Re: 4.01 panic/lock issues?

To: jcarr%poethecat.com@localhost
Subject: Re: 4.01 panic/lock issues?
From: Izumi Tsutsui <tsutsui%ceres.dti.ne.jp@localhost>
Date: Thu, 15 Jan 2009 23:28:42 +0900

John Carr wrote:

> I next decided to put the system under heavy load to get it to panic
> again, which it had done in the past.. and it did. At the time of the
> panic, I had a kernel compile running as well as 4 items out of pkgsrc.
> The result:
> 
> vm_fault(0xe1b3518, 0x0, 0x1) -> 0xe
> trap type=0x8, code=0x145, v=0x4
> kernel: MMU fault trap

Appearlenty this shows NULL pointer dereference again.

> Stopped in pid 28842.1 (perl) at        netbsd:cpu_Debugger+0x6:

Is this perl binary from packages on ftp.NetBSD.org?

If so that m68k packages might have certain FP instructions
which can't be handled by 68020+68882, and
m68k FPE code didn't handle them properly either.

> cpu_Debugger(2000,8,ef56900,f893da0,f893e04) + 6
> panic(e198d79,3a,4,466,f893fb4) + 11a
> trap(f893e1c,8,145,4) + 244
> fpu_implode(e1bbe3c,0,2,f890118) + ac
> (f893fb4,f890040,f893f70) + 7c8bc
> trap(f893fb4,10,0,0) + 548
> fault() + 10

This shows:

unimplemented FP trap (fpfline() or fpunsupp() in locore.s)
-> fault() in src/sys/arch/m68k/m68k/trap_subr.s
-> trap() in src/sys/arch/sun3/sun3/trap.c
-> fpu_emulate() in src/sys/arch/m68k/fpe/fpu_emulate.c
-> fpu_emul_arith() (inlined into fpu_emulate() by gcc)
-> fpu_implode() called with res==NULL in fpu_implode.c
-> fpu_ftox() (inlined into fpu_implode()) with fp==NULL

offsetof(struct fpn, fp_sign) is 4, so fp->fp_sign with NULL fp
causes the reference to vaddr = 0x4.

In fpu_emulate.c:fpu_emul_arith(), I don't see an obvious code path
which could call fpu_implode() with NULL res.

Could you try this kernel (which has a debug printf in that path)?
http://www.ceres.dti.ne.jp/~tsutsui/netbsd/netbsd-sun3-FPETEST-4.0.1.gz


Index: sys/arch/m68k/fpe/fpu_emulate.c
===================================================================
RCS file: /cvsroot/src/sys/arch/m68k/fpe/fpu_emulate.c,v
retrieving revision 1.26.24.1
diff -u -r1.26.24.1 fpu_emulate.c
--- sys/arch/m68k/fpe/fpu_emulate.c     31 Mar 2007 15:40:39 -0000      
1.26.24.1
+++ sys/arch/m68k/fpe/fpu_emulate.c     15 Jan 2009 14:21:39 -0000
@@ -918,6 +918,14 @@
        sig = SIGILL;
     } /* switch (word1 & 0x3f) */
 
+#if 1
+    if (res == NULL) {
+       printf("%s: FP instruction is not processed properly\n", __func__);
+       printf("%s: opcode=0x%x, word1=0x%x\n", __func__,
+           insn->is_opcode, insn->is_word1);
+       sig = SIGILL;
+    }
+#endif
     if (!discard_result && sig == 0) {
        fpu_implode(fe, res, FTYPE_EXT, &fpregs[regnum * 3]);
 #if DEBUG_FPE

---
Izumi Tsutsui

Follow-Ups:
- Re: 4.01 panic/lock issues?
  - From: John Carr

References:
- Re: 4.01 panic/lock issues?
  - From: John Carr

Prev by Date: Re: 4.01 panic/lock issues?
Next by Date: Re: 4.01 panic/lock issues?
Previous by Thread: Re: 4.01 panic/lock issues?
Next by Thread: Re: 4.01 panic/lock issues?
Indexes:

Home | Main Index | Thread Index | Old Index