X-Message-Id: X-Reference: X-Reference: X-Reference: Re: Need help iterpreting reg-dump
linux-mips
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Need help iterpreting reg-dump

from [Kevin D. Kissell] [Permanent Link][Original]
To: Nils Faerber <>
Subject: Re: Need help iterpreting reg-dump
From: "Kevin D. Kissell" <>
Date: Mon, 23 Mar 2009 02:25:
Cc:
In-reply-to: <>
Original-recipient: rfc822;
References: <> <> <>
Sender:
User-agent: Thunderbird (Windows/)
Nils Faerber wrote: 
 
I have added some more debug outputs to the code. I can confirm now
defnitely that the dsemul path is run and the the SIGILL is the result
of a dsemul_ret returning 0, also see the below extended dumps.
Careful what you infer.  do_dsemulret() is *always* called on a misaligned address trap,
and *almost always* returns zero.  I suggested turning on DSEMUL_TRACE because
it would indicate whether the traps were those deliberately set, as I suspected they might be
based on the BadVA and EPC values in your initial crashdump.  Your diagnostic output
below simply shows that there were a number of misaligned accesses performed that
do *not* seem to have been associated with FPU emulator activity.

The strange thing is the fault does not always occur and if it occurs it
does not always happen in the same place of the application. So I assume
that this is not a problem of the application itself deliberatley
executing a certain instruction but rather a side effect of something
different - like wrong caches. On the other hand again it is strange
that only the dsemul path seems to be triggered.
See the above.  Don't confuse dsemul with dsemulret.
Could it be that the exception that is used for math emulation can also
have other causes in different CPU implementations? The JZ4730 has some
DSP alike SIMD instructions... but then again why can't it be traced to
a single instruction inside the application (i.e. rather seems to happen
randomly)?
I suppose that's possible, but the trace information below suggests that there's something
else a bit funky going on.

It's an annoying property of the standard MIPS Linux configurations that misaligned accesses
by user mode code, which should never actually happen in correctly written and compiled code,
are silently worked-around by the kernel.  If DEBUG_FS is configured, then one at least gets
a count of how many times this has been done, but in general one just gets silently degraded
performance.  The dump below seems to indicate that the kernel silently (or, what would have
been silently) dealt with some misaligned operations on a data structure in the program data
segment (not on the stack).  But I'm not 100% sure how you generated it, so I can't be sure
what parts of it are valid and what are instrumentation noise.  These bad accesses *might*
have nothing whatsoever to do with your later SIGILLs.

          Regards,

          Kevin K.
Cheers
  nils faerber

[] do_dsemulret: bad magics, insn=0x8c830004
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :  
[] $ 4   : 8033e528   0041469c
[] $ 8   :  1000001e 
[] $12   : 2ac9a200 2aca0000 ffffffff 
[] $16   :  87d45f30 ffffffff 
[] $20   :   2ac0fa18
[] $24   : 
[] $28   : 87d44000 87d45ee8  80020bf0
[] Hi    : 0000002c
[] Lo    : 0003aac9
[] epc   :  do_dsemulret+0x3c/0xf4     Not tainted
[] ra    : 80020bf0 do_ade+0x20/0x3c0
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1222, threadinfo=87d44000,
task=87d6e1
78)
[] Stack : 87d6e178 802dca50 8c830004  87d45f30
0041bbe1
80020bf0 
[]          0041bbe1 ffffffff 
0041bbe1
ffffffff 
[]         80018fa0  004d8474 004d843c 004d844c
004d8a02
ffffffff 
[]          2ae66754  0041bbd9
0041bbe1
 0041469c
[]           2ac9a200
2aca0000
ffffffff 
[]         ...
[] Call Trace:
[] [<>] do_dsemulret+0x3c/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code: 1460002b  2484e528   <8e060004> 8e070008
 3c0480
34    2484e550  
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :  fffffff2 
[] $ 4   : 8033e528   0041469c
[] $ 8   :  1000001e 
[] $12   : 2ac9a200 2aca0000 ffffffff 
[] $16   :  87d45f30 ffffffff 
[] $20   :   2ac0fa18
[] $24   : 
[] $28   : 87d44000 87d45ee8  80020bf0
[] Hi    : 0000002c
[] Lo    : 0003aac9
[] epc   : 8003409c do_dsemulret+0x40/0xf4     Not tainted
[] ra    : 80020bf0 do_ade+0x20/0x3c0
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 1440002a
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1222, threadinfo=87d44000,
task=87d6e1
78)
[] Stack : 87d6e178 802dca50 8c830004  87d45f30
0041bbe1
80020bf0 
[]          0041bbe1 ffffffff 
0041bbe1
ffffffff 
[]         80018fa0  004d8474 004d843c 004d844c
004d8a02
ffffffff 
[]          2ae66754  0041bbd9
0041bbe1
 0041469c
[]           2ac9a200
2aca0000
ffffffff 
[]         ...
[] Call Trace:
[] [<8003409c>] do_dsemulret+0x40/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code: 2484e528    8e060004 <8e070008> 3c048034
   2484e550    00c02821
[] do_dsemulret: bad magics, insn=0x00000024
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :   803bf8d0
[] $ 4   : 8037c3d0 87d9fefc 
[] $ 8   : ebd8a1cf  feced300 ffffffff
[] $12   : ec71384f  ffffffff 803bfd88
[] $16   :  87d45f30 ffffffff 
[] $20   :   2ac0fa18
[] $24   :  803bfda8
[] $28   : 87d44000 87d45ee8  800340bc
[] Hi    : 
[] Lo    : d5905180
[] epc   : 800340d4 do_dsemulret+0x78/0xf4     Not tainted
[] ra    : 800340bc do_dsemulret+0x60/0xf4
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 1440002e
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1222, threadinfo=87d44000,
task=87d6e1
78)
[] Stack : 87d6e178  0041469c 87d45f30
0041bbe1
80020bf0 
[]          0041bbe1 ffffffff 
0041bbe1
ffffffff 
[]         80018fa0  004d8474 004d843c 004d844c
004d8a02
ffffffff 
[]          2ae66754  0041bbd9
0041bbe1
 0041469c
[]           2ac9a200
2aca0000
ffffffff 
[]         ...
[] Call Trace:
[] [<800340d4>] do_dsemulret+0x78/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code:   ac620014   <8e03000c> 
0a  ae2300ac    8fbf0018
[] do_dsemulret: bad magics, insn=0x8c830004
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :  
[] $ 4   : 8033e528  00425c90 
[] $ 8   :  1000001e 
[] $12   : 87d744c0  87d744c0 
[] $16   :  87b0bf30  0000003f
[] $20   : 00425c90  
[] $24   : 
[] $28   : 87b0a000 87b0bee8 2ae64858 80020bf0
[] Hi    : 307e68e8
[] Lo    : e1cb4540
[] epc   :  do_dsemulret+0x3c/0xf4     Not tainted
[] ra    : 80020bf0 do_ade+0x20/0x3c0
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1274, threadinfo=87b0a000,
task=87daed
f8)
[] Stack : 87daedf8 802dca50 8c830004  87b0bf30
0041bbd9
80020bf0 0000003f
[]         00425c94 0041bbd9  0000003f 00425c94
0041bbd9
 0000003f
[]         80018fa0  004d928c 004d8e44 004d9254
004daa9c
ffffffff 
[]          2ae66754  0041bbd1

00425c90 
[]         ffffffff ffffffff  87d744c0

87d744c0 
[]         ...
[] Call Trace:
[] [<>] do_dsemulret+0x3c/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code: 1460002b  2484e528   <8e060004> 8e070008
 3c0480
34    2484e550  
[] do_dsemulret: bad magics, insn=0xaca20000
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :  fffffff2 
[] $ 4   : 8033e528  00425c90 
[] $ 8   :  1000001e 
[] $12   : 87d744c0  87d744c0 
[] $16   :  87b0bf30  0000003f
[] $20   : 00425c90  
[] $24   : 
[] $28   : 87b0a000 87b0bee8 2ae64858 80020bf0
[] Hi    : 307e68e8
[] Lo    : e1cb4540
[] epc   : 8003409c do_dsemulret+0x40/0xf4     Not tainted
[] ra    : 80020bf0 do_ade+0x20/0x3c0
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 1440002a
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1274, threadinfo=87b0a000,
task=87daed
f8)
[] Stack : 87daedf8 802dca50 8c830004  87b0bf30
0041bbd9
80020bf0 0000003f
[]         00425c94 0041bbd9  0000003f 00425c94
0041bbd9
 0000003f
[]         80018fa0  004d928c 004d8e44 004d9254
004daa9c
ffffffff 
[]          2ae66754  0041bbd1

00425c90 
[]         ffffffff ffffffff  87d744c0

87d744c0 
[]         ...
[] Call Trace:
[] [<8003409c>] do_dsemulret+0x40/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code: 2484e528    8e060004 <8e070008> 3c048034
   2484e550    00c02821
[] do_dsemulret: bad magics, insn=0x00425c90
[] do_dsemulret: cannot access emuframe
[] Cpu 0
[] $ 0   :   803bf8d0
[] $ 4   : 8037c3d0 87d9fefc 
[] $ 8   : 3c317acd  feced300 ffffffff
[] $12   : 3cca114d  ffffffff 803bfd88
[] $16   :  87b0bf30  0000003f
[] $20   : 00425c90  
[] $24   :  803bfda8
[] $28   : 87b0a000 87b0bee8 2ae64858 800340bc
[] Hi    : 
[] Lo    : eb524680
[] epc   : 800340d4 do_dsemulret+0x78/0xf4     Not tainted
[] ra    : 800340bc do_dsemulret+0x60/0xf4
[] Status:     KERNEL EXL IE
[] Cause : 
[] BadVA : 1440002e
[] PrId  : 02d0024f (Ingenic JZRISC)
[] Modules linked in:
[] Process keylaunch (pid: 1274, threadinfo=87b0a000,
task=87daed
f8)
[] Stack : 87daedf8 00425c90 00425c90  87b0bf30
0041bbd9
80020bf0 0000003f
[]         00425c94 0041bbd9  0000003f 00425c94
0041bbd9
 0000003f
[]         80018fa0  004d928c 004d8e44 004d9254
004daa9c
ffffffff 
[]          2ae66754  0041bbd1

00425c90 
[]         ffffffff ffffffff  87d744c0

87d744c0 
[]         ...
[] Call Trace:
[] [<800340d4>] do_dsemulret+0x78/0xf4
[] [<80020bf0>] do_ade+0x20/0x3c0
[] [<80018fa0>] ret_from_exception+0x0/0x24
[]
[]
[] Code:   ac620014   <8e03000c> 
0a  ae2300ac    8fbf0018

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Need help iterpreting reg-dump, Markus Gothe
Next by Date:  ip22 vdma question, Andrew Randrianasulu
Previous by Thread:  Re: Need help iterpreting reg-dump, Markus Gothe
Next by Thread:  [PATCH] MIPS: remove duplicated #include, Huang Weiyi
Indexes:  [Date] [Thread] [Top] [All Lists]