On Wed, Dec 14, 2016 at 11:53:50AM +0200, Konstantin Belousov wrote:
> On Tue, Dec 13, 2016 at 08:43:45PM +0300, Slawa Olhovchenkov wrote:
> > On Tue, Dec 13, 2016 at 07:25:29PM +0200, Konstantin Belousov wrote:
> >
> > > This is not what I expected.
> > > Also, I realized that I mis-read the memory test code. It does not
> > > obliterate memory, old content is preserved.
> > >
> > > Please do exactly the same testing with another patch, at the end of the
> > > message. There could be more output, up to 256 lines.
> >
> > No problem.
> >
> > Booting...
> > KDB: debugger backends: ddb
> > KDB: current backend: ddb
> > SMAP type=01 base=0000000000000000 len=0000000000099c00
> > SMAP type=02 base=0000000000099c00 len=0000000000006400
> > SMAP type=02 base=00000000000e0000 len=0000000000020000
> > SMAP type=01 base=0000000000100000 len=000000007906b000
> > SMAP type=02 base=000000007916b000 len=0000000000936000
> > SMAP type=04 base=0000000079aa1000 len=0000000000509000
> > SMAP type=02 base=0000000079faa000 len=0000000002056000
> > SMAP type=01 base=0000000100000000 len=0000001f80000000
> > SMAP type=02 base=000000007c000000 len=0000000014000000
> > SMAP type=02 base=00000000fed1c000 len=0000000000029000
> > SMAP type=02 base=00000000ff000000 len=0000000001000000
> > TTT1 0xfffff8207ff00000 0xfffff8207fffffb8 100000
> > . 0
> > . 1000
> > . 2000
> > . 3000
> > . 4000
> > . 5000
> > . 6000
> > . 7000
> > . 8000
> > . 9000
> > . a000
> > . b000
> > . c000
> > . d000
> > . e000
> > . f000
> > . 10000
> > . 11000
> > . 12000
> > . 13000
> > . 14000
> > . 15000
> > . 16000
> > . 17000
> > . 18000
> > . 19000
> > . 1a000
> > . 1b000
> > . 1c000
> > . 1d000
> > . 1e000
> > . 1f000
> > . 20000
> > . 21000
> > . 22000
> > . 23000
> > . 24000
> > . 25000
> > . 26000
> > . 27000
> > . 28000
> > . 29000
> > . 2a000
> > . 2b000
> >
>
> Do you still have access to the machine ?
> If yes, please try this patch (against clean tree, as always) with the
> same instructions as before.
>
Updated patch, it should provide the expected information in case of
page fault.
diff --git a/sys/amd64/amd64/machdep.c b/sys/amd64/amd64/machdep.c
index b2283339405..682307f5fe4 100644
--- a/sys/amd64/amd64/machdep.c
+++ b/sys/amd64/amd64/machdep.c
@@ -1673,6 +1673,16 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
wrmsr(MSR_SF_MASK, PSL_NT|PSL_T|PSL_I|PSL_C|PSL_D);
/*
+ * Temporary forge some valid pointer to PCB, for exception
+ * handlers. It is reinitialized properly below after FPU is
+ * set up. Also set up td_critnest to short-cut the page
+ * fault handler.
+ */
+ cpu_max_ext_state_size = sizeof(struct savefpu);
+ thread0.td_pcb = get_pcb_td(&thread0);
+ thread0.td_critnest = 1;
+
+ /*
* The console and kdb should be initialized even earlier than here,
* but some console drivers don't work until after getmemsize().
* Default to late console initialization to support these drivers.
@@ -1762,6 +1772,7 @@ hammer_time(u_int64_t modulep, u_int64_t physfree)
#ifdef FDT
x86_init_fdt();
#endif
+ thread0.td_critnest = 0;
/* Location of kernel stack for locore */
return ((u_int64_t)thread0.td_pcb);
diff --git a/sys/kern/subr_msgbuf.c b/sys/kern/subr_msgbuf.c
index f275aef3b4f..1be7a629f65 100644
--- a/sys/kern/subr_msgbuf.c
+++ b/sys/kern/subr_msgbuf.c
@@ -67,14 +67,19 @@ msgbuf_init(struct msgbuf *mbp, void *ptr, int size)
mbp->msg_ptr = ptr;
mbp->msg_size = size;
mbp->msg_seqmod = SEQMOD(size);
+printf("YYY1\n");
msgbuf_clear(mbp);
+printf("YYY2\n");
mbp->msg_magic = MSG_MAGIC;
mbp->msg_lastpri = -1;
mbp->msg_flags = 0;
+printf("YYY3\n");
bzero(&mbp->msg_lock, sizeof(mbp->msg_lock));
mtx_init(&mbp->msg_lock, "msgbuf", NULL, MTX_SPIN);
+printf("YYY4\n");
}
+
/*
* Reinitialize a message buffer, retaining its previous contents if
* the size and checksum are correct. If the old contents cannot be
@@ -85,8 +90,10 @@ msgbuf_reinit(struct msgbuf *mbp, void *ptr, int size)
{
u_int cksum;
- if (mbp->msg_magic != MSG_MAGIC || mbp->msg_size != size) {
+ if (1 || mbp->msg_magic != MSG_MAGIC || mbp->msg_size != size) {
+printf("XXX1\n");
msgbuf_init(mbp, ptr, size);
+printf("XXX2\n");
return;
}
mbp->msg_seqmod = SEQMOD(size);
@@ -117,10 +124,12 @@ void
msgbuf_clear(struct msgbuf *mbp)
{
+printf("ZZZ1\n");
bzero(mbp->msg_ptr, mbp->msg_size);
mbp->msg_wseq = 0;
mbp->msg_rseq = 0;
mbp->msg_cksum = 0;
+printf("ZZZ2\n");
}
/*
diff --git a/sys/kern/subr_prf.c b/sys/kern/subr_prf.c
index e78863830c7..a72984dbc19 100644
--- a/sys/kern/subr_prf.c
+++ b/sys/kern/subr_prf.c
@@ -998,6 +998,14 @@ msgbufinit(void *ptr, int size)
char *cp;
static struct msgbuf *oldp = NULL;
+printf("TTT1 %p %p %x\n", ptr, (char *)ptr + size - sizeof(*msgbufp), size);
+for (int i = 0; i < size; i++) {
+if (i % PAGE_SIZE == 0) printf(". %x\n", i);
+ volatile char *c = (char *)ptr + i;
+ char tmp;
+ tmp = *c;
+ *c = tmp;
+}
size -= sizeof(*msgbufp);
cp = (char *)ptr;
msgbufp = (struct msgbuf *)(cp + size);
_______________________________________________
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
