[DragonFlyBSD - Bug #3236] Panic running efivar

bugtracker-admin at leaf.dragonflybsd.org bugtracker-admin at leaf.dragonflybsd.org
Thu May 28 22:11:15 PDT 2020


La demande #3236 a été mise à jour par dillon.


Looks like it may be trying to access a userspace address without using copyout().  SMAP caught it.  I'm looking at it now.

-Matt

----------------------------------------
Bug #3236: Panic running efivar
http://bugs.dragonflybsd.org/issues/3236#change-13884

* Auteur: daftaupe
* Statut: New
* Priorité: Normal
* Assigné à: 
* Catégorie: 
* Version cible: 
----------------------------------------
Hello,

I tried loading the efirt module then running efivar but got a panic.

Got the following backtrace when using the dump I got (kgdb then bt) :

(kgdb) bt
#0  _get_mycpu () at ./machine/thread.h:69
#1  panic (fmt=fmt at entry=0xffffffff805dce3e "%s") at /usr/src/sys/kern/kern_shutdown.c:868
#2  0xffffffff8058333e in trap_fatal (frame=frame at entry=0xfffff800bc3195e8, eva=2129260136) at /usr/src/sys/platform/pc64/x86_64/trap.c:1116
#3  0xffffffff8058374c in trap_pfault (frame=0xfffff800bc3195e8, usermode=0) at /usr/src/sys/platform/pc64/x86_64/trap.c:943
#4  0xffffffff8055f9ea in calltrap () at /usr/src/sys/platform/pc64/x86_64/exception.S:321
#5  0xffffffff82000d53 in efi_var_nextname (namesize=namesize at entry=0xfffff800bc319870, name=name at entry=0xfffff800bc8f2c00, vendor=vendor at entry=0xfffff800bc319878)
    at /usr/src/sys/dev/misc/efirt/../../../platform/pc64/x86_64/efirt.c:562
#6  0xffffffff82000fd3 in efidev_ioctl (ap=<optimized out>) at /usr/src/sys/dev/misc/efirt/efidev.c:146
#7  0xffffffff802b6d35 in dev_dioctl (dev=dev at entry=0xfffff80066c86700, cmd=cmd at entry=3224913157, data=data at entry=0xfffff800bc319868 "", fflag=<optimized out>, 
    cred=cred at entry=0xfffff8004676ddb0, msg=msg at entry=0xfffff800bc319960, fp=0xfffff800770f1d00) at /usr/src/sys/kern/kern_device.c:251
#8  0xffffffff8042e555 in devfs_fo_ioctl (fp=0xfffff800770f1d00, com=3224913157, data=0xfffff800bc319868 "", ucred=0xfffff8004676ddb0, msg=0xfffff800bc319960)
    at /usr/src/sys/vfs/devfs/devfs_vnops.c:1548
#9  0xffffffff80321d1b in fo_ioctl (msg=0xfffff800bc319960, cred=<optimized out>, data=<optimized out>, com=<optimized out>, fp=0xfffff800770f1d00) at /usr/src/sys/sys/file2.h:84
#10 mapped_ioctl (fd=<optimized out>, com=<optimized out>, uspc_data=<optimized out>, map=0x0, msg=<optimized out>) at /usr/src/sys/kern/sys_generic.c:717
#11 0xffffffff80584856 in syscall2 (frame=0xfffff800bc3199f8) at /usr/src/sys/platform/pc64/x86_64/trap.c:1317
#12 0xffffffff805601fd in Xfast_syscall () at /usr/src/sys/platform/pc64/x86_64/exception.S:450
#13 0x000000000000002b in ?? ()
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

Is that enough info ?




-- 
You have received this notification because you have either subscribed to it, or are involved in it.
To change your notification preferences, please click here: http://bugs.dragonflybsd.org/my/account



More information about the Bugs mailing list