From owner-freebsd-alpha Sun Sep 2 1:25:13 2001 Delivered-To: freebsd-alpha@freebsd.org Received: from peter3.wemm.org (c1315225-a.plstn1.sfba.home.com [24.14.150.180]) by hub.freebsd.org (Postfix) with ESMTP id AEDF937B406; Sun, 2 Sep 2001 01:25:00 -0700 (PDT) Received: from overcee.netplex.com.au (overcee.wemm.org [10.0.0.3]) by peter3.wemm.org (8.11.0/8.11.0) with ESMTP id f828P0M28391; Sun, 2 Sep 2001 01:25:00 -0700 (PDT) (envelope-from peter@wemm.org) Received: from wemm.org (localhost [127.0.0.1]) by overcee.netplex.com.au (Postfix) with ESMTP id 5A0FD3807; Sun, 2 Sep 2001 01:25:00 -0700 (PDT) (envelope-from peter@wemm.org) X-Mailer: exmh version 2.3.1 01/18/2001 with nmh-1.0.4 To: Andrew Gallatin Cc: John Baldwin , freebsd-alpha@FreeBSD.ORG, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/sys/alpha/alpha pmap.c In-Reply-To: <15247.55907.363565.267385@grasshopper.cs.duke.edu> Date: Sun, 02 Sep 2001 01:25:00 -0700 From: Peter Wemm Message-Id: <20010902082500.5A0FD3807@overcee.netplex.com.au> Sender: owner-freebsd-alpha@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Andrew Gallatin wrote: > > John Baldwin writes: > > Can you do a 'l *0xfffffc0000582da8' in gdb to see what source line it die d on? > > 0xfffffc0000582da8 is in pmap_remove_pages (../../../alpha/alpha/pmap.c:2612) > > Which ends up being: > > 2607 #ifdef PMAP_REMOVE_PAGES_CURPROC_ONLY > 2608 pte = vtopte(pv->pv_va); > 2609 #else > 2610 pte = pmap_pte_quick(pv->pv_pmap, pv->pv_va); > 2611 #endif > 2612 if (!pmap_pte_v(pte)) > 2613 panic("pmap_remove_pages: page on pm_pvlist h as no pte\n"); > 2614 tpte = *pte; Well, I'm confused now. I've reread the 1.63 -> 1.64 diff about 50 times now and I cannot for the life of me see any actual real change. Maybe I've been looking at it for so long now that I cannot see what is staring right at me? Can you please look over the diff and see if you can spot something that I cannot see? Also, do you see an immediate explosion or one at some later point? Is it repeatable - if not, is it possible that you just had the semi-regular crash with the -current while running the new kernel? What is the value of "pte" BTW? pmap_dispose_proc() is essentially changed like this: + vm_offset_t up; - ptek = vtopte((vm_offset_t) p->p_addr); + up = (vm_offset_t)p->p_addr; + ptek = vtopte(up); - if ((m = vm_page_lookup(upobj, i)) == NULL) + m = vm_page_lookup(upobj, i); + if (m == NULL) - pmap_invalidate_page(kernel_pmap, (vm_offset_t)p->p_addr + i * PAGE_SIZE); + pmap_invalidate_page(kernel_pmap, up + i * PAGE_SIZE); The rest is whitespace. I really dont see how this can lead to the kind of crash you saw. :-( Anyway, the next thing to try is to back out one of the four functions at a time.. (or do a binary search, backing out 2 then either the 3rd or restoring 1). I would look over the asm code but I just *know* gcc is going to produce totally unrecognizable assembler differences. :-( There is some serious badness with object / resource management here. When a process is created, its vm object is created and *never* destroyed. Its pointer is left in p_upages_obj across exit() and later with a new fork(). It depends on the vm zones being type safe and preserving their contents across zfree() / zalloc(). At least it releases the pages at exit. I will rebuild my UP2000 at work and retest it there as well. I'll let you know what happens. Cheers, -Peter -- Peter Wemm - peter@FreeBSD.org; peter@yahoo-inc.com; peter@netplex.com.au "All of this is for nothing if we don't go to the stars" - JMS/B5 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-alpha" in the body of the message