DragonFly bugs List (threaded) for 2009-09
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]
Re: [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
| From: | Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 4 Sep 2009 20:40:40 -0700 (PDT) |
:Hmm, it is very strange to me. I reproduced the bug myself today and
:the above patch does fix the panic.
:Have you recompiled/reinstall the patched kernel (at least quickkernel
:+ installkernel)?
:
:Best Regards,
:sephe
Hmm. min() uses a signed integer for arguments and result. len
is a size_t. Is sopt->sopt_valsize initialized in that path? If
it is uninitialized and >= 0x80000000 it will turn up negative in
the min() and a very bad value will be returned for the bcopy().
-Matt
Matthew Dillon
<dillon@backplane.com>
- References:
- [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
- From: "Mykhaylo \(via DragonFly issue tracker\)" <sinknull@leaf.dragonflybsd.org>
- Re: [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
- From: Sepherosa Ziehau <sepherosa@gmail.com>
- Re: [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
- From: McLone <mclone@gmail.com>
- Re: [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
- From: Sepherosa Ziehau <sepherosa@gmail.com>
- [issue1481] panic: assertion: kva_p(buf) in soopt_from_kbuf (after ipfw pipe show, 2.2.1-R)
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]