From owner-freebsd-bugs@FreeBSD.ORG Tue Sep 9 08:30:23 2003 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7826516A4BF for ; Tue, 9 Sep 2003 08:30:23 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B81ED43FE0 for ; Tue, 9 Sep 2003 08:30:22 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h89FUJUp056342 for ; Tue, 9 Sep 2003 08:30:19 -0700 (PDT) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h89FUJUa056340; Tue, 9 Sep 2003 08:30:19 -0700 (PDT) Date: Tue, 9 Sep 2003 08:30:19 -0700 (PDT) Message-Id: <200309091530.h89FUJUa056340@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org From: Aleksey Ovcharenko Subject: Re: kern/51016: kernel panic: ufsdirhash_lookup: bad offset in hash array X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Aleksey Ovcharenko List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Sep 2003 15:30:23 -0000 The following reply was made to PR kern/51016; it has been noted by GNATS. From: Aleksey Ovcharenko To: freebsd-bugs@FreeBSD.org Cc: Kris Kennaway , Subject: Re: kern/51016: kernel panic: ufsdirhash_lookup: bad offset in hash array Date: Tue, 9 Sep 2003 18:22:23 +0300 Hi, again! I have tested my pc hardware on very different crash-tests (the only for Windows, don't have it for FreeBSD) and everytihing was working fine 9 days non-stop at 40+ Celsium degree. But after switching to FreeBSD crashes have begone again. Can't ever reproduce it, just happened suddenly. I changed my drive cable to UDMA-33 - didn't help, crash was this message like "panic on no-panic entry" etc. Then I change motheboard, chipset etc., nope, crashes again and again. Here we go: IdlePTD at phsyical address 0x00329000 initial pcb at physical address 0x00297460 panicstr: general protection fault panic messages: --- Fatal trap 9: general protection fault while in kernel mode instruction pointer = 0x8:0xc01f9d2f stack pointer = 0x10:0xe71bdcb0 frame pointer = 0x10:0xe71bdcb4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 3746 (find) interrupt mask = none trap number = 9 panic: general protection fault --- syncing disks... 48 22 22 22 done Uptime: 16h18m38s #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487 487 if (dumping++) { (kgdb) where #0 dumpsys () at /usr/src/sys/kern/kern_shutdown.c:487 #1 0xc014f830 in boot (howto=256) at /usr/src/sys/kern/kern_shutdown.c:316 #2 0xc014fc64 in poweroff_wait (junk=0xc026a4ac, howto=-1071210555) at /usr/src/sys/kern/kern_shutdown.c:595 #3 0xc022db0b in trap_fatal (frame=0xe71bdc70, eva=0) at /usr/src/sys/i386/i386/trap.c:974 #4 0xc022d4e7 in trap (frame={tf_fs = -851116016, tf_es = 16, tf_ds = 16, tf_edi = 512, tf_esi = -848367104, tf_ebp = -417604428, tf_isp = -417604452, tf_ebx = -854001920, tf_edx = -1, tf_ecx = 4, tf_eax = 372, tf_trapno = 9, tf_err = 0, tf_eip = -1071669969, tf_cs = 8, tf_eflags = 66050, tf_esp = 0, tf_ss = -417604360}) at /usr/src/sys/i386/i386/trap.c:636 #5 0xc01f9d2f in zalloc (z=0xcd18f700) at /usr/src/sys/vm/vm_zone.c:70 #6 0xc01e9c1b in ufsdirhash_build (ip=0xcd45b100) at /usr/src/sys/ufs/ufs/ufs_dirhash.c:166 #7 0xc01e41da in ufs_lookup (ap=0xe71bddb8) at /usr/src/sys/ufs/ufs/ufs_lookup.c:196 #8 0xc01e99d1 in ufs_vnoperate (ap=0xe71bddb8) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2376 #9 0xc0179d02 in vfs_cache_lookup (ap=0xe71bde10) at vnode_if.h:77 #10 0xc01e99d1 in ufs_vnoperate (ap=0xe71bde10) at /usr/src/sys/ufs/ufs/ufs_vnops.c:2376 #11 0xc017ccf5 in lookup (ndp=0xe71bde8c) at vnode_if.h:52 #12 0xc017c7e0 in namei (ndp=0xe71bde8c) at /usr/src/sys/kern/vfs_lookup.c:153 #13 0xc0182619 in lstat (p=0xe6f728a0, uap=0xe71bdf80) at /usr/src/sys/kern/vfs_syscalls.c:1824 #14 0xc022dd71 in syscall2 (frame={tf_fs = 134545455, tf_es = 47, tf_ds = -1078001617, tf_edi = 134576128, tf_esi = 134576200, tf_ebp = -1077937436, tf_isp = -417603628, tf_ebx = 672089996, tf_edx = 3, tf_ecx = 134576192, tf_eax = 190, tf_trapno = 7, tf_err = 2, tf_eip = 671765056, tf_cs = 31, tf_eflags = 659, tf_esp = -1077937576, tf_ss = 47}) at /usr/src/sys/i386/i386/trap.c:1175 #15 0xc0221e35 in Xint0x80_syscall () #16 0x280a1871 in ?? () #17 0x280a10ee in ?? () #18 0x8049732 in ?? () #19 0x804b9f8 in ?? () #20 0x80493ce in ?? () (kgdb) up 6 #6 0xc01e9c1b in ufsdirhash_build (ip=0xcd45b100) at /usr/src/sys/ufs/ufs/ufs_dirhash.c:166 166 if ((dh->dh_hash[i] = zalloc(ufsdirhash_zone)) == NULL) (kgdb) list 161 MALLOC(dh->dh_blkfree, u_int8_t *, nblocks * sizeof(dh->dh_blkfree[0]), 162 M_DIRHASH, M_NOWAIT); 163 if (dh->dh_hash == NULL || dh->dh_blkfree == NULL) 164 goto fail; 165 for (i = 0; i < narrays; i++) { 166 if ((dh->dh_hash[i] = zalloc(ufsdirhash_zone)) == NULL) 167 goto fail; 168 for (j = 0; j < DH_NBLKOFF; j++) 169 dh->dh_hash[i][j] = DIRHASH_EMPTY; 170 } (kgdb) up 5 #11 0xc017ccf5 in lookup (ndp=0xe71bde8c) at vnode_if.h:52 52 rc = VCALL(dvp, VOFFSET(vop_lookup), &a); (kgdb) list 47 int rc; 48 a.a_desc = VDESC(vop_lookup); 49 a.a_dvp = dvp; 50 a.a_vpp = vpp; 51 a.a_cnp = cnp; 52 rc = VCALL(dvp, VOFFSET(vop_lookup), &a); 53 return (rc); 54 } 55 struct vop_cachedlookup_args { 56 struct vnodeop_desc *a_desc; (kgdb) The only way to stop those crashes is to turn off dirhash, so it sounds like kernel bug. I'll glad to help to find it, just tell me how. -- Sincerely Yours, Aleksey Ovcharenko