panic: vm_fault: fault on stack guard, addr: 0xffffffe01dbea000
Matthew Dillon
dillon at apollo.backplane.com
Sat May 28 11:06:02 PDT 2011
:Hi. I get this on x86_64 master. I don't know how to reproduce, but it happened on my box just now three times within one hour.
:
It looks like rl_rxeof() is making an illegal call to m_devget(). The
comment in the code says it all:
/*
* Fool m_devget() into thinking we want to copy
* the whole buffer so we don't end up fragmenting
* the data.
*/
m = m_devget(rxbufpos - RL_ETHER_ALIGN,
total_len + RL_ETHER_ALIGN, 0, ifp, NULL);
The 'fool' part is that it's calling m_devget() with a buffer range
that goes beyond the buffer's EOF, and then using m_copyback() to
re-copy the real data.
The panic will depend heavily on what memory is beyond the
sc->rl_cdata.rl_rx_buf buffer... if the buffer was allocated next
to a stack guard, you'd get that error.
-Matt
More information about the Bugs
mailing list