DragonFly bugs List (threaded) for 2011-05
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: panic: vm_fault: fault on stack guard, addr: 0xffffffe01dbea000

From:	Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date:	Sat, 28 May 2011 11:04:54 -0700 (PDT)

:Hi. I get this on x86_64 master. I don't know how to reproduce, but it happened on my box just now three times within one hour.
:

    It looks like rl_rxeof() is making an illegal call to m_devget(). The
    comment in the code says it all:

	    /*
	     * Fool m_devget() into thinking we want to copy
	     * the whole buffer so we don't end up fragmenting
	     * the data.
	     */
	    m = m_devget(rxbufpos - RL_ETHER_ALIGN,
		total_len + RL_ETHER_ALIGN, 0, ifp, NULL);

    The 'fool' part is that it's calling m_devget() with a buffer range
    that goes beyond the buffer's EOF, and then using m_copyback() to
    re-copy the real data.

    The panic will depend heavily on what memory is beyond the
    sc->rl_cdata.rl_rx_buf buffer... if the buffer was allocated next
    to a stack guard, you'd get that error.

						-Matt

References:
- panic: vm_fault: fault on stack guard, addr: 0xffffffe01dbea000
  - From: Max Herrgard <herrgard@gmail.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]