From owner-freebsd-bugs  Mon Apr 21 21:55:39 1997
Return-Path: <owner-bugs>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.5/8.8.5) id VAA13649
          for bugs-outgoing; Mon, 21 Apr 1997 21:55:39 -0700 (PDT)
Received: from sendero.i-connect.net (sendero-ppp.i-Connect.Net [206.190.143.100])
          by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id VAA13634
          for <freebsd-bugs@freebsd.org>; Mon, 21 Apr 1997 21:55:36 -0700 (PDT)
Received: (from shimon@localhost)
	by sendero.i-connect.net (8.8.5/8.8.5) id VAA00361;
	Mon, 21 Apr 1997 21:55:27 -0700 (PDT)
Message-ID: <XFMail.970421215527.Shimon@i-Connect.Net>
X-Mailer: XFMail 1.1-alpha [p0] on FreeBSD
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 8bit
MIME-Version: 1.0
In-Reply-To: <199704211031.DAA03600@root.com>
Date: Mon, 21 Apr 1997 18:12:04 -0700 (PDT)
Organization: iConnect Corp.
From: Simon Shapiro <Shimon@i-Connect.Net>
To: dg@root.com
Subject: Re: Mystery of the X11 Panic...
Cc: freebsd-bugs@freebsd.org, Bruce Evans <bde@zeta.org.au>,
        David Greenman <dg@root.com>
Sender: owner-bugs@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Hi David Greenman;  On 21-Apr-97 you wrote: 
> >[cc list trimmed to remove -hackers]
> >
> >>Fatal trap 12 - Page fault while in kernel mode. in virtual address
> >>0xf71e0014.  Tracing back shows that bash (?!) was the culprit, causing
> it
> >>after calling _Xsyscall -> _syscall -> _vm_open -> _spec_open.
> >>
> >>Things go south at _spec_open + 0x6e, complaining about cmpl
> $0,0(%eax).
> >
> >This means that cdevsw[maj]->d_open is bad (probably null) although
> >cdevsw[maj] != NULL.  This might be caused by a buggy or stale LKM.
> >Driver LKM's tend to cause this problem if they are unloaded.  Bash
> >may trigger the problem because it does an opendir() on device files
> >(but I thought I fixed this by not opening device files in opendir()).
> >I wouldn't use LKMs for anything important.
> 
>    ...or it could be caused by the bug in kern_exec.c, which could have
> mangled adjacent buffers or possibly random kernel memory. It seems
> to involve bash and the kern_exec.c bug was triggered when running small
> shell scripts.

This is very probable, as my xfm configuration spawns many one-two lines
scripts.  So does xfm itself when it launches applications.  It all fits.

Simon

BTW, assuming this is the bug, what is the fix?  It is a nasty one (panics
and all :-)

Simon