[#6608] Read RSI_PID3 via debugfs mmrs will cause kernel crash on bf518f
Submitted By: Vivi Li
Open Date
2011-05-19 01:46:52 Close Date
2011-05-30 05:02:42
Priority:
Medium Assignee:
Mike Frysinger
Status:
Closed Fixed In Release:
N/A
Found In Release:
2011R1 Release:
Category:
N/A Board:
N/A
Processor:
BF518 Silicon Revision:
Is this bug repeatable?:
Yes Resolution:
Fixed
Uboot version or rev.:
Toolchain version or rev.:
gcc4.3-2010_Dec_09
App binary format:
N/A
Summary: Read RSI_PID3 via debugfs mmrs will cause kernel crash on bf518f
Details:
Read RSI_PID3 via debugfs mmrs will cause kernel crash on bf518f-ezbrd.
This bug happened since beginning of this year. Test method is the same as bug 6109 and 6394.
Bellow is the log:
--
/sys/kernel/debug/blackfin/rsi/RSI_PID3
System MMR Error
<5> - An error occurred due to an invalid access to an System MMR location
<5> Possible reason: a 32-bit register is accessed with a 16-bit instruction
<5> or a 16-bit register is accessed with a 32-bit instruction.
Kernel OOPS in progress
HW Error context
CURRENT PROCESS:
COMM=cat PID=381 CPU=0
TEXT = 0x02a00040-0x02a54320 DATA = 0x02a54340-0x02a68c48
BSS = 0x02a68c48-0x02a6a600 USER-STACK = 0x02a73f58
return address: [0x00080890]; contents of:
0x00080870: b049 6000 0010 0000 3210 6000 9711 0010
0x00080880: 3210 3209 9510 42c0 6001 9308 b049 6000
0x00080890: [0010] 0000 3210 6000 9311 0010 3210 3209
0x000808a0: 9110 9308 6000 b048 0010 0000 3210 6000
ADSP-BF518-0.1 400(MHz CCLK) 80(MHz SCLK) (mpu off)
Linux version 2.6.39-rc7-ADI-2011R1-pre-svn9892 (test@uclinux80-bf518f) (gcc version 4.3.5 (ADI-trunk/svn-5013) ) #6 Thu May 19 10:44:28 CST 2011
SEQUENCER STATUS: Not tainted
SEQSTAT: 0000a03f IPEND: 8030 IMASK: 0000 SYSCFG: 0006
Global Interrupts Disabled (IPEND[4])
Peripheral interrupts masked off
Kernel interrupts masked off
HWERRCAUSE: 0x2
EXCAUSE : 0x3f
interrupts disabled
physical IVG5 asserted : <0xffa00c80> { _evt_ivhw + 0x0 }
physical IVG15 asserted : <0xffa00f70> { _evt_system_call + 0x0 }
logical irq 6 mapped : <0xffa00370> { _bfin_coretmr_interrupt + 0x0 }
logical irq 21 mapped : <0x000c146c> { _bfin_rtc_interrupt + 0x0 }
logical irq 24 mapped : <0x000cd668> { _sdh_dma_irq + 0x0 }
logical irq 27 mapped : <0x000c3be8> { _bfin_twi_interrupt_entry + 0x0 }
logical irq 29 mapped : <0x000a98d4> { _bfin_serial_dma_rx_int + 0x0 }
logical irq 30 mapped : <0x000a964c> { _bfin_serial_dma_tx_int + 0x0 }
logical irq 35 mapped : <0x000bea50> { _bfin_mac_interrupt + 0x0 }
logical irq 58 mapped : <0x000cda3c> { _sdh_stat_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x028dc000> /* kernel dynamic memory (maybe user-space) */
RETX: <0x02a0330e> /* kernel dynamic memory (maybe user-space) */
RETS: <0x0005f55e> { _simple_attr_read + 0x7e }
PC : <0x00080890> { _debugfs_u16_get + 0x10 }
PROCESSOR STATE:
R0 : 00000000 R1 : 00000000 R2 : 00000000 R3 : 00000000
R4 : 00001000 R5 : 02a72e6c R6 : 027016c0 R7 : 00000000
P0 : 02630624 P1 : 028dbe88 P2 : ffc03fec P3 : 00000001
P4 : 028dbef0 P5 : 02701680 FP : 02a72e34 SP : 028dbd98
LB0: 02a0cd5b LT0: 02a0cd52 LC0: 0000000e
LB1: 0298cfc9 LT1: 0298cf7e LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000004 I0 : 02a73fed
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 02a6326c
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 02a73ea4
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 0000147a A0.x: 00000000 A1.w: 0000147a A1.x: 00000000
USP : 02a72e28 ASTAT: 02000020
Hardware Trace:
0 Target : <0x00003fd0> { _trap_c + 0x0 }
Source : <0xffa00d2a> { _evt_ivhw + 0xaa } CALL pcrel
1 Target : <0xffa00d0c> { _evt_ivhw + 0x8c }
Source : <0xffa00cfe> { _evt_ivhw + 0x7e } IF !CC JUMP pcrel
2 Target : <0xffa00c80> { _evt_ivhw + 0x0 }
FAULT : <0x0008088e> { _debugfs_u16_get + 0xe } 0x6000
3 Target : <0x00080880> { _debugfs_u16_get + 0x0 }
Source : <0x0005f55c> { _simple_attr_read + 0x7c } CALL (P2)
4 Target : <0x0005f554> { _simple_attr_read + 0x74 }
Source : <0x0005f51c> { _simple_attr_read + 0x3c } IF CC JUMP pcrel (BP)
5 Target : <0x0005f508> { _simple_attr_read + 0x28 }
Source : <0x00125ee0> { _mutex_lock_interruptible + 0x38 } RTS
6 Target : <0x00125eb4> { _mutex_lock_interruptible + 0xc }
Source : <0x00125600> { __cond_resched + 0x20 } RTS
7 Target : <0x001255fa> { __cond_resched + 0x1a }
Source : <0x001255f2> { __cond_resched + 0x12 } IF CC JUMP pcrel (BP)
8 Target : <0x001255e0> { __cond_resched + 0x0 }
Source : <0x00125eb0> { _mutex_lock_interruptible + 0x8 } CALL pcrel
9 Target : <0x00125ea8> { _mutex_lock_interruptible + 0x0 }
Source : <0x0005f504> { _simple_attr_read + 0x24 } JUMP.L
10 Target : <0x0005f4e0> { _simple_attr_read + 0x0 }
Source : <0x0004a0e2> { _vfs_read + 0x66 } CALL (P2)
11 Target : <0x0004a0c2> { _vfs_read + 0x46 }
Source : <0x00049850> { _rw_verify_area + 0x50 } RTS
12 Target : <0x00049800> { _rw_verify_area + 0x0 }
Source : <0x0004a0be> { _vfs_read + 0x42 } CALL pcrel
13 Target : <0x0004a0b2> { _vfs_read + 0x36 }
Source : <0xffa001ae> { __access_ok + 0x5e } RTS
14 Target : <0xffa001a6> { __access_ok + 0x56 }
Source : <0xffa001c0> { __access_ok + 0x70 } JUMP.S
15 Target : <0xffa001ba> { __access_ok + 0x6a }
Source : <0xffa0018a> { __access_ok + 0x3a } IF !CC JUMP pcrel (BP)
Kernel Stack
Stack info:
SP: [0x028dbf24] <0x028dbf24> /* kernel dynamic memory (maybe user-space) */
Memory from 0x028dbf20 to 028dc000
028dbf20: 00000003 [02a0330e] 00008000 00002000 00000000 028dc000 02a0330e 02a0330e
028dbf40: 02a50b10 ffa00fd4 02001004 0298cfc9 02a0cd5b 0298cf7e 02a0cd52 00000000
028dbf60: 0000000e 0000147a 00000000 0000147a 00000000 00000000 00000000 00000000
028dbf80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
028dbfa0: 00000004 00000000 02a73ea4 02a6326c 02a73fed 02a72e28 02a72e34 02a69bd0
028dbfc0: 00000000 00000001 02a6a0e8 02a73f83 00000003 00001000 02a72e6c 00000003
028dbfe0: 00000001 00000000 00001000 02a72e6c 00000003 00000003 00000003 00000006
Return addresses in stack:
Modules linked in:
Kernel panic - not syncing: Kernel exception
Hardware Trace:
Stack info:
SP: [0x028dbca0] <0x028dbca0> /* kernel dynamic memory (maybe user-space) */
FP: (0x028dbe8c)
Memory from 0x028dbca0 to 028dc000
028dbca0:[00154e74] 00124e84 028dbd98 00154e74 001884cb 001884cb 001884cb 028dbce8
028dbcc0: 02a72e34 00004490 028dbd98 028dbef0 00000001 00000000 00000007 0000003f
028dbce0: 00000013 028dbd98 0000ffff ffffffff 02379c60 00080880 00030001 001600f0
028dbd00: 00000000 025f9e34 0005079e 00080e1c 02379c60 02630624 00080df8 00000000
028dbd20: 0200ee40 028dbdf0 00001051 0262ff54 0005079e 00080878 001600f0 <000486b8>
028dbd40: 00000001 0004ff10 02630624 028dbec4 00048888 02379c60 028dbec4 000502de
028dbd60: 028dbe34 028dbe34 00000000 00000000 00000000 ffa00d2e 02701680 00000000
028dbd80: 027016c0 02a72e6c 00001000 00000000 028d901f 02671400 02a0330e 00008030
028dbda0: 0000a03f 00000000 028dc000 02a0330e 00080890 <0005f55e> 00000000 02000020
028dbdc0: 0298cfc9 02a0cd5b 0298cf7e 02a0cd52 00000000 0000000e 0000147a 00000000
028dbde0: 0000147a 00000000 00000000 00000000 00000000 00000000 00000000 00000000
028dbe00: 00000000 00000000 00000000 00000000 00000000 00000004 00000000 02a73ea4
028dbe20: 02a6326c 02a73fed 02a72e28 02a72e34 02701680 028dbef0 00000001 ffc03fec
028dbe40: 028dbe88 02630624 00000000 027016c0 02a72e6c 00001000 00000000 00000000
028dbe60: 00000000 00000000 00000000 02630624 00000006 0201cd44 00000003 00000000
028dbe80: 00000000 00000000 00004080 (00000000)<0004a0e4> 02379c60 00000003 028dbef0
028dbea0: 00001000 02a72e6c 00000001 029f3b74 00000020 02379c68 028dbef0 00000000
028dbec0: 00000000 0004a1fc 02379c60 00000003 02a72e6c 00001000 00000003 00000001
028dbee0: 02a689fc 00000000 ffffe000 028dbef0 00000000 00000000 00000000 <ffa008c6>
028dbf00: 0004a1cc 00000000 ffffe000 028d5ff6 0204d580 0267a2e0 00000000 00000001
028dbf20: 00000003 02a0330e 00008000 00002000 00000000 028dc000 02a0330e 02a0330e
028dbf40: 02a50b10 ffa00fd4 02001004 0298cfc9 02a0cd5b 0298cf7e 02a0cd52 00000000
028dbf60: 0000000e 0000147a 00000000 0000147a 00000000 00000000 00000000 00000000
028dbf80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000
028dbfa0: 00000004 00000000 02a73ea4 02a6326c 02a73fed 02a72e28 02a72e34 02a69bd0
028dbfc0: 00000000 00000001 02a6a0e8 02a73f83 00000003 00001000 02a72e6c 00000003
028dbfe0: 00000001 00000000 00001000 02a72e6c 00000003 00000003 00000003 00000006
Return addresses in stack:
address : <0x000486b8> { ___dentry_open + 0xcc }
address : <0x0005f55e> { _simple_attr_read + 0x7e }
frame 1 : <0x0004a0e4> { _vfs_read + 0x68 }
address : <0xffa008c6> { _system_call + 0x6a }
--
Follow-ups
--- Mike Frysinger 2011-05-26 18:08:14
the BF51x header files contained the wrong addresses for the RSI_PID# MMRs.
should be fixed now though.
--- Vivi Li 2011-05-30 05:11:07
OK now. Close it.
Thanks!
Files
Changes
Commits
Dependencies
Duplicates
Associations
Tags
File Name File Type File Size Posted By
No Files Were Found