[openib-general] OOPS: ib_mad crashery on bootup
Tom Duffy
tduffy at sun.com
Fri May 20 11:54:01 PDT 2005
On Fri, 2005-05-20 at 11:33 -0700, Shirley Ma wrote:
>
> How about output of
>
> objdump
> -S /lib/modules/2.6.12-rc4openib/kernel/drivers/infiniband/core/mad.o?
That path is incorrect, but anyways, I don't see any difference when
looking at:
objdump -S /build1/tduffy/openib-work/build/openib/rc/drivers/infiniband/core/mad.o
<-- snip -->
0000000000001320 <ib_mad_send_done_handler>:
1320: 41 57 push %r15
1322: 41 56 push %r14
1324: 49 89 f6 mov %rsi,%r14
1327: 41 55 push %r13
1329: 41 54 push %r12
132b: 55 push %rbp
132c: 53 push %rbx
132d: 48 83 ec 18 sub $0x18,%rsp
1331: 4c 8b 2e mov (%rsi),%r13
1334: 49 8b 6d 10 mov 0x10(%r13),%rbp
1338: 4d 89 ec mov %r13,%r12
133b: 48 8d 45 08 lea 0x8(%rbp),%rax
133f: 4c 8b 7d 20 mov 0x20(%rbp),%r15
1343: 48 89 04 24 mov %rax,(%rsp)
1347: 48 89 ef mov %rbp,%rdi
134a: 31 db xor %ebx,%ebx
134c: e8 00 00 00 00 callq 1351 <ib_mad_send_done_handler+0x31>
Is there another part of the dump that you are interested in?
Here is the relevant mad.s:
[linux-2.6.12-rc4-openib]$ make O=/build1/tduffy/openib-work/build/openib/rc/ drivers/infiniband/core/mad.s
<-- snip -->
.type ib_mad_send_done_handler, @function
ib_mad_send_done_handler:
pushq %r15
pushq %r14
movq %rsi, %r14
pushq %r13
pushq %r12
pushq %rbp
pushq %rbx
subq $24, %rsp
movq (%rsi), %r13
movq 16(%r13), %rbp
movq %r13, %r12
leaq 8(%rbp), %rax
movq 32(%rbp), %r15
movq %rax, (%rsp)
.p2align 4,,7
.L286:
movq %rbp, %rdi
xorl %ebx, %ebx
call _spin_lock_irqsave
movq (%r12), %rdx
movq %rax, %rsi
movq 8(%r12), %rax
movq %rax, 8(%rdx)
movq %rdx, (%rax)
movq $2097664, 8(%r12)
movq $1048832, (%r12)
movl 24(%rbp), %edx
movl 28(%rbp), %ecx
leal -1(%rdx), %eax
cmpl %ecx, %edx
movl %eax, 24(%rbp)
jle .L289
movq 96(%r15), %rbx
movq 8(%rbx), %rdx
movq (%rbx), %rax
movq %rbx, %r12
movq %rdx, 8(%rax)
movq %rax, (%rdx)
movq $2097664, 8(%rbx)
movq (%rsp), %rdx
movq 8(%rdx), %rax
movq %rdx, (%rbx)
movq %rbx, 8(%rdx)
movq %rbx, (%rax)
movq %rax, 8(%rbx)
.L289:
movq %rbp, %rdi
call _spin_unlock_irqrestore
movq 160(%r13), %rax
movq %rax, (%r14)
movl 132(%r15), %eax
testl %eax, %eax
je .L290
leaq 48(%r13), %rsi
movl $4, %ecx
movq %r14, %rdx
movq %r15, %rdi
call snoop_send
.p2align 4,,7
.L290:
movq %r14, %rsi
movq %r13, %rdi
call ib_mad_complete_send_wr
testq %rbx, %rbx
je .L295
movq 8(%r15), %rdi
leaq 48(%rbx), %rsi
leaq 16(%rsp), %rdx
movq (%rdi), %rax
call *352(%rax)
testl %eax, %eax
je .L295
movl %eax, %esi
movq $.LC17, %rdi
xorl %eax, %eax
movq %rbx, %r13
call printk
movl $2, 8(%r14)
jmp .L286
.L295:
addq $24, %rsp
popq %rbx
popq %rbp
popq %r12
popq %r13
popq %r14
popq %r15
ret
.size ib_mad_send_done_handler, .-ib_mad_send_done_handler
.p2align 4,,15
Oh, and here it is with CONFIG_DEBUG_INFO=y
0000000000001320 <ib_mad_send_done_handler>:
1320: 41 57 push %r15
1322: 41 56 push %r14
1324: 49 89 f6 mov %rsi,%r14
1327: 41 55 push %r13
1329: 41 54 push %r12
132b: 55 push %rbp
132c: 53 push %rbx
132d: 48 83 ec 18 sub $0x18,%rsp
1331: 4c 8b 2e mov (%rsi),%r13
1334: 49 8b 6d 10 mov 0x10(%r13),%rbp
1338: 4d 89 ec mov %r13,%r12
133b: 48 8d 45 08 lea 0x8(%rbp),%rax
133f: 4c 8b 7d 20 mov 0x20(%rbp),%r15
1343: 48 89 04 24 mov %rax,(%rsp)
1347: 48 89 ef mov %rbp,%rdi
134a: 31 db xor %ebx,%ebx
134c: e8 00 00 00 00 callq 1351 <ib_mad_send_done_handler+0x31>
* in an undefined state.
*/
static inline void list_del(struct list_head *entry)
{
__list_del(entry->prev, entry->next);
1351: 49 8b 14 24 mov (%r12),%rdx
1355: 48 89 c6 mov %rax,%rsi
* in an undefined state.
*/
static inline void list_del(struct list_head *entry)
{
__list_del(entry->prev, entry->next);
1358: 49 8b 44 24 08 mov 0x8(%r12),%rax
135d: 48 89 42 08 mov %rax,0x8(%rdx)
1361: 48 89 10 mov %rdx,(%rax)
entry->next = LIST_POISON1;
entry->prev = LIST_POISON2;
1364: 49 c7 44 24 08 00 02 movq $0x200200,0x8(%r12)
136b: 20 00
136d: 49 c7 04 24 00 01 10 movq $0x100100,(%r12)
1374: 00
1375: 8b 55 18 mov 0x18(%rbp),%edx
1378: 8b 4d 1c mov 0x1c(%rbp),%ecx
137b: 8d 42 ff lea 0xffffffffffffffff(%rdx),%eax
137e: 39 ca cmp %ecx,%edx
1380: 89 45 18 mov %eax,0x18(%rbp)
1383: 7e 33 jle 13b8 <ib_mad_send_done_handler+0x98>
1385: 49 8b 5f 60 mov 0x60(%r15),%rbx
* in an undefined state.
*/
static inline void list_del(struct list_head *entry)
{
__list_del(entry->prev, entry->next);
1389: 48 8b 53 08 mov 0x8(%rbx),%rdx
138d: 48 8b 03 mov (%rbx),%rax
1390: 49 89 dc mov %rbx,%r12
* the prev/next entries already!
*/
static inline void __list_del(struct list_head * prev, struct list_head * next)
{
next->prev = prev;
1393: 48 89 50 08 mov %rdx,0x8(%rax)
prev->next = next;
1397: 48 89 02 mov %rax,(%rdx)
}
/**
* list_del - deletes entry from list.
* @entry: the element to delete from the list.
* Note: list_empty on entry does not return true after this, the entry is
* in an undefined state.
*/
static inline void list_del(struct list_head *entry)
{
__list_del(entry->prev, entry->next);
entry->next = LIST_POISON1;
entry->prev = LIST_POISON2;
139a: 48 c7 43 08 00 02 20 movq $0x200200,0x8(%rbx)
13a1: 00
13a2: 48 8b 14 24 mov (%rsp),%rdx
13a6: 48 8b 42 08 mov 0x8(%rdx),%rax
13aa: 48 89 13 mov %rdx,(%rbx)
13ad: 48 89 5a 08 mov %rbx,0x8(%rdx)
13b1: 48 89 18 mov %rbx,(%rax)
13b4: 48 89 43 08 mov %rax,0x8(%rbx)
13b8: 48 89 ef mov %rbp,%rdi
13bb: e8 00 00 00 00 callq 13c0 <ib_mad_send_done_handler+0xa0>
13c0: 49 8b 85 a0 00 00 00 mov 0xa0(%r13),%rax
13c7: 49 89 06 mov %rax,(%r14)
13ca: 41 8b 87 84 00 00 00 mov 0x84(%r15),%eax
13d1: 85 c0 test %eax,%eax
13d3: 74 1b je 13f0 <ib_mad_send_done_handler+0xd0>
13d5: 49 8d 75 30 lea 0x30(%r13),%rsi
13d9: b9 04 00 00 00 mov $0x4,%ecx
13de: 4c 89 f2 mov %r14,%rdx
13e1: 4c 89 ff mov %r15,%rdi
13e4: e8 77 ec ff ff callq 60 <snoop_send>
13e9: 66 data16
13ea: 66 data16
13eb: 66 data16
13ec: 90 nop
13ed: 66 data16
13ee: 66 data16
13ef: 90 nop
13f0: 4c 89 f6 mov %r14,%rsi
13f3: 4c 89 ef mov %r13,%rdi
13f6: e8 00 00 00 00 callq 13fb <ib_mad_send_done_handler+0xdb>
13fb: 48 85 db test %rbx,%rbx
13fe: 74 3a je 143a <ib_mad_send_done_handler+0x11a>
1400: 49 8b 7f 08 mov 0x8(%r15),%rdi
static inline int ib_post_send(struct ib_qp *qp,
struct ib_send_wr *send_wr,
struct ib_send_wr **bad_send_wr)
{
return qp->device->post_send(qp, send_wr, bad_send_wr);
1404: 48 8d 73 30 lea 0x30(%rbx),%rsi
1408: 48 8d 54 24 10 lea 0x10(%rsp),%rdx
140d: 48 8b 07 mov (%rdi),%rax
1410: ff 90 60 01 00 00 callq *0x160(%rax)
1416: 85 c0 test %eax,%eax
1418: 74 20 je 143a <ib_mad_send_done_handler+0x11a>
141a: 89 c6 mov %eax,%esi
141c: 48 c7 c7 00 00 00 00 mov $0x0,%rdi
1423: 31 c0 xor %eax,%eax
1425: 49 89 dd mov %rbx,%r13
1428: e8 00 00 00 00 callq 142d <ib_mad_send_done_handler+0x10d>
142d: 41 c7 46 08 02 00 00 movl $0x2,0x8(%r14)
1434: 00
1435: e9 0d ff ff ff jmpq 1347 <ib_mad_send_done_handler+0x27>
143a: 48 83 c4 18 add $0x18,%rsp
143e: 5b pop %rbx
143f: 5d pop %rbp
1440: 41 5c pop %r12
1442: 41 5d pop %r13
1444: 41 5e pop %r14
1446: 41 5f pop %r15
1448: c3 retq
1449: 66 data16
144a: 66 data16
144b: 66 data16
144c: 90 nop
144d: 66 data16
144e: 66 data16
144f: 90 nop
-tduffy
--
I wish we lived in the America of yesteryear that only exists in the
minds of us Republicans.
-- Ned Flanders
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openfabrics.org/pipermail/general/attachments/20050520/f5caf992/attachment.sig>
More information about the general
mailing list