[#5162] Linphone: Data access misaligned address

Submitted By: Barry Song

Open Date

2009-05-26 00:28:33

Priority:

Medium Assignee:

Barry Song

Status:

Open Fixed In Release:

N/A

Found In Release:

N/A Release:

Category:

N/A Board:

N/A

Processor:

BF537 Silicon Revision:

Is this bug repeatable?:

Yes Resolution:

Not reproducible

Uboot version or rev.:

Toolchain version or rev.:

2009R1_RC6

App binary format:

N/A

Summary: Linphone: Data access misaligned address

Details:

Sometimes, while linphonec on target board answers the call from remote, system will crash due to misaligned address access. The log is like

linphonec> Data access misaligned address violation

- Attempted misaligned data memory or data cache access.

Deferred Exception context

CURRENT PROCESS:

COMM=linphonec PID=215

CPU = 0

TEXT = 0x00880000-0x008b71c0 DATA = 0x021281c0-0x0212cd90

BSS = 0x0212cd90-0x008c0000 USER-STACK = 0x008dfeb0

return address: [0x0030353e]; contents of:

0x00303510: 3210 6409 080f 9950 4f48 4380 9208 17f4

0x00303520: 640b 081c 6c25 50b2 6c20 17c9 2fe3 0000

0x00303530: 05e4 e800 0017 af38 b238 600c b279 [a040]

0x00303540: 9106 bbc0 a0c0 4084 3006 a101 40e0 4f08

SEQUENCER STATUS: Not tainted

SEQSTAT: 00060024 IPEND: 0030 SYSCFG: 0006

EXCAUSE : 0x24

interrupts disabled

physical IVG5 asserted : <0xffa00ba4> { _evt_ivhw + 0x0 }

RETE: <0x00000000> { _do_one_initcall + 0xfffff000 }

RETN: <0x00372000> [ linphonec + 0x0 ]

RETX: <0x00000480> /* Maybe fixed code section */

RETS: <0x00303e98> [ /usr/lib/libspeex.so.1 + 0x3e98 ]

PC : <0x0030353e> [ /usr/lib/libspeex.so.1 + 0x353e ]

DCPLB_FAULT_ADDR: <0x00346178> [ linphonec + 0x178 ]

ICPLB_FAULT_ADDR: <0x0030353e> [ /usr/lib/libspeex.so.1 + 0x353e ]

PROCESSOR STATE:

R0 : 0037a674 R1 : 0037a6c8 R2 : 0037a770 R3 : 00000080

R4 : 00000001 R5 : 00000000 R6 : 00000001 R7 : 00001000

P0 : 00346175 P1 : 0037ac28 P2 : 00000000 P3 : 003473f8

P4 : 002dc0cc P5 : 0037ac28 FP : 0037a2c8 SP : 00371f24

LB0: 00304be9 LT0: 00304be8 LC0: 00000000

LB1: 00308fad LT1: 00308f74 LC1: 00000000

B0 : 00000026 L0 : 00000000 M0 : 00000030 I0 : 0037a254

B1 : 0037a6c8 L1 : 00000000 M1 : 000623fc I1 : 0037a2a8

B2 : 0000000a L2 : 00000000 M2 : 0005e246 I2 : 00379f2c

B3 : 0037a6c8 L3 : 00000000 M3 : 0037a450 I3 : 00379f32

A0.w: 00000001 A0.x: 00000000 A1.w: 00000001 A1.x: 00000000

USP : 0037a26c ASTAT: 02003065

Hardware Trace:

0 Target : <0x00004a64> { _trap_c + 0x0 }

Source : <0xffa0062a> { _exception_to_level5 + 0x9e } CALL pcrel

1 Target : <0xffa0058c> { _exception_to_level5 + 0x0 }

Source : <0xffa0045a> { _bfin_return_from_exception + 0xe } RTX

2 Target : <0xffa0044c> { _bfin_return_from_exception + 0x0 }

Source : <0xffa004e2> { _ex_trap_c + 0x66 } JUMP.S

3 Target : <0xffa0047c> { _ex_trap_c + 0x0 }

Source : <0xffa006c4> { _trap + 0x38 } JUMP (P4)

4 Target : <0xffa006aa> { _trap + 0x1e }

Source : <0xffa006a6> { _trap + 0x1a } IF !CC JUMP

5 Target : <0xffa0068c> { _trap + 0x0 }

Source : <0x0030353c> [ /usr/lib/libspeex.so.1 + 0x353c ] 0xb279

6 Target : <0x00303530> [ /usr/lib/libspeex.so.1 + 0x3530 ]

Source : <0x00303e94> [ /usr/lib/libspeex.so.1 + 0x3e94 ] CALL pcrel

7 Target : <0x00303e60> [ /usr/lib/libspeex.so.1 + 0x3e60 ]

Source : <0x00303868> [ /usr/lib/libspeex.so.1 + 0x3868 ] JUMP.S

8 Target : <0x00303864> [ /usr/lib/libspeex.so.1 + 0x3864 ]

Source : <0x00303860> [ /usr/lib/libspeex.so.1 + 0x3860 ] IF CC JUMP

9 Target : <0x00303838> [ /usr/lib/libspeex.so.1 + 0x3838 ]

Source : <0x00303834> [ /usr/lib/libspeex.so.1 + 0x3834 ] IF !CC JUMP

10 Target : <0x0030381c> [ /usr/lib/libspeex.so.1 + 0x381c ]

Source : <0x0030bcd2> [ /usr/lib/libspeex.so.1 + 0xbcd2 ] CALL (P1)

11 Target : <0x0030bc94> [ /usr/lib/libspeex.so.1 + 0xbc94 ]

Source : <0x0030bc90> [ /usr/lib/libspeex.so.1 + 0xbc90 ] IF CC JUMP

12 Target : <0x0030bc80> [ /usr/lib/libspeex.so.1 + 0xbc80 ]

Source : <0x00304c18> [ /usr/lib/libspeex.so.1 + 0x4c18 ] RTS

13 Target : <0x00304bfc> [ /usr/lib/libspeex.so.1 + 0x4bfc ]

Source : <0x00304c12> [ /usr/lib/libspeex.so.1 + 0x4c12 ] IF CC JUMP

14 Target : <0x00304bfc> [ /usr/lib/libspeex.so.1 + 0x4bfc ]

Source : <0x00304c12> [ /usr/lib/libspeex.so.1 + 0x4c12 ] IF CC JUMP

15 Target : <0x00304bfc> [ /usr/lib/libspeex.so.1 + 0x4bfc ]

Source : <0x00304c12> [ /usr/lib/libspeex.so.1 + 0x4c12 ] IF CC JUMP

Userspace Stack

Stack info:

SP: [0x0037a26c] <0x0037a26c> [ linphonec + 0x226c ]

FP: (0x0037a2c8)

Memory from 0x0037a260 to 0037b000

0037a260: 00220017 0013001c 0001000a [0005000b] 00030006 00040002 00010000 fffe0000

0037a280: fffffffe fffcfffd fffbfffa fff8fff9 fffdfffa fffbfffc fffafffc fffbfffb

0037a2a0: fffafff9 fff9fff9 00000037 0000a580 0000c100 <00013d00> 00007600 0000e480

0037a2c0: 00015280 00010500 (0037a394)<00303e98> 0037ac28 002dc0cc 00001000 00000001

0037a2e0: 00000000 003473f8 0037a674 0037a6c8 <0000c580> 0037a758 00346175 0000000a

0037a300: 00000028 0037a5d0 0037a484 0037ac28 00000000 00000000 0000d000 00008200

0037a320: 0000d180 0037a2e8 <0000c580> 0000fc00 0000e300 0000d880 00012c80 0000f000

0037a340: 0000f600 0000e300 0000d880 002f0102 00000037 00000038 002f0102 003473f8

0037a360: 0037a310 0037a204 0037a2ac 000000a0 0037a258 00000038 00000010 00000037

0037a380: 00312b91 00000020 00000000 00000003 <00304ee2>(0037a874)<0030bcd4> 0037ac28

0037a3a0: 002dc0cc 00001000 00000028 00000000 003473f8 0037a674 0037a6c8 0037a770

0037a3c0: 0037a758 00346175 0000000a 00000028 0037a5d0 0037a484 0037ac28 00000000

0037a3e0: 00000002 00000000 00000000 002dc2d4 0037a484 00000002 00000000 00000002

0037a400: 002dc0f0 ffe5aaf3 fffc30a9 00032d39 0004c36b 00056a85 <000425d6> 0001c4f4

0037a420: 0000104e fffece2d fffe14a6 000a0102 fff7fffe 000d0000 000e0012 fffe0004

0037a440: fff4fff0 0002fffc 00010001 ffff0001 00010000 0000ffff 00000002 00000001

0037a460: 00010001 0000ffff 00000003 00010000 0000ffff fffe0000 ffffffff 00000000

0037a480: 00000000 2ac24000 268e26c4 2a41255d 2ad028b8 1ff323d2 202f229e 1a2f1ded

0037a4a0: 143016ce 0f881166 08440bdb 030f05a9 fe3b00c3 f9b5fbe0 f67af7d8 f3dcf519

0037a4c0: f22bf2e2 f17ef1bf f180f16d f238f1c1 f386f2d1 00000000 003b0043 00370039

0037a4e0: 00110027 00060008 00070009 ffecfff4 ffebffea ffe5ffea ffdeffe1 ffe1ffdf

0037a500: ffdfffe0 ffe1ffdf ffe5ffe3 ffe9ffe8 ffeeffeb fff3fff1 fff8fff6 fffdfffa

0037a520: 0001ffff 00050002 40fa7422 0000a580 0000c100 <00013d00> 00007600 0000e480

0037a540: 00015280 00010500 00003b00 0000f280 00005400 00015c00 0000a680 0000b880

0037a560: 0000b880 0000cb80 0000fc00 0000e300 <0000c580> 0000fc00 0000d000 00009500

0037a580: 0000ef00 <0000c580> 0000e900 0000b280 0000cb80 0000fc00 0000d000 00008200

0037a5a0: 0000d180 0000e900 <0000c580> 0000fc00 0000e300 0000d880 00012c80 0000f000

0037a5c0: 0000f600 0000e300 0000d880 00000002 00000000 00000000 00000000 00000000

0037a5e0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a600: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a620: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a640: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a660: 00000000 00000000 00000000 00000000 80000000 ffcdffe5 0017ffe1 0075004e

0037a680: 005e0069 0010001f 001b0014 000c0017 00000008 0004fffc fff8fff8 fff40004

0037a6a0: fff4fff8 fff4fff8 fff0fff0 00000000 fffcfff8 fff8fff4 fff0fffc fff0fff0

0037a6c0: fff4fff8 00810081 f7e1e225 00bcfd91 058effb8 060a01de fa5f00f2 00810081

0037a6e0: f6b0e3bc fefafdb7 0484022f 02ed0393 fa8601dd 00810081 04dc030e 20c80ee8

0037a700: 3424281c 47ea3cc6 59d45140 00810081 05b402ba 20db0f47 342728eb 480e3cd8

0037a720: 5b135115 00810081 07d004d0 1de013b0 334027e0 46a03cc0 59b050e0 00810081

0037a740: 09d70391 1e181421 325a2858 467f3c92 5aa750a2 00810081 fca6ef0a ffdeff82

0037a760: 0036002b 000d001a fff80005 00810081 f875e690 ff54fe56 0266014a 014201b6

0037a780: fe1700b9 00810081 ff18e0d8 fff90092 fff60090 001f005a 008e0007 00810081

0037a7a0: 00041502 00000000 00311e3c 00000000 00311e14 409d48dc 002dc784 0037a750

0037a7c0: 0037a404 0037a430 0037a484 0037a4d8 0037a52c 0037a5d0 0037a674 0037a518

0037a7e0: 0037a710 0037a740 0037a758 0037a770 0037a788 0037a728 0037a6f8 0037a6e0

0037a800: 0037a6c8 0037a678 00000000 00000000 00000018 feb90020 0005a6ef 00000000

0037a820: 00000004 3f6a46e0 00000000 002dc53c 002dc2d4 3dc502f6 0000000a 002dc2d4

0037a840: 00000000 0005cae3 00000018 00000082 00000067 0000006a 0000007e 0000007f

0037a860: 00000020 0000001a 001b001a ffe7004b 00000004 (0037a96c)<0030e0c0> 0037aad8

0037a880: 0037a998 00000000 0212a160 0037ac28 002d1a40 002dc0cc 0037a998 0037ac28

0037a8a0: 00000000 ffd00010 001c0000 0037aad8 00000140 00000040 002dc81c 00000000

0037a8c0: 002fc218 00000214 0037a8fc <003264da> 00338898 00338f70 0037a8a0 <003260f0>

0037a8e0: 00338898 00338cb0 00338cb0 00338898 00338f70 0037a918 <003260f0> 0037a930

0037a900: 0037a8c8 003473f8 00346e8c 00338cb0 0037a934 <003260f0> 0037a94c <003b2fec>

0037a920: 002ccb48 0037a92c 0037a930 000007d4 0037a95c 00000000 00370102 002c0000

0037a940: 000007d0 00000001 00338f70 00000280 00000280 002d8e84 002ccb94 0037a97c

0037a960:<00308da4> 003473f8 0212a160 (0037ac4c)<00895a92> 002d8e84 002ccb4c 00000000

0037a980: 0212a160 0037ac28 00000280 ba2adc91 0037a998 0037ac28 00000000 00000000

0037a9a0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a9c0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037a9e0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aa00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aa20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aa40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aa60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aa80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aaa0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aac0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aae0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ab00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ab20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ab40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ab60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ab80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037aba0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037abc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037abe0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037ac00: 00000000 00000000 00000000 00000000 00000000 00000000 0000020c 0037ac10

0037ac20: 0037a998 00000001 002fc6c4 00000029 00000005 00000001 00000001 00000000

0037ac40: 000007d0 <0089439c> 002ccc24 (0037ac80)<008aaa9e> 00000000 0212a160 002d8e2c

0037ac60: 00000000 002dc074 0037ace4 002d8e2c 0000007f 00000100 00000200 00000000

0037ac80:(0037acb4)<008aab16> 00000000 0212a160 002d8d54 00000000 002dc074 0037ace4

0037aca0: 002d8d54 00330c60 0033363c 00000000 00000000 (0037ace8)<008aab54> 002d1a30

0037acc0: 0212a160 00000000 0212a160 0037ace4 002dc074 00000004 00000000 00000002

0037ace0: 00000000 00000000 (0037ad1c)<008aabc4> 002dc074 00000000 00000004 00000000

0037ad00: 00000004 00000002 0037ad1c <0038f404> 00000000 00000000 007a1200 (0037ade4)

0037ad20:<003256e6> 00331388 0037ae24 0037ae24 00000030 00331388 00345808 0102a100

0037ad40: 01024e00 0102f300 01024200 0102f400 01021400 0102ef00 01026000 0102f300

0037ad60: 01027200 0102f500 01025500 0102eb00 01023500 01029b00 01027500 0102d500

0037ad80: 01025f00 01029e00 01025700 01030c00 01021700 0102ef00 01025000 0102b000

0037ada0: 01025900 0102b400 01027a00 01030300 01025b00 0037addc <0032855a> 0037ae24

0037adc0: 003336a0 00000001 00331388 0102a200 01024000 0102e800 01026800 0037ae08

0037ade0:<00325756>(0037ae08)<00325766> 00331388 0037ae24 00003000 00000030 0102a100

0037ae00: 01025500 01033200 (00000000)<0038cb80> 0037ae24 008dfaf8 01021a00 0102bc00

0037ae20: 0102ac00 <00aebe24> 00330a80 00000000 00000000 00000c03 000000d7 00000000

0037ae40: 003336a0 00000020 00000000 00000000 00000000 00000000 00000000 00000000

0037ae60: 00000000 00000000 0037ae6c 0000000b 0037ae74 00000000 00000000 00000000

0037ae80: 00345808 002dc074 80000000 00000000 00000000 00000000 00000000 00000000

0037aea0: 00000000 00000000 00000000 008dfabc <0215f41e> c0000000 0000003c 00000000

0037aec0: 008dfab0 <003264da> 00338898 00338f70 008dfab0 <003260f0> 00338898 00338cb0

0037aee0:<003260f0> 00338898 008dfad8 <003264da> 008dfae0 008dfae4 <003b2fec> 002dc038

0037af00: 00338cb0 <003260f0> 00000000 00000000 00000000 00000000 00000000 00000000

0037af20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037af40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037af60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037af80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037afa0: 00000000 00000000 00000000 00000000 00000000 00000000 0037ae24 00000003

0037afc0: 00000001 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037afe0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000

0037b000: 00000000

Return addresses in stack:

address : <0x00013d00> { _do_softirq + 0x4c }

frame 1 : <0x00303e98> [ /usr/lib/libspeex.so.1 + 0x3e98 ]

address : <0x0000c580> { _sched_setaffinity + 0x9c }

address : <0x00304ee2> [ /usr/lib/libspeex.so.1 + 0x4ee2 ]

frame 2 : <0x0030bcd4> [ /usr/lib/libspeex.so.1 + 0xbcd4 ]

address : <0x000425d6> { _do_execve + 0x116 }

address : <0x00013d00> { _do_softirq + 0x4c }

address : <0x0000c580> { _sched_setaffinity + 0x9c }

frame 3 : <0x0030e0c0> [ /usr/lib/libspeex.so.1 + 0xe0c0 ]

address : <0x003264da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x003260f0> [ /lib/libpthread.so.0 + 0x60f0 ]

address : <0x003b2fec> [ /lib/libc.so.0 + 0x32fec ]

address : <0x00308da4> [ /usr/lib/libspeex.so.1 + 0x8da4 ]

frame 4 : <0x00895a92> [ /usr/bin/linphonec + 0x15a92 ]

address : <0x0089439c> [ /usr/bin/linphonec + 0x1439c ]

frame 5 : <0x008aaa9e> [ /usr/bin/linphonec + 0x2aa9e ]

frame 6 : <0x008aab16> [ /usr/bin/linphonec + 0x2ab16 ]

frame 7 : <0x008aab54> [ /usr/bin/linphonec + 0x2ab54 ]

frame 8 : <0x008aabc4> [ /usr/bin/linphonec + 0x2abc4 ]

address : <0x0038f404> [ /lib/libc.so.0 + 0xf404 ]

frame 9 : <0x003256e6> [ /lib/libpthread.so.0 + 0x56e6 ]

address : <0x0032855a> [ /lib/libpthread.so.0 + 0x855a ]

address : <0x00325756> [ /lib/libpthread.so.0 + 0x5756 ]

frame 10 : <0x00325766> [ /lib/libpthread.so.0 + 0x5766 ]

frame 11 : <0x0038cb80> [ /lib/libc.so.0 + 0xcb80 ]

address : <0x00aebe24> [ linphonec + 0x3e24 ]

address : <0x0215f41e> [ /lib/libm.so.0 + 0xf41e ]

address : <0x003264da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x003260f0> [ /lib/libpthread.so.0 + 0x60f0 ]

address : <0x003264da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x003b2fec> [ /lib/libc.so.0 + 0x32fec ]

address : <0x003260f0> [ /lib/libpthread.so.0 + 0x60f0 ]

The backtrace in GDB is

0x0030353e in ?? () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

(gdb) bt

#0 0x0030353e in ?? () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

#1 0x00303e98 in split_cb_search_shape_sign () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

#2 0x00303e98 in split_cb_search_shape_sign () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

#3 0x0030bcd4 in nb_encode () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

#4 0x0030e0c0 in sb_encode () from /home/bhsong/develop/svn/uclinux-dist/romfs/usr/lib/libspeex.so.1

#5 0x00895a92 in enc_process (f=0x2d8e2c) at ../../../linphone-3.0.0/mediastreamer2/src/msspeex.c:239

#6 0x008aaa9e in run_graph (f=0x2d8e2c, s=0x2dc074, unschedulable=0x37ace4, force_schedule=0 '\0') at ../../../linphone-3.0.0/mediastreamer2/src/msticker.c:194

#7 0x008aab16 in run_graph (f=0x2d8d54, s=0x2dc074, unschedulable=0x37ace4, force_schedule=0 '\0') at ../../../linphone-3.0.0/mediastreamer2/src/msticker.c:212

#8 0x008aab54 in run_graphs (s=0x2dc074, execution_list=<value optimized out>, force_schedule=<value optimized out>) at ../../../linphone-3.0.0/mediastreamer2/src/msticker.c:226

#9 0x008aabc4 in ms_ticker_run (arg=0x2dc074) at ../../../linphone-3.0.0/mediastreamer2/src/msticker.c:340

#10 0x003256e6 in pthread_start_thread (arg=0x37ae24) at libpthread/linuxthreads.old/manager.c:327

#11 0x00325766 in pthread_start_thread_event (arg=0x37ae24) at libpthread/linuxthreads.old/manager.c:357

#12 0x0038cb80 in clone (fn=<error reading variable>, child_stack=0x37a6c8, flags=3647092, arg=0x37ac28) at libc/sysdeps/linux/bfin/clone.c:21

Backtrace stopped: previous frame inner to this frame (corrupt stack?)

And use objdump to get the asm codes near 0x0030353e:

./libspeex.so.1

3530: e4 05 [--SP] = (R7:4, P5:4);

3532: 00 e8 17 00 LINK 0x5c; /* (92) */

3536: 38 af P0 = [FP + 0x30];

3538: 38 b2 [FP + 0x20] = R0;

353a: 0c 60 R4 = 0x1 (X); /* R4=0x1( 1) */

353c: 79 b2 [FP + 0x24] = R1;

353e: 40 a0 R0 = [P0 + 0x4];

P0 is odd, so make the misaligned address .

Basically, the issue is because userspace access a non-aligned address. I will give more analysis to find the root reason.

Follow-ups

--- Barry Song 2009-06-22 02:57:03

The PC pointers that programs die are keeping changing. By one trace today, I

got some new threads.

Check the trace while panic:

linphonec> answer

Connected.

linphonec> linphonec> Data access misaligned address violation

- Attempted misaligned data memory or data cache access.

Deferred Exception context

CURRENT PROCESS:

COMM=linphonec PID=215

CPU = 0

TEXT = 0x00440000-0x004771f0 DATA = 0x008381f0-0x0083cdc0

BSS = 0x0083cdc0-0x00980000 USER-STACK = 0x0099feb0

return address: [0x00549200]; contents of:

0x005491e0: 9310 a0f8 bbf0 b9f0 e801 0000 0010 0000

0x005491f0: 04c5 e800 0007 bbcb b0f8 b139 ad3a 6000

0x00549200: [9310] a0f8 0c00 1004 63f0 bbd0 205d 3047

0x00549210: 67c0 b9cb e3ff f2e9 bbf0 b9f0 0c00 1804

ADSP-BF537-0.2 500(MHz CCLK) 125(MHz SCLK) (mpu off)

Linux version 2.6.28.10-ADI-2009R1-svn6779

Built with gcc version 4.1.2 (ADI svn)

SEQUENCER STATUS: Not tainted

SEQSTAT: 00060024 IPEND: 0030 SYSCFG: 0006

EXCAUSE : 0x24

interrupts disabled

physical IVG5 asserted : <0xffa00c1c> { _evt_ivhw + 0x0 }

RETE: <0x00000000> /* Maybe null pointer? */

RETN: <0x0060e000> /* kernel dynamic memory */

RETX: <0x00000480> /* Maybe fixed code section */

RETS: <0x00507510> [ /lib/libm.so.0 + 0x7510 ]

PC : <0x00549200> [ /usr/lib/libosipparser2.so.4 + 0x9200 ]

DCPLB_FAULT_ADDR: <0x3fa66fa0> /* kernel dynamic memory */

ICPLB_FAULT_ADDR: <0x00549200> [ /usr/lib/libosipparser2.so.4 + 0x9200 ]

PROCESSOR STATE:

R0 : 00000000 R1 : 3fa66fa3 R2 : 00000000 R3 : 8d7ee000

R4 : 3fe77000 R5 : 00077000 R6 : 1dddfd7a R7 : 3fa66fa3

P0 : 00000002 P1 : 005491f0 P2 : 3fa66fa3 P3 : 009a8dc8

P4 : 0040d0c8 P5 : ffff5bd7 FP : 00512540 SP : 0060df24

LB0: 0046b44f LT0: 0046b3fe LC0: 00000000

LB1: 004e478d LT1: 004e478c LC1: 00000000

B0 : 00512338 L0 : 00000000 M0 : 00000000 I0 : 00000000

B1 : 005125f0 L1 : 00000000 M1 : 000623fc I1 : 00000000

B2 : 0000000a L2 : 00000000 M2 : 0005e246 I2 : 00000000

B3 : 005126e0 L3 : 00000000 M3 : 00512450 I3 : 8d7ee000

A0.w: 0005e246 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000

USP : 00512524 ASTAT: 02003044

Hardware Trace:

0 Target : <0x00004c90> { _trap_c + 0x0 }

Source : <0xffa00662> { _exception_to_level5 + 0x9e } CALL pcrel

1 Target : <0xffa005c4> { _exception_to_level5 + 0x0 }

Source : <0xffa004a4> { _bfin_return_from_exception + 0x20 } RTX

2 Target : <0xffa00484> { _bfin_return_from_exception + 0x0 }

Source : <0xffa0051a> { _ex_trap_c + 0x46 } JUMP.S

3 Target : <0xffa004d4> { _ex_trap_c + 0x0 }

Source : <0xffa0073a> { _trap + 0x66 } JUMP (P4)

4 Target : <0xffa006f4> { _trap + 0x20 }

Source : <0xffa006f0> { _trap + 0x1c } IF !CC JUMP

5 Target : <0xffa006d4> { _trap + 0x0 }

Source : <0x005491fe> [ /usr/lib/libosipparser2.so.4 + 0x91fe ]

0x6000

6 Target : <0x005491f0> [ /usr/lib/libosipparser2.so.4 + 0x91f0 ]

Source : <0x00501a7e> [ /lib/libm.so.0 + 0x1a7e ] JUMP (P1)

7 Target : <0x00501a76> [ /lib/libm.so.0 + 0x1a76 ]

Source : <0x0050750c> [ /lib/libm.so.0 + 0x750c ] CALL pcrel

8 Target : <0x00507504> [ /lib/libm.so.0 + 0x7504 ]

Source : <0x0046b1ca> [ /usr/bin/linphonec + 0x2b1ca ] RTS

9 Target : <0x0046b186> [ /usr/bin/linphonec + 0x2b186 ]

Source : <0x0046b150> [ /usr/bin/linphonec + 0x2b150 ] IF !CC JUMP

10 Target : <0x0046b124> [ /usr/bin/linphonec + 0x2b124 ]

Source : <0x0046b100> [ /usr/bin/linphonec + 0x2b100 ] JUMP.S

11 Target : <0x0046b0c6> [ /usr/bin/linphonec + 0x2b0c6 ]

Source : <0x0046b0b4> [ /usr/bin/linphonec + 0x2b0b4 ] IF !CC JUMP

12 Target : <0x0046b090> [ /usr/bin/linphonec + 0x2b090 ]

Source : <0x0046b072> [ /usr/bin/linphonec + 0x2b072 ] IF !CC JUMP

13 Target : <0x0046b02c> [ /usr/bin/linphonec + 0x2b02c ]

Source : <0x00501ac4> [ /lib/libm.so.0 + 0x1ac4 ] JUMP (P1)

14 Target : <0x00501abc> [ /lib/libm.so.0 + 0x1abc ]

Source : <0x00507500> [ /lib/libm.so.0 + 0x7500 ] CALL pcrel

15 Target : <0x005074f6> [ /lib/libm.so.0 + 0x74f6 ]

Source : <0x0046bb1e> [ /usr/bin/linphonec + 0x2bb1e ] RTS

Userspace Stack

Stack info:

SP: [0x00512524] <0x00512524> [ linphonec + 0x2524 ]

FP: (0x00512540)

Memory from 0x00512520 to 00513000

00512520: 00000000 [00000000] 00000000 00000000 009a8dc8 4f147dd5 dcca0781

3fa66fa3

00512540:(005125b8)<00507510> ffff5bd7 088eeb1f 3fa66fa3 00000000

bfd12000 6f160000

00512560: 40220596 00000000 00000000 79ac8a2d 3f2dd8ba 4de589bd 3f986da7

<0050f394>

00512580: 00512ad8 00831420 005125b4 005125dc <0050f39a> 00000000

bfd12000 75773282

005125a0: bfc3c51f 00000000 402a0000 00000000 00000000 0000000d

(005125e4)<0050ee4e>

005125c0: 00512ad8 00831420 0040d0c8 00000050 000000a0 00512998 00000000

00512658

005125e0:<004e7c98>(00512658)<004e7c9e> 00000050 10000000

00000000 10000000 00000000

00512600: 00000000 00000000 00000000 00512634 <004f0b46> 40000000

ffffffff 00000000

00512620: 10000000 00000003 00000000 ffffffff 40000000 00512668 00000000

00000000

00512640: 00000000 00000000 40000000 00000003 00000000 ffffffff

(00512874)<004ec2c2>

00512660: 00512754 0035866c 00000018 00000090 000000a0 00831420 00358ad4

00000011

00512680: 00000090 00000018 3f000000 003587d4 00000000 00000000 00000000

00000000

005126a0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

005126c0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

005126e0: ffd6fffa 0014fffe fff70000 fffbfff9 00240000 00000000 00000000

00000000

00512700: 00000000 00000000 00000000 00000000 12410921 247c1b67 36d02db8

491f4008

00512720: 5b645247 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512740: 12410921 247c1b67 36d02db8 491f4008 5b645247 00000000 fff1fffc

00030000

00512760: 00000000 00000000 00000000 00000000 ffdefffb 000dffff fffb0000

fffefffd

00512780: 000d0000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

005127a0: 00000000 00000000 00000000 00000000 00000000 00000000 00358ad4

00512750

005127c0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00512518

005127e0: 00512710 00512740 00512758 00512770 00512788 00512728 005126f8

005126e0

00512800: 005126c8 00512678 004bffe7 ff7e0023 00000018 feb90020 00000000

00000000

00512820: 03bc007c fae5fee5 06f4021f f65dfc33 0e3106c5 00000000 0000000a

236375c9

00512840: f2f5e6f7 06c50e31 00000018 00000017 00000019 00000016 0000001a

00000015

00512860: 001b0020 0016001b 00120016 ffe7004b 000fffd9

(0051296c)<004ee0e4> 00512ad8

00512880: 00512998 00000000 0083a190 00512c28 00343a34 0035866c 00512998

00512c28

005128a0: 00000000 <0000c000> 005128dc 00512ad8 00000140 00000040

00358d78 00000000

005128c0: 0042ad60 00000214 005128fc <003864da> 004008f0 00400fc8

005128a0 <003860f0>

005128e0: 004008f0 00400d08 00400d08 004008f0 00400fc8 00512918

<003860f0> 00512930

00512900: 005128c8 00831420 00830eb8 00400d08 00512934 <003860f0>

0051294c <00933038>

00512920: 00393958 0051292c 00512930 000007d4 0051295c 00000000 00510000

00390000

00512940: 000007d0 00000001 00400fc8 00000280 00000280 00358434 0083a190

0051297c

00512960:<004e8db8> 00831420 0083a190 (00512c4c)<00455a9e>

00358434 0039395c 00000000

00512980: 0083a190 00512c28 00000280 ffff0000 00512998 00512c28 00000000

00000000

005129a0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

005129c0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

005129e0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512a00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512a20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512a40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512a60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512a80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512aa0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512ac0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512ae0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512b00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512b20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512b40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512b60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512b80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512ba0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512bc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512be0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512c00: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00512c10

00512c20: 00512998 00000001 005135f8 00000000 00000000 00000000 00000001

00000000

00512c40: 000007d0 <004543a8> 003938cc (00512c80)<0046aaca>

00000000 0083a190 003583dc

00512c60: 00000000 00358614 00512ce4 003583dc 0000007f 00000100 00000200

00000000

00512c80:(00512cb4)<0046ab46> 00000000 0083a190 00358304 00000000

00358614 00512ce4

00512ca0: 00358304 009a0c60 009a363c 00000000 00000000

(00512ce8)<0046ab84> 00343a24

00512cc0: 0083a190 00000000 0083a190 00512ce4 00358614 00000004 00000000

00000006

00512ce0: 00000000 00000000 (00512d1c)<0046abf4> 00358614 00000000

00000004 00000000

00512d00: 00000004 00000006 00512d1c <0090f404> 00000000 00000000

003d0900 (00512de4)

00512d20:<003856e6> 009a1388 00512e24 00512e24 00000030 009a1388

003b8808 0001fffb

00512d40: ffff0000 00000001 fffefffc fffd0000 fffd0005 fffbfffe fffe0001

fffbfffe

00512d60: 0000fffb fffefffb fffefffe 0001fffe 00030002 fffdfffe

<0000fffe> fffbfffd

00512d80: fffd0000 fffefffe fffefffc 0001fffe fffe0002 fffcfffd fffefffd

fffb0000

00512da0: 0001fffe 0004ffff fffe0002 fffdfffd fffbfffb 00512ddc

<00388556> 00512e24

00512dc0: 009a36a0 00000001 009a1388 0000fffb 00000000 ffff0002 0003ffff

00512e08

00512de0:<00385756>(00512e08)<00385766> 009a1388 00512e24

00003000 00000030 fffa0003

00512e00: 0004fffe fffa0000 (00000000)<0090cb80> 00512e24 0099faf8

fffe0000 ffff0003

00512e20: fffefffe 0084be24 009a0a80 00000000 00000000 00004003 000000d7

00000000

00512e40: 009a36a0 00000020 00000000 00000000 00000000 00000000 00000000

00000000

00512e60: 00000000 00000000 00512e6c 0000000b 00512e74 00000000 00000000

00000000

00512e80: 003b8808 00358614 80000000 00000000 00000000 00000000 00000000

00000000

00512ea0: 00000000 00000000 00000000 0099fabc <0050f422> c0000000

0000003c 00000000

00512ec0: 0099fab0 <003864da> 004008f0 00400fc8 0099fab0

<003860f0> 004008f0 00400d08

00512ee0:<003860f0> 004008f0 0099fad8 <003864da> 0099fae0

0099fae4 <00933038> 003585d8

00512f00: 00400d08 <003860f0> 00000000 00000000 00000000 00000000

00000000 00000000

00512f20: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512f40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512f60: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512f80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512fa0: 00000000 00000000 00000000 00000000 00000000 00000000 00512e24

00000003

00512fc0: 00000001 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00512fe0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000

00000000

00513000: 00000000

Return addresses in stack:

frame 1 : <0x00507510> [ /lib/libm.so.0 + 0x7510 ]

address : <0x0050f394> [ /lib/libm.so.0 + 0xf394 ]

address : <0x0050f39a> [ /lib/libm.so.0 + 0xf39a ]

frame 2 : <0x0050ee4e> [ /lib/libm.so.0 + 0xee4e ]

address : <0x004e7c98> [ /usr/lib/libspeex.so.1 + 0x7c98 ]

frame 3 : <0x004e7c9e> [ /usr/lib/libspeex.so.1 + 0x7c9e ]

address : <0x004f0b46> [ /usr/lib/libspeex.so.1 + 0x10b46 ]

frame 4 : <0x004ec2c2> [ /usr/lib/libspeex.so.1 + 0xc2c2 ]

frame 5 : <0x004ee0e4> [ /usr/lib/libspeex.so.1 + 0xe0e4 ]

address : <0x0000c000> { _sched_debug_show + 0x5b8 }

address : <0x003864da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x003860f0> [ /lib/libpthread.so.0 + 0x60f0 ]

address : <0x00933038> [ /lib/libc.so.0 + 0x33038 ]

address : <0x004e8db8> [ /usr/lib/libspeex.so.1 + 0x8db8 ]

frame 6 : <0x00455a9e> [ /usr/bin/linphonec + 0x15a9e ]

address : <0x004543a8> [ /usr/bin/linphonec + 0x143a8 ]

frame 7 : <0x0046aaca> [ /usr/bin/linphonec + 0x2aaca ]

frame 8 : <0x0046ab46> [ /usr/bin/linphonec + 0x2ab46 ]

frame 9 : <0x0046ab84> [ /usr/bin/linphonec + 0x2ab84 ]

frame 10 : <0x0046abf4> [ /usr/bin/linphonec + 0x2abf4 ]

address : <0x0090f404> [ /lib/libc.so.0 + 0xf404 ]

frame 11 : <0x003856e6> [ /lib/libpthread.so.0 + 0x56e6 ]

address : <0x0000fffe> { _panic + 0xb2 }

address : <0x00388556> [ /lib/libpthread.so.0 + 0x8556 ]

address : <0x00385756> [ /lib/libpthread.so.0 + 0x5756 ]

frame 12 : <0x00385766> [ /lib/libpthread.so.0 + 0x5766 ]

frame 13 : <0x0090cb80> [ /lib/libc.so.0 + 0xcb80 ]

address : <0x0050f422> [ /lib/libm.so.0 + 0xf422 ]

address : <0x003864da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x003860f0> [ /lib/libpthread.so.0 + 0x60f0 ]

address : <0x003864da> [ /lib/libpthread.so.0 + 0x64da ]

address : <0x00933038> [ /lib/libc.so.0 + 0x33038 ]

address : <0x003860f0> [ /lib/libpthread.so.0 + 0x60f0 ]

(gdb) bt

#0 0x00549200 in osip_from_clone () from

/home/bhsong/develop/svn/uclinux-dist-2009R1/debug_lib/libosipparser2.so.4

#1 0x00507510 in __ieee754_log (x=<value optimized out>) at

libm/e_log.c:145

#2 0x0050ee4e in logf (x=<value optimized out>) at

libm/float_wrappers.c:405

#3 0x004e7c9e in vbr_analysis () from

/home/bhsong/develop/svn/uclinux-dist-2009R1/debug_lib/libspeex.so.1

#4 0x004ec2c2 in nb_encode () from

/home/bhsong/develop/svn/uclinux-dist-2009R1/debug_lib/libspeex.so.1

#5 0x004ee0e4 in sb_encode () from

/home/bhsong/develop/svn/uclinux-dist-2009R1/debug_lib/libspeex.so.1

#6 0x00455a9e in enc_process (f=0x3583dc) at

../../../linphone-3.0.0/mediastreamer2/src/msspeex.c:239

#7 0x0046aaca in run_graph (f=0x3583dc, s=0x358614, unschedulable=0x512ce4,

force_schedule=0 '\0') at

../../../linphone-3.0.0/mediastreamer2/src/msticker.c:194

#8 0x0046ab46 in run_graph (f=0x358304, s=0x358614, unschedulable=0x512ce4,

force_schedule=0 '\0') at

../../../linphone-3.0.0/mediastreamer2/src/msticker.c:212

#9 0x0046ab84 in run_graphs (s=0x358614, execution_list=<value optimized

out>, force_schedule=<value optimized out>) at

../../../linphone-3.0.0/mediastreamer2/src/msticker.c:226

#10 0x0046abf4 in ms_ticker_run (arg=0x358614) at

../../../linphone-3.0.0/mediastreamer2/src/msticker.c:340

#11 0x003856e6 in pthread_start_thread (arg=0x512e24) at

libpthread/linuxthreads.old/manager.c:327

#12 0x00385766 in pthread_start_thread_event (arg=0x512e24) at

libpthread/linuxthreads.old/manager.c:357

#13 0x0090cb80 in clone (fn=<error reading variable>,

child_stack=0x3fa66fa3, flags=0, arg=0x5491f0) at

libc/sysdeps/linux/bfin/clone.c:21

Backtrace stopped: previous frame inner to this frame (corrupt stack?)

(gdb)

In fact, the error comes from the following codes:

int from_2char_without_params(osip_from_t *from,char **str)

{

osip_from_t *tmpfrom=NULL;

osip_from_clone(from,&tmpfrom);

...

}

int

osip_from_clone (const osip_from_t * from, osip_from_t ** dest)

{

int i;

osip_from_t *fr;

*dest = NULL;

if (from == NULL)

return -1;

...

}

The system just dies at "*dest = NULL;" in osip_from_clone(). It's

really strange since "osip_from_t *tmpfrom=NULL;" can execute

successfully in from_2char_without_params.

Check the asm codes of from_2char_without_params:

41720 00024c24 <_from_2char_without_params>:

41721 24c24: 70 05 [--SP] = (R7:6);

41722 24c26: 00 e8 04 00 LINK 0x10; /* (16) */

41723 24c2a: 31 30 R6 = R1;

41724 24c2c: 01 60 R1 = 0x0 (X); /*

R1=0x0( 0) */

41725 24c2e: f1 bb [FP -0x4] = R1;

41726 24c30: 4f 30 R1 = FP;

41727 24c32: e1 67 R1 += -0x4; /* ( -4) */

41728 24c34: 7b 30 R7 = P3;

41729 24c36: ff e3 b7 3c CALL 0xc5a4 <__init+0x7b8>;

FP -0x4 is the address of osip_from_t *tmpfrom. Then the address is given to

R1.

Check the asm codes of osip_from_clone:

3831 000091f0 <_osip_from_clone>:

3832 91f0: c5 04 [--SP] = (P5:5);

3833 91f2: 00 e8 07 00 LINK 0x1c; /* (28) */

3834 91f6: cb bb [FP -0x10] = P3;

3835 91f8: f8 b0 [FP + 0xc] = R0;

3836 91fa: 39 b1 [FP + 0x10] = R1;

3837 91fc: 3a ad P2 = [FP + 0x10];

3838 91fe: 00 60 R0 = 0x0 (X); /*

R0=0x0( 0) */

3839 9200: 10 93 [P2] = R0;

...

At the beginning, [FP + 0x10] will be the address of tmpfrom, then P2=the

address of tmpfrom. But [P2]=0 fails!

So it looks like somebody changes R1 from from_2char_without_params to

osip_from_clone! Who is it?

Today, the debug was based on 2009R1 branch codes.

--- Barry Song 2009-06-24 06:36:07

The problem should not be a simple misaligned access. It should come from stack

overflow somewhere since the panic points are random:

sometimes libasound, sometimes libosipparser, sometimes libspeex, sometimes

libc...

And the causes of system panic are multifarious too,like:

"Data access misaligned address" "llegal use of supervisor

resource Attempted to use a Supervisor register or instruction from User

mode." "Data access CPLB miss" "anNULL pointer

access".

And results are not logical according to asm and c codes.

Let me try whether -mstack-check-l1 and -fmudflap -lmudflap can help to locate

the errors.

--- Barry Song 2009-06-25 23:11:51

Change two files to increase stack size, use the auto expect script to let PC

and target communicate by linphone more than 5000 times, there is no panic

again.

Index: oRTP/src/port.c

===================================================================

--- oRTP/src/port.c (revision 8320)

+++ oRTP/src/port.c (working copy)

@@ -170,8 +170,8 @@

if (attr)

my_attr = *attr;

#ifdef ORTP_DEFAULT_THREAD_STACK_SIZE

- if (ORTP_DEFAULT_THREAD_STACK_SIZE!=0)

- pthread_attr_setstacksize(&my_attr, ORTP_DEFAULT_THREAD_STACK_SIZE);

+// if (ORTP_DEFAULT_THREAD_STACK_SIZE!=0)

+ pthread_attr_setstacksize(&my_attr,

/*ORTP_DEFAULT_THREAD_STACK_SIZE*/0xA000);

#endif

return pthread_create(thread, &my_attr, routine, arg);

}

Index: Makefile

===================================================================

--- Makefile (revision 8320)

+++ Makefile (working copy)

@@ -1,6 +1,6 @@

VER = linphone-3.0.0

-CFLAGS += -fno-strict-aliasing -ffast-math -mfast-fp

+CFLAGS += -fno-strict-aliasing -ffast-math -mfast-fp

-Wl,--defsym,__stacksize=0x40000

CONF_OPTS = \

--enable-portaudio=no \

Files

Changes

Commits

Dependencies

Duplicates

Associations