panic: sbuf_vprintf called with a NULL sbuf pointer
John Baldwin
jhb at freebsd.org
Wed Dec 2 21:58:00 UTC 2015
On Wednesday, December 02, 2015 01:25:56 PM Don Lewis wrote:
> > If you want to look at this further, try going to frame 16 and dissassembling the
> > instructions before the call to see if you can spot which register the first
> > parameter (saved in %rdi IIRC) comes from.
>
> Dump of assembler code for function sbuf_printf:
> 0xffffffff80a673e0 <+0>: push %rbp
> 0xffffffff80a673e1 <+1>: mov %rsp,%rbp
> 0xffffffff80a673e4 <+4>: push %r14
> 0xffffffff80a673e6 <+6>: push %rbx
> 0xffffffff80a673e7 <+7>: sub $0x50,%rsp
> 0xffffffff80a673eb <+11>: mov %rsi,%r14
> 0xffffffff80a673ee <+14>: mov %rdi,%rbx
> 0xffffffff80a673f1 <+17>: mov %r9,-0x38(%rbp)
> 0xffffffff80a673f5 <+21>: mov %r8,-0x40(%rbp)
> 0xffffffff80a673f9 <+25>: mov %rcx,-0x48(%rbp)
> 0xffffffff80a673fd <+29>: mov %rdx,-0x50(%rbp)
> 0xffffffff80a67401 <+33>: lea -0x60(%rbp),%rax
> 0xffffffff80a67405 <+37>: mov %rax,-0x20(%rbp)
> 0xffffffff80a67409 <+41>: lea 0x10(%rbp),%rax
> 0xffffffff80a6740d <+45>: mov %rax,-0x28(%rbp)
> 0xffffffff80a67411 <+49>: movl $0x30,-0x2c(%rbp)
> 0xffffffff80a67418 <+56>: movl $0x10,-0x30(%rbp)
> 0xffffffff80a6741f <+63>: mov $0xffffffff8137bdf8,%rdi
> 0xffffffff80a67426 <+70>: mov %rbx,%rsi
> 0xffffffff80a67429 <+73>: callq 0xffffffff80a66c00 <_assert_sbuf_integrity>
>
>
> 0xffffffff80a237b9 <+825>: jmpq 0xffffffff80a236fd <sigexit+637>
> 0xffffffff80a237be <+830>: mov $0xffffffff80fd8ad3,%rsi
> 0xffffffff80a237c5 <+837>: xor %eax,%eax
> 0xffffffff80a237c7 <+839>: mov %r12,%rdi
> 0xffffffff80a237ca <+842>: mov -0x228(%rbp),%rdx
> 0xffffffff80a237d1 <+849>: callq 0xffffffff80a673e0 <sbuf_printf>
> => 0xffffffff80a237d6 <+854>: inc %r14d
> 0xffffffff80a237d9 <+857>: jmpq 0xffffffff80a236fd <sigexit+637>
So maybe try 'p $r12' in the corefile_open() frame.
--
John Baldwin
More information about the freebsd-current
mailing list