Saturday, July 17, 2010

TLB Miss handler doesn't work on OpenBSD/OCTEON

 I'm stacking on here half month.. the kernel dies at first kernel TLB miss, happens both real hardware and simulator.
I guessed it caused from the difference between r10k and OCTEON, but I couldn't find anything which could break TLB handler.

Here's console log on OCTEON simulator:

U-Boot 1.1.1 (U-boot build #: 235) (SDK version: 1.9.0-312) (Build time: Apr 23 2009 - 19:30:08)

DRAM:  384 MB
Using default environment

Copying user supplied environment from file flash
Configuring boot bus for full 256meg access
Flash: 256 MB

ELF file is 64 bit
Attempting to allocate memory for ELF segment: addr: 0xffffffff81000000 (adjusted to: 0x0000000001000000), size 0x317060
Allocated memory for ELF segment: addr: 0xffffffff81000000, size 0x317060
Processing PHDR 0
  Loading 27e320 bytes at ffffffff81000000
  Clearing 98d40 bytes at ffffffff8127e320
## Loading Linux kernel with entry point: 0xffffffff81000000 ...
Bootloader: Done loading app on coremask: 0x1
cvmctl:900043f0 cvmmemctl:46104
Boot Descriptor Ver: 7 -> 1/2  CPU clock: 500MHz  Core Mask: 0x1
  Dram: 384 MB  Board Type: 1  Revision: 1/0
  Octeon Chip: 0  Rev 0/0  Mac Address 00.DE.AD.BE.EF.00 (255)
l1icache size:65536 line:64 set:32768
l1dcache size:4096 line:32 set:2048
l2size:524288 l3size:0
Initial setup done, switching console.
Copyright (c) 1982, 1986, 1989, 1991, 1993
     The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2010 OpenBSD. All rights reserved.

pmap_enter(0xffffffff813161e0, 0xc000000001338000, 0x2310000, 0x7, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001338000 pa 0x2310000
pmap_kenter_pa(0xc000000000000000, 0x5ffc000, 0x3)
pmap_kenter_pa(0xc000000000004000, 0x230c000, 0x3)
OpenBSD 4.7-current (GENERIC) #9: Thu Jul  8 14:20:09 MDT 2010
real mem = 80642048 (76MB)
pmap_kenter_pa(0xc000000000008000, 0x5ff8000, 0x3)
avail mem = 76414976 (72MB)
pmap_enter(0xffffffff813161e0, 0xc000000001c38000, 0x2308000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c38000 pa 0x2308000
pmap_enter(0xffffffff813161e0, 0xc000000001c34000, 0x5ff4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c34000 pa 0x5ff4000
pmap_enter(0xffffffff813161e0, 0xc000000001c30000, 0x2304000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c30000 pa 0x2304000
pmap_enter(0xffffffff813161e0, 0xc000000001c2c000, 0x5ff0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c2c000 pa 0x5ff0000
pmap_enter(0xffffffff813161e0, 0xc000000001c28000, 0x2300000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c28000 pa 0x2300000
pmap_enter(0xffffffff813161e0, 0xc000000001c24000, 0x5fec000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c24000 pa 0x5fec000
pmap_enter(0xffffffff813161e0, 0xc000000001c20000, 0x22fc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c20000 pa 0x22fc000
pmap_enter(0xffffffff813161e0, 0xc000000001c1c000, 0x5fe8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c1c000 pa 0x5fe8000
pmap_enter(0xffffffff813161e0, 0xc000000001c18000, 0x22f8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c18000 pa 0x22f8000
pmap_enter(0xffffffff813161e0, 0xc000000001c14000, 0x5fe4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c14000 pa 0x5fe4000
pmap_enter(0xffffffff813161e0, 0xc000000001c10000, 0x22f4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c10000 pa 0x22f4000
pmap_enter(0xffffffff813161e0, 0xc000000001c0c000, 0x5fe0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c0c000 pa 0x5fe0000
pmap_enter(0xffffffff813161e0, 0xc000000001c08000, 0x22f0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c08000 pa 0x22f0000
pmap_enter(0xffffffff813161e0, 0xc000000001c04000, 0x5fdc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c04000 pa 0x5fdc000
pmap_enter(0xffffffff813161e0, 0xc000000001c00000, 0x22ec000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001c00000 pa 0x22ec000
pmap_enter(0xffffffff813161e0, 0xc000000001bfc000, 0x5fd8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bfc000 pa 0x5fd8000
pmap_enter(0xffffffff813161e0, 0xc000000001bf8000, 0x22e8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bf8000 pa 0x22e8000
pmap_enter(0xffffffff813161e0, 0xc000000001bf4000, 0x5fd4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bf4000 pa 0x5fd4000
pmap_enter(0xffffffff813161e0, 0xc000000001bf0000, 0x22e4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bf0000 pa 0x22e4000
pmap_enter(0xffffffff813161e0, 0xc000000001bec000, 0x5fd0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bec000 pa 0x5fd0000
pmap_enter(0xffffffff813161e0, 0xc000000001be8000, 0x22e0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001be8000 pa 0x22e0000
pmap_enter(0xffffffff813161e0, 0xc000000001be4000, 0x5fcc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001be4000 pa 0x5fcc000
pmap_enter(0xffffffff813161e0, 0xc000000001be0000, 0x22dc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001be0000 pa 0x22dc000
pmap_enter(0xffffffff813161e0, 0xc000000001bdc000, 0x5fc8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bdc000 pa 0x5fc8000
pmap_enter(0xffffffff813161e0, 0xc000000001bd8000, 0x22d8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bd8000 pa 0x22d8000
pmap_enter(0xffffffff813161e0, 0xc000000001bd4000, 0x5fc4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bd4000 pa 0x5fc4000
pmap_enter(0xffffffff813161e0, 0xc000000001bd0000, 0x22d4000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bd0000 pa 0x22d4000
pmap_enter(0xffffffff813161e0, 0xc000000001bcc000, 0x5fc0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bcc000 pa 0x5fc0000
pmap_enter(0xffffffff813161e0, 0xc000000001bc8000, 0x22d0000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bc8000 pa 0x22d0000
pmap_enter(0xffffffff813161e0, 0xc000000001bc4000, 0x5fbc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bc4000 pa 0x5fbc000
pmap_enter(0xffffffff813161e0, 0xc000000001bc0000, 0x22cc000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bc0000 pa 0x22cc000
pmap_enter(0xffffffff813161e0, 0xc000000001bbc000, 0x5fb8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bbc000 pa 0x5fb8000
pmap_enter(0xffffffff813161e0, 0xc000000001bb8000, 0x22c8000, 0x3, 0x13)
pmap_enter: first pv: pmap 0xffffffff813161e0 va 0xc000000001bb8000 pa 0x22c8000
pmap_kenter_pa(0xc00000000000c000, 0x5fa8000, 0x3)
pmap_kenter_pa(0xc000000000010000, 0x5fac000, 0x3)
pmap_kenter_pa(0xc000000000014000, 0x5fb0000, 0x3)
pmap_kenter_pa(0xc000000000018000, 0x5fb4000, 0x3)
pmap_kenter_pa(0xc00000000001c000, 0x22b8000, 0x3)
pmap_kenter_pa(0xc000000000020000, 0x22bc000, 0x3)
pmap_kenter_pa(0xc000000000024000, 0x22c0000, 0x3)
pmap_kenter_pa(0xc000000000028000, 0x22c4000, 0x3)
pmap_kenter_pa(0xc00000000002c000, 0x5f98000, 0x3)
pmap_kenter_pa(0xc000000000030000, 0x5f9c000, 0x3)
pmap_kenter_pa(0xc000000000034000, 0x5fa0000, 0x3)
pmap_kenter_pa(0xc000000000038000, 0x5fa4000, 0x3)
pmap_kenter_pa(0xc00000000003c000, 0x22a8000, 0x3)
pmap_kenter_pa(0xc000000000040000, 0x22ac000, 0x3)
pmap_kenter_pa(0xc000000000044000, 0x22b0000, 0x3)
pmap_kenter_pa(0xc000000000048000, 0x22b4000, 0x3)
pmap_kenter_pa(0xc00000000004c000, 0x5f88000, 0x3)
pmap_kenter_pa(0xc000000000050000, 0x5f8c000, 0x3)
pmap_kenter_pa(0xc000000000054000, 0x5f90000, 0x3)
pmap_kenter_pa(0xc000000000058000, 0x5f94000, 0x3)
pmap_kenter_pa(0xc00000000005c000, 0x2298000, 0x3)
pmap_kenter_pa(0xc000000000060000, 0x229c000, 0x3)
pmap_kenter_pa(0xc000000000064000, 0x22a0000, 0x3)
pmap_kenter_pa(0xc000000000068000, 0x22a4000, 0x3)
pmap_kenter_pa(0xc00000000006c000, 0x5f78000, 0x3)
pmap_kenter_pa(0xc000000000070000, 0x5f7c000, 0x3)
pmap_kenter_pa(0xc000000000074000, 0x5f80000, 0x3)
pmap_kenter_pa(0xc000000000078000, 0x5f84000, 0x3)
pmap_kenter_pa(0xc00000000007c000, 0x2288000, 0x3)
pmap_kenter_pa(0xc000000000080000, 0x228c000, 0x3)
pmap_kenter_pa(0xc000000000084000, 0x2290000, 0x3)
pmap_kenter_pa(0xc000000000088000, 0x2294000, 0x3)

Trap cause = 4 Frame 0x980000000131fd28
Trap PC 0xffffffff81079bb8 RA 0xffffffff8107994c fault 0xbeefbad0deafbeef
0xffffffff81079894 (800,20,0,980000000131fe90)  ra 0xffffffff8107994c sp 0x980000000131fe80, sz 0
0xffffffff81079894 (800,20,0,980000000131fe90)  ra 0x0 sp 0x980000000131fe80, sz 0
User-level: pid 0
stopped on non ddb fault
Stopped at      0xffffffff81079bb8:     ld      v0,8(s5)
0xffffffff81079894 (800,20,0,980000000131fe90)  ra 0xffffffff8107994c sp 0x9800
00000131fe80, sz 0
0xffffffff81079894 (800,20,0,980000000131fe90)  ra 0x0 sp 0x980000000131fe80, sz 0

User-level: pid 0

PC is in malloc() function, occurs when accessing MMU enabled address.
But fault address is incorrect, because double fault happened here.

We can see it on instruction trace log using simulator:

PP0:FFFFFFFF81079BB4:79646908@0~MisP: [ffb50010] SD      $s5, 16($sp) [(980000000131FE90,131FE90)=C000000000007000]        MEM[0x131FE90]<- 0xC000000000007000(mask=FF)
PP0:FFFFFFFF81079BB8:79646909@0~SL : [dea20008] LD      $v0, 8($s5) [(C000000000007008) TLB/ADDREXC to FFFFFFFF80000080]
Serviced Istream L2 reference to 0x1079b80 (PP0), L2 index 0x38, cycle 79646911
Memory read (bank 1, LMC0) to 0x80
PP0:Istream redirect to 0xffffffff80000080 at time 79646911 (size=0,bad=0)
PP0:Ifetch at 79646911. Replacing way 0 0xffffffff8107c080 (asid=0x1,G=1,DM=1), set 1 with 0xffffffff80000080 (pa=0x80,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF80000080:79646996@0~BR : [3c1a0000] LUI     $k0, 0 [$k0=0]
PP0:FFFFFFFF80000084:79646997@0~RAW: [  1ad438] DSLL    $k0, $k0, 16 [$k0=0]
PP0:FFFFFFFF80000088:79646998@0~RAW: [675a8123] DADDIU  $k0, $k0, -32477 [$k0=FFFFFFFFFFFF8123]
PP0:FFFFFFFF8000008C:79646999@0~RAW: [  1ad438] DSLL    $k0, $k0, 16 [$k0=FFFFFFFF81230000]
PP0:FFFFFFFF80000090:79647000@0~RAW: [675a6100] DADDIU  $k0, $k0, 24832 [$k0=FFFFFFFF81236100]
PP0:FFFFFFFF80000094:79647001@0~MisJR: [ 3400008] JR      $k0 (FFFFFFFF81236100)
PP0:FFFFFFFF80000098:79647001@1    : [       0] NOP
Serviced Istream L2 reference to 0x80 (PP0), L2 index 0x1, cycle 79647001
Memory read (bank 4, LMC0) to 0x1236100
PP0:Istream redirect to 0xffffffff81084620 at time 79647003 (size=0,bad=1)
PP0:Istream redirect to 0xffffffff81236100 at time 79647006 (size=0,bad=0)
PP0:Ifetch at 79647006. Replacing way 1 0xffffffff8109a100 (asid=0x1,G=1,DM=1), set 2 with 0xffffffff81236100 (pa=0x1236100,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF81236100:79647092@0~JR : [403a4000] DMFC0   $k0, 8, 0 [$k0=C000000000007008 COP0 BadVAddr]
PP0:FFFFFFFF81236104:79647094@0~RAW: [ 7400028] BLTZ    $k0, FFFFFFFF812361A8 (taken)
PP0:FFFFFFFF81236108:79647094@1    : [  1ad63a] DSRL    $k0, $k0, 24 [$k0=C000000000]
Serviced Istream L2 reference to 0x1236100 (PP0), L2 index 0x84, cycle 79647097
Memory read (bank 5, LMC0) to 0x1236180
Memory write (bank 2, LMC0) to 0x228ea00
PP0:Istream redirect to 0xffffffff812361a8 at time 79647096 (size=0,bad=0)
PP0:Ifetch at 79647097. Replacing way 0 0xffffffff811de180 (asid=0x1,G=1,DM=1), set 3 with 0xffffffff81236180 (pa=0x1236180,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF812361A8:79647183@0~BR : [10000055] B       FFFFFFFF81236300 (taken)
PP0:FFFFFFFF812361AC:79647184@1~SL : [403a4000] DMFC0   $k0, 8, 0 [$k0=C000000000007008 COP0 BadVAddr]
PP0:Istream redirect to 0xffffffff81236300 at time 79647185 (size=0,bad=0)
Serviced Istream L2 reference to 0x1236180 (PP0), L2 index 0x85, cycle 79647187
Memory read (bank 0, LMC0) to 0x1236300
Memory write (bank 4, LMC0) to 0x1296900
PP0:Ifetch at 79647187. Replacing way 0 0xffffffff811de300 (asid=0x1,G=1,DM=1), set 6 with 0xffffffff81236300 (pa=0x1236300,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF81236300:79647272@0~IF : [401b6000] MFC0   $k1, 12, 0 [$k1=508000E6 COP0 Status]
PP0:FFFFFFFF81236304:79647274@0~RAW: [337b0010] ANDI    $k1, $k1, 16 [$k1=0]
PP0:FFFFFFFF81236308:79647275@0~RAW: [1760ffb3] BNE     $k1, $zero, FFFFFFFF812361D8 (not taken)
PP0:FFFFFFFF8123630C:79647275@1    : [341bc000] ORI     $k1, $zero, -16384 [$k1=C000]
Serviced Istream L2 reference to 0x1236300 (PP0), L2 index 0x80, cycle 79647277
PP0:Istream redirect to 0xffffffff812361d8 at time 79647277 (size=0,bad=1)
PP0:Istream redirect to 0xffffffff81236310 at time 79647279 (size=0,bad=0)
PP0:FFFFFFFF81236310:79647279@0~MisP: [  1bdc3c] DSLL32  $k1, $k1, 16 [$k1=C000000000000000]
PP0:FFFFFFFF81236314:79647280@0~RAW: [ 35bd02f] DSUBU   $k0, $k0, $k1 [$k0=7008]
PP0:FFFFFFFF81236318:79647280@1    : [3c1b0000] LUI     $k1, 0 [$k1=0]
PP0:FFFFFFFF8123631C:79647281@0    : [677b0000] DADDIU  $k1, $k1, 0 [$k1=0]
PP0:FFFFFFFF81236320:79647282@0~RAW: [  1bdc38] DSLL    $k1, $k1, 16 [$k1=0]
PP0:FFFFFFFF81236324:79647283@0~RAW: [677b8128] DADDIU  $k1, $k1, -32472 [$k1=FFFFFFFFFFFF8128]
PP0:FFFFFFFF81236328:79647284@0~RAW: [  1bdc38] DSLL    $k1, $k1, 16 [$k1=FFFFFFFF81280000]
PP0:FFFFFFFF8123632C:79647285@0~RAW: [8f7bee48] LW      $k1, -4536($k1) [$k1=10000(FFFFFFFF8127EE48,127EE48)]
PP0:FFFFFFFF81236330:79647285@1    : [  1ad3ba] DSRL    $k0, $k0, 14 [$k0=1]
PP0:FFFFFFFF81236334:79647287@0~RAW: [ 35bd82b] SLTU    $k1, $k0, $k1 [$k1=1]
PP0:FFFFFFFF81236338:79647288@0~RAW: [1360001b] BEQ     $k1, $zero, FFFFFFFF812363A8 (not taken)
PP0:FFFFFFFF8123633C:79647288@1    : [  1ad07a] DSRL    $k0, $k0, 1 [$k0=0]
PP0:FFFFFFFF81236340:79647289@0    : [3c1b0000] LUI     $k1, 0 [$k1=0]
PP0:Iprefetch cycle 79647290. Replacing way 1 0xffffffff811de380 (asid=0x1,G=1,DM=1), set 7 with 0xffffffff81236380 (pa=0x1236380,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF81236344:79647290@0~RAW: [677b0000] DADDIU  $k1, $k1, 0 [$k1=0]
PP0:FFFFFFFF81236348:79647291@0~RAW: [  1bdc38] DSLL    $k1, $k1, 16 [$k1=0]
PP0:FFFFFFFF8123634C:79647292@0~RAW: [677b8128] DADDIU  $k1, $k1, -32472 [$k1=FFFFFFFFFFFF8128]
PP0:FFFFFFFF81236350:79647293@0~RAW: [  1bdc38] DSLL    $k1, $k1, 16 [$k1=FFFFFFFF81280000]
PP0:FFFFFFFF81236354:79647294@0~RAW: [df7bee30] LD      $k1, -4560($k1) [$k1=9800000001320000(FFFFFFFF8127EE30,127EE30)]
PP0:FFFFFFFF81236358:79647294@1    : [  1ad0f8] DSLL    $k0, $k0, 3 [$k0=0]
PP0:FFFFFFFF8123635C:79647296@0~RAW: [ 37ad82d] DADDU   $k1, $k1, $k0 [$k1=9800000001320000]
Memory read (bank 1, LMC0) to 0x1236380
PP0:Dcache miss. Replacing way 18: oldpa=0x1382400(va=0x9800000001382400,asid=0x1,G=1), newpa=0x1320000(va=0x9800000001320000,asid=0x1,G=1)
PP0:FFFFFFFF81236360:79647318@0~D  : [8f7a0000] LW      $k0, 0($k1) [$k0=17FF1F(9800000001320000,1320000)]
Serviced load L2 reference to 0x1320000 (iob=0,PP0), L2 index 0x64, cycle 79647318
PP0:FFFFFFFF81236364:79647319@0~SL : [8f7b0004] LW      $k1, 4($k1) [$k1=8C31F(9800000001320004,1320004)]
PP0:FFFFFFFF81236368:79647320@0~RAW: [  1ad0bc] DSLL32  $k0, $k0, 2 [$k0=5FFC7C00000000]
PP0:FFFFFFFF8123636C:79647321@0~RAW: [  1ad0be] DSRL32  $k0, $k0, 2 [$k0=17FF1F]
PP0:FFFFFFFF81236370:79647322@0~RAW: [40ba1000] DMTC0   $k0, 2, 0 [COP0 EntryLo0 = 0x17ff1f]
PP0:FFFFFFFF81236374:79647325@0~MTCOP0: [  1bd8bc] DSLL32  $k1, $k1, 2 [$k1=230C7C00000000]
PP0:FFFFFFFF81236378:79647326@0~RAW: [  1bd8be] DSRL32  $k1, $k1, 2 [$k1=8C31F]
PP0:Istream fetch to pc 0xffffffff81236380 latched onto existing prefetch time 79647327 (available at -256)
PP0:FFFFFFFF8123637C:79647327@0~RAW: [40bb1800] DMTC0   $k1, 3, 0 [COP0 EntryLo1 = 0x8c31f]
Memory write (bank 5, LMC0) to 0x1296980
PP0:FFFFFFFF81236380:79647376@0~MTCOP0: [       0] NOP
PP0:FFFFFFFF81236384:79647376@1    : [       0] NOP
PP0:FFFFFFFF81236388:79647377@0    : [       0] NOP
PP0:FFFFFFFF8123638C:79647377@1    : [       0] NOP
PP0:                   TLB CONTENTS
PP0:TLB[0] va=0xc000000000078000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5f84000 V=1,D=1,C=3 pa[1]=0x2288000 V=1,D=1,C=3
PP0:TLB[1] va=0xc000000000080000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x228c000 V=1,D=1,C=3 pa[1]=0x2290000 V=1,D=1,C=3
PP0:TLB[2] va=0xc000000000088000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x2294000 V=1,D=1,C=3 pa[1]=0x0 V=0,D=0,C=0
PP0:TLB[3] va=0xc000000001c30000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x2304000 V=1,D=1,C=3 pa[1]=0x5ff4000 V=1,D=1,C=3
PP0:TLB[4] va=0xc000000000000000 asid=0x1,G=1,mask=0x3(2) pa[0]=0x5ffc000 V=1,D=1,C=3 pa[1]=0x230c000 V=1,D=1,C=3
PP0:TLB[5] va=0xc000000001c20000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22fc000 V=1,D=1,C=3 pa[1]=0x5fec000 V=1,D=1,C=3
PP0:TLB[6] va=0xc000000001c18000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22f8000 V=1,D=1,C=3 pa[1]=0x5fe8000 V=1,D=1,C=3
PP0:TLB[7] va=0xc000000001c10000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22f4000 V=1,D=1,C=3 pa[1]=0x5fe4000 V=1,D=1,C=3
PP0:TLB[8] va=0xc000000001c08000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22f0000 V=1,D=1,C=3 pa[1]=0x5fe0000 V=1,D=1,C=3
PP0:TLB[9] va=0xc000000001c00000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22ec000 V=1,D=1,C=3 pa[1]=0x5fdc000 V=1,D=1,C=3
PP0:TLB[10] va=0xc000000001bf8000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22e8000 V=1,D=1,C=3 pa[1]=0x5fd8000 V=1,D=1,C=3
PP0:TLB[11] va=0xc000000001bf0000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22e4000 V=1,D=1,C=3 pa[1]=0x5fd4000 V=1,D=1,C=3
PP0:TLB[12] va=0xc000000001be8000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22e0000 V=1,D=1,C=3 pa[1]=0x5fd0000 V=1,D=1,C=3
PP0:TLB[13] va=0xc000000001be0000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22dc000 V=1,D=1,C=3 pa[1]=0x5fcc000 V=1,D=1,C=3
PP0:TLB[14] va=0xc000000001bd8000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22d8000 V=1,D=1,C=3 pa[1]=0x5fc8000 V=1,D=1,C=3
PP0:TLB[15] va=0xc000000001bd0000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22d4000 V=1,D=1,C=3 pa[1]=0x5fc4000 V=1,D=1,C=3
PP0:TLB[16] va=0xc000000001bc8000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22d0000 V=1,D=1,C=3 pa[1]=0x5fc0000 V=1,D=1,C=3
PP0:TLB[17] va=0xc000000001bc0000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22cc000 V=1,D=1,C=3 pa[1]=0x5fbc000 V=1,D=1,C=3
PP0:TLB[18] va=0xc000000001bb8000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22c8000 V=1,D=1,C=3 pa[1]=0x5fb8000 V=1,D=1,C=3
PP0:TLB[19] va=0xc000000000010000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5fac000 V=1,D=1,C=3 pa[1]=0x5fb0000 V=1,D=1,C=3
PP0:TLB[20] va=0xc000000000018000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5fb4000 V=1,D=1,C=3 pa[1]=0x22b8000 V=1,D=1,C=3
PP0:TLB[21] va=0xc000000000020000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22bc000 V=1,D=1,C=3 pa[1]=0x22c0000 V=1,D=1,C=3
PP0:TLB[22] va=0xc000000000028000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22c4000 V=1,D=1,C=3 pa[1]=0x5f98000 V=1,D=1,C=3
PP0:TLB[23] va=0xc000000000030000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5f9c000 V=1,D=1,C=3 pa[1]=0x5fa0000 V=1,D=1,C=3
PP0:TLB[24] va=0xc000000000038000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5fa4000 V=1,D=1,C=3 pa[1]=0x22a8000 V=1,D=1,C=3
PP0:TLB[25] va=0xc000000000040000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22ac000 V=1,D=1,C=3 pa[1]=0x22b0000 V=1,D=1,C=3
PP0:TLB[26] va=0xc000000000048000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22b4000 V=1,D=1,C=3 pa[1]=0x5f88000 V=1,D=1,C=3
PP0:TLB[27] va=0xc000000000050000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5f8c000 V=1,D=1,C=3 pa[1]=0x5f90000 V=1,D=1,C=3
PP0:TLB[28] va=0xc000000000058000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5f94000 V=1,D=1,C=3 pa[1]=0x2298000 V=1,D=1,C=3
PP0:TLB[29] va=0xc000000000060000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x229c000 V=1,D=1,C=3 pa[1]=0x22a0000 V=1,D=1,C=3
PP0:TLB[30] va=0xc000000000068000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x22a4000 V=1,D=1,C=3 pa[1]=0x5f78000 V=1,D=1,C=3
PP0:TLB[31] va=0xc000000000070000 asid=0x0,G=1,mask=0x3(2) pa[0]=0x5f7c000 V=1,D=1,C=3 pa[1]=0x5f80000 V=1,D=1,C=3

PP0:FFFFFFFF81236390:79647378@0    : [42000006] TLBWR
PP0:NEWTLB[4] va=0xc000000000000000 asid=0x1,G=1,mask=0x3(2) pa[0]=0x5ffc000 V=1,D=1,C=3 pa[1]=0x230c000 V=1,D=1,C=3
PP0:FFFFFFFF81236394:79647381@0~MTCOP0: [       0] NOP
PP0:FFFFFFFF81236398:79647381@1    : [       0] NOP
Serviced Istream L2 reference to 0x1236380 (PP0), L2 index 0x81, cycle 79647381
PP0:FFFFFFFF8123639C:79647382@0    : [       0] NOP
PP0:FFFFFFFF812363A0:79647382@1    : [       0] NOP

prime suspect is PP0
^G^Gperfect.cpp:4783  Assertion '!cop0.U_ErrorEPC.s.ErrorEPC' FAILED.

PP0:FFFFFFFF812363A4:79647383@0    : [42000018] ERET (Status[ERL] set) (to BEEFBAD0DEAFBEEF)
Memory read (bank 3, LMC0) to 0x180
PP0: Istream AdEL taken to ffffffff80000180
PP0:Istream redirect to 0xffffffff80000180 at time 79647385 (size=0,bad=0)
PP0:Ifetch at 79647385. Replacing way 1 0xffffffff8109a180 (asid=0x1,G=1,DM=1), set 3 with 0xffffffff80000180 (pa=0x180,asid=0x1,G=1,DM=0)
PP0:FFFFFFFF80000180:79647470@0~BR : [401a6000] MFC0   $k0, 12, 0 [$k0=508000E2 COP0 Status]
PP0:FFFFFFFF80000184:79647471@0~SL : [401b6800] MFC0   $k1, 13, 0 [$k1=40008010, model_result=40008010,30000000 COP0 Cause]
PP0:FFFFFFFF80000188:79647472@0~RAW: [335a0010] ANDI    $k0, $k0, 16 [$k0=0]
PP0:FFFFFFFF8000018C:79647473@0~BRF: [1340000c] BEQ     $k0, $zero, FFFFFFFF800001C0 (taken)
PP0:FFFFFFFF80000190:79647473@1    : [337b007c] ANDI    $k1, $k1, 124 [$k1=10]
PP0:Istream redirect to 0xffffffff800001c0 at time 79647475 (size=0,bad=0)
PP0:FFFFFFFF800001C0:79647475@0~BR : [3c1a0000] LUI     $k0, 0 [$k0=0]
Serviced Istream L2 reference to 0x180 (PP0), L2 index 0x3, cycle 79647475
PP0:FFFFFFFF800001C4:79647476@0~RAW: [675a0000] DADDIU  $k0, $k0, 0 [$k0=0]
PP0:FFFFFFFF800001C8:79647477@0~RAW: [  1ad438] DSLL    $k0, $k0, 16 [$k0=0]
PP0:FFFFFFFF800001CC:79647478@0~RAW: [675a8123] DADDIU  $k0, $k0, -32477 [$k0=FFFFFFFFFFFF8123]
PP0:FFFFFFFF800001D0:79647479@0~RAW: [  1ad438] DSLL    $k0, $k0, 16 [$k0=FFFFFFFF81230000]
PP0:FFFFFFFF800001D4:79647480@0~RAW: [675a17c0] DADDIU  $k0, $k0, 6080 [$k0=FFFFFFFF812317C0]
PP0:FFFFFFFF800001D8:79647481@0~RAW: [ 35bd02d] DADDU   $k0, $k0, $k1 [$k0=FFFFFFFF812317D0]
PP0:FFFFFFFF800001DC:79647482@0~RAW: [ 35bd02d] DADDU   $k0, $k0, $k1 [$k0=FFFFFFFF812317E0]
Memory read (bank 6, LMC0) to 0x1231780
PP0:Dcache miss. Replacing way 19: oldpa=0x1364080(va=0x9800000001364080,asid=0x1,G=1), newpa=0x12317e0(va=0xffffffff812317e0,asid=0x1,G=1)
PP0:FFFFFFFF800001E0:79647571@0~D  : [df5a0000] LD      $k0, 0($k0) [$k0=FFFFFFFF81231E48(FFFFFFFF812317E0,12317E0)]
PP0:FFFFFFFF800001E4:79647573@0~MisJR: [ 3400008] JR      $k0 (FFFFFFFF81231E48)
PP0:FFFFFFFF800001E8:79647573@1    : [       0] NOP

malloc+1064 accesses 0xC000000000007008, got TLB miss.
Then jump to k_tlb_miss, fetch PFN, set to EntryLo, call TLBWR.
New entry added to TLB[4]. Not quite sure but looks correct until here.
When calling ERET, something going wrong...
Status[ERL] set here(not sure why), and trying to jump 0xBEEFBAD0DEAFBEEF, probably because ErrorEPC had that value.
Then it get fault again.
Maybe problem is why Status[ERL] is set here, but I'm not sure why.
Because it cannot resolve bad address?
TLB[4] looks okay though...

No comments:

Post a Comment