Date: Sun, 13 Jun 2004 00:42:27 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Tim Robbins <tjr@freebsd.org> Cc: current@freebsd.org Subject: Re: Fatal trap 12 in kern/kern_descrip.c:2346 Message-ID: <Pine.NEB.3.96L.1040613004127.1617A-100000@fledge.watson.org> In-Reply-To: <20040613040646.GB28627@cat.robbins.dropbear.id.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 13 Jun 2004, Tim Robbins wrote: > > Well, this is certainly a NULL pointer dereference in the sysctl code > > exporting file descriptor information to user space (perhaps for fstat?). > > The question is what is NULL. It looks like you have a dump -- could you > > convert sysctl_kern_file+0x105 to a line number? It's likely that it is > > line 2346 of kern_descrip.c, which follows the process pointer to its > > ucred. If so, could you use gdb on the dump to inspect *p? > > ISTR he included the output of "print *p" on his web page. > > I think the problem here is that we put processes onto the allproc list > in fork1() before they're properly initialised (or we unlock the allproc > sx too early.) Hmm. I noticed, though, that p_flag is set to P_CONTROLT and P_WEXIT, so my initial suspicion was actually exit1(). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Senior Research Scientist, McAfee Research
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1040613004127.1617A-100000>