port-sparc: Re: port-sparc/7860: crashme will rapidly panic NetBSD/sparc 1.4

Subject: Re: port-sparc/7860: crashme will rapidly panic NetBSD/sparc 1.4
To: None <abs@mono.org>
From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
List: port-sparc
Date: 06/27/1999 00:26:11

I got somewhat different results on a sparcstation 2:

First run gets to:

...
try 40, Badboy at 114688. 0x1C000
Got signal 4 illegal instruction
Barfed
try 41, Badboy at 116736. 0x1C800
Got signal 4 illegal instruction
Barfed
try 42, Badboy at 118784. 0x1D000
zsh: illegal hardware instruction (core dumped)  ./crashme +2000.0 690 100

immediately re-running it, i get:

window# ./crashme +2000.0 690 100
Crashme: (c) data fault: pc=0xf011afe4 addr=0x207374ac ser=80<INVAL>
panic: kernel fault
Stopped in crashme at   _Debugger+0x4:  jmpl            [%o7 + 0x8], %g0
db> trace
_mem_access_fault(0x9, 0x80, 0x207374ac, 0xf011afe4, 0x40, 0xf1a47df0) at _mem_
access_fault+0x2e8
normal_mem_fault(0x48, 0x3c89, 0x20737464, 0x9, 0x80000000, 0xf2) at normal_mem
_fault+0x28
_sys_setitimer(0xf1915380, 0xf2262000, 0x1, 0xf0174800, 0x0, 0x10) at _sys_seti
timer+0x164
_mem_access_fault(0xf19149a0, 0x80, 0xf226254c, 0xf226254c, 0x0, 0xf1a47fb0) at
 _mem_access_fault+0x190
normal_mem_fault(0x6000, 0x8000, 0xeffffa48, 0x10069208, 0x0, 0xf1a47fb0) at no
rmal_mem_fault+0x28

The traceback looks quite odd (with the sys_setitimer in the middle
there..)

The faulting instruction mentioned in the "data fault" message above
appears to be in mmu_pagein():

db> x/i 0xf011afe4
_mmu_pagein+0x50:       ld              [%o2 + %o0], %i2
db> x/iiiiiiii 0xf011afd0
_mmu_pagein+0x3c:       srl             %i1, 0x12, %o1
_mmu_pagein+0x40:       subcc           %o2, 0x0, %g0
_mmu_pagein+0x44:       be              _mmu_pagein+0x60
_mmu_pagein+0x48:       and             %o1, 0x3f, %o3
_mmu_pagein+0x4c:       sll             %o3, 0x3, %o0
_mmu_pagein+0x50:       ld              [%o2 + %o0], %i2
_mmu_pagein+0x54:       subcc           %i2, 0x0, %g0
_mmu_pagein+0x58:       bne             _mmu_pagein+0x68
db> 
_mmu_pagein+0x5c:       add             %o2, %o0, %o1
_mmu_pagein+0x60:       ba              _mmu_pagein+0x124
_mmu_pagein+0x64:       or              %g0, 0x0, %i0
_mmu_pagein+0x68:       lduh            [%o1 + 0x4], %o2
_mmu_pagein+0x6c:       sethi           %hi(0xf016dc00), %o0
_mmu_pagein+0x70:       ld              [%o0 + 0x250], %o1
_mmu_pagein+0x74:       subcc           %o2, %o1, %g0
_mmu_pagein+0x78:       be              _mmu_pagein+0xa0

now, i don't read sparc assembler all that well, but it looks like the
faulting instruction at mmu_pagein+0x50 may correspond to the fetch of
sp->sg_pte in the following:

	/* return 0 if we have no PTEs to load */
	if ((pte = sp->sg_pte) == NULL)
		return (0);

Hope this is of use to someone who actually understands the sparc pmap...