From owner-freebsd-current@FreeBSD.ORG  Tue Apr  5 17:43:45 2005
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 8D94A16A4CE; Tue,  5 Apr 2005 17:43:45 +0000 (GMT)
Received: from obsecurity.dyndns.org
	(CPE0050040655c8-CM00111ae02aac.cpe.net.cable.rogers.com [69.194.102.111])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 4CE9A43D3F; Tue,  5 Apr 2005 17:43:45 +0000 (GMT)
	(envelope-from kris@obsecurity.org)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 85DA2513B6; Tue,  5 Apr 2005 10:43:44 -0700 (PDT)
Date: Tue, 5 Apr 2005 10:43:44 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: current@FreeBSD.org
Message-ID: <20050405174344.GA86957@xor.obsecurity.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="ReaqsoxgOBHFXBhH"
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
cc: phk@freeBSD.org
Subject: NULL pointer deref in ptcread()
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Apr 2005 17:43:45 -0000


--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

HEAD from yesterday on a SMP machine.

Kris

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 06
fault virtual address   = 0x0
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc06b4b02
stack pointer           = 0x10:0xf7cb6b4c
frame pointer           = 0x10:0xf7cb6b78
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 1182 (screen)
[thread pid 1182 tid 100239 ]
Stopped at      generic_bcopy+0x1a:     repe movsl      (%esi),%es:(%edi)
db> wh
Tracing pid 1182 tid 100239 td 0xc5a92b80
generic_bcopy(c59aa438,f7cb6bb8,40,c0758280,1) at generic_bcopy+0x1a
ptcread(c69b3d00,f7cb6c68,4,3ae,1000) at ptcread+0x180
devfs_read_f(c5d8e558,f7cb6c68,c605e100,0,c5a92b80) at devfs_read_f+0xa7
dofileread(c5a92b80,c5d8e558,7,bfbfd3f0,1000) at dofileread+0xc3
read(c5a92b80,f7cb6d14,3a6,c0715022,c5a92b80) at read+0x6c
syscall(2f,2f,bfbf002f,80aa050,0) at syscall+0x2c4
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (3, FreeBSD ELF32, read), eip = 0x2816fbd7, esp = 0xbfbfd3cc, ebp = 0xbfbfe408 ---
db>
--ReaqsoxgOBHFXBhH
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)

iD8DBQFCUs5QWry0BWjoQKURAlGzAJ0VMoOR+EUx76ujx3ks0iOyZGcEnwCgoEfQ
R4OZEvtZMBBjf/MDRj8rkl8=
=ytP1
-----END PGP SIGNATURE-----

--ReaqsoxgOBHFXBhH--