Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Apr 2004 22:48:04 -0700
From:      Kris Kennaway <kris@obsecurity.org>
To:        Alan Cox <alc@cs.rice.edu>
Cc:        Kris Kennaway <kris@obsecurity.org>
Subject:   Re: Another alpha panic
Message-ID:  <20040416054804.GA79165@xor.obsecurity.org>
In-Reply-To: <20040416054340.GZ238@cs.rice.edu>
References:  <20040411093343.GA89809@xor.obsecurity.org> <200404132236.20792.jhb@FreeBSD.org> <16509.42895.49213.222503@grasshopper.cs.duke.edu> <20040416045453.GA78366@xor.obsecurity.org> <407F68BA.6000405@imimic.com> <20040416053930.GA78940@xor.obsecurity.org> <20040416054340.GZ238@cs.rice.edu>
next in thread | previous in thread | raw e-mail | index | archive | help 

--6TrnltStXW4iwmi0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Apr 16, 2004 at 12:43:40AM -0500, Alan Cox wrote:
> On Thu, Apr 15, 2004 at 10:39:30PM -0700, Kris Kennaway wrote:
> >=20
> > Line 2740 seems to be:
> >=20
> >         td->td_pcb->pcb_hw.apcb_ptbr =3D
> >                 ALPHA_K0SEG_TO_PHYS((vm_offset_t) pmap->pm_lev1) >> PAG=
E_SHIFT;
> >=20
>=20
> Can you provide a disassembly of pmap_activate()?  The point being to det=
ermine
> which of the above dereferences is faulting.
>=20
> Alan

Dump of assembler code for function pmap_activate:
0xfffffc00005cf0b0 <pmap_activate>:     ldah    gp,14(t12)
0xfffffc00005cf0b4 <pmap_activate+4>:   lda     gp,17112(gp)
0xfffffc00005cf0b8 <pmap_activate+8>:   lda     sp,-32(sp)
0xfffffc00005cf0bc <pmap_activate+12>:  stq     ra,0(sp)
0xfffffc00005cf0c0 <pmap_activate+16>:  stq     s0,8(sp)
0xfffffc00005cf0c4 <pmap_activate+20>:  stq     s1,16(sp)
0xfffffc00005cf0c8 <pmap_activate+24>:  mov     a0,s1
0xfffffc00005cf0cc <pmap_activate+28>:  ldq     t0,0(a0)
0xfffffc00005cf0d0 <pmap_activate+32>:  ldq     t0,280(t0)
0xfffffc00005cf0d4 <pmap_activate+36>:  lda     s0,272(t0)
0xfffffc00005cf0d8 <pmap_activate+40>:  ldq     t12,-21592(gp)
0xfffffc00005cf0dc <pmap_activate+44>:  jsr     ra,(t12),0xfffffc00005ca080=
 <set_mcontext+240>
0xfffffc00005cf0e0 <pmap_activate+48>:  ldah    gp,14(ra)
0xfffffc00005cf0e4 <pmap_activate+52>:  lda     gp,17064(gp)
0xfffffc00005cf0e8 <pmap_activate+56>:  ldq     t2,-5128(gp)
0xfffffc00005cf0ec <pmap_activate+60>:  ldl     t0,60(t7)
0xfffffc00005cf0f0 <pmap_activate+64>:  zapnot  t0,0xf,t0
0xfffffc00005cf0f4 <pmap_activate+68>:  s8addq  t0,t2,t0
0xfffffc00005cf0f8 <pmap_activate+72>:  ldq     t0,0(t0)
0xfffffc00005cf0fc <pmap_activate+76>:  beq     t0,0xfffffc00005cf14c <pmap=
_activate+156>
0xfffffc00005cf100 <pmap_activate+80>:  ldl     t0,60(t7)
0xfffffc00005cf104 <pmap_activate+84>:  zapnot  t0,0xf,t0
0xfffffc00005cf108 <pmap_activate+88>:  s8addq  t0,t2,t0
0xfffffc00005cf10c <pmap_activate+92>:  ldq     t0,0(t0)
0xfffffc00005cf110 <pmap_activate+96>:  cmpeq   s0,t0,t0
0xfffffc00005cf114 <pmap_activate+100>: bne     t0,0xfffffc00005cf14c <pmap=
_activate+156>
0xfffffc00005cf118 <pmap_activate+104>: ldl     t0,60(t7)
0xfffffc00005cf11c <pmap_activate+108>: zapnot  t0,0xf,t0
0xfffffc00005cf120 <pmap_activate+112>: s8addq  t0,t2,t0
0xfffffc00005cf124 <pmap_activate+116>: ldq     t1,0(t0)
0xfffffc00005cf128 <pmap_activate+120>: ldl     t0,64(t7)
0xfffffc00005cf12c <pmap_activate+124>: ldl_l   t3,32(t1)
0xfffffc00005cf130 <pmap_activate+128>: andnot  t3,t0,t3
0xfffffc00005cf134 <pmap_activate+132>: stl_c   t3,32(t1)
0xfffffc00005cf138 <pmap_activate+136>: beq     t3,0xfffffc000061dbb4 <Ldot=
rap+404>
0xfffffc00005cf13c <pmap_activate+140>: ldl     t0,60(t7)
0xfffffc00005cf140 <pmap_activate+144>: zapnot  t0,0xf,t0
0xfffffc00005cf144 <pmap_activate+148>: s8addq  t0,t2,t0
0xfffffc00005cf148 <pmap_activate+152>: stq     zero,0(t0)
0xfffffc00005cf14c <pmap_activate+156>: ldq     t2,416(s1)
0xfffffc00005cf150 <pmap_activate+160>: ldq     t1,0(s0)
0xfffffc00005cf154 <pmap_activate+164>: ldah    t0,-64
0xfffffc00005cf158 <pmap_activate+168>: srl     t0,0x16,t0
0xfffffc00005cf15c <pmap_activate+172>: and     t1,t0,t1
0xfffffc00005cf160 <pmap_activate+176>: srl     t1,0xd,t1
0xfffffc00005cf164 <pmap_activate+180>: stq     t1,16(t2)
0xfffffc00005cf168 <pmap_activate+184>: ldl     t0,60(t7)
0xfffffc00005cf16c <pmap_activate+188>: zapnot  t0,0xf,t0
0xfffffc00005cf170 <pmap_activate+192>: s4addq  t0,s0,t0
0xfffffc00005cf174 <pmap_activate+196>: ldl     t1,36(t0)
0xfffffc00005cf178 <pmap_activate+200>: zapnot  t1,0xf,t1
0xfffffc00005cf17c <pmap_activate+204>: ldl     t0,172(t7)
0xfffffc00005cf180 <pmap_activate+208>: zapnot  t0,0xf,t0
0xfffffc00005cf184 <pmap_activate+212>: srl     t1,0x8,t1
0xfffffc00005cf188 <pmap_activate+216>: cmpeq   t0,t1,t0
0xfffffc00005cf18c <pmap_activate+220>: bne     t0,0xfffffc00005cf198 <pmap=
_activate+232>
0xfffffc00005cf190 <pmap_activate+224>: mov     s0,a0
0xfffffc00005cf194 <pmap_activate+228>: bsr     ra,0xfffffc00005cb4c8 <pmap=
_get_asn+8>
0xfffffc00005cf198 <pmap_activate+232>: ldl     t0,60(t7)
0xfffffc00005cf19c <pmap_activate+236>: zapnot  t0,0xf,t0
0xfffffc00005cf1a0 <pmap_activate+240>: ldq     t1,-5128(gp)
0xfffffc00005cf1a4 <pmap_activate+244>: s8addq  t0,t1,t0
0xfffffc00005cf1a8 <pmap_activate+248>: stq     s0,0(t0)
0xfffffc00005cf1ac <pmap_activate+252>: ldl     t0,64(t7)
0xfffffc00005cf1b0 <pmap_activate+256>: ldl_l   t1,32(s0)
0xfffffc00005cf1b4 <pmap_activate+260>: or      t1,t0,t1
0xfffffc00005cf1b8 <pmap_activate+264>: stl_c   t1,32(s0)
0xfffffc00005cf1bc <pmap_activate+268>: beq     t1,0xfffffc000061dbb8 <Ldot=
rap+408>
0xfffffc00005cf1c0 <pmap_activate+272>: ldq     t2,416(s1)
0xfffffc00005cf1c4 <pmap_activate+276>: ldl     t0,60(t7)
0xfffffc00005cf1c8 <pmap_activate+280>: zapnot  t0,0xf,t0
0xfffffc00005cf1cc <pmap_activate+284>: s4addq  t0,s0,t0
0xfffffc00005cf1d0 <pmap_activate+288>: ldq_u   t1,36(t0)
0xfffffc00005cf1d4 <pmap_activate+292>: lda     t0,36(t0)
0xfffffc00005cf1d8 <pmap_activate+296>: extbl   t1,t0,t1
0xfffffc00005cf1dc <pmap_activate+300>: stl     t1,28(t2)
0xfffffc00005cf1e0 <pmap_activate+304>: ldq     t12,-22960(gp)
0xfffffc00005cf1e4 <pmap_activate+308>: jsr     ra,(t12),0xfffffc00005ca0b0=
 <get_fpcontext+32>
0xfffffc00005cf1e8 <pmap_activate+312>: ldah    gp,14(ra)
0xfffffc00005cf1ec <pmap_activate+316>: lda     gp,16800(gp)
0xfffffc00005cf1f0 <pmap_activate+320>: ldq     t0,0(t7)
0xfffffc00005cf1f4 <pmap_activate+324>: cmpeq   s1,t0,t0
0xfffffc00005cf1f8 <pmap_activate+328>: beq     t0,0xfffffc00005cf210 <pmap=
_activate+352>
0xfffffc00005cf1fc <pmap_activate+332>: ldq     a0,560(s1)
0xfffffc00005cf200 <pmap_activate+336>: call_pal        0x30
0xfffffc00005cf204 <pmap_activate+340>: unop
0xfffffc00005cf208 <pmap_activate+344>: nop
0xfffffc00005cf20c <pmap_activate+348>: unop
0xfffffc00005cf210 <pmap_activate+352>: ldq     ra,0(sp)
0xfffffc00005cf214 <pmap_activate+356>: ldq     s0,8(sp)
0xfffffc00005cf218 <pmap_activate+360>: ldq     s1,16(sp)
0xfffffc00005cf21c <pmap_activate+364>: lda     sp,32(sp)
0xfffffc00005cf220 <pmap_activate+368>: ret
0xfffffc00005cf224 <pmap_activate+372>: unop
0xfffffc00005cf228 <pmap_activate+376>: nop
0xfffffc00005cf22c <pmap_activate+380>: unop

--6TrnltStXW4iwmi0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAf3OTWry0BWjoQKURAs4sAJ9iddYUUjZNRDPoZg2tJ8rJADi3sQCdGvN5
oJWAfhm4uY9oRZ5M0Oncqtc=
=tpEl
-----END PGP SIGNATURE-----

--6TrnltStXW4iwmi0--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040416054804.GA79165>