=================================================================== RCS file: /cvsrepo/anoncvs/cvs/www/ddb.html,v retrieving revision 1.17 retrieving revision 1.18 diff -c -r1.17 -r1.18 *** www/ddb.html 2017/02/06 17:24:32 1.17 --- www/ddb.html 2017/02/06 18:55:43 1.18 *************** *** 126,136 ****

  kernel: page fault trap, code=0
! Stopped at    _pf_route+0x263:        mov     0x40(%edi),%edx
  ddb>

! This crash happened at offset 0x263 in the function _pf_route.

The first command to run from the --- 126,136 ----

  kernel: page fault trap, code=0
! Stopped at    pf_route+0x263:        mov     0x40(%edi),%edx
  ddb>

! This crash happened at offset 0x263 in the function pf_route.

The first command to run from the *************** *** 138,153 ****

  ddb> trace
! _pf_route(e28cb7e4,e28bc978,2,1fad,d0b8b120) at _pf_route+0x263
! _pf_test(2,1f4ad,e28cb7e4,b4c1) at _pf_test+0x706
! _pf_route(e28cbb00,e28bc978,2,d0a65440,d0b8b120) at _pf_route+0x207
! _pf_test(2,d0a65440,e28cbb00,d023c282) at _pf_test+0x706
! _ip_output(d0b6a200,0,0,0,0) at _ip_output+0xb67
! _icmp_send(d0b6a200,0,1,a012) at _icmp_send+0x57
! _icmp_reflect(d0b6a200,0,1,0,3) at _icmp_reflect+0x26b
! _icmp_input(d0b6a200,14,0,0,d0b6a200) at _icmp_input+0x42c
! _ipv4_input(d0b6a200,e289f140,d0a489e0,e289f140) at _ipv4_input+0x6eb
! _ipintr(10,10,e289f140,e289f140,e28cbd38) at _ipintr+0x8d
  Bad frame pointer: 0xe28cbcac
  ddb>

--- 138,153 ----

  ddb> trace
! pf_route(e28cb7e4,e28bc978,2,1fad,d0b8b120) at pf_route+0x263
! pf_test(2,1f4ad,e28cb7e4,b4c1) at pf_test+0x706
! pf_route(e28cbb00,e28bc978,2,d0a65440,d0b8b120) at pf_route+0x207
! pf_test(2,d0a65440,e28cbb00,d023c282) at pf_test+0x706
! ip_output(d0b6a200,0,0,0,0) at ip_output+0xb67
! icmp_send(d0b6a200,0,1,a012) at icmp_send+0x57
! icmp_reflect(d0b6a200,0,1,0,3) at icmp_reflect+0x26b
! icmp_input(d0b6a200,14,0,0,d0b6a200) at icmp_input+0x42c
! ipv4_input(d0b6a200,e289f140,d0a489e0,e289f140) at ipv4_input+0x6eb
! ipintr(10,10,e289f140,e289f140,e28cbd38) at ipintr+0x8d
  Bad frame pointer: 0xe28cbcac
  ddb>

*************** *** 172,179 **** In the output, grep for the function name:

! $ grep "<_pf_route>:" /tmp/pf.dis
! 00007d88 <_pf_route>:

Take this first hex number 7d88 and add the offset 0x263 from --- 172,179 ---- In the output, grep for the function name:

! $ grep "<pf_route>:" /tmp/pf.dis
! 00007d88 <pf_route>:

Take this first hex number 7d88 and add the offset 0x263 from *************** *** 184,199 **** 7feb ! Scroll down to that line (the assembler instruction should match the one ! quoted in the Stopped at line), then up to the nearest C line number:

  $ more /tmp/pf.dis
  /sys/net/pf.c:3872
      7fe7:       0f b7 43 02             movzwl 0x2(%ebx),%eax
!     7feb:       8b 57 40                mov    0x40(%edi),%edx
      7fee:       39 d0                   cmp    %edx,%eax
!     7ff0:       0f 87 92 00 00 00       ja     8088 <_pf_route+0x300>

So, it's precisely line 3872 of pf.c that crashes: --- 184,201 ---- 7feb ! Scroll down to the line 7feb. ! The assembler instruction should match the one quoted in the Stopped at ! line. ! Then scroll up to the nearest C line number:

  $ more /tmp/pf.dis
  /sys/net/pf.c:3872
      7fe7:       0f b7 43 02             movzwl 0x2(%ebx),%eax
!     7feb:       8b 57 40                mov    0x40(%edi),%edx
      7fee:       39 d0                   cmp    %edx,%eax
!     7ff0:       0f 87 92 00 00 00       ja     8088 <pf_route+0x300>

So, it's precisely line 3872 of pf.c that crashes: