Hello -
I'm working on a LwIP/FreeRTOS/Cortex-M7 system which has been
generally very solid, but noticed I'm crashing the processor with a 5
fragment ping ("ping 192.168.1.112 -s 5913 -c 1"). If there are 4 or
fewer fragments, it works fine ("ping 192.168.1.112 -s 5912 -i 0.1").
I was poking around in the debugger and it's telling me that the crash
is happening in around in "ip_reass_free_complete_datagram"...
As I understand it, this function ought to be cleaning up the fragments
of the ping, but it appears to be freeing the wrong datagram. When I
set a breakpoint on ip_reass_free_complete_datagram and run:
> (gdb) x /32xb ipr->p->payload
I see data for an ARP request that my PC sent 5 seconds after the
original ping. It seems like this is what's triggering the crash, since
the logic is treating this payload as a struct and trying to extract
the "next_pbuf" from it.
I'm running STABLE-2_1_2_RELEASE, but I see the same with the latest
checkout of master.
Any advice on how to proceed here would be very much appreciated!
Thanks,
Robert
_______________________________________________
lwip-users mailing list
lwip-users@nongnu.org
https://lists.nongnu.org/mailman/listinfo/lwip-users
