On Wed, 30 Jan 2008 19:41:55 +0000
Andrew Doran <ad@netbsd.org> wrote:

> On Tue, Jan 29, 2008 at 08:01:43PM +0000, Steven M. Bellovin wrote:
> 
> > I need to gather a few more details before I send-pr, but is anyone
> > else seeing a reproducible panic in amap_wipeout?  I first noticed
> > this on a kernel from Friday, Jan 25 (amd64) on a Thinkpad T61.  If
> > I boot single-user and do
> 
> It could be a TLB management issue but it's more likely that
> something is corrupting memory.

I've seen other indications that there's a memory corruption problem in
the kernel.  Unfortunately, I don't know where it might be...  Anything
I should enable to help track this down?

> I've found this panic to be a sign
> that something is allocating memory with kmem_alloc() and then
> overrunning the allocation, or using it after freeing it. It could
> also happen if something calls kmem_free() on an area of kernel stack.
> 



		--Steve Bellovin, http://www.cs.columbia.edu/~smb