Subject: kern/29527: kern/uipc_socket2.c's sbdrop() panics
To: None <email@example.com, firstname.lastname@example.org,>
From: None <Peter.Bex@student.kun.nl>
Date: 02/25/2005 12:13:01
>Synopsis: sbdrop()'s code incorrect if len > 0, m == 0
>Arrival-Date: Fri Feb 25 12:13:00 +0000 2005
>Originator: Peter Bex
>Release: NetBSD 2.0
System: NetBSD frohike.nvie.com 2.0 NetBSD 2.0 (FROHIKE) #0: Wed Dec 22 10:00:59 CET 2004 email@example.com:/usr/src/sys/arch/i386/compile/FROHIKE i386
My kernel panicked one day in sbdrop() from kern/uipc_socket2.c.
Looking at the code quickly (even though I don't _really_ understand
it) it looks like the function gets a len > 0 and sb of which
sb->sb_mb == 0 In this case we clearly get a panic.
Unfortunately, my sync request for ddb failed, causing another
problem, so I did another sync. This screwed up my core dump.
If necessary, I can provide it, though.
Unknown. At the time two rather heavy bittorrent processes were
running, so I suspect it can occur on very heavy network load.
I had INET6 disabled, if it matters.