page fault in ugenpoll()

Dirk GOUDERS gouders at et.bocholt.fh-ge.de
Fri May 20 00:27:58 GMT 2005 

Hello,

just for completeness, I want to provide a simple program that causes
a kernel panic when invoked with the argument /dev/ugen0:

#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sys/types.h>
#include <poll.h>
#include <errno.h>

int main(int argc, char *argv[])
{
    int fd;
    int nfd;
    char *path = argv[1];
    struct pollfd pfd[1];
    
    fd = open(path, O_RDWR);
    if ( fd < 0 ) {
        fprintf(stderr, "%s: %s\n", path, strerror(errno));
        exit(1);
    }
    pfd[0].fd = fd;
    pfd[0].events = POLLHUP;
    pfd[0].revents = 0;
    nfd = poll(pfd, 1, 10);
    if ( nfd < 0 ) {
        fprintf(stderr, "poll(2): %s\n", strerror(errno));
        exit(1);
    }
    printf("nfd = %d\n", nfd);    
    close(fd);
    exit(0);
}

 > Hello,
 > 
 > on a machine
 > 
 > FreeBSD karga.hank.home 4.11-STABLE FreeBSD 4.11-STABLE #2: Thu May 19 12:32
 > :50 CEST 2005     root at karga.hank.home:/usr/src/sys/compile/KARGA  i386
 > 
 > I am playing with a Cryptoflex e-gate USB token and get kernel
 > panics when invoking a program openct-control to access it:
 > 
 > Fatal trap 12: page fault while in kernel mode
 > fault virtual address   = 0x3
 > fault code              = supervisor read, page not present
 > instruction pointer     = 0x8:0xc027177b
 > stack pointer           = 0x10:0xccde7d40
 > frame pointer           = 0x10:0xccde7d50
 > code segment            = base 0x0, limit 0xfffff, type 0x1b
 >                         = DPL 0, pres 1, def32 1, gran 1
 > processor eflags        = interrupt enabled, resume, IOPL = 0
 > current process         = 173 (ifdhandler)
 > interrupt mask          = bio 
 > trap number             = 12
 > panic: page fault
 > 
 > The IP points to the following line in the function ugenpoll (line
 > 1445 in ugen.c):
 > 
 > switch (sce->edesc->bmAttributes & UE_XFERTYPE)
 > 
 > Examining sce with gdb gives:

 > (kgdb) print sce
 > $1 = (struct ugen_endpoint *) 0x68c060
 > (kgdb) print sce->edesc
 > Cannot access memory at address 0x68c064.
 > (kgdb) 
 > 
 > The software that I am trying to use might be erroneous, but I am
 > wondering that it causes kernel panics by accessing /dev/ugen0.
 > 
 > Dirk
 > _______________________________________________
 > freebsd-hackers at freebsd.org mailing list
 > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
 > To unsubscribe, send any mail to "freebsd-hackers-unsubscribe at freebsd.org"

More information about the freebsd-hackers mailing list