Re: ptcwrite panic (with dump)

From: Kris Kennaway <kris_at_obsecurity.org>
Date: Sun, 8 May 2005 16:38:31 -0700
On Sun, May 08, 2005 at 04:32:24PM -0700, Doug White wrote:
> Can you print *tp in frame 23, and then print tp->t_pgrp->pg_members?  The
> code above should avoid the case of t_pgrp being NULL, but I wonder if
> there is a race or if pg_members can end up uninitialized somewhere.

(kgdb) print *tp
$1 = {t_rawq = {c_cc = 0, c_cbcount = 0, c_cbmax = 77, c_cbreserved = 77, c_cf = 0x0, c_cl = 0x0},
  t_rawcc = 17133, t_canq = {c_cc = 0, c_cbcount = 0, c_cbmax = 77, c_cbreserved = 6, c_cf = 0x0,
    c_cl = 0x0}, t_cancc = 150, t_outq = {c_cc = 11, c_cbcount = 1, c_cbmax = 22, c_cbreserved = 22,
    c_cf = 0xc6311814 "load: 0.83  cmd: csh 47406 [runnable] 0.00u 0.00s 0% 2268k\r\n\n4.2.5.log:", '=' <repeats 20 times>, "<phase 4a: make t",
    c_cl = 0xc631181f " cmd: csh 47406 [runnable] 0.00u 0.00s 0% 2268k\r\n\n4.2.5.log:", '=' <repeats 20 times>, "<phase 4a: make t"}, t_outcc = 6005036, t_line = 0, t_dev = 0xc4d75100, t_mdev = 0x0,
  t_devunit = 0, t_state = 131112, t_flags = 0, t_timeout = 300000, t_pgrp = 0x0,
  t_session = 0xc997f400, t_sigio = 0x0, t_rsel = {si_thrlist = {tqe_next = 0x0,
      tqe_prev = 0xc46a2c30}, si_thread = 0x0, si_note = {kl_lock = 0xc3602dd4, kl_list = {
        slh_first = 0x0}}, si_flags = 0}, t_wsel = {si_thrlist = {tqe_next = 0x0,
      tqe_prev = 0xc3602c7c}, si_thread = 0x0, si_note = {kl_lock = 0xc3602dd4, kl_list = {
        slh_first = 0x0}}, si_flags = 0}, t_termios = {c_iflag = 11010, c_oflag = 3, c_cflag = 19200,
    c_lflag = 1483, c_\177\027\025\022\b\003\034\032\031\021\023\026\017\001\000\",
    c_ispeed = 9600, c_ospeed = 9600}, t_init_in = {c_iflag = 11010, c_oflag = 3, c_cflag = 19200,
    c_lflag = 1483, c_\177\027\025\022\b\003\034\032\031\021\023\026\017\001\000\",
    c_ispeed = 9600, c_ospeed = 9600}, t_init_out = {c_iflag = 11010, c_oflag = 3, c_cflag = 19200,
    c_lflag = 1483, c_\177\027\025\022\b\003\034\032\031\021\023\026\017\001\000\",
    c_ispeed = 9600, c_ospeed = 9600}, t_lock_in = {c_iflag = 0, c_oflag = 0, c_cflag = 0,
    c_lflag = 0, c_cc = '\0' <repeats 19 times>, c_ispeed = 0, c_ospeed = 0}, t_lock_out = {
    c_iflag = 0, c_oflag = 0, c_cflag = 0, c_lflag = 0, c_cc = '\0' <repeats 19 times>, c_ispeed = 0,
    c_ospeed = 0}, t_winsize = {ws_row = 34, ws_col = 104, ws_xpixel = 998, ws_ypixel = 714},
  t_sc = 0xc649c580, t_lsc = 0x0, t_column = 11, t_rocount = 0, t_rocol = 0, t_ififosize = 512,
  t_ihiwat = 7680, t_ilowat = 6720, t_ispeedwat = 0, t_ohiwat = 1296, t_olowat = 256, t_ospeedwat = 0,
  t_gen = 34, t_list = {tqe_next = 0xc357e000, tqe_prev = 0xc357b9c4}, t_actout = 0, t_wopeners = 0,
  t_mtx = {mtx_object = {lo_class = 0xc0731f48, lo_name = 0xc0701f35 "tty",
      lo_type = 0xc0701f35 "tty", lo_flags = 196608, lo_list = {tqe_next = 0xc967f000,
        tqe_prev = 0xc3fff818}, lo_witness = 0x0}, mtx_lock = 4, mtx_recurse = 0}, t_refcnt = 4,
  t_hotchar = 0, t_dtr_wait = 3000, t_do_timestamp = 0, t_timestamp = {tv_sec = 0, tv_usec = 0},
  t_pps = 0x0, t_oproc = 0xc05598f0 <ptsstart>, t_stop = 0xc0559cc0 <ptsstop>, t_param = 0,
  t_modem = 0, t_break = 0, t_ioctl = 0, t_open = 0, t_purge = 0, t_close = 0, t_cioctl = 0}
(kgdb) print tp->t_pgrp
$2 = (struct pgrp *) 0x0
Received on Sun May 08 2005 - 21:38:33 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:34 UTC