Ok... I am coming to the conclusion that there is some sort of kernel issue that is causing this problem. Here is what I have done and discovered to date (this is all with 4.3-RC2 FWIW): At some point the 'qhead' CIRCLEQ structure in yp_dblookup.c gets corrupted. This is declared as a static, and no handles are passed back out of the function, so aside from data-segment smashing, all accesses to that structure _must_ happen within yp_dblookup.c. To date, _almost_ every single segfault has been in the for loop of yp_testflags (this is a bit odd in and of itself given that the CIRCLEQ is being mangled) ( I do not recall the exact situation for the one not in yp_testflags. ), so I wrote a function called 'queue_verify()' whose only lob is to travel once down the CIRCLEQ, assert the number of entries in the CIRCLEQ is the same as numdbs and exit. I placed this function after every Berkeley DB function call and other random points in the function calls in "yp_dblookup.c". Right now I am only seeing seg-faults in the queue_verify() that I placed before the for loop in yp_testflags *very* strange, one would think with the number I have placed everywhere that it would get tripped up somewhere else too). I also notice that it always dies very shortly after it fork()s a child to handle a YP_ALL request (one of the things the child does is the delete its copy of the CIRCLEQ). Is it possible that a copy-on-write is somehow getting mangled and causing this? FWIW: this system is a single CPU PentiumPro acting as a firewall/gateway with 1 FXP, 2 dc, and 2 xl interfaces (the fxp and one each of the dc and xl are active). Any ideas? Any clue where to look next, I am running out ideas here. -- David Cross | email: [EMAIL PROTECTED] Lab Director | Rm: 308 Lally Hall Rensselaer Polytechnic Institute, | Ph: 518.276.2860 Department of Computer Science | Fax: 518.276.4033 I speak only for myself. | WinNT:Linux::Linux:FreeBSD To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
