On Thu, Apr 29, 2021 at 04:17:05PM +0200, Martin Pieuchot wrote:
> On 29/04/21(Thu) 12:07, Alexander Bluhm wrote:
> > On Thu, Apr 29, 2021 at 11:08:30AM +0200, Mark Kettenis wrote:
> > > > > panic: kernel diagnostic assertion "pg->wire_count == 0" failed: file
> > > > > "/usr/src/sys/uvm/uvm_page.c", line 1265
> > >
> > > I suspect pmapae.c rev 1.61 causes this issue. Does reverting that
> > > commit "fix" the issue?
> > >
> > > It won't really fix the issue as you may still hit the "can't locate PD
> > > page"
> > > panic.
> >
> > I think this diff prevents the panic. But I need one more test run
> > to be sure.
One test without and one with this diff. Either panic or make build
passes. I am convinced that this triggers the bug. And one of my
i386 regress machines can easily reproduce it. Console access for
developers possible.
> This 4 pages pdir is never freed, so ok with me to revert this chunk if
> it is the cause of the panic you see.
How to proceed? Revert this chunk? Or does someone want to look
into the underlying cause soon.
bluhm
> > One of my i386 machines triggers it during every make build, the
> > other one is stable.
> >
> > wire count is 1
> >
> > struct vm_page at 0xd4fd3404 (76 bytes) {pageq = {tqe_next = (struct
> > vm_page *)0xffffffff, tqe_prev = 0xffffffff}, objt = {rbt_parent = (struct
> > rb_entry *)0xd267d084, rbt_left = (struct rb_entry *)0xd286028c, rbt_right
> > = (struct rb_entry *)0xd4fd33c0, rbt_color = 0x0}, uanon = (struct vm_anon
> > *)0x0, uobject = (struct uvm_object *)0xd0e58d0c, offset = 0x2552c000,
> > pg_flags = 0x3200004, pg_version = 0x1, wire_count = 0x1, phys_addr =
> > 0xcfd1e000, fpgsz = 0x0, mdpage = {pv_mtx = {mtx_owner = (volatile void
> > *)0x0, mtx_wantipl = 0x90, mtx_oldipl = 0x90}, pv_list = (struct pv_entry
> > *)0x0}}
> >
> > bluhm
> >
> > Index: arch/i386/i386/pmapae.c
> > ===================================================================
> > RCS file: /mount/openbsd/cvs/src/sys/arch/i386/i386/pmapae.c,v
> > retrieving revision 1.61
> > diff -u -p -r1.61 pmapae.c
> > --- arch/i386/i386/pmapae.c 24 Apr 2021 09:44:45 -0000 1.61
> > +++ arch/i386/i386/pmapae.c 28 Apr 2021 19:30:13 -0000
> > @@ -1938,20 +1938,7 @@ pmap_enter_special_pae(vaddr_t va, paddr
> > __func__, va);
> >
> > if (!pmap->pm_pdir_intel) {
> > -#if notyet
> > - /*
> > - * XXX mapping is established via pmap_kenter() and lost
> > - * after enabling PAE.
> > - */
> > - vapd = (vaddr_t)km_alloc(4 * NBPG, &kv_any, &kp_zero,
> > - &kd_waitok);
> > -#else
> > - vapd = (vaddr_t)km_alloc(4 * NBPG, &kv_any, &kp_pageable,
> > - &kd_waitok);
> > - if (vapd != 0)
> > - bzero((void *)vapd, 4 * NBPG);
> > -#endif
> > - if (vapd == 0)
> > + if ((vapd = uvm_km_zalloc(kernel_map, 4 * NBPG)) == 0)
> > panic("%s: kernel_map out of virtual space!", __func__);
> > pmap->pm_pdir_intel = vapd;
> > if (!pmap_extract(pmap, (vaddr_t)&pmap->pm_pdidx_intel,
> >
