Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page

To: Kalvis Duckmanton <kalvisd%gmail.com@localhost>, Greg Oster <oster%netbsd.org@localhost>, Johnny Billquist <bqt%softjar.se@localhost>, matthew green <mrg%eterna23.net@localhost>, port-vax%netbsd.org@localhost
Subject: Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
From: Anders Magnusson <ragge%tethuvudet.se@localhost>
Date: Thu, 21 Dec 2023 15:29:49 +0100

Den 2023-12-21 kl. 03:50, skrev Kalvis Duckmanton:

On 21/12/23 13:05, Greg Oster wrote:
On 2023-12-20 19.42, Johnny Billquist wrote:
Nothing concrete, except that that amount of memory did have issuesin the past. We hope it had been fixed, but maybe there is some kindof issue with that much memory still? Could you try with lessphysical memory? Like 128M?
I've seen this error at least 3 times now too.... this last time waswith 256MB, but I'm pretty sure the first two were with just 64MB RAM.
I've seen this also - from my notes it appeared to be due to staleentries in the translation buffer for the pages in system spaceholding the page table entries for P0 or P1 space. Flushing thetranslation buffer when extending P0 or P1 space seems to have fixedit. I'm attaching a patch for consideration.

Hm, interesting. Let us try to follow this path for p0 expansion :-)

- grow_p0() is called from pmap_enter(), which is also where the panic()is later on.- pmap_enter() will call TBIA at the end, so if your idea is correctthen the problem is that the virtual pte mapping in kernel space isstale and points to some other mapping.- This will in that case happen when reading oldpte from *pteptr. pteptris the new space allocated after grow.

- To get this new space in which pteptr points extent_alloc() is called.

- If it fails then rmproc() is called to find to try to find someprocess that is OK for swapping (similar logic) and removes its mappingsto free up some space in the user page table map.- When space is found, the system page table pte's that maps the userpage tables is copied (from the old place) and cleared (the new mappings).

So:

- if there is a process that has been removed from its process space andthat process space has been reused, and

- its PTEs had entries in the TLB, and
- its user process pages has been referenced (SREF set), then
- the stale page entry may be read and cause this fault.

Any comments on the flow of events that I just wrote down above? Does itseems correct?

if so, it seems that you might have found yet another bug, Kalvis :-)

Also, since SREF is set on the page, it means that a user process pageis modified, and that information will now be lost.Maybe this should be propagated upwards before removing the user processspace?


-- Ragge

Follow-Ups:
- re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: matthew green
- Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: Jason Thorpe

References:
- my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: matthew green
- Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: Johnny Billquist
- Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: Greg Oster
- Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
  - From: Kalvis Duckmanton

Prev by Date: Re: PSA: Clock drift and pkgin
Next by Date: Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
Previous by Thread: Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
Next by Thread: Re: my simh-vax crashed: panic: pmap_enter on PG_SREF page
Indexes:

Home | Main Index | Thread Index | Old Index