Hi,
I'm running 2.4.7-ben0 rsync'ed on Jul 27 19:56 (date of ChangeSet file).
Linux adam 2.4.7-ben0 #1 Mon Jul 30 11:41:55 CEST 2001 ppc unknown
ii mozilla-browser-cvs 0.0.20010717.01.trunk An Open Source WWW browser for
X and GTK+ (CVS version)
I was connected with PPP using Z8530 ESCC (cobalt modem).
This is my first PowerPC kernel OOPS inside XMON:
vector: 300 at pc=c00123d4, lr=d5837ba8
msr=1032, sp=c936fe10 [c936fd60]
dar=d4000000, dsisr=40000000
current=c936e00, pid=8763, comm=mozilla-bin
mon> x
vector: 400 at pc=28fc0000, lr=c00052e0
msr=40009032, sp=c936fb60 [c936fab0]
current=c936e00, pid=8763, comm=mozilla-bin
mon> x
vector: 700 at pc=1083810, lr=c00052e0
msr=89032, sp=c936f7f0 [c936f740]
current=c936e00, pid=8763, comm=mozilla-bin
mon> x
Binary search into System.map, objdump and gcc -S -g reveal:
c0012394 T sys_sched_get_priority_max
c00123e8 T sys_sched_get_priority_min
000013fc <sys_sched_get_priority_max>:
13fc: 94 21 ff f0 stwu r1,-16(r1)
1400: 93 e1 00 0c stw r31,12(r1)
1404: 7c 3f 0b 78 mr r31,r1
1408: 7c 60 1b 79 mr. r0,r3
140c: 38 60 ff ea li r3,-22
1410: 41 82 00 2c beq 143c <sys_sched_get_priority_max+0x40>
1414: 41 80 00 2c blt 1440 <sys_sched_get_priority_max+0x44>
1418: 2f 80 00 02 cmpwi cr7,r0,2
141c: 7c 00 00 26 mfcr r0
1420: 54 00 f7 fe rlwinm r0,r0,30,31,31
1424: 7c 00 00 d0 neg r0,r0
1428: 7c 09 00 f8 not r9,r0
142c: 7c 00 18 38 and r0,r0,r3
1430: 71 29 00 63 andi. r9,r9,99
1434: 7c 03 4b 78 or r3,r0,r9
1438: 48 00 00 08 b 1440 <sys_sched_get_priority_max+0x44>
143c: 38 60 00 00 li r3,0
1440: 81 61 00 00 lwz r11,0(r1)
1444: 83 eb ff fc lwz r31,-4(r11)
1448: 7d 61 5b 78 mr r1,r11
144c: 4e 80 00 20 blr
pc=c00123d4 is 143c (1440 should be better). As trap 0x300 is SIGSEGV
address error (store), I think that $r1 (aka stack pointer) was trashed.
c0005150 T ppc_irq_dispatch_handler
c0005384 T do_IRQ
00000734 <ppc_irq_dispatch_handler>:
734: 94 21 ff d0 stwu r1,-48(r1)
...
this is "if (!action) goto out;"
888: 41 82 00 80 beq 908 <ppc_irq_dispatch_handler+0x1d4>
this is inlined handle_irq_event()
88c: 7f 7f db 78 mr r31,r27
890: 80 1f 00 04 lwz r0,4(r31)
894: 3b c0 00 00 li r30,0
898: 74 09 20 00 andis. r9,r0,8192
89c: 40 82 00 08 bne 8a4 <ppc_irq_dispatch_handler+0x170>
8a0: 48 00 00 01 bl 8a0 <ppc_irq_dispatch_handler+0x16c>
this will setup arguments for action->handler(irq, action->dev_id, regs);
8a4: 81 3f 00 00 lwz r9,0(r31)
8a8: 80 9f 00 10 lwz r4,16(r31)
8ac: 7f 83 e3 78 mr r3,r28
8b0: 7d 28 03 a6 mtlr r9
8b4: 7f 45 d3 78 mr r5,r26
this is status |= action->flags
8b8: 80 1f 00 04 lwz r0,4(r31)
8bc: 7f de 03 78 or r30,r30,r0
this is action->handler(irq, action->dev_id, regs);
8c0: 4e 80 00 21 blrl
this is action = action->next
8c4: 83 ff 00 14 lwz r31,20(r31)
8c8: 2c 1f 00 00 cmpwi r31,0
8cc: 40 82 ff d8 bne 8a4 <ppc_irq_dispatch_handler+0x170>
8d0: 77 c0 10 00 andis. r0,r30,4096
8d4: 41 82 00 0c beq 8e0 <ppc_irq_dispatch_handler+0x1ac>
...
964: 4e 80 00 20 blr
lr=c00052e0 is 8c4
It's in fact line action = action->next in handle_irq_event() called in
for(;;) loop near line 515 in function ppc_irq_dispatch_handler().
As trap 0x400 is SIGBUS Instruction bus error, action->handler seems to
hold a bad value.
Next trap 0x700 is SIGTRAP maybe a xmon interraction.
Hope that helps.
--
Edouard G. Parmelan
http://egp.free.fr
