From owner-freebsd-alpha@FreeBSD.ORG  Thu Apr 15 22:48:08 2004
Return-Path: <owner-freebsd-alpha@FreeBSD.ORG>
Delivered-To: freebsd-alpha@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 27DDD16A4CE; Thu, 15 Apr 2004 22:48:08 -0700 (PDT)
Received: from mta7.pltn13.pbi.net (mta7.pltn13.pbi.net [64.164.98.8])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id E85E743D41; Thu, 15 Apr 2004 22:48:07 -0700 (PDT)
	(envelope-from kris@obsecurity.org)
Received: from obsecurity.dyndns.org
	(79cf76e2c7c83dccc3e3cc5934390c47@adsl-67-115-73-128.dsl.lsan03.pacbell.net
	[67.115.73.128])i3G5m4t5012675;	Thu, 15 Apr 2004 22:48:05 -0700 (PDT)
Received: by obsecurity.dyndns.org (Postfix, from userid 1000)
	id 4FBDD52345; Thu, 15 Apr 2004 22:48:04 -0700 (PDT)
Date: Thu, 15 Apr 2004 22:48:04 -0700
From: Kris Kennaway <kris@obsecurity.org>
To: Alan Cox <alc@cs.rice.edu>
Message-ID: <20040416054804.GA79165@xor.obsecurity.org>
References: <20040411093343.GA89809@xor.obsecurity.org>
	<200404132236.20792.jhb@FreeBSD.org>
	<16509.42895.49213.222503@grasshopper.cs.duke.edu>
	<20040416045453.GA78366@xor.obsecurity.org> <407F68BA.6000405@imimic.com>
	<20040416053930.GA78940@xor.obsecurity.org> <20040416054340.GZ238@cs.rice.edu>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="6TrnltStXW4iwmi0"
Content-Disposition: inline
In-Reply-To: <20040416054340.GZ238@cs.rice.edu>
User-Agent: Mutt/1.4.2.1i
cc: alc@FreeBSD.org
cc: "Alan L. Cox" <alc@imimic.com>
cc: alpha@FreeBSD.org
cc: Andrew Gallatin <gallatin@cs.duke.edu>
cc: Kris Kennaway <kris@obsecurity.org>
Subject: Re: Another alpha panic
X-BeenThere: freebsd-alpha@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Porting FreeBSD to the Alpha <freebsd-alpha.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-alpha>,
	<mailto:freebsd-alpha-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-alpha>
List-Post: <mailto:freebsd-alpha@freebsd.org>
List-Help: <mailto:freebsd-alpha-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-alpha>,
	<mailto:freebsd-alpha-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Apr 2004 05:48:08 -0000


--6TrnltStXW4iwmi0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Apr 16, 2004 at 12:43:40AM -0500, Alan Cox wrote:
> On Thu, Apr 15, 2004 at 10:39:30PM -0700, Kris Kennaway wrote:
> >=20
> > Line 2740 seems to be:
> >=20
> >         td->td_pcb->pcb_hw.apcb_ptbr =3D
> >                 ALPHA_K0SEG_TO_PHYS((vm_offset_t) pmap->pm_lev1) >> PAG=
E_SHIFT;
> >=20
>=20
> Can you provide a disassembly of pmap_activate()?  The point being to det=
ermine
> which of the above dereferences is faulting.
>=20
> Alan

Dump of assembler code for function pmap_activate:
0xfffffc00005cf0b0 <pmap_activate>:     ldah    gp,14(t12)
0xfffffc00005cf0b4 <pmap_activate+4>:   lda     gp,17112(gp)
0xfffffc00005cf0b8 <pmap_activate+8>:   lda     sp,-32(sp)
0xfffffc00005cf0bc <pmap_activate+12>:  stq     ra,0(sp)
0xfffffc00005cf0c0 <pmap_activate+16>:  stq     s0,8(sp)
0xfffffc00005cf0c4 <pmap_activate+20>:  stq     s1,16(sp)
0xfffffc00005cf0c8 <pmap_activate+24>:  mov     a0,s1
0xfffffc00005cf0cc <pmap_activate+28>:  ldq     t0,0(a0)
0xfffffc00005cf0d0 <pmap_activate+32>:  ldq     t0,280(t0)
0xfffffc00005cf0d4 <pmap_activate+36>:  lda     s0,272(t0)
0xfffffc00005cf0d8 <pmap_activate+40>:  ldq     t12,-21592(gp)
0xfffffc00005cf0dc <pmap_activate+44>:  jsr     ra,(t12),0xfffffc00005ca080=
 <set_mcontext+240>
0xfffffc00005cf0e0 <pmap_activate+48>:  ldah    gp,14(ra)
0xfffffc00005cf0e4 <pmap_activate+52>:  lda     gp,17064(gp)
0xfffffc00005cf0e8 <pmap_activate+56>:  ldq     t2,-5128(gp)
0xfffffc00005cf0ec <pmap_activate+60>:  ldl     t0,60(t7)
0xfffffc00005cf0f0 <pmap_activate+64>:  zapnot  t0,0xf,t0
0xfffffc00005cf0f4 <pmap_activate+68>:  s8addq  t0,t2,t0
0xfffffc00005cf0f8 <pmap_activate+72>:  ldq     t0,0(t0)
0xfffffc00005cf0fc <pmap_activate+76>:  beq     t0,0xfffffc00005cf14c <pmap=
_activate+156>
0xfffffc00005cf100 <pmap_activate+80>:  ldl     t0,60(t7)
0xfffffc00005cf104 <pmap_activate+84>:  zapnot  t0,0xf,t0
0xfffffc00005cf108 <pmap_activate+88>:  s8addq  t0,t2,t0
0xfffffc00005cf10c <pmap_activate+92>:  ldq     t0,0(t0)
0xfffffc00005cf110 <pmap_activate+96>:  cmpeq   s0,t0,t0
0xfffffc00005cf114 <pmap_activate+100>: bne     t0,0xfffffc00005cf14c <pmap=
_activate+156>
0xfffffc00005cf118 <pmap_activate+104>: ldl     t0,60(t7)
0xfffffc00005cf11c <pmap_activate+108>: zapnot  t0,0xf,t0
0xfffffc00005cf120 <pmap_activate+112>: s8addq  t0,t2,t0
0xfffffc00005cf124 <pmap_activate+116>: ldq     t1,0(t0)
0xfffffc00005cf128 <pmap_activate+120>: ldl     t0,64(t7)
0xfffffc00005cf12c <pmap_activate+124>: ldl_l   t3,32(t1)
0xfffffc00005cf130 <pmap_activate+128>: andnot  t3,t0,t3
0xfffffc00005cf134 <pmap_activate+132>: stl_c   t3,32(t1)
0xfffffc00005cf138 <pmap_activate+136>: beq     t3,0xfffffc000061dbb4 <Ldot=
rap+404>
0xfffffc00005cf13c <pmap_activate+140>: ldl     t0,60(t7)
0xfffffc00005cf140 <pmap_activate+144>: zapnot  t0,0xf,t0
0xfffffc00005cf144 <pmap_activate+148>: s8addq  t0,t2,t0
0xfffffc00005cf148 <pmap_activate+152>: stq     zero,0(t0)
0xfffffc00005cf14c <pmap_activate+156>: ldq     t2,416(s1)
0xfffffc00005cf150 <pmap_activate+160>: ldq     t1,0(s0)
0xfffffc00005cf154 <pmap_activate+164>: ldah    t0,-64
0xfffffc00005cf158 <pmap_activate+168>: srl     t0,0x16,t0
0xfffffc00005cf15c <pmap_activate+172>: and     t1,t0,t1
0xfffffc00005cf160 <pmap_activate+176>: srl     t1,0xd,t1
0xfffffc00005cf164 <pmap_activate+180>: stq     t1,16(t2)
0xfffffc00005cf168 <pmap_activate+184>: ldl     t0,60(t7)
0xfffffc00005cf16c <pmap_activate+188>: zapnot  t0,0xf,t0
0xfffffc00005cf170 <pmap_activate+192>: s4addq  t0,s0,t0
0xfffffc00005cf174 <pmap_activate+196>: ldl     t1,36(t0)
0xfffffc00005cf178 <pmap_activate+200>: zapnot  t1,0xf,t1
0xfffffc00005cf17c <pmap_activate+204>: ldl     t0,172(t7)
0xfffffc00005cf180 <pmap_activate+208>: zapnot  t0,0xf,t0
0xfffffc00005cf184 <pmap_activate+212>: srl     t1,0x8,t1
0xfffffc00005cf188 <pmap_activate+216>: cmpeq   t0,t1,t0
0xfffffc00005cf18c <pmap_activate+220>: bne     t0,0xfffffc00005cf198 <pmap=
_activate+232>
0xfffffc00005cf190 <pmap_activate+224>: mov     s0,a0
0xfffffc00005cf194 <pmap_activate+228>: bsr     ra,0xfffffc00005cb4c8 <pmap=
_get_asn+8>
0xfffffc00005cf198 <pmap_activate+232>: ldl     t0,60(t7)
0xfffffc00005cf19c <pmap_activate+236>: zapnot  t0,0xf,t0
0xfffffc00005cf1a0 <pmap_activate+240>: ldq     t1,-5128(gp)
0xfffffc00005cf1a4 <pmap_activate+244>: s8addq  t0,t1,t0
0xfffffc00005cf1a8 <pmap_activate+248>: stq     s0,0(t0)
0xfffffc00005cf1ac <pmap_activate+252>: ldl     t0,64(t7)
0xfffffc00005cf1b0 <pmap_activate+256>: ldl_l   t1,32(s0)
0xfffffc00005cf1b4 <pmap_activate+260>: or      t1,t0,t1
0xfffffc00005cf1b8 <pmap_activate+264>: stl_c   t1,32(s0)
0xfffffc00005cf1bc <pmap_activate+268>: beq     t1,0xfffffc000061dbb8 <Ldot=
rap+408>
0xfffffc00005cf1c0 <pmap_activate+272>: ldq     t2,416(s1)
0xfffffc00005cf1c4 <pmap_activate+276>: ldl     t0,60(t7)
0xfffffc00005cf1c8 <pmap_activate+280>: zapnot  t0,0xf,t0
0xfffffc00005cf1cc <pmap_activate+284>: s4addq  t0,s0,t0
0xfffffc00005cf1d0 <pmap_activate+288>: ldq_u   t1,36(t0)
0xfffffc00005cf1d4 <pmap_activate+292>: lda     t0,36(t0)
0xfffffc00005cf1d8 <pmap_activate+296>: extbl   t1,t0,t1
0xfffffc00005cf1dc <pmap_activate+300>: stl     t1,28(t2)
0xfffffc00005cf1e0 <pmap_activate+304>: ldq     t12,-22960(gp)
0xfffffc00005cf1e4 <pmap_activate+308>: jsr     ra,(t12),0xfffffc00005ca0b0=
 <get_fpcontext+32>
0xfffffc00005cf1e8 <pmap_activate+312>: ldah    gp,14(ra)
0xfffffc00005cf1ec <pmap_activate+316>: lda     gp,16800(gp)
0xfffffc00005cf1f0 <pmap_activate+320>: ldq     t0,0(t7)
0xfffffc00005cf1f4 <pmap_activate+324>: cmpeq   s1,t0,t0
0xfffffc00005cf1f8 <pmap_activate+328>: beq     t0,0xfffffc00005cf210 <pmap=
_activate+352>
0xfffffc00005cf1fc <pmap_activate+332>: ldq     a0,560(s1)
0xfffffc00005cf200 <pmap_activate+336>: call_pal        0x30
0xfffffc00005cf204 <pmap_activate+340>: unop
0xfffffc00005cf208 <pmap_activate+344>: nop
0xfffffc00005cf20c <pmap_activate+348>: unop
0xfffffc00005cf210 <pmap_activate+352>: ldq     ra,0(sp)
0xfffffc00005cf214 <pmap_activate+356>: ldq     s0,8(sp)
0xfffffc00005cf218 <pmap_activate+360>: ldq     s1,16(sp)
0xfffffc00005cf21c <pmap_activate+364>: lda     sp,32(sp)
0xfffffc00005cf220 <pmap_activate+368>: ret
0xfffffc00005cf224 <pmap_activate+372>: unop
0xfffffc00005cf228 <pmap_activate+376>: nop
0xfffffc00005cf22c <pmap_activate+380>: unop

--6TrnltStXW4iwmi0
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFAf3OTWry0BWjoQKURAs4sAJ9iddYUUjZNRDPoZg2tJ8rJADi3sQCdGvN5
oJWAfhm4uY9oRZ5M0Oncqtc=
=tpEl
-----END PGP SIGNATURE-----

--6TrnltStXW4iwmi0--