Date: Mon, 24 Jul 2006 17:16:09 -0400 From: John Baldwin <jhb@freebsd.org> To: freebsd-current@freebsd.org Subject: Re: page fault panic in kern_access/crcopy Message-ID: <200607241716.09548.jhb@freebsd.org> In-Reply-To: <44C36691.5030501@gmail.com> References: <44C36691.5030501@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 23 July 2006 08:07, Pawel Worach wrote: > Hi, > > While testing SCTP with NetPIPE I found a reproducible panic, I'm not > sure if this one is SCTP's fault. This is using: > FreeBSD 7.0-CURRENT #0: Sun Jul 23 13:23:06 CEST 2006 + SCTP patches > from today. > Previous frame inner to this frame (corrupt stack?) > (kgdb) f 8 > #8 0xc0531b92 in crcopy (dest=0xc28f4800, src=0xc28f4800) > at /usr/src/sys/kern/kern_prot.c:1954 > 1954 uihold(dest->cr_uidinfo); > (kgdb) p *dest > $1 = {cr_ref = 1, cr_uid = 0, cr_ruid = 0, cr_svuid = 0, cr_ngroups = 0, > cr_groups = {0 <repeats 16 times>}, cr_rgid = 0, cr_svgid = 0, > cr_uidinfo = 0x0, cr_ruidinfo = 0x0, cr_prison = 0x0, cr_label = 0x0} > (kgdb) p *src > $2 = {cr_ref = 1, cr_uid = 0, cr_ruid = 0, cr_svuid = 0, cr_ngroups = 0, > cr_groups = {0 <repeats 16 times>}, cr_rgid = 0, cr_svgid = 0, > cr_uidinfo = 0x0, cr_ruidinfo = 0x0, cr_prison = 0x0, cr_label = 0x0} This implies that curthread has a bogus td_ucred. Lots of things should break if this happens. :( You need to find where td_ucred gets set to a bogus credential. -- John Baldwin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200607241716.09548.jhb>