From owner-freebsd-hackers  Mon Sep 24 14:13:48 2001
Delivered-To: freebsd-hackers@freebsd.org
Received: from earth.backplane.com (earth-nat-cw.backplane.com [208.161.114.67])
	by hub.freebsd.org (Postfix) with ESMTP id 97DAE37B422
	for <hackers@freebsd.org>; Mon, 24 Sep 2001 14:13:45 -0700 (PDT)
Received: (from dillon@localhost)
	by earth.backplane.com (8.11.6/8.11.2) id f8OLDbV96558;
	Mon, 24 Sep 2001 14:13:37 -0700 (PDT)
	(envelope-from dillon)
Date: Mon, 24 Sep 2001 14:13:37 -0700 (PDT)
From: Matt Dillon <dillon@earth.backplane.com>
Message-Id: <200109242113.f8OLDbV96558@earth.backplane.com>
To: Ian Dowse <iedowse@maths.tcd.ie>
Cc: hackers@freebsd.org
Subject: Re: VM Corruption - stumped, anyone have any ideas? 
References:  <200109242144.aa79348@salmon.maths.tcd.ie>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


:
:In message <200109241914.f8OJE4l95477@earth.backplane.com>, Matt Dillon writes:
:>
:>$8 = 58630
:>(kgdb) print vm_page_buckets[$8]
:
:What is vm_page_hash_mask? The chunk of memory you printed out below
:looks alright; it is consistent with vm_page_array == 0xc051c000. Is
:it just the vm_page_buckets[] pointer that is corrupt?
:
:The address 0xc08428cc is (char *)&vm_page_array[55060] + 28, and
:sizeof(struct vm_page) is 60, so 0xc08428cc is in the middle of
:a vm_page within vm_page_array[].
:
:Ian

(kgdb) print vm_page_buckets[58630]
$5 = (struct vm_page *) 0xc08428cc
(kgdb) print vm_page_array
$6 = 0xc051c000
(kgdb) print vm_page_hash_mask
$7 = 262143
(kgdb) print &vm_page_array[55060]
$11 = (struct vm_page *) 0xc08428b0
(kgdb) print &vm_page_array[55061]
$10 = (struct vm_page *) 0xc08428ec

    Yowzer.  How the hell did that happen!  Yes, you're right, the
    vm_page_array[] pointer has gotten corrupted.  If we assume that
    the vm_page_t is valid (0xc0842acc), then the vm_page_buckets[]
    pointer should be that.

    vm_page_buckets[58630]  -> c08428cc
    panic on vm_page_t m    -> c0842acc

    Ok, so the corruption here is that an 'a' turned into an '8'. 1010 turned
    into 1000... a bit got cleared.

    This is very similar to the corruption I found on one of Yahoo's 
    machines.  Except on that machine two bits were changed.  It's as though
    some other subsystem is trying to manipulate a flag in a structure using
    a bad structure pointer.

						-Matt



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message