length $3 = 4294967295 Even if someone is bashing syns at it (which could be happening --- it has a public IP) ... that number is large enough to rather be a negative represented unsigned. (kgdb) p *sch $5 = {sch_mtx = {lock_object = {lo_name = 0xffffffff81245932 "tcp_sc_head", lo_flags = 16973824, lo_data = 0, lo_witness = 0x0}, mtx_lock = 18446735281974056832}, sch_bucket = {tqh_first = 0x0, tqh_last = 0xfffffe01f8342f60}, sch_timer = {c_links = {le = { le_next = 0xffffffff81bded30 <logsoftc+88>, le_prev = 0xffffffff831893d0}, sle = { sle_next = 0xffffffff81bded30 <logsoftc+88>}, tqe = {tqe_next = 0xffffffff81bded30 <logsoftc+88>, tqe_prev = 0xffffffff831893d0}}, c_time = 126973187183134, c_precision = 268435437, c_arg = 0xfffffe01f8342f40, c_func = 0xffffffff80d6bc90 <syncache_timer>, c_lock = 0xfffffe01f8342f40, c_flags = 2, c_iflags = 128, c_cpu = 0}, sch_nextc = 28962266, sch_length = 4294967295, sch_sc = 0xfffffe015df0cbb8, sch_last_overflow = 31307} (kgdb) p *sc $6 = {sc_hash = {tqe_next = 0x0, tqe_prev = 0x0}, sc_inc = {inc_flags = 0 '\000', inc_len = 0 '\000', inc_fibnum = 0, inc_ie = { ie_fport = 18169, ie_lport = 47873, ie_dependfaddr = {id46_addr = {ia46_pad32 = {0, 0, 0}, ia46_addr4 = { s_addr = 3563381669}}, id6_addr = {__u6_addr = { __u6_addr8 = '\000' <repeats 12 times>, "\245\343", <incomplete sequence \324>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 58277, 54372}, __u6_addr32 = {0, 0, 0, 3563381669}}}}, ie_dependladdr = {id46_addr = {ia46_pad32 = {0, 0, 0}, ia46_addr4 = { s_addr = 890527810}}, id6_addr = {__u6_addr = {__u6_addr8 = '\000' <repeats 12 times>, "B`\0245", __u6_addr16 = {0, 0, 0, 0, 0, 0, 24642, 13588}, __u6_addr32 = {0, 0, 0, 890527810}}}}, ie6_zoneid = 0}}, sc_rxttime = 0, sc_rxmits = 0, sc_port = 0, sc_tsreflect = 0, sc_tsoff = 0, sc_flowlabel = 0, sc_irs = 2993914448, sc_iss = 1241750539, sc_ipopts = 0x0, sc_peer_mss = 1200, sc_wnd = 65535, sc_ip_ttl = 64 '@', sc_ip_tos = 0 '\000', sc_requested_s_scale = 0 '\000', sc_requested_r_scale = 0 '\000', sc_flags = 0, sc_challenge_ack_cnt = 0, sc_challenge_ack_end = 0, sc_tod = 0x0, sc_todctx = 0x0, sc_label = 0x0, sc_cred = 0xfffff8018db26900, sc_tfo_cookie = 0x0, sc_pspare = 0x0, sc_spare = {0, 0}} (kgdb) -- You are receiving this mail because: You are the assignee for the bug.
