I wonder if that allocate is correct... This is the pbuf debug output of the crashing 92 bytes ping via PPP:
pbuf_alloc(length=0) pbuf_alloc: allocated pbuf 0021a5cc pbuf_alloc(length=0) == 0021a5cc pbuf_alloc(length=0) pbuf_alloc: allocated pbuf 0021a53c pbuf_alloc(length=0) == 0021a53c pbuf_header: old 0021a5dc new 0021a5e4 (-8) pbuf_header: old 0021a5e4 new 0021a5f8 (-20) pbuf_header: old 0021a5f8 new 0021a5e4 (20) pbuf_header: old 0021a5e4 new 0021a5f8 (-20) pbuf_header: failed as 0021a5d4 < 0021a5dc (not enough space for new header size) pbuf_header: old 0021a5f8 new 0021a5e4 (20) pbuf_alloc(length=120) pbuf_alloc(length=120) == 00213b78 pbuf_copy(00213b78, 0021a5cc) 15.05.17 12:03:41 ASSERT: C:/Projekte/TMO-100/Libraries/lwIP/src/core/pbuf.c:888:p_to != NULL and that's the same size over Ethernet: pbuf_alloc(length=134) pbuf_alloc: allocated pbuf 00219e7c pbuf_alloc(length=134) == 00219e7c pbuf_header: old 00219e8c new 00219e9a (-14) pbuf_header: old 00219e9a new 00219eae (-20) pbuf_header: old 00219eae new 00219e9a (20) pbuf_header: old 00219e9a new 00219eae (-20) pbuf_header: failed as 00219e8a < 00219e8c (not enough space for new header size) pbuf_header: old 00219eae new 00219e9a (20) pbuf_alloc(length=120) pbuf_alloc(length=120) == 00213b78 pbuf_copy(00213b78, 00219e7c) pbuf_copy: end of chain reached. pbuf_header: old 00213b98 new 00213bac (-20) pbuf_free(00219e7c) ... The very first allocate is different (length=0 via PPP, length =134 via Ethernet). On the other side, it's the same with a working ping of one byte more over PPP: pbuf_alloc(length=0) pbuf_alloc: allocated pbuf 0021a5cc pbuf_alloc(length=0) == 0021a5cc pbuf_alloc(length=0) pbuf_alloc: allocated pbuf 0021a53c pbuf_alloc(length=0) == 0021a53c pbuf_header: old 0021a5dc new 0021a5e4 (-8) pbuf_header: old 0021a5e4 new 0021a5f8 (-20) pbuf_header: old 0021a5f8 new 0021a5e4 (20) pbuf_header: old 0021a5e4 new 0021a5f8 (-20) pbuf_header: failed as 0021a5d4 < 0021a5dc (not enough space for new header size) pbuf_header: old 0021a5f8 new 0021a5e4 (20) pbuf_alloc(length=121) pbuf_alloc(length=121) == 00213b78 pbuf_copy(00213b78, 0021a5cc) pbuf_copy: end of chain reached. pbuf_header: old 00213b98 new 00213bac (-20) pbuf_free(0021a5cc) The first allocate is also length=0 here, but the pbuf_copy does not crash. Is there a bell ringing? _______________________________________________ lwip-users mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/lwip-users
