Please try the following patch and tell me if the crashes still occur.
If this fixes the problem then I'm homing in on the bug.
I am beginning to suspect that there is a case where a pmap can get
cleared without the tlb being flushed, causing origpte to be 0 when the
new pte is later created again at the same spot. When the new
page is allocated and added to the pmap later on, it fails to flush
the tlb entry in pmap_enter() because it believes it does not have to.
This would explain why messing with the pmap_remove_all() case does
not do what we expect -- I suspect that routine is not being called
at all in certain cases.
I have not found the case where the pmap gets cleared without being
flushed yet but when I force the flush in pmap_enter(), it seems to
stop the crashes (but I can't be 100% sure because I had to mess
around with that file descriptor program to get it to crash the first
time).
(This patch is relative to 3.x)
-Matt
Matthew Dillon
<[EMAIL PROTECTED]>
Index: pmap.c
===================================================================
RCS file: /home/ncvs/src/sys/i386/i386/pmap.c,v
retrieving revision 1.219.2.6
diff -u -r1.219.2.6 pmap.c
--- pmap.c 1999/09/02 23:56:47 1.219.2.6
+++ pmap.c 2000/02/25 00:06:50
@@ -2204,7 +2204,7 @@
*/
if ((origpte & ~(PG_M|PG_A)) != newpte) {
*pte = newpte | PG_A;
- if (origpte)
+ /*if (origpte)*/
invltlb_1pg(va);
}
}
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
