Instruction access exception; one cause being trying to load an
instruction from an illegal address.
PC=0x00000000FFFFFFFC
Latest crash info for cpu 1:
Exception state (sv=0x4A39CC80)
PC=0xFFFFFFFC; MSR=0x00009030; DAR=0xF0130F70; DSISR=0x00000000;
The PC here is actually Save and Restore Register 0 (SRR0), which is
set to the effective address of the instruction that the processor
would have executed. If the address is a branch target, SRR0 is set to
the branch target address.
The link register is set to the return address following a bl (branch
then link) instruction, aka a function call. Since LR is PC + 4, I
believe the last instruction that ran was "bl 0xfffffffc".
That wouldn't set LR = 0xffffffff; the only instruction that can do that
is "mtlr". Instead, the last instruction (trying) to execute was most
likely a "blr". SRR0 shows up as 0xfffffffc because PowerPC masks out
the low two bits when doing the address calculation for the instruction
fetch (see Book I, Chapter 1.12.2 "Effective Address Calculation", the
bulleted item "With XL-form branch instructions...").
This in turn leads me to think that somewhere a bogus function pointer
has been given to the kernel.
Another possibility is stack corruption. The input value for the "mtlr"
came from somewhere, and as most "mtlr" instructions (esp. when
compiler-
generated) are at the end of a function, and then, mostly getting the
return value (eventually) from the stack... etc.
Good luck with the debugging, stack corruptions are a nasty thing to
debug, and the kernel environment doesn't make it any easier :-(
