Date: Sat, 28 Apr 2007 17:30:10 GMT From: =?ISO-8859-1?Q?Lodewijk_V=F6ge?= <lvoege@gmail.com> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/96981: reproducible instant reboot by unprivileged user Message-ID: <200704281730.l3SHUAVp044346@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/96981; it has been noted by GNATS.
From: =?ISO-8859-1?Q?Lodewijk_V=F6ge?= <lvoege@gmail.com>
To: Gavin Atkinson <gavin.atkinson@ury.york.ac.uk>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/96981: reproducible instant reboot by unprivileged user
Date: Sat, 28 Apr 2007 13:20:59 -0400
hello,
please disregard the previous stack trace. while it's the same
process and a much fuller stracktrace, the problem really seems to be
the thread that's hitting doreti_iret with the uninteresting trace of
"doreti_iret() at doreti_iret"
I've been sprinkling printf()s around in sys/amd64/amd64/trap.c, and
as far as I can tell:
- it passes through the block that printf()s "kernel trap 9 with
interrupts disabled"
- then to the block with /* kernel trap */ at the top
- to the T_PROTFLT clause in the switch, as type is 9
- it enters the block that points the frame's tf_rip field to
doreti_iret_fault. that block goto's to the end of trap(), which does
a return
- lockup
so my layman's suspicion is that it's a problem with doreti_iret_fault.
Lodewijk
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200704281730.l3SHUAVp044346>