Hi all,
I've spent a bit more time today trying to figure out why this crashes under OpenBIOS and so decided to start working backwards through the -d in_asm QEMU output to try and figure out why we seem to get stuck in an infinite loop.
Anyhow the short version is that I've traced the series of functions that get called just before we get stuck in the infinite loop and it looks like this:
0xf0044384: cbe_set_level 0xf0063954: splr 0xf0044268: cbe_enable 0xf0062cf0: __div64
... invokes "ta 2" trap instruction
0xf004127c: sys_trap() 0xf0064658: vpanic () 0xf0064618: panic_trigger () 0xf005bf90: trap
... infinite loop ...
The interesting part here is that the fatal trap sequence is being invoked from __div64 which makes me think it is some kind of divide by zero error. I'm not exactly sure what the cbe_* functions are doing, but a quick browse of the OpenSolaris source shows that it's related to PIL/RTC things.
My current feeling is that maybe OpenBIOS isn't doing something right with PIL state somewhere, or we're reading back a zero value from either the clock (or a missing OpenBIOS property) which is causing us to die in the division in cbe_enable(). And another thing, what does cbe actually stand for?
ATB,
Mark.