Date: Fri, 25 Feb 2005 16:47:14 -0800 (PST) From: Doug White <dwhite@gumbysoft.com> To: Kris Kennaway <kris@obsecurity.org> Cc: phk@FreeBSD.org Subject: Re: Fatal trap 12 in kernload() Message-ID: <20050225164319.F30975@carver.gumbysoft.com> In-Reply-To: <20050224213936.GA2591@xor.obsecurity.org> References: <20050224213936.GA2591@xor.obsecurity.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 24 Feb 2005, Kris Kennaway wrote: > > fault virtual address = 0x7562676b I agree with Dan, this is bogus. kernload() is the offset from kernbase where the ELF headers get stuck. I suspect ddb is resolving it like it resolves end -- its beyond the beginning of the kernel so it picks the next best match, like end shows up beyond the end of the symbol table. (FYI end usually indicates calls into a KLD.) > > current process = 52613 (getty) > > Tracing pid 52613 tid 100360 td 0xd2d3a000 > > kernload(cd533500,3,2000,d2d3a000,3) at 0x7562676b > > devfs_open(f8225a4c,c072025a,1e6,c07205ff,d235f134) at devfs_open+0x291 Can you get an addr2line on this devfs_open call? It appears to have tried to open an incompletely initialized tty device. Which one would be nice to know :-) > > VOP_OPEN_APV(c07340a0,f8225a4c,3,c076d398,1) at VOP_OPEN_APV+0x9e > > vn_open_cred(f8225bbc,f8225cbc,860,cd33e180,1) at vn_open_cred+0x45b > > vn_open(f8225bbc,f8225cbc,860,1,d2d3a000) at vn_open+0x33 > > kern_open(d2d3a000,804f860,0,3,804f860) at kern_open+0xca > > open(d2d3a000,f8225d14,3a6,c071c691,d2d3a000) at open+0x36 > > syscall(2f,2f,2f,2,804f860) at syscall+0x2c4 > > Xint0x80_syscall() at Xint0x80_syscall+0x1f > > --- syscall (5, FreeBSD ELF32, open), eip = 0x280ca2cb, esp = 0xbfbfedfc, ebp = 0xbfbfee28 --- > > db> > > Kris > -- Doug White | FreeBSD: The Power to Serve dwhite@gumbysoft.com | www.FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050225164319.F30975>