re: port-amd64/57153: 10.0 Beta kernel panics immediately after detecting CPUs

[matthew green <mrg%eterna.com.au@localhost>]

> [1.0193528] uvm_fault(0xffffffff81974760, 0x0, 2) -> e
> [1.0193528] fatal page fault in supervisor mode
> [1.0193528] trap type 6 code 0x2 rip 0xffffffff80d77f96 cs 0x8 rflags 0x10206 cr2 ilevel 0x8 rsp 0xffffffff81d3bdb0
> [1.0193528] curlwp 0xffffffff8188a6c0 pid 0.0 lowest kstack 0xffffffff81d362c0
> kernel: page fault trap, code=0
> Stopped in pid 0.0 (system) at  netbsd:uvm_page_redim+0x33c: addq $0x1,0(%rdx)
> uvm_page_redim() at netbsd:uvm_page_redim+0x33c

this asm seems to match the code in my -10 GENERIC kernel image,
so i'm going to assume that this happens here:

(gdb) l *(uvm_page_redim+0x33c)
0xffffffff80d77f96 is in uvm_page_redim (/usr/10/src/sys/uvm/uvm_page.c:837).
832                                                         / uvmexp.ncolors / 8
833                                                         % newnbuckets;
834                                             }
835                                             uvm_page_set_bucket(pg, nb);
836                                             npgb = npgfl.pgfl_buckets[nb];
837                                             npgb->pgb_nfree++;

   0xffffffff80d77f96 <+828>:     addq   $0x1,(%rdx)

i guess that the returned "npgb" is invalid.

unfortunately, all this code was rewritten post netbsd-9 and i
guess you've teased out a latent bug that no one else has seen,
and it's not obvious what is going wrong here.


.mrg.