Date: Thu, 23 Oct 2003 13:19:15 -0700 From: othermark <atkin901@yahoo.com> To: freebsd-current@freebsd.org Subject: Re: panic: Memory modified after free Message-ID: <bn9d46$ld7$1@sea.gmane.org> References: <bn1n4k$459$1@sea.gmane.org> <20031022150112.X71676@carver.gumbysoft.com> <bn91jj$qbt$1@sea.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
apologies for repling to my own post, but it seemed the best way to continue
the thread.
othermark wrote:
> I think the next step is to move up to a 5.1-release kernel and see if
> it boots as well as the 5.0-release does, or provides a more interesting
> panic.
I tried a 5.1-RELEASE kernel and booted successfully. To take it a step
further, I tried an ftp'd kernel from current.freebsd.org
5.1-CURRENT-20031009-JPSNAP
and I was able to bootstrap the box into single user mode.
If I bootstrap the box into multiuser (snapshot kernel + 5.0 userland) I get
the following panic:
Memory modified after free 0xc4987800(2044) val=c4986800 @ 0xc4987950
panic: Most recently used by bus
Debugger("panic")
Stopped at Debugger+0x54: xchgl %ebx,in_Debugger.0
db> where
Debugger(c083db04,c08ffbc0,c0855049,d782662c,100) at Debugger+0x54
panic(c0855049,c081f6e0,7fc,c4986800,c4987950) at panic+0xd5
mtrash_ctor(c4987800,800,0,583,c4987800) at mtrash_ctor+0x67
uma_zalloc_arg(c103ae40,0,2,c08feb04,0) at uma_zalloc_arg+0x1ce
malloc(800,c0899c40,2,a7c,c0843763) at malloc+0xd3
allocbuf(cec0ef88,800,c0843763,a31,4000) at allocbuf+0x202
getblk(c49d136c,0,0,800,0) at getblk+0x4d6
breadn(c49d136c,0,0,800,0) at breadn+0x52
bread(c49d136c,0,0,800,0) at bread+0x4c
ffs_blkatoff(c49d136c,0,0,0,d7826888) at ffs_blkatoff+0xcf
ufs_lookup(d7826948,d7826984,c0685211,d7826948,d7826bec) at ufs_lookup+0x393
ufs_vnoperate(d7826948,d7826bec,d7826c00,c0844f5d,c1d05390) at ufs_vnoperat
+0x18
vfs_cache_lookup(d78269c8,d78269e4,c068a2b2,d78269c8,20002) at
vfs_cache_lookup+0x301
ufs_vnoperate(d78269c8,20002,c1d05390,c062d9a0,c1d05390) at ufs_vnoperat
+0x18
lookup(d7826bd8,0,c0844896,a6,c1d05390) at lookup+0x302
namei(d7826bd8,0,c09091e0,3,c1d05390) at namei+0x24e
vn_open_cred(d7826bd8,d7826cd8,0,c1cfbe00,9) at vn_open_cred+0x251
vn_open(d7826bd8,d7826cd8,0,9,c083b124) at vn_open+0x30
kern_open(c1d05390,bfbfefb0,0,a,0) at kern_open+0x140
open(c1d05390,d7826d10,c08590bb,3ec,3) at open+0x30
syscall(2f,2f,2f,bfbfefaf,bfbfdde4) at syscall+0x273
Xint0x80_syscall() at Xint0x80_syscall+0x1d
--- syscall (5, FreeBSD ELF32, open), eip = 0x280b6973, esp = 0xbfbfdd3c,
ebp = 0xbfbfe218 ---
db>
I will try seeing how far I can go up the list of snapshots until I
encounter the first boot -s panic.
--
othermark
atkin901 at nospam dot yahoo dot com
(!wired)?(coffee++):(wired);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bn9d46$ld7$1>