NetBSD Problem Report #42645

From www@NetBSD.org  Tue Jan 19 22:36:47 2010
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
	by www.NetBSD.org (Postfix) with ESMTP id EE71863C545
	for <gnats-bugs@gnats.NetBSD.org>; Tue, 19 Jan 2010 22:36:46 +0000 (UTC)
Message-Id: <20100119223646.6E59163C2BC@www.NetBSD.org>
Date: Tue, 19 Jan 2010 22:36:46 +0000 (UTC)
From: phcoder@gmail.com
Reply-To: phcoder@gmail.com
To: gnats-bugs@NetBSD.org
Subject: Instant reboot with big modules (e.g. miniroot.kmod) on amd64
X-Send-Pr-Version: www-1.0


>Number:         42645
>Category:       port-amd64
>Synopsis:       Instant reboot with big modules (e.g. miniroot.kmod) on amd64
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    port-amd64-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Jan 19 22:40:00 +0000 2010
>Originator:     Vladimir 'phcoder' Serbinenko
>Release:        5.0.1 and -current
>Organization:
>Environment:
>Description:
sys/arch/amd64/amd64/locore.S seems to map only pages in the range 0x100000-0x1800000 When total amount of loaded modules is higher than that kernel instantly reboots (triple fault). It happes in following chunk of code:
longmode:
	/*
	 * 6.
	 * Finally, we're in long mode. However, we're still
	 * in the identity mapped area (could not jump out
	 * of that earlier because it would have been a > 32bit
	 * jump). We can do that now, so here we go.
	 */
	movabsq	$longmode_hi,%rax
	jmp	*%rax
longmode_hi:
	/*
	 * We have arrived.
	 * There's no need anymore for the identity mapping in low
	 * memory, remove it.
	 */
	movq	$KERNBASE,%r8


#if L2_SLOT_KERNBASE > 0
	movq	$(NKL2_KIMG_ENTRIES+1),%rcx
	leaq	(PROC0_PTP2_OFF)(%rsi),%rbx
	addq	%r8, %rbx
1:	movq	$0,(%rbx)
	addq	$8,%rbx
	loop	1b
#endif


More exactly on 1:	movq	$0,(%rbx)
It tries to remove some mappings but since page table is after modules if big modules were loaded the memory holding pagetable isn't mapped. Triple fault.
>How-To-Repeat:
Make a miniroot.kmod with 32MiB image. Load it in bootloader, type boot and see how you get triple-fault reboot instead.
>Fix:
add necessary entries to initial pagetable. LAzy solution would be just to map low 4GiB. Since boot protocol has 32-bit pointers this value can't be exceeded and mapping with 2M pages should be quite easy
NetBSD Home
NetBSD PR Database Search
(Contact us) $NetBSD: query-full-pr,v 1.36 2007/11/24 03:27:39 kano Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.