Date: Sat, 08 May 1999 00:15:36 +0800 From: Peter Wemm <peter@netplex.com.au> To: "Jordan K. Hubbard" <jkh@zippy.cdrom.com> Cc: current@FreeBSD.ORG Subject: Re: somebody has broken sysctlbyname() in -current Message-ID: <19990507161541.3EFE21F72@spinner.netplex.com.au> In-Reply-To: Your message of "Fri, 07 May 1999 06:49:31 MST." <99200.926084971@zippy.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Jordan K. Hubbard" wrote: > > sysctlbyname("machdep.uc_devlist", buf, &len, NULL, NULL); > > Sorry for the vague first bug report; I hadn't collected a reasonable > crashdump yet. It's in sysctl_machdep_uc_devlist(), specifically > where it copies id->id_driver->name into a temporary stack variable. > First time through, this thing's NULL and *boom* we're gone. I'm > looking into it. Urk. You are right. The problem is that id_driver is a wild pointer. It was pointing to an entry in a malloc'ed array that was built to make isadev->id_driver->name work for userconfig. After the exit of userconfig, these tables are freed up, but the uc_devlist stuff still contains a pointer to the original &isa_drvtab[i]; which is long gone... Cheers, -Peter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990507161541.3EFE21F72>