Re: port-sparc/57623: pv_flushcache4m called with bogus vm_page

[Martin Husemann <martin%duskware.de@localhost>]

The following reply was made to PR port-sparc/57623; it has been noted by GNATS.

From: Martin Husemann <martin%duskware.de@localhost>
To: gnats-bugs%NetBSD.org@localhost
Cc: 
Subject: Re: port-sparc/57623: pv_flushcache4m called with bogus vm_page
Date: Thu, 21 Sep 2023 17:51:31 +0200

 I got another one and looked a bit deeper:
 
 0xf003dc88 is in pmap_copy_page4m (../../../../arch/sparc/sparc/pmap.c:7212).
 7207            int spte, dpte;
 7208    
 7209            kpreempt_disable();
 7210            if ((pg = PHYS_TO_VM_PAGE(src)) != NULL) {
 7211                    if (CACHEINFO.c_vactype == VAC_WRITEBACK)
 7212                            pv_flushcache4m(pg);
 7213            }
 7214    
 7215            spte = SRMMU_TEPTE | SRMMU_PG_C | PPROT_N_RX |
 7216                    (src >> SRMMU_PPNPASHIFT);
 
 In the case I caught in ddb I have src=0x11f800 and dst=0x79a7000,
 ddb says:
 
 db{1}> mach page 0x79a7000
 pa 79a7000 pg 0xf09b0b40
 db{1}> mach page 0x11f800
 pa 11f800 pg 0x0
 
 and the call comes from:
 
 0xf029c2bc is in uvmfault_promote (../../../../uvm/uvm_fault.c:648).
 643              */
 644             if (opg) {
 645                     pmap_remove(vm_map_pmap(ufi->orig_map), ufi->orig_rvaddr,
 646                                  ufi->orig_rvaddr + PAGE_SIZE);
 647                     pmap_update(vm_map_pmap(ufi->orig_map));
 648                     uvm_pagecopy(opg, pg);
 
 
 .. so opg was != NULL but now is not mapped anymore, which explains why we
 can't copy it over.
 
 Martin