Project

General

Profile

Bug #6325

NULL pointer dereference in ip module

Added by Denis Kozadaev about 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
kernel
Start date:
2015-10-13
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
needs-triage

Description

> ::panicinfo
             cpu                6
          thread ffffff0911b3bc40
         message BAD TRAP: type=e (#pf Page fault) rp=ffffff003de8d550 addr=10 occurred in module "ip" due to a NULL pointer dereference
             rdi ffffff0929eadcf0
             rsi ffffff090ec11be0
             rdx               10
             rcx ffffff0929eadc90
              r8 ffffff090ec11b40
              r9                0
             rax                0
             rbx ffffff0929eadcf0
             rbp ffffff003de8d650
             r10           f8ffff
             r11                0
             r12 ffffff090ec11be0
             r13 ffffff003de8d6fc
             r14               10
             r15                4
          fsbase                0
          gsbase ffffff0910257540
              ds               4b
              es               4b
              fs                0
              gs              1c3
          trapno                e
             err                0
             rip fffffffff7b8a908
              cs               30
          rflags            10246
             rsp ffffff003de8d640
              ss               38
          gdt_hi                0
          gdt_lo         e000ffff
          idt_hi                0
          idt_lo         d000ffff
             ldt                0
            task               70
             cr0         80050033
             cr2               10
             cr3        86b819000
             cr4            426f8

> $C
ffffff003de8d650 rn_search+0x18(ffffff0929eadcf0, ffffff090ec11be0)
ffffff003de8d6b0 rn_insert+0x4a(ffffff0929eadcf0, ffffff090ec11b40, ffffff003de8d6fc, ffffff0929eadc90)
ffffff003de8d750 rn_addroute+0x68(ffffff0929eadcf0, ffffff003de8d770, ffffff090ec11b40, ffffff0929eadc90)
ffffff003de8d7c0 ire_get_bucket+0xfa(ffffff0929eaf9e8)
ffffff003de8d830 ire_add_v4+0x41(ffffff0929eaf9e8)
ffffff003de8d850 ire_add+0x42(ffffff0929eaf9e8)
ffffff003de8d950 ip_rt_add+0x6e5(a8f45b, f8ffff, 96813c3, 0, 2, ffffff090f776b28, ffffff003de8daf8, ffffff0000000000, 0, ffffff090e707000, 
ffffff0000000000)
ffffff003de8db60 ip_rts_request_common+0xcbd(ffffff096bb853e0, ffffff0911840380, ffffff090671a458)
ffffff003de8dbb0 rts_send+0x7f(ffffff0911840380, ffffff096bb853e0, ffffff003de8dcc0, ffffff090671a458)
ffffff003de8dc40 so_sendmsg+0x26b(ffffff091b1292d0, ffffff003de8dcc0, ffffff003de8ddf0, ffffff090671a458)
ffffff003de8dca0 socket_sendmsg+0x48(ffffff091b1292d0, ffffff003de8dcc0, ffffff003de8ddf0, ffffff090671a458)
ffffff003de8dd40 socket_vop_write+0x6c(ffffff091b2d1080, ffffff003de8ddf0, 0, ffffff090671a458, 0)
ffffff003de8ddc0 fop_write+0x5b(ffffff091b2d1080, ffffff003de8ddf0, 0, ffffff090671a458, 0)
ffffff003de8de90 write+0x250(3, 80477a4, 178)
ffffff003de8dec0 write32+0x1e(3, 80477a4, 178)
ffffff003de8df10 _sys_sysenter_post_swapgs+0x149()

Dump is available here: http://witch.tambov.ru/vmdump.0
1290M
OpenIndiana
SunOS neohosting 5.11 illumos-6309835 i86pc i386 i86pc

Also available in: Atom PDF