Date: Wed, 3 Jan 2007 17:22:24 +0700 (KRAT) From: Eugene Grosbein <eugen@grosbein.pp.ru> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/107455: 6.2-PRE panic: breakpoint instruction fault Message-ID: <200701031022.l03AMOdq001207@grosbein.pp.ru> Resent-Message-ID: <200701031030.l03AUH3i047032@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 107455
>Category: kern
>Synopsis: 6.2-PRE panic: breakpoint instruction fault
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Wed Jan 03 10:30:16 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator: Eugene Grosbein
>Release: FreeBSD 6.2-PRERELEASE i386
>Organization:
Svyaz Service JSC
>Environment:
System: FreeBSD grosbein.pp.ru 6.2-PRERELEASE FreeBSD 6.2-PRERELEASE #7: Wed Jan 3 02:16:56 KRAT 2007 eu@grosbein.pp.ru:/mnt/home/obj/usr/local/src/sys/DADV i386
Sources updated 2 January 2007, full buildworld/buildkernel
procedure performed, modules in sync.
Kernel contains options INVARIANTS, INVARIANT_SUPPORT,
WITNESS, WITNESS_KDB and MUTEX_DEBUG.
xorg-6.9.0 and nvidia-driver-1.0.9631_1 from ports.
>Description:
Recent RELENG_6 kernel panices if I try to play a full-screen
video with mplayer using SDL,
or after exit of glxgears, the panic is the same.
>How-To-Repeat:
Just run glxgears or mplayer -vo sdl.
It did not panic with the same versions of X.org and nvidia-driver
without WITHNESS etc.
Here comes backtrace:
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".
Unread portion of the kernel message buffer:
lock order reversal:
1st 0xc0781600 cdev (cdev) @ /usr/local/src/sys/kern/kern_conf.c:61
2nd 0xc1468084 system map (system map) @ /usr/local/src/sys/vm/vm_map.c:3074
KDB: stack backtrace:
kdb_backtrace(c072223c,c1468084,c0738c1f,c0738c1f,c0739149,...) at 0xc0544a83 = kdb_backtrace+0x2f
witness_checkorder(c1468084,9,c0739149,c02,c051e19b,...) at 0xc0551c55 = witness_checkorder+0x6db
_mtx_lock_flags(c1468084,0,c0739149,c02,e78c9630,...) at 0xc051de26 = _mtx_lock_flags+0xaa
_vm_map_lock_read(c1468000,c0739149,c02,17d0c28,deadc000,...) at 0xc0682cc8 = _vm_map_lock_read+0x35
vm_map_lookup(e78c96c8,deadc000,1,e78c96cc,e78c96bc,...) at 0xc06865a4 = vm_map_lookup+0x2e
vm_fault(c1468000,deadc000,1,0,c551f900,...) at 0xc067dee8 = vm_fault+0x7f
trap_pfault(e78c9794,0,deadc0de,3d,deadc0de,...) at 0xc06dff46 = trap_pfault+0x162
trap(c0780008,28,c0710028,c5c1ae00,c5b28d80,...) at 0xc06dfb7e = trap+0x35e
calltrap() at 0xc06ca1aa = calltrap+0x5
--- trap 0xc, eip = 0xc04d20a5, esp = 0xe78c97d4, ebp = 0xe78c9808 ---
devfs_populate_loop(c533f780,0,c071613c,1e2,e78c9998,...) at 0xc04d20a5 = devfs_populate_loop+0x83
devfs_populate(c533f780,e78c989c,c551f900,e78c9844,246,...) at 0xc04d2492 = devfs_populate+0x48
devfs_lookupx(e78c9998,e78c991c,299,1,c0753a60,...) at 0xc04d47bd = devfs_lookupx+0x20b
devfs_lookup(e78c9998,e78c9998,c535d000,c535d000,0,...) at 0xc04d4c34 = devfs_lookup+0x4c
VOP_LOOKUP_APV(c0753a60,e78c9998,c551f900,c551f900,0,...) at 0xc06ed8d7 = VOP_LOOKUP_APV+0xa6
lookup(e78c9bc4,0,c0726ea6,be,e78c99e8,...) at 0xc05858bf = lookup+0x4d8
namei(e78c9bc4,c071f7c5,27d,c551f900,c551f900,...) at 0xc0585120 = namei+0x427
vn_open_cred(e78c9bc4,e78c9cc4,1a4,c5e2f280,3,...) at 0xc059a940 = vn_open_cred+0x5b
vn_open(e78c9bc4,e78c9cc4,1a4,3,c071d17c,...) at 0xc059a8e3 = vn_open+0x33
kern_open(c551f900,8067280,0,602,1b6,...) at 0xc0592996 = kern_open+0xca
open(c551f900,e78c9d04,c,c551f900,3,...) at 0xc0592894 = open+0x36
syscall(806003b,3b,bfbf003b,8067280,2,...) at 0xc06e060e = syscall+0x295
Xint0x80_syscall() at 0xc06ca1ff = Xint0x80_syscall+0x1f
--- syscall (5, FreeBSD ELF32, open), eip = 0x281a52a3, esp = 0xbfbfe9ec, ebp = 0xbfbfea88 ---
KDB: enter: witness_checkorder
Fatal trap 3: breakpoint instruction fault while in kernel mode
cpuid = 1; apic id = 01
instruction pointer = 0x20:0xc0544b0a
stack pointer = 0x28:0xe78c957c
frame pointer = 0x28:0xe78c9584
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, IOPL = 0
current process = 983 (sh)
trap number = 3
panic: breakpoint instruction fault
cpuid = 1
KDB: stack backtrace:
kdb_backtrace(c0740078,1,c070c7d0,e78c94d0,c551f900,...) at 0xc0544a83 = kdb_backtrace+0x2f
panic(c070c7d0,c0740f12,c551ee18,1,1,...) at 0xc0527eb1 = panic+0x129
trap_fatal(e78c953c,0,e78c953c,c06c842d,0,...) at 0xc06e02e1 = trap_fatal+0x323
trap(c1460008,28,e78c0028,9,c1468084,...) at 0xc06dfd6a = trap+0x54a
calltrap() at 0xc06ca1aa = calltrap+0x5
--- trap 0x3, eip = 0xc0544b0a, esp = 0xe78c957c, ebp = 0xe78c9584 ---
kdb_enter(c06f9e2d,c1468084,c0738c1f,c0738c1f,c0739149,...) at 0xc0544b0a = kdb_enter+0x30
witness_checkorder(c1468084,9,c0739149,c02,c051e19b,...) at 0xc0551c6b = witness_checkorder+0x6f1
_mtx_lock_flags(c1468084,0,c0739149,c02,e78c9630,...) at 0xc051de26 = _mtx_lock_flags+0xaa
_vm_map_lock_read(c1468000,c0739149,c02,17d0c28,deadc000,...) at 0xc0682cc8 = _vm_map_lock_read+0x35
vm_map_lookup(e78c96c8,deadc000,1,e78c96cc,e78c96bc,...) at 0xc06865a4 = vm_map_lookup+0x2e
vm_fault(c1468000,deadc000,1,0,c551f900,...) at 0xc067dee8 = vm_fault+0x7f
trap_pfault(e78c9794,0,deadc0de,3d,deadc0de,...) at 0xc06dff46 = trap_pfault+0x162
trap(c0780008,28,c0710028,c5c1ae00,c5b28d80,...) at 0xc06dfb7e = trap+0x35e
calltrap() at 0xc06ca1aa = calltrap+0x5
--- trap 0xc, eip = 0xc04d20a5, esp = 0xe78c97d4, ebp = 0xe78c9808 ---
devfs_populate_loop(c533f780,0,c071613c,1e2,e78c9998,...) at 0xc04d20a5 = devfs_populate_loop+0x83
devfs_populate(c533f780,e78c989c,c551f900,e78c9844,246,...) at 0xc04d2492 = devfs_populate+0x48
devfs_lookupx(e78c9998,e78c991c,299,1,c0753a60,...) at 0xc04d47bd = devfs_lookupx+0x20b
devfs_lookup(e78c9998,e78c9998,c535d000,c535d000,0,...) at 0xc04d4c34 = devfs_lookup+0x4c
VOP_LOOKUP_APV(c0753a60,e78c9998,c551f900,c551f900,0,...) at 0xc06ed8d7 = VOP_LOOKUP_APV+0xa6
lookup(e78c9bc4,0,c0726ea6,be,e78c99e8,...) at 0xc05858bf = lookup+0x4d8
namei(e78c9bc4,c071f7c5,27d,c551f900,c551f900,...) at 0xc0585120 = namei+0x427
vn_open_cred(e78c9bc4,e78c9cc4,1a4,c5e2f280,3,...) at 0xc059a940 = vn_open_cred+0x5b
vn_open(e78c9bc4,e78c9cc4,1a4,3,c071d17c,...) at 0xc059a8e3 = vn_open+0x33
kern_open(c551f900,8067280,0,602,1b6,...) at 0xc0592996 = kern_open+0xca
open(c551f900,e78c9d04,c,c551f900,3,...) at 0xc0592894 = open+0x36
syscall(806003b,3b,bfbf003b,8067280,2,...) at 0xc06e060e = syscall+0x295
Xint0x80_syscall() at 0xc06ca1ff = Xint0x80_syscall+0x1f
--- syscall (5, FreeBSD ELF32, open), eip = 0x281a52a3, esp = 0xbfbfe9ec, ebp = 0xbfbfea88 ---
Uptime: 15m12s
Dumping 1021 MB (5 chunks)
chunk 0: 1MB (159 pages) ... ok
chunk 1: 1005MB (257226 pages) (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 989 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 973 (CTRL-C to abort) 957 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 941 (CTRL-C to abort) 925 909 893 877 861 845 829 813 797 781 765 749 733 717 701 685 669 653 637 621 605 589 573 557 541 525 509 493 477 461 445 429 413 397 381 365 349 333 317 301 285 269 253 237 221 205 189 173 157 141 125 109 93 77 61 45 29 13 ... ok
chunk 2: 17MB (4126 pages) 1
#0 doadump () at pcpu.h:165
165 __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt full
#0 doadump () at pcpu.h:165
No locals.
#1 0xc0527ba0 in boot (howto=260)
at /usr/local/src/sys/kern/kern_shutdown.c:409
first_buf_printf = 1
#2 0xc0527f2d in panic (fmt=0xc070c7d0 "%s")
at /usr/local/src/sys/kern/kern_shutdown.c:565
td = (struct thread *) 0xc551f900
bootopt = 260
newpanic = 1
ap = 0xe78c94d0 "\022\017t„\030ÀQŠ\001"
buf = "breakpoint instruction fault", '\0' <repeats 227 times>
#3 0xc06e02e1 in trap_fatal (frame=0xe78c953c, eva=0)
at /usr/local/src/sys/i386/i386/trap.c:837
code = 40
type = 3
ss = 40
esp = 0
softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27,
ssd_dpl = 0, ssd_p = 1, ssd_xx = 13, ssd_xx1 = 0, ssd_def32 = 1,
ssd_gran = 1}
msg = 0x0
#4 0xc06dfd6a in trap (frame=
---Type <return> to continue, or q <return> to quit---
{tf_fs = -1052377080, tf_es = 40, tf_ds = -410255320, tf_edi = 9, tf_esi = -1052344188, tf_ebp = -410217084, tf_isp = -410217112, tf_ebx = -1065546748, tf_edx = 1, tf_ecx = -1052561408, tf_eax = 31, tf_trapno = 3, tf_err = 0, tf_eip = -1068217590, tf_cs = 32, tf_eflags = 658, tf_esp = -1066269745, tf_ss = -1066426835}) at /usr/local/src/sys/i386/i386/trap.c:632
td = (struct thread *) 0xc551f900
p = (struct proc *) 0xc551ec90
sticks = 3229171792
i = 0
ucode = 0
type = 3
code = 0
eva = 0
#5 0xc06ca1aa in calltrap () at /usr/local/src/sys/i386/i386/exception.s:139
No locals.
#6 0xc0544b0a in kdb_enter (msg=0x1f <Address 0x1f out of bounds>)
at cpufunc.h:60
No locals.
#7 0xc0551c6b in witness_checkorder (lock=0xc1468084, flags=9,
file=0xc0739149 "/usr/local/src/sys/vm/vm_map.c", line=3074)
at /usr/local/src/sys/kern/subr_witness.c:1079
lock_list = (struct lock_list_entry **) 0xc551f978
lle = (struct lock_list_entry *) 0xc07d0bf0
---Type <return> to continue, or q <return> to quit---
lock1 = (struct lock_instance *) 0xc07d0c04
lock2 = (struct lock_instance *) 0x1
class = (struct lock_class *) 0xc075afe4
w = (struct witness *) 0xc07940a0
w1 = (struct witness *) 0xc0794028
td = (struct thread *) 0xc07d0c04
i = -1
j = 0
__func__ = "witness_checkorder"
#8 0xc051de26 in _mtx_lock_flags (m=0xc1468084, opts=0,
file=0xc0739149 "/usr/local/src/sys/vm/vm_map.c", line=3074)
at /usr/local/src/sys/kern/kern_mutex.c:286
No locals.
#9 0xc0682cc8 in _vm_map_lock_read (map=0x1f,
file=0xc1433000 "Copyright (c) 1992-2007 The FreeBSD Project.\nCopyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994\n\tThe Regents of the University of California. All rights reserved.\nFreeBSD is a re"..., line=1)
at /usr/local/src/sys/vm/vm_map.c:451
No locals.
#10 0xc06865a4 in vm_map_lookup (var_map=0xe78c96c8, vaddr=3735928832,
fault_typea=1 '\001', out_entry=0xe78c96cc, object=0x1f,
pindex=0xc1433000, out_prot=0x1f <Address 0x1f out of bounds>,
wired=0xe78c96a4) at /usr/local/src/sys/vm/vm_map.c:3074
---Type <return> to continue, or q <return> to quit---
entry = 0xdeadc000
map = 0xc1468000
prot = 125 '}'
fault_type = 1 '\001'
#11 0xc067dee8 in vm_fault (map=0xc1468000, vaddr=3735928832,
fault_type=1 '\001', fault_flags=0) at /usr/local/src/sys/vm/vm_fault.c:235
prot = 231 'Þ'
is_first_object_locked = -410216800
result = -559038464
growstack = 1
wired = 582
map_generation = -1052292280
next_object = 0xdeadc000
marray = {0xc0721fe6, 0x3, 0xc551f900, 0xe78c9714, 0x246, 0xc0738223,
0xe78c9710, 0xc551f900, 0xc0781600, 0x9, 0xe78c971c, 0xc053c7cd, 0xc0783120,
0x2, 0xc071f7c5, 0x27d}
hardfault = 0
faultcount = -984486768
fs = {m = 0xc078a600, object = 0xe78c96c8,
pindex = 13869017574644244891, first_m = 0x1, first_object = 0xc071d17c,
first_pindex = 13870255569970921889, map = 0xc1468000, entry = 0xe78c96e4,
lookup_still_valid = -1068166100, vp = 0xc0738223}
#12 0xc06dff46 in trap_pfault (frame=0xe78c9794, usermode=0, eva=3735929054)
---Type <return> to continue, or q <return> to quit---
at /usr/local/src/sys/i386/i386/trap.c:734
va = 3735928832
vm = (struct vmspace *) 0x1f
map = 0xc1468000
rv = 1
ftype = 1 '\001'
td = (struct thread *) 0xc551f900
p = (struct proc *) 0xc551ec90
#13 0xc06dfb7e in trap (frame=
{tf_fs = -1065877496, tf_es = 40, tf_ds = -1066336216, tf_edi = -977162752, tf_esi = -978154112, tf_ebp = -410216440, tf_isp = -410216512, tf_ebx = 0, tf_edx = -559038242, tf_ecx = -1065546768, tf_eax = 0, tf_trapno = 12, tf_err = 0, tf_eip = -1068687195, tf_cs = 32, tf_eflags = 66071, tf_esp = -986450028, tf_ss = 4}) at /usr/local/src/sys/i386/i386/trap.c:435
td = (struct thread *) 0xc551f900
p = (struct proc *) 0xc551ec90
sticks = 3229095424
i = 0
ucode = 0
type = 12
code = 0
eva = 3735929054
#14 0xc06ca1aa in calltrap () at /usr/local/src/sys/i386/i386/exception.s:139
---Type <return> to continue, or q <return> to quit---
No locals.
#15 0xc04d20a5 in devfs_populate_loop (dm=0xc533f780, cleanup=0)
at /usr/local/src/sys/fs/devfs/devfs_devs.c:370
cdp = (struct cdev_priv *) 0xc5c1ae00
de = (struct devfs_dirent *) 0xc5b28d80
dd = (struct devfs_dirent *) 0x161
pdev = (struct cdev *) 0xc071e5a4
j = 0
q = 0x0
s = 0x0
__func__ = "devfs_populate_loop"
#16 0xc04d2492 in devfs_populate (dm=0xc533f780)
at /usr/local/src/sys/fs/devfs/devfs_devs.c:486
No locals.
#17 0xc04d47bd in devfs_lookupx (ap=0x0, dm_unlock=0xe78c991c)
at /usr/local/src/sys/fs/devfs/devfs_vnops.c:586
cnp = (struct componentname *) 0xe78c9bec
dvp = (struct vnode *) 0xc535d000
vpp = (struct vnode **) 0xe78c9bd8
td = (struct thread *) 0xc551f900
de = (struct devfs_dirent *) 0xc551f978
dd = (struct devfs_dirent *) 0xc533f700
dde = (struct devfs_dirent **) 0x0
---Type <return> to continue, or q <return> to quit---
dmp = (struct devfs_mount *) 0xc533f780
cdev = (struct cdev *) 0xc0783120
error = -410216040
flags = 86032460
nameiop = 1
specname = "Ò\230\214Þ^‹Q„Æ)x„\001\000\000\000|¶q„>\001\000\000\224—3Š\224—3Š\231\002\000\000\b\231\214Þ(ÔR„Æ)x„\000\000\000\000ÄÈq„ƒ\000\000\000×ÄQ„"
pname = 0xc53a1c05 "null"
#18 0xc04d4c34 in devfs_lookup (ap=0xe78c9998)
at /usr/local/src/sys/fs/devfs/devfs_vnops.c:666
j = -410216040
dmp = (struct devfs_mount *) 0x0
dm_unlock = 1
#19 0xc06ed8d7 in VOP_LOOKUP_APV (vop=0xc0753a60, a=0xe78c9998)
at vnode_if.c:99
rc = -1066059168
#20 0xc05858bf in lookup (ndp=0xe78c9bc4) at vnode_if.h:56
cp = 0xc53a1c09 ""
dp = (struct vnode *) 0xc535d000
tdp = (struct vnode *) 0xc535d000
mp = (struct mount *) 0x0
docache = 32
wantparent = 8
---Type <return> to continue, or q <return> to quit---
rdonly = 0
trailing_slash = 0
error = 0
dpunlocked = 0
cnp = (struct componentname *) 0xe78c9bec
td = (struct thread *) 0xc551f900
vfslocked = 0
dvfslocked = 0
tvfslocked = 0
#21 0xc0585120 in namei (ndp=0xe78c9bc4)
at /usr/local/src/sys/kern/vfs_lookup.c:211
fdp = (struct filedesc *) 0xc5b26d00
cp = 0xc071d17c "/usr/local/src/sys/kern/kern_mutex.c"
dp = (struct vnode *) 0xc5365220
aiov = {iov_base = 0xc07d0c28, iov_len = 3884751364}
auio = {uio_iov = 0x6ac, uio_iovcnt = -1065546708,
uio_offset = -4587722669716366796, uio_resid = -1065546712,
uio_segflg = 3310483712, uio_rw = 2237, uio_td = 0xc551f900}
error = -986295776
linklen = -986295776
cnp = (struct componentname *) 0xe78c9bec
td = (struct thread *) 0xc551f900
p = (struct proc *) 0xc07d0bf0
---Type <return> to continue, or q <return> to quit---
vfslocked = 0
#22 0xc059a940 in vn_open_cred (ndp=0xe78c9bc4, flagp=0xe78c9cc4, cmode=420,
cred=0xc5e2f280, fdidx=3) at /usr/local/src/sys/kern/vfs_vnops.c:126
vp = (struct vnode *) 0xe78c9a68
mp = (struct mount *) 0xc053c7cd
td = (struct thread *) 0xc551f900
vat = {va_type = 3226807712, va_mode = 42496, va_nlink = -16264,
va_uid = 0, va_gid = 3228704323, va_fsid = 1708, va_fileid = -1065546708,
va_size = 13859021403993184988, va_blocksize = -1065546712, va_atime = {
tv_sec = -410215720, tv_nsec = -1068163790}, va_mtime = {tv_sec = 0,
tv_nsec = -978162388}, va_ctime = {tv_sec = 582, tv_nsec = -1066029084},
va_birthtime = {tv_sec = -978162388, tv_nsec = 1380}, va_gen = 3228673851,
va_flags = 3884751616, va_rdev = 3226591070, va_bytes = 7611772204,
va_filerev = 1369028284796, va_vaflags = 0, va_spare = -984486768}
mode = 0
fmode = 1538
error = -410215164
vfslocked = -984483584
#23 0xc059a8e3 in vn_open (ndp=0xc07d0bf0, flagp=0x0, cmode=0, fdidx=0)
at /usr/local/src/sys/kern/vfs_vnops.c:91
td = (struct thread *) 0xdeadc0de
#24 0xc0592996 in kern_open (td=0xc551f900, path=0x0, pathseg=UIO_USERSPACE,
flags=1538, mode=438) at /usr/local/src/sys/kern/vfs_syscalls.c:1009
---Type <return> to continue, or q <return> to quit---
p = (struct proc *) 0x0
fdp = (struct filedesc *) 0xc5b26d00
fp = (struct file *) 0xc5972bd0
vp = (struct vnode *) 0xe78c9b6c
vat = {va_type = 3226807712, va_mode = 42496, va_nlink = -16264,
va_uid = 0, va_gid = 3228704323, va_fsid = 1708, va_fileid = -1065546708,
va_size = 14218419280865434748, va_blocksize = -1065835008, va_atime = {
tv_sec = -984483584, tv_nsec = -410215320}, va_mtime = {
tv_sec = -1066579140, tv_nsec = -1065835008}, va_ctime = {
tv_sec = -410215292, tv_nsec = -1068375653}, va_birthtime = {
tv_sec = -1065835008, tv_nsec = 1}, va_gen = 3228684668, va_flags = 417,
va_rdev = 3229420584, va_bytes = 13859033597405338784,
va_filerev = 3229132288, va_vaflags = 3228704323, va_spare = 1708}
mp = (struct mount *) 0xc078a600
cmode = -559038242
nfp = (struct file *) 0xc5972bd0
type = -559038242
indx = 3
error = -410215164
lf = {l_start = 9161165242368, l_len = -1761861139889525616,
l_pid = -1068485568, l_type = -6176, l_whence = -15050}
nd = {ni_dirp = 0x8067280 <Address 0x8067280 out of bounds>,
ni_segflg = UIO_USERSPACE, ni_startdir = 0x0, ni_rootdir = 0xc5365220,
---Type <return> to continue, or q <return> to quit---
ni_topdir = 0x0, ni_vp = 0x0, ni_dvp = 0xc535d000, ni_pathlen = 1,
ni_next = 0xc53a1c09 "", ni_loopcnt = 0, ni_cnd = {cn_nameiop = 1,
cn_flags = 86032460, cn_thread = 0xc551f900, cn_cred = 0xc5e2f280,
cn_lkflags = 2, cn_pnbuf = 0xc53a1c00 "/dev/null",
cn_nameptr = 0xc53a1c05 "null", cn_namelen = 4, cn_consume = 0}}
vfslocked = -1065546712
#25 0xc0592894 in open (td=0x0, uap=0xe78c9d04)
at /usr/local/src/sys/kern/vfs_syscalls.c:973
error = -984483584
#26 0xc06e060e in syscall (frame=
{tf_fs = 134611003, tf_es = 59, tf_ds = -1078001605, tf_edi = 134640256, tf_esi = 2, tf_ebp = -1077941624, tf_isp = -410215068, tf_ebx = 134639872, tf_edx = -1077941584, tf_ecx = 0, tf_eax = 5, tf_trapno = 32, tf_err = 2, tf_eip = 672813731, tf_cs = 51, tf_eflags = 582, tf_esp = -1077941780, tf_ss = 59})
at /usr/local/src/sys/i386/i386/trap.c:983
params = 0xbfbfe9f0 <Address 0xbfbfe9f0 out of bounds>
callp = (struct sysent *) 0xc075661c
td = (struct thread *) 0xc551f900
p = (struct proc *) 0xc551ec90
orig_tf_eflags = 582
sticks = 0
error = 0
narg = 3
---Type <return> to continue, or q <return> to quit---
args = {134640256, 1537, 438, -410215136, -1066593996, -410215128,
134639872, -1077941624}
code = 5
#27 0xc06ca1ff in Xint0x80_syscall ()
at /usr/local/src/sys/i386/i386/exception.s:200
No locals.
#28 0x00000033 in ?? ()
No symbol table info available.
Previous frame inner to this frame (corrupt stack?)
(kgdb)
(kgdb) quit
Script done on Wed Jan 3 17:00:55 2007
>Fix:
Unknown.
Eugene Grosbein
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200701031022.l03AMOdq001207>