GENERIC HEAD from Jan 28 20:19 UTC + mpsafe_vfs = 1, vmcore.163
panic: vm_fault: fault on nofault entry, addr: c87eb000
GDB: no debug ports present
KDB: debugger backends: ddb
KDB: current backend: ddb
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD 6.0-CURRENT #3: Fri Jan 28 21:21:46 CET 2005
pho@current.osted.lan:/usr/src/sys/i386/compile/PHO
WARNING: WITNESS option enabled, expect reduced performance.
ACPI APIC Table: <A M I OEMAPIC >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Celeron(R) CPU 1.80GHz (1799.15-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf13 Stepping = 3
Features=0x3febfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM>
real memory = 267583488 (255 MB)
avail memory = 252379136 (240 MB)
:
mount root from ufs:/dev/ad0s1a
WARNING: / was not properly dismounted
p~KDB: enter: Line break on console
[thread pid 11 tid 100004 ]
Stopped at kdb_enter+0x2b: nop
db> where
Tracing pid 11 tid 100004 td 0xc151f5c0
kdb_enter(c0841a7f) at kdb_enter+0x2b
siointr1(c1696400,c095c420,0,c084188f,56f) at siointr1+0xce
siointr(c1696400) at siointr+0x21
intr_execute_handlers(c1510090,cbc7bca4,4,cbc7bce8,c07ab6f3) at intr_execute_handlers+0x9d
lapic_handle_intr(34) at lapic_handle_intr+0x2e
Xapic_isr1() at Xapic_isr1+0x33
--- interrupt, eip = 0xc0aa2221, esp = 0xcbc7bce8, ebp = 0xcbc7bce8 ---
acpi_cpu_c1(0,0,cbc7bd08,1,c05ffdd8) at acpi_cpu_c1+0x5
acpi_cpu_idle(cbc7bd1c,c05ffe35,c151ebd0,cbc7bd34,c05ffc18) at acpi_cpu_idle+0x146
cpu_idle(c151ebd0,cbc7bd34,c05ffc18,0,cbc7bd48) at cpu_idle+0x28
idle_proc(0,cbc7bd48,0,c05ffdd8,0) at idle_proc+0x5d
fork_exit(c05ffdd8,0,cbc7bd48) at fork_exit+0xa4
fork_trampoline() at fork_trampoline+0x8
--- trap 0x1, eip = 0, esp = 0xcbc7bd7c, ebp = 0 ---
db> x panic_pid
panic_pid: a9b
db> where 0xa9b
Tracing pid 2715 tid 100117 td 0xc189fa10
sched_switch(c189fa10,0,2) at sched_switch+0x17f
mi_switch(2,0,c08f42e0,0,c0824fe8) at mi_switch+0x264
critical_exit(c08c9260) at critical_exit+0x86
intr_execute_handlers(c08c9260,cf0d97dc,c189fa10,a23,c084188f) at intr_execute_handlers+0xba
atpic_handle_intr(0) at atpic_handle_intr+0x92
Xatpic_intr0() at Xatpic_intr0+0x20
--- interrupt, eip = 0xc06240a2, esp = 0xcf0d9820, ebp = 0xcf0d9824 ---
critical_exit(3f8,2580,1,cf0d986c,c07993a1) at critical_exit+0xb2
_mtx_unlock_spin_flags(c095c420,0,c084188f,a23) at _mtx_unlock_spin_flags+0xc9
siocnputc(c08c4860,70) at siocnputc+0xb9
cnputc(70) at cnputc+0x4d
putchar(70,cf0d9980) at putchar+0x52
kvprintf(c0823a9d,c062c7f4,cf0d9980,a,cf0d99a0) at kvprintf+0x77
printf(c0823a9d,c08f4560,c08f4560,100,c083d31c,cf0d99d4) at printf+0x43
panic(c083d31c,c87eb000,cf0d99ec,c060b129,c0941990) at panic+0xef
vm_fault(c1059000,c87eb000,1,0,c189fa10) at vm_fault+0x1e1
trap_pfault(cf0d9b10,0,c87eb000) at trap_pfault+0x13b
trap(4b0018,10,10,bfbfdb78,c87eb000) at trap+0x335
calltrap() at calltrap+0x5
--- trap 0xc, eip = 0xc07bb4ec, esp = 0xcf0d9b50, ebp = 0xcf0d9b84 ---
slow_copyout(c87eb000,1000,cf0d9c88,7f0000,7f) at slow_copyout+0x4
ffs_read(cf0d9c14) at ffs_read+0x394
VOP_READ_AP(cf0d9c14) at VOP_READ_AP+0x62
vn_read(c2077a18,cf0d9c88,c1cc8e80,0,c189fa10) at vn_read+0x1ab
dofileread(c189fa10,c2077a18,0,bfbfdb78,1000) at dofileread+0xad
read(c189fa10,cf0d9d14,3,7,287) at read+0x3b
syscall(bfbf002f,2f,bfbf002f,bfbfdb78,400) at syscall+0x213
Xint0x80_syscall() at Xint0x80_syscall+0x1f
--- syscall (3, FreeBSD ELF32, read), eip = 0x280b6cf3, esp = 0xbfbfdb3c, ebp = 0xbfbfeb90 ---
db> call doadump
Dumping 255 MB
16 32 48 64 80 96 112 128 144 160 176 192 208 224 240
Dump complete
0xf
db> reset
(kgdb) p *(struct thread *)0xc189fa10
$1 = {td_proc = 0xc1f9d7e0, td_ksegrp = 0xc156f180, td_plist = {tqe_next = 0x0, tqe_prev = 0xc1f9d7f0}, td_kglist = {tqe_next = 0x0,
tqe_prev = 0xc156f18c}, td_slpq = {tqe_next = 0x0, tqe_prev = 0xcf13aba8}, td_lockq = {tqe_next = 0x0, tqe_prev = 0xcf15776c},
td_runq = {tqe_next = 0x0, tqe_prev = 0x0}, td_selq = {tqh_first = 0x0, tqh_last = 0x0}, td_sleepqueue = 0xc1e7c540,
td_turnstile = 0xc1625a80, td_tid = 0x18715, td_flags = 0x0, td_inhibitors = 0x0, td_pflags = 0x40, td_dupfd = 0x0, td_wchan = 0x0,
td_wmesg = 0x0, td_lastcpu = 0x0, td_oncpu = 0xff, td_locks = 0x0, td_blocked = 0x0, td_ithd = 0x0, td_lockname = 0x0, td_contested = {
lh_first = 0x0}, td_sleeplocks = 0xc0941990, td_intr_nesting_level = 0x1, td_pinned = 0x0, td_mailbox = 0x0, td_ucred = 0xc1cc8e80,
td_standin = 0x0, td_upcall = 0x0, td_sticks = 0x7, td_uuticks = 0x0, td_usticks = 0x0, td_intrval = 0x0, td_oldsigmask = {__bits = {0x0,
0x0, 0x0, 0x0}}, td_sigmask = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_siglist = {__bits = {0x0, 0x0, 0x0, 0x0}}, td_waitset = 0x0,
td_umtxq = 0x0, td_generation = 0x3e, td_sigstk = {ss_sp = 0x0, ss_size = 0x0, ss_flags = 0x4}, td_kflags = 0x0, td_xsig = 0x0,
td_profil_addr = 0x0, td_profil_ticks = 0x0, td_base_pri = 0xd6, td_priority = 0xd6, td_pcb = 0xcf0d9da0, td_state = TDS_CAN_RUN,
td_retval = {0x0, 0x400}, td_slpcallout = {c_links = {sle = {sle_next = 0x0}, tqe = {tqe_next = 0x0, tqe_prev = 0xc65bf628}},
c_time = 0xc5cb1, c_arg = 0xc189fa10, c_func = 0xc06309e8 <sleepq_timeout>, c_flags = 0x8}, td_frame = 0xcf0d9d48,
td_kstack_obj = 0xc189e39c, td_kstack = 0xcf0d8000, td_kstack_pages = 0x2, td_altkstack_obj = 0x0, td_altkstack = 0x0,
td_altkstack_pages = 0x0, td_critnest = 0x2, td_md = {md_savecrit = 0x46}, td_sched = 0xc189fb5c}
(kgdb) p *(struct file *)0xc2077a18
$2 = {f_list = {le_next = 0xc2077d8c, le_prev = 0xc17811dc}, f_type = 0x1, f_data = 0xc1c563a8, f_flag = 0x1, f_mtxp = 0xc1500b74,
f_ops = 0xc088cd00, f_cred = 0xc1cc8e80, f_count = 0x2, f_vnode = 0xc1c563a8, f_offset = 0x498000, f_gcflag = 0x0, f_msgcount = 0x0,
f_seqcount = 0x7f, f_nextoff = 0x498000}
(kgdb) l *ffs_read+0x394
0xc0750a14 is in ffs_read (../../../ufs/ffs/ffs_vnops.c:469).
464 if (size == 0)
465 break;
466 xfersize = size;
467 }
468
469 error = uiomove((char *)bp->b_data + blkoffset,
470 (int)xfersize, uio);
471 if (error)
472 break;
473
(kgdb) x/10x 0xcf0d9c14
0xcf0d9c14: 0xc08cb980 0xc1c563a8 0xcf0d9c88 0x007f0000
0xcf0d9c24: 0xc1cc8e80 0x0000017d 0xcf0d9c60 0xc0603e4c
0xcf0d9c34: 0xc08cba00 0xc1c563a8
(kgdb) p *(struct uio *)0xcf0d9c88
$7 = {uio_iov = 0xcf0d9c80, uio_iovcnt = 0x1, uio_offset = 0x498000, uio_resid = 0x1000, uio_segflg = UIO_USERSPACE, uio_rw = UIO_READ,
uio_td = 0xc189fa10}
(kgdb) p *(*(struct uio *)0xcf0d9c88)->uio_iov
$2 = {iov_base = 0xbfbfdb78, iov_len = 0x1000}
(kgdb) p *(struct vnode *)0xc1c563a8
$4 = {v_interlock = {mtx_object = {lo_class = 0xc08844c8, lo_name = 0xc082c4b2 "vnode interlock", lo_type = 0xc082c4b2 "vnode interlock",
lo_flags = 0x30000, lo_list = {tqe_next = 0xc1c56270, tqe_prev = 0xc1c564f0}, lo_witness = 0xc0903880}, mtx_lock = 0x4,
mtx_recurse = 0x0}, v_iflag = 0x0, v_usecount = 0x1, v_vxthread = 0x0, v_holdcnt = 0x281, v_bufobj = {bo_mtx = 0xc1c563a8, bo_clean = {
bv_hd = {tqh_first = 0xc65f5f84, tqh_last = 0xc6610518}, bv_root = 0xc65f5f84, bv_cnt = 0x281}, bo_dirty = {bv_hd = {tqh_first = 0x0,
tqh_last = 0xc1c563f0}, bv_root = 0x0, bv_cnt = 0x0}, bo_numoutput = 0x0, bo_flag = 0x0, bo_ops = 0xc088afc8, bo_bsize = 0x4000,
bo_object = 0xc22d56b4, bo_synclist = {le_next = 0x0, le_prev = 0xc16a3884}, bo_private = 0xc1c563a8, __bo_vnode = 0xc1c563a8},
v_vflag = 0x0, v_writecount = 0x0, v_lastw = 0x27f, v_cstart = 0x280, v_lasta = 0x42200, v_clen = 0x0, v_un = {vu_mountedhere = 0x0,
vu_socket = 0x0, vu_spec = {vu_cdev = 0x0, vu_specnext = {sle_next = 0x0}}, vu_fifoinfo = 0x0}, v_freelist = {tqe_next = 0x0,
tqe_prev = 0xc1baf588}, v_nmntvnodes = {tqe_next = 0x0, tqe_prev = 0xc1c43ba8}, v_type = VREG, v_tag = 0xc082a44f "ufs",
v_data = 0xc211808c, v_lock = {lk_interlock = 0xc08f41d4, lk_flags = 0x1000440, lk_sharecount = 0x0, lk_waitcount = 0x0,
lk_exclusivecount = 0x1, lk_prio = 0x50, lk_wmesg = 0xc082a44f "ufs", lk_timo = 0x33, lk_lockholder = 0xc189fa10, lk_newlock = 0x0,
lk_filename = 0xc082cba2 "../../../kern/vfs_vnops.c", lk_lockername = 0xc082bc00 "vop_stdlock", lk_lineno = 0x206,
lk_slockholder = 0xffffffff, lk_sfilename = 0xc07fcf70 "none", lk_slockername = 0xc0821c3f "never share locked", lk_slineno = 0x0},
v_vnlock = 0xc1c5646c, v_op = 0xc08bdb60, v_mount = 0xc16a8c00, v_cache_src = {lh_first = 0x0}, v_cache_dst = {tqh_first = 0xc1afeaa0,
tqh_last = 0xc1afeab0}, v_id = 0x239b8, v_dd = 0xc1c563a8, v_ddid = 0x0, v_pollinfo = 0x0, v_label = 0x0,
filename = 0xc082c392 "../../../kern/vfs_subr.c", line = 0x70a}
(kgdb) p *(struct buf *)0xc6690ad4
$7 = {b_bufobj = 0xc1c563dc, can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
b_bcount = 0x4000, b_caller1 = 0x0, b_data = 0xc87eb000 <Address 0xc87eb000 out of bounds>, b_error = 0x0,
b_iocmd = 0x2, b_ioflags = 0x0, b_iooffset = 0x1932c800, b_resid = 0x0, b_iodone = 0, b_blkno = 0x33860, b_offset = 0x498000, b_bobufs = {
tqe_next = 0xc65f0684, tqe_prev = 0xc66765b0}, b_left = 0x0, b_right = 0xc65f0684, b_vflags = 0x0, b_freelist = {tqe_next = 0xc65f0684,
tqe_prev = 0xc66347ac}, b_qindex = 0x1, b_flags = 0xa0020020, b_xflags = 0x2, b_lock = {lk_interlock = 0xc08f3cc4, lk_flags = 0x400,
lk_sharecount = 0x0, lk_waitcount = 0x0, lk_exclusivecount = 0x1, lk_prio = 0x50, lk_wmesg = 0xc082b12f "getblk", lk_timo = 0x0,
lk_lockholder = 0xc189fa10, lk_newlock = 0x0, lk_filename = 0xc082acd3 "../../../sys/buf.h", lk_lockername = 0xc081c976 "lockmgr",
lk_lineno = 0x12a, lk_slockholder = 0xffffffff, lk_sfilename = 0xc07fcf70 "none", lk_slockername = 0xc0821c3f "never share locked",
lk_slineno = 0x0}, b_bufsize = 0x4000, can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
can not access 0xc87eb000, invalid address (c87eb000)
b_runningbufspace = 0x0, b_kvabase = 0xc87eb000 <Address 0xc87eb000 out of bounds>,
b_kvasize = 0x4000, b_lblkno = 0x126, b_vp = 0xc1c563a8, b_dirtyoff = 0x0, b_dirtyend = 0x0, b_rcred = 0x0, b_wcred = 0x0,
b_saveaddr = 0xc87eb000, b_pager = {pg_reqpage = 0x0}, b_cluster = {cluster_head = {tqh_first = 0xc65f0684, tqh_last = 0xc667664c},
cluster_entry = {tqe_next = 0xc65f0684, tqe_prev = 0xc667664c}}, b_pages = {0xc1365a78, 0xc10fe4c0, 0xc13d2d08, 0xc13d2450,
0x0 <repeats 28 times>}, b_npages = 0x4, b_dep = {lh_first = 0x0}}