Date: Tue, 5 Apr 2005 10:43:44 -0700 From: Kris Kennaway <kris@obsecurity.org> To: current@FreeBSD.org Cc: phk@freeBSD.org Subject: NULL pointer deref in ptcread() Message-ID: <20050405174344.GA86957@xor.obsecurity.org>
next in thread | raw e-mail | index | archive | help
--ReaqsoxgOBHFXBhH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
HEAD from yesterday on a SMP machine.
Kris
Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 06
fault virtual address = 0x0
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc06b4b02
stack pointer = 0x10:0xf7cb6b4c
frame pointer = 0x10:0xf7cb6b78
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 1182 (screen)
[thread pid 1182 tid 100239 ]
Stopped at generic_bcopy+0x1a: repe movsl (%esi),%es:(%edi)
db> wh
Tracing pid 1182 tid 100239 td 0xc5a92b80
generic_bcopy(c59aa438,f7cb6bb8,40,c0758280,1) at generic_bcopy+0x1a
ptcread(c69b3d00,f7cb6c68,4,3ae,1000) at ptcread+0x180
devfs_read_f(c5d8e558,f7cb6c68,c605e100,0,c5a92b80) at devfs_read_f+0xa7
dofileread(c5a92b80,c5d8e558,7,bfbfd3f0,1000) at dofileread+0xc3
read(c5a92b80,f7cb6d14,3a6,c0715022,c5a92b80) at read+0x6c
syscall(2f,2f,bfbf002f,80aa050,0) at syscall+0x2c4
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (3, FreeBSD ELF32, read), eip = 0x2816fbd7, esp = 0xbfbfd3cc, ebp = 0xbfbfe408 ---
db>
--ReaqsoxgOBHFXBhH
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (FreeBSD)
iD8DBQFCUs5QWry0BWjoQKURAlGzAJ0VMoOR+EUx76ujx3ks0iOyZGcEnwCgoEfQ
R4OZEvtZMBBjf/MDRj8rkl8=
=ytP1
-----END PGP SIGNATURE-----
--ReaqsoxgOBHFXBhH--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050405174344.GA86957>