From owner-freebsd-bugs  Tue Dec 19 01:53:06 1995
Return-Path: owner-bugs
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id BAA04157
          for bugs-outgoing; Tue, 19 Dec 1995 01:53:06 -0800 (PST)
Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id BAA03935
          for <freebsd-bugs@freebsd.org>; Tue, 19 Dec 1995 01:49:15 -0800 (PST)
Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id KAA20759; Tue, 19 Dec 1995 10:48:59 +0100
Received: by sax.sax.de (8.6.11/8.6.12-s1) with UUCP
	id KAA09414; Tue, 19 Dec 1995 10:48:58 +0100
Received: (from j@localhost) by uriah.heep.sax.de (8.6.12/8.6.9) id KAA02915; Tue, 19 Dec 1995 10:29:45 +0100
From: J Wunsch <j@uriah.heep.sax.de>
Message-Id: <199512190929.KAA02915@uriah.heep.sax.de>
Subject: Re: Problem with FreeBSD 2.1.0-RELEASE
To: davidg@Root.COM
Date: Tue, 19 Dec 1995 10:29:45 +0100 (MET)
Cc: dufault@hda.com, gibbs@freefall.freebsd.org, m.sapsed@bangor.ac.uk,
        hm@hcs.de, freebsd-bugs@freebsd.org
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
In-Reply-To: <199512190342.TAA02913@corbin.Root.COM> from "David Greenman" at Dec 18, 95 07:42:33 pm
X-Phone: +49-351-2012 669
X-Mailer: ELM [version 2.4 PL23]
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Sender: owner-bugs@freebsd.org
Precedence: bulk

As David Greenman wrote:
> 
> >I believe this is here in kern/vfs_bio.c:
> >
> >>	int s = splbio();
> >>
> >>	bh = BUFHASH(vp, blkno);
> >>	bp = bh->lh_first;
> >>
> >>	/* Search hash chain */
> >>	while (bp) {
> >
> >where we go indirect on that bp.
> 
>    This is a "can't happen" panic. It can only happen if the CPU executes the
> instructions incorrectly. The assembly code is:
> 
> ...
>         movl _bufhashtbl(,%eax,4),%ebx
>         testl %ebx,%ebx		<- exit if bp is NULL

>From my analysis (after Hellmuth's bug report), it was just one line
above.  I'm suspecting something with the BUFHASH() macro.  Remember,
the ``fault virtual address''es are somewhat weird for all bug
reports, in this case it's 0x52.  So it's not a NULL pointer, hence
not easy to check.

To recall it, the symptoms are that this panic happens for some people
with many cd drives, and _only_ when accessing the last drive.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)