Subject: port-amiga/29021: pmap panic 3: pmap_testbit ff
To: None <port-amiga-maintainer@netbsd.org, gnats-admin@netbsd.org,>
From: S.P.Zeidler <spz@serpens.de>
List: netbsd-bugs
Date: 01/20/2005 12:29:00
>Number: 29021
>Category: port-amiga
>Synopsis: pmap panic
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: port-amiga-maintainer
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 20 12:29:00 +0000 2005
>Originator: S.P.Zeidler
>Release: NetBSD 2.0
>Organization:
dis-
>Environment:
System: NetBSD serpens.de 2.0 NetBSD 2.0 (SERPENS) #0: Sun Dec 26 10:47:05 CET 2004 spz@aquila:/home/netbsd/obj.amiga/sys/arch/amiga/compile/SERPENS amiga
Architecture: m68k
Machine: amiga
>Description:
db> dmesg
NetBSD 2.0 (SERPENS) #0: Sun Dec 26 10:47:05 CET 2004
spz@aquila:/home/netbsd/obj.amiga/sys/arch/amiga/compile/SERPENS
Amiga 3000 (68060 rev.1 CPU/MMU/FPU)
total memory = 98304 KB
avail memory = 94200 KB
memory segment 0 at 08000000 size 06000000
memory segment 1 at 00000000 size 00200000
mainbus0 (root)
clock0 at mainbus0: CIA B system hz 100 hardware hz 709379
Calibrating delay loop... 21/1024 us
a34kbbc0 at mainbus0
ser0 at mainbus0: input fifo 512 output fifo 32
par0 at mainbus0
kbd0 at mainbus0: CIA A type Amiga
wskbd0 at kbd0 (mux ignored): console keyboard
ms0 at mainbus0
wsmouse0 at ms0 (mux ignored)
wsmouse1 at ms0 (mux ignored)
amidisplaycc0 at mainbus0: Amiga custom chip graphics
wsdisplay0 at amidisplaycc0 (kbdmux ignored)
fdc0 at mainbus0: dmabuf pa 0x1f7fdc: dmabuf ka 0x8db1fdc
fd0 at fdc0 unit 0: 3.5dd 80 cyl, 2 head, 11 sec [9 sec], 512 bytes/sec
ahsc0 at mainbus0
scsibus0 at ahsc0: 8 targets, 8 luns per target
aucc0 at mainbus0
audio0 at aucc0: half duplex
zbus0 at mainbus0
cbiisc at zbus0: pa 0xea0000 man/pro 8512/25 not configured
le0 at zbus0 pa 0xe90000 man/pro 514/112: address 00:80:10:00:17:31
le0: 16 receive buffers, 4 transmit buffers
4 views configured
IPsec: Initialized Security Association Processing.
call_sicallback: 1 more dynamic structures 2 total
scsibus0: waiting 2 seconds for devices to settle...
ahsc0: target 0 now synchronous, period=208ns, offset=12.
sd0 at scsibus0 target 0 lun 0: <IBM, DNES-318350, SA30> disk fixed
sd0: 17501 MB, 11474 cyl, 10 head, 312 sec, 512 bytes/sect x 35843670 sectors
call_sicallback: 23 more dynamic structures 25 total
call_sicallback: 1 more dynamic structures 26 total
ahsc0: target 4 now synchronous, period=208ns, offset=12.
sd1 at scsibus0 target 4 lun 0: <IBM, DDRS-39130, S97B> disk fixed
sd1: 8715 MB, 8387 cyl, 10 head, 212 sec, 512 bytes/sect x 17850000 sectors
root on sd0a dumps on sd0b
root file system type: ffs
call_sicallback: 9 more dynamic structures 37 total
call_sicallback: 12 more dynamic structures 49 total
call_sicallback: 2 more dynamic structures 51 total
call_sicallback: 1 more dynamic structures 52 total
call_sicallback: 3 more dynamic structures 55 total
call_sicallback: 5 more dynamic structures 60 total
call_sicallback: 5 more dynamic structures 65 total
call_sicallback: 1 more dynamic structures 66 total
uvm_fault(0x1ea220, 0x44630000, 0, 0x1) -> 0xe
type 8, code [mmu,,ssw]: 1051000
trap type 8, code = 1051000, v = 44630971
pid = 4, lid = 1, pc = 0017D8D6, ps = 2404, sfc = 1, dfc = 1
Registers:
0 1 2 3 4 5 6 7
dreg: 00000000 00000024 00000001 00002012 00000010 010AC000 00000000 010AC000
areg: 0017D904 00000024 4463096D 00233F10 00233F14 04AC3C2C 04AC3C34 0DFFFFFC
Kernel stack (04AC3A90):
AC3A90: 0017E0C8 04AC3BBC 00000080 001BE24B 00000008 01051000 44630971 0000000E
AC3AB0: 04AC3B38 0017E368 00000008 01051000 44630971 04AC3BBC 00000008 00000000
AC3AD0: 00000000 44630971 01051000 010AC000 0422E4C8 04AB0180 00233F14 04AC3C2C
AC3AF0: 00000000 FFFFFFFF 00000001 0022F730 00000000 00000000 00000001 00000000
AC3B10: 00000000 00000000 00000001 00000000 00000000 00000008 00000000 00000000
AC3B30: 00000000 004319B4 04AC3BA8 0017E770 00000008 01051000 44630971 04AC3BBC
AC3B50: 04AB0180 00000000 00000000 00000001 00002012 00000010 010AC000 00000000
AC3B70: 4463096D 00233F10 00000001 00000000 00000000 00000000 00000000 00000000
AC3B90: 00000000 00000008 00000000 00000000 00000000 08E0E043 04AC3C34 00002058
AC3BB0: 00000008 01051000 44630971 00000000 00000024 00000001 00002012 00000010
AC3BD0: 010AC000 00000000 010AC000 0017D904 00000024 4463096D 00233F10 00233F14
AC3BF0: 04AC3C2C 04AC3C34 0DFFFFFC 00000000 24040017 D8D64008 44630971 01051000
AC3C10: 002FF898 04AC3C5C 00000000 002E0840 00344CC8 7FFFFFFF FFFFE000 0017D104
AC3C30: 0D842000 04AC3C4C 0017D0F6 002FF898 00000010 00000001 04AC3C5C 04AC3D6C
AC3C50: 00113546 002E0840 00344CC8 00000000 00000000 00000000 00000000 00000000
AC3C70: 00000000 00000000 00187314 04AC3DAC 00000001 00000003 00000000 00000000
panic: MMU fault
db> trace
cpu_Debugger(8,1,ebfec,4ac3ab0,17e09c) + 6
panic(1be1f2,e,4ac3b38,17e368,8) + f8
panictrap(8,1051000,44630971,4ac3bbc) + 36
trapmmufault(8,1051000,44630971,4ac3bbc,4ab0180) + 258
trap(8,1051000,44630971) + 24a
pmap_testbit(2ff898,10,1,4ac3c5c,4ac3d6c) + d2
pmap_clear_modify(2e0840) + 16
genfs_putpages(4ac3d9c,1,3,0,55bb88c) + 830
ffs_putpages(4ac3d9c,1ac5d8,55bb88c,0,0) + 24
VOP_PUTPAGES(55bb88c,0,0,0,0,11) + 44
ffs_full_fsync(4ac3e84,4ad5dd0,3,0,422e4c8) + 1d0
ffs_fsync(4ac3e84,1ac06c,55bb88c,3d9e80,0) + 38
VOP_FSYNC(55bb88c,3d9e80,0,0,0,0,0,422e4c8) + 50
ffs_sync(49a200,3,3d9e80,422e4c8) + 194
sync_fsync(4ac3f2c,1ac06c,4b109dc,3d9e80,8) + 9a
VOP_FSYNC(4b109dc,3d9e80,8,0,0,0,0) + 50
sched_sync(4ab0180) + 17e
proc_trampoline() + 2
db> show reg
d0 0x2700 start+0x236
d1 0x8
d2 0x100
d3 0x1be1f2 mem_cdevsw+0x32e
d4 0x8
d5 0x44630971
d6 0x44630000
d7 0x8
a0 0x29e000 emul_netbsd_aoutm68k_object+0x685ec
a1 0
a2 0xebfec printf
a3 0x1ea220 kernel_map_store
a4 0x4ab0180 emul_netbsd_aoutm68k_object+0x487a76c
a5 0x422e4c8 emul_netbsd_aoutm68k_object+0x3ff8ab4
a6 0x4ac3a8c emul_netbsd_aoutm68k_object+0x488e078
sp 0xdfffffc emul_netbsd_aoutm68k_object+0xddca5e8
pc 0x14297c cpu_Debugger+0x6
sr 0x2400 lev6intr+0x36
netbsd:cpu_Debugger+0x6: unlk a6
db> x/i pmap_testbit,100
[...]
netbsd:pmap_testbit+0x9c: cmpl a4@(0,a1:l),d1
netbsd:pmap_testbit+0xa0: bcsb <pmap_testbit+0x104> [addr:0x17d908 ]
netbsd:pmap_testbit+0xa2: addql #0x1,a0
netbsd:pmap_testbit+0xa4: lea a1@(0x24),a1
netbsd:pmap_testbit+0xa8: cmpl a0,d2
netbsd:pmap_testbit+0xaa: bgtb <pmap_testbit+0x94> [addr:0x17d898 ]
netbsd:pmap_testbit+0xac: movq #-0x1,d0
netbsd:pmap_testbit+0xae: movq #0x24,d1
netbsd:pmap_testbit+0xb0: mulsl d1,d0
netbsd:pmap_testbit+0xb4: moval d0,a0
netbsd:pmap_testbit+0xb6: addal #0x233f30,a0
netbsd:pmap_testbit+0xbc: moval a0@,a0
netbsd:pmap_testbit+0xbe: addal a6@(-0x8),a0
netbsd:pmap_testbit+0xc2: movb a0@,d0
netbsd:pmap_testbit+0xc4: extbl d0
netbsd:pmap_testbit+0xc6: andl d4,d0
netbsd:pmap_testbit+0xc8: beqb <pmap_testbit+0xd2> [addr:0x17d8d6 ]
netbsd:pmap_testbit+0xca: mov sr,d0
netbsd:pmap_testbit+0xcc: mov d3,sr
netbsd:pmap_testbit+0xce: movq #0x1,d0
netbsd:pmap_testbit+0xd0: brab <pmap_testbit+0x12a> [addr:0x17d92e ]
netbsd:pmap_testbit+0xd2: moval a2@(0x4),a0
netbsd:pmap_testbit+0xd6: tstl a0
netbsd:pmap_testbit+0xd8: beqb <pmap_testbit+0xfc> [addr:0x17d900 ]
netbsd:pmap_testbit+0xda: tstl a2
netbsd:pmap_testbit+0xdc: beqb <pmap_testbit+0xfc> [addr:0x17d900 ]
netbsd:pmap_testbit+0xde: movl a2@(0x8),d0
netbsd:pmap_testbit+0xe2: movq #0xd,d1
netbsd:pmap_testbit+0xe4: lsrl d1,d0
netbsd:pmap_testbit+0xe6: moval a0@,a0
netbsd:pmap_testbit+0xe8: movl a0@(0,d0:l:4),d0
[...]
>How-To-Repeat:
busy machine with lots of network and disk activity
>Fix: