Date: Thu, 20 Jan 2005 15:05:26 -0800 From: Kris Kennaway <kris@obsecurity.org> To: "Mark W. Krentel" <krentel@dreamscape.com> Cc: Kris Kennaway <kris@obsecurity.org> Subject: Re: fstat triggered INVARIANTS panic in memrw() Message-ID: <20050120230526.GA76209@xor.obsecurity.org> In-Reply-To: <200501202247.j0KMlvJH032907@blue.mwk.domain> References: <20050119050220.GU3194@noel.cs.rice.edu> <200501202247.j0KMlvJH032907@blue.mwk.domain>
next in thread | previous in thread | raw e-mail | index | archive | help
--6c2NcOVqGQ03X4Wi Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jan 20, 2005 at 05:47:57PM -0500, Mark W. Krentel wrote: > First, let me check that your panic requires three things to trigger: > (1) heavy load, in your case ports building, (2) INVARIANTS compiled > into the kernel, and (3) many calls to fstat(1). Is that right? I didn't try without INVARIANTS, but it doesn't require heavy load. In fact I can panic the UP boxes just by running fstat in a loop (typically panics within a few seconds). SMP often panics on the first try. > Also, you're running 6.0-current on an x86 SMP machine?=20 I think it also happens on 5.x, but I'm not sure. I first noticed the problem some time in early December, but it might be older (I previously did not run fstat on these machines). > Can you bound > the problem between two dates, that is, you compiled kernel/world on > date X and it was ok, and updated on date Y and it panicked? Are you > changing the default kernel address space (3 Gig user and 1 Gig > kernel) via KVA_PAGES? Not on all affected machines (i.e. it happens on machines with the default KVA_PAGES). > arguments to kernacc() and vm_map_check_protection(). I didn't get a > panic, but I can confirm that kernacc() is being called with arguments > that constitute address wrap. My tests were on a single-CPU P3-933. > I ran buildworld along with a loop of fstat(1)s, and the address wrap > happened within seconds. It required both (1) and (3) above, > INVARIANTS may be a red herring, I'm not sure. >=20 > How long did it take for your machine to panic? Mine didn't panic, > but maybe I didn't run the test long enough, or maybe I don't have > enough open files. >=20 > Anyway, try this patch, see if it avoids the panic for you. >=20 > --Mark Thanks, it sounds promising! Kris --6c2NcOVqGQ03X4Wi Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQFB8Dk2Wry0BWjoQKURAspDAKD7bQ26qJAeXt312kpQ1uD8sFytKQCfVeYa W+sTEjcdvXni4bKKcFS40Kc= =J89l -----END PGP SIGNATURE----- --6c2NcOVqGQ03X4Wi--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050120230526.GA76209>