re: port-amd64/57153: 10.0 Beta kernel panics immediately after detecting CPUs

[matthew green <mrg%eterna.com.au@localhost>]

The following reply was made to PR port-amd64/57153; it has been noted by GNATS.

From: matthew green <mrg%eterna.com.au@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: port-amd64-maintainer%netbsd.org@localhost, gnats-admin%netbsd.org@localhost,
    netbsd-bugs%netbsd.org@localhost
Subject: re: port-amd64/57153: 10.0 Beta kernel panics immediately after detecting CPUs
Date: Mon, 02 Jan 2023 15:41:37 +1100

 > [1.0193528] uvm_fault(0xffffffff81974760, 0x0, 2) -> e
 > [1.0193528] fatal page fault in supervisor mode
 > [1.0193528] trap type 6 code 0x2 rip 0xffffffff80d77f96 cs 0x8 rflags 0x=
 10206 cr2 ilevel 0x8 rsp 0xffffffff81d3bdb0
 > [1.0193528] curlwp 0xffffffff8188a6c0 pid 0.0 lowest kstack 0xffffffff81=
 d362c0
 > kernel: page fault trap, code=3D0
 > Stopped in pid 0.0 (system) at  netbsd:uvm_page_redim+0x33c: addq $0x1,0=
 (%rdx)
 > uvm_page_redim() at netbsd:uvm_page_redim+0x33c
 
 this asm seems to match the code in my -10 GENERIC kernel image,
 so i'm going to assume that this happens here:
 
 (gdb) l *(uvm_page_redim+0x33c)
 0xffffffff80d77f96 is in uvm_page_redim (/usr/10/src/sys/uvm/uvm_page.c:83=
 7).
 832                                                         / uvmexp.ncolo=
 rs / 8
 833                                                         % newnbuckets;
 834                                             }
 835                                             uvm_page_set_bucket(pg, nb=
 );
 836                                             npgb =3D npgfl.pgfl_bucket=
 s[nb];
 837                                             npgb->pgb_nfree++;
 
    0xffffffff80d77f96 <+828>:     addq   $0x1,(%rdx)
 
 i guess that the returned "npgb" is invalid.
 
 unfortunately, all this code was rewritten post netbsd-9 and i
 guess you've teased out a latent bug that no one else has seen,
 and it's not obvious what is going wrong here.
 
 
 .mrg.