[#4022] Kernel will crash when execute "hcitool scan" sometimes
Submitted By: Vivi Li
Open Date
2008-04-11 02:28:06 Close Date
2008-05-14 03:17:56
Priority:
Medium Assignee:
Michael Hennerich
Status:
Closed Fixed In Release:
N/A
Found In Release:
N/A Release:
Category:
N/A Board:
N/A
Processor:
N/A Silicon Revision:
Is this bug repeatable?:
Yes Resolution:
Fixed
Uboot version or rev.:
Toolchain version or rev.:
08r1-rc8
App binary format:
N/A
Summary: Kernel will crash when execute "hcitool scan" sometimes
Details:
Kernel will crash when execute "hcitool scan" sometimes, especially execute this command for two times.
Bellow is the log:
--
Linux version 2.6.24.4-ADI-2008R2-pre-svn4569 (test@Linux165-ViviLi) (gcc version 4.1.2 (ADI svn)) 8
Warning: limiting memory to 56MB due to hardware anomaly 05000263
Board Memory: 64MB
Kernel Managed Memory: 64MB
Memory map:
fixedcode = 0x00000400-0x00000490
text = 0x00001000-0x001288a0
rodata = 0x001289e0-0x0017f790
bss = 0x0017f7a0-0x0018d684
data = 0x0018d684-0x001a2000
stack = 0x001a0000-0x001a2000
init = 0x001a2000-0x0052a000
available = 0x0052a000-0x037ff000
DMA Zone = 0x03f00000-0x04000000
Hardware Trace Active and Enabled
Reset caused by Software reset
Blackfin support (C) 2004-2008 Analog Devices, Inc.
Compiled for ADSP-BF537 Rev 0.2
Blackfin Linux support by blackfin.uclinux.org/
Processor Speed: 500 MHz core clock and 50 MHz System Clock
NOMPU: setting up cplb tables for global access
Instruction Cache Enabled
Data Cache Enabled (write-through)
Built 1 zonelists in Zone order, mobility grouping off. Total pages: 14224
Kernel command line: root=/dev/mtdblock0 rw console=ttyBF0,57600 ip=10.100.4.50:10.100.4.174:10.100f
Configuring Blackfin Priority Driven Interrupts
PID hash table entries: 256 (order: 8, 1024 bytes)
console [ttyBF0] enabled
Dentry cache hash table entries: 8192 (order: 3, 32768 bytes)
Inode-cache hash table entries: 4096 (order: 2, 16384 bytes)
Memory available: 51472k/65536k RAM, (3616k init code, 1182k kernel code, 486k data, 1024k dma, 775)
Blackfin Scratchpad data SRAM: 4 KB
Blackfin Data A SRAM: 16 KB (15 KB free)
Blackfin Data B SRAM: 16 KB (16 KB free)
Blackfin Instruction SRAM: 48 KB (41 KB free)
Security Framework initialized
Mount-cache hash table entries: 512
net_namespace: 64 bytes
NET: Registered protocol family 16
Blackfin GPIO Controller
Blackfin DMA Controller
stamp_init(): registering device resources
usbcore: registered new interface driver usbfs
usbcore: registered new interface driver hub
usbcore: registered new device driver usb
Bluetooth: Core ver 2.11
NET: Registered protocol family 31
Bluetooth: HCI device and connection manager initialized
Bluetooth: HCI socket layer initialized
NET: Registered protocol family 2
IP route cache hash table entries: 1024 (order: 0, 4096 bytes)
TCP established hash table entries: 2048 (order: 2, 16384 bytes)
TCP bind hash table entries: 2048 (order: 1, 8192 bytes)
TCP: Hash tables configured (established 2048 bind 2048)
TCP reno registered
io scheduler noop registered
io scheduler anticipatory registered (default)
io scheduler cfq registered
Serial: Blackfin serial driver
bfin-uart.1: ttyBF0 at MMIO 0xffc00400 (irq = 18) is a BFIN-UART
RAMDISK driver initialized: 16 RAM disks of 4096K size 1024 blocksize
bfin_mac_mdio: probed
bfin_mac: attached PHY driver [SMSC LAN83C185] (mii_bus:phy_addr=0:01, irq=-1, mdc_clk=2500000Hz(md)
bfin_mac bfin_mac.0: Blackfin on-chip Ethernet MAC driver, Version 1.1
bfin-spi bfin-spi.0: Blackfin BF5xx on-chip SPI Controller Driver, Version 1.0, regs_base@ffc00500,7
driver isp1362-hcd, 2005-04-04
isp1362-hcd isp1362-hcd.0: ISP1362 Host Controller
isp1362-hcd isp1362-hcd.0: new USB bus registered, assigned bus number 1
isp1362_hc_reset:
isp1362-hcd isp1362-hcd.0: irq 53, io mem 0x20360000
isp1362_hc_start:
isp1362-hcd isp1362-hcd.0: ISP1362 Memory usage:
isp1362-hcd isp1362-hcd.0: ISTL: 2 * 256: 512 @ $0000:$0100
isp1362-hcd isp1362-hcd.0: INTL: 16 * ( 64+8): 1152 @ $0200
isp1362-hcd isp1362-hcd.0: ATL : 32 * ( 64+8): 2304 @ $0680
isp1362-hcd isp1362-hcd.0: USED/FREE: 3968 128
usb usb1: configuration #1 chosen from 1 choice
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 2 ports detected
ISP1362 Host Controller, irq 53
sl811: driver sl811-hcd, 19 May 2005
rtc-bfin rtc-bfin: rtc core: registered rtc-bfin as rtc0
bfin-wdt: initialized: timeout=20 sec (nowayout=0)
Bluetooth: HCI USB driver ver 2.9
usb 1-2: new full speed USB device using isp1362-hcd and address 2
usb 1-2: configuration #1 chosen from 1 choice
usbcore: registered new interface driver hci_usb
usbcore: registered new interface driver usbhid
drivers/hid/usbhid/hid-core.c: v2.6:USB HID core driver
TCP cubic registered
NET: Registered protocol family 1
NET: Registered protocol family 17
Bluetooth: L2CAP ver 2.9
Bluetooth: L2CAP socket layer initialized
Bluetooth: SCO (Voice Link) ver 0.5
Bluetooth: SCO socket layer initialized
Bluetooth: RFCOMM socket layer initialized
Bluetooth: RFCOMM TTY layer initialized
Bluetooth: RFCOMM ver 1.8
Bluetooth: BNEP (Ethernet Emulation) ver 1.2
Bluetooth: BNEP filters: protocol multicast
Bluetooth: HIDP (Human Interface Emulation) ver 1.2
rtc-bfin rtc-bfin: setting system clock to 1970-01-01 00:08:42 UTC (522)
IP-Config: Complete:
device=eth0, addr=10.100.4.50, mask=255.255.255.0, gw=10.100.4.174,
host=BF537, domain=, nis-domain=(none),
bootserver=10.100.4.174, rootserver=10.100.4.174, rootpath=
Freeing unused kernel memory: 3616k freed
dma_alloc_init: dma_page @ 0x00527000 - 256 pages at 0x03f00000
_____________________________________
a8888b. / Welcome to the uClinux distribution \
d888888b. / _ _ \
8P"YP"Y88 / | | |_| __ __ (TM) |
8|o||o|88 _____/ | | _ ____ _ _ \ \/ / |
8' .88 \ | | | | _ \| | | | \ / |
8`._.' Y8. \ | |__ | | | | | |_| | / \ |
d/ `8b. \ \____||_|_| |_|\____|/_/\_\ |
dP . Y8b. \ For embedded processors including |
d8:' " `::88b \ the Analog Devices Blackfin /
d8" 'Y88b \___________________________________/
:8P ' :888
8a. : _a88P For further information, check out:
._/"Yaa_: .| 88P| - blackfin.uclinux.org/
\ YP" `| 8P `. - docs.blackfin.uclinux.org/
/ \.___.d| .' - www.uclinux.org/
`--..__)8888P`._.' jgs/a:f - www.analog.com/blackfin
Have a lot of fun...
BusyBox v1.10.0 (2008-04-10 18:02:15 CST) built-in shell (msh)
Enter 'help' for a list of built-in commands.
root:/> PHY: 0:01 - Link is Up - 100/Full
hciconfig hci0 up
root:/> hciconfig
hci0: Type: USB
BD Address: 00:10:60:D0:8C:41 ACL MTU: 384:8 SCO MTU: 64:8
UP RUNNING PSCAN ISCAN
RX bytes:354 acl:0 sco:0 events:12 errors:0
TX bytes:39 acl:0 sco:0 commands:11 errors:0
root:/>
root:/> hcitool scan
Scanning ...
00:1D:28:26:3C:A1 W580c
00:0F:DE:89:88:0B P910c
11:11:11:11:11:11 VLI-L01
root:/> hcitool scan
Scanning ...BUG: scheduling while atomic: hcitool/171/0x04010000
SEQUENCER STATUS: Not tainted
SEQSTAT: 00000000 IPEND: 0002 SYSCFG: 0006
HWERRCAUSE: 0x0
EXCAUSE : 0x0
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x002c4000> /* unknown address */
RETX: <0x033ce924> [ /lib/libuClibc-0.9.29.so + 0xe924 ]
RETS: <0x0003bf58> { _do_readv_writev + 0xe4 }
PC : <0x0005e9b8> { _inotify_inode_queue_event + 0x18 }
PROCESSOR STATE:
R0 : 00000000 R1 : 00000002 R2 : 00000000 R3 : 0051f96c
R4 : 00000003 R5 : 00000002 R6 : 00000001 R7 : 00000002
P0 : 00000000 P1 : 0051f914 P2 : 000000f0 P3 : 00301bd8
P4 : 00000092 P5 : 00291be4 FP : 00291cd4 SP : 002c3d34
LB0: ffa01856 LT0: ffa01856 LC0: 00000000
LB1: 000c408e LT1: 000c408a LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00000002
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00000000
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 0001f1a9 A0.x: 00000000 A1.w: 0000062d A1.x: 00000000
USP : 002fe860 ASTAT: 02002020
NULL pointer access (probably)
Kernel OOPS in progress
Deferred Exception context
Double Fault
Kernel OOPS in progress
Deferred Exception context
No Valid process in current context
return address: [0x00003a7e]; contents of:
0x00003a50: 61f9 a0a8 5408 0808 186d e140 0015 e100
0x00003a60: 4ed4 e300 51a1 3046 c682 0f98 4f6f 320f
0x00003a70: 6018 9109 5401 0c00 1007 0000 3211 [e410]
0x00003a80: 0030 0c00 1021 6d06 0127 e140 0015 e100
SEQUENCER STATUS: Not tainted
SEQSTAT: 00060027 IPEND: ffa00856 SYSCFG: 0006
HWERRCAUSE: 0x18
EXCAUSE : 0x27
physical IVG6 asserted : <0xffa00d4c> { _evt_timer + 0x0 }
physical IVG11 asserted : <0xffa00d94> { _evt_evt11 + 0x0 }
logical irq 6 mapped : <0xffa00364> { _timer_interrupt + 0x0 }
logical irq 18 mapped : <0x000953b0> { _bfin_serial_dma_rx_int + 0x0 }
logical irq 19 mapped : <0x00094ee8> { _bfin_serial_dma_tx_int + 0x0 }
logical irq 24 mapped : <0x0009e138> { _bfin_mac_interrupt + 0x0 }
logical irq 53 mapped : <0x000a6dd4> { _usb_hcd_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x002bf418> [ klogd + 0x1f418 ]
RETX: <0x00003a7e> { _dump_bfin_process + 0x52 }
RETS: <0x00003a66> { _dump_bfin_process + 0x3a }
PC : <0xffa00856> { _system_call + 0x22 }
DCPLB_FAULT_ADDR: <0x000000c0> /* Maybe null pointer? */
ICPLB_FAULT_ADDR: <0x00003a7e> { _dump_bfin_process + 0x52 }
PROCESSOR STATE:
R0 : 00000000 R1 : 00000000 R2 : 0000001f R3 : 0000001f
R4 : 00299bd8 R5 : 0000100d R6 : 00000003 R7 : 002be000
P0 : 0000000a P1 : 002be000 P2 : 00000000 P3 : 00299bd8
P4 : ffe02014 P5 : 002bf4f4 FP : 002bf6b8 SP : 002bf33c
LB0: 033def0a LT0: 033def0a LC0: 00000000
LB1: 033dcf7b LT1: 033dcf7a LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 002bfd40
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 033f5918
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000
USP : 002bfd7c ASTAT: 02003025
Kernel panic - not syncing: Double Fault - unrecoverable event
--
Follow-ups
--- Mike Frysinger 2008-04-21 04:55:55
i dont really know anything about bluetooth, and this is a crash in kernel space
--- Robin Getz 2008-04-21 10:42:11
Before Michael takes a look at the hcitool issue, I need to fix the double
fault.
Vivi:
The 2nd fault (which causes the double fault), is a EXCAUSE == 27, which is a
double DCPLB fault (read or write from 0).
Can you run "addr2line -f -e ./vmlinux 0x3a7e" this should tell me
which line of C code is causing the read of 0?
Thanks
-Robin
--- Robin Getz 2008-04-21 10:51:50
I think I saw it, and added a new check on trunk (which I will put in the branch
as soon as Vivi lets me know it gets rid of the double fault problem).
-Robin
--- Vivi Li 2008-04-22 02:21:21
Still gets double fault problem, bellow is the log:
--
root:/> hcitool scan
Scanning ...
BUG: scheduling while atomic: hcitool/169/0x04010000
SEQUENCER STATUS: Not tainted
SEQSTAT: 00000000 IPEND: 0002 SYSCFG: 0006
HWERRCAUSE: 0x0
EXCAUSE : 0x0
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x037c8000> /* unknown address */
RETX: <0x00226dd4> [ hcitool + 0x6d94 ]
RETS: <0x0003c1a0> { _do_readv_writev + 0xe4 }
PC : <0x0005ee80> { _inotify_inode_queue_event + 0xc }
PROCESSOR STATE:
R0 : 00000000 R1 : 00000002 R2 : 00000000 R3 : 033db474
R4 : 00000003 R5 : 0000000e R6 : 00000001 R7 : 00000002
P0 : 00000000 P1 : 033db41c P2 : 033db41c P3 : 00231b2c
P4 : 00000092 P5 : 001f50a4 FP : 037c7e34 SP : 037c7d34
LB0: ffa01856 LT0: ffa01856 LC0: 00000000
LB1: 000c481a LT1: 000c4816 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00000002
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00000000
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 0001f1a9 A0.x: 00000000 A1.w: 0000062d A1.x: 00000000
USP : 002319b8 ASTAT: 02002020
NULL pointer access (probably)
Kernel OOPS in progress
Deferred Exception context
No Valid process in current context
return address: [0xffa00856]; contents of:
0xffa00830: 0000 0010 e10a 2108 e14a ffe0 0023 9110
0xffa00840: b070 3107 b230 307e e106 e000 e146 ffff
0xffa00850: 55f7 3217 9152 [e716] 0076 e127 0166 3070
0xffa00860: 08be 1382 307e e106 e000 e146 ffff 55f7
SEQUENCER STATUS: Not tainted
SEQSTAT: 00000027 IPEND: 8030 SYSCFG: 0006
HWERRCAUSE: 0x0
EXCAUSE : 0x27
physical IVG15 asserted : <0xffa00db8> { _evt_system_call + 0x0 }
logical irq 6 mapped : <0xffa00364> { _timer_interrupt + 0x0 }
logical irq 18 mapped : <0x00095a74> { _bfin_serial_dma_rx_int + 0x0
}
logical irq 19 mapped : <0x000955a8> { _bfin_serial_dma_tx_int + 0x0
}
logical irq 24 mapped : <0x0009e814> { _bfin_mac_interrupt + 0x0 }
logical irq 53 mapped : <0x000a74d4> { _usb_hcd_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
Double Fault
Kernel OOPS in progress
Deferred Exception context
No Valid process in current context
return address: [0x00003d08]; contents of:
0x00003ce0: 0012 e120 01bc 304c 5081 0c42 180c 0000
0x00003cf0: e122 0100 a0d0 a091 b0f2 3056 6522 e302
0x00003d00: 38b3 3010 320c 914a [e512] 0027 0c42 1807
0x00003d10: 0000 0000 e411 001e 0a0f 142b a069 e428
SEQUENCER STATUS: Not tainted
SEQSTAT: 00060027 IPEND: ffa00856 SYSCFG: 0006
HWERRCAUSE: 0x18
EXCAUSE : 0x27
physical IVG6 asserted : <0xffa00d4c> { _evt_timer + 0x0 }
physical IVG11 asserted : <0xffa00d94> { _evt_evt11 + 0x0 }
logical irq 6 mapped : <0xffa00364> { _timer_interrupt + 0x0 }
logical irq 18 mapped : <0x00095a74> { _bfin_serial_dma_rx_int + 0x0
}
logical irq 19 mapped : <0x000955a8> { _bfin_serial_dma_tx_int + 0x0
}
logical irq 24 mapped : <0x0009e814> { _bfin_mac_interrupt + 0x0 }
logical irq 53 mapped : <0x000a74d4> { _usb_hcd_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x004e52f8> [ klogd + 0x652f8 ]
RETX: <0x00003d08> { _decode_address + 0x158 }
RETS: <0x00003bfe> { _decode_address + 0x4e }
PC : <0xffa00856> { _system_call + 0x22 }
DCPLB_FAULT_ADDR: <0x0000009c> /* Maybe null pointer? */
ICPLB_FAULT_ADDR: <0x00003d08> { _decode_address + 0x158 }
PROCESSOR STATE:
R0 : 000001bc R1 : 037d8080 R2 : 037d823c R3 : 0000ffff
R4 : 004e4000 R5 : 0000100d R6 : 00000001 R7 : 004e5720
P0 : 00196b50 P1 : 004e4000 P2 : 00000000 P3 : 005a2660
P4 : 037d8080 P5 : 0349e180 FP : 0018f154 SP : 004e521c
LB0: 0048c5e6 LT0: 0048c5e6 LC0: 00000000
LB1: 00084d4c LT1: 00084d42 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 004e54a0
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00000000
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 0000001b
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000
USP : 004e5eb8 ASTAT: 02002020
Kernel panic - not syncing: Double Fault - unrecoverable event
--
The result of run "addr2line -f -e ./vmlinux 0x3d08" is:
decode_address
/home/test/work/cruise/checkouts/uclinux-dist/linux-2.6.x/arch/blackfin/kernel/traps.c:142
--- Robin Getz 2008-04-22 10:15:08
Vivi - thanks.
Providing the addr2line of the kernel's ICPLB_FAULT_ADDR/RETX helps track down
the exact problem of the issue in minutes, and makes fixing it pretty painless.
We should try to do this in most of the bug kernel bug reports - I think it
would help alot.
I fixed the problem you found - Can you try it again and let me know where the
next problem is I'm sure there might be one or two more, as we don't really
run into problems where current is null very often, so we should take the time
to fix things while we have a reproducible test case.
Thanks again
Thanks.
--- Vivi Li 2008-04-22 23:52:00
Yeah, this addr2line tool is quite convenient to use. And I can see no double
fault now.
Bellow is the log:
--
root:/> hciconfig hci0 up
root:/> hcitool scan
Scanning ...
BUG: scheduling while atomic: hcitool/169/0x04010000
SEQUENCER STATUS: Not tainted
SEQSTAT: 00002000 IPEND: 0000 SYSCFG: 0006
HWERRCAUSE: 0x0
EXCAUSE : 0x0
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x00638000> /* unknown address */
RETX: <0x00a66dd4> [ hcitool + 0x6d94 ]
RETS: <0xffa008ba> { _system_call + 0x9a }
PC : <0xffa013f0> { _schedule + 0x0 }
PROCESSOR STATE:
R0 : 00a66dd4 R1 : 00000000 R2 : 00000000 R3 : 001af7d8
R4 : 0000fffe R5 : 00000003 R6 : ffffe000 R7 : 00000004
P0 : 00000000 P1 : 001af780 P2 : 000000f0 P3 : 00a71b2c
P4 : 00000092 P5 : 00636000 FP : 00a719c4 SP : 00637e3c
LB0: ffa01826 LT0: ffa01826 LC0: 00000000
LB1: 000c485a LT1: 000c4856 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00000002
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00000000
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 0001f1a9 A0.x: 00000000 A1.w: 0000062d A1.x: 00000000
USP : 00a719b8 ASTAT: 02002020
NULL pointer access (probably)
Kernel OOPS in progress
Deferred Exception context
No Valid process in current context
return address: [0x00000480]; contents of:
0x00000460: 9101 5401 9300 0010 0000 0000 0000 0000
0x00000470: 9101 5801 9300 0010 0000 0000 0000 0000
0x00000480: [0000] 0000 0000 0000 00a4 0000 0000 0000
0x00000490: 0000 0000 0000 0000 0000 0000 0000 0000
SEQUENCER STATUS: Not tainted
SEQSTAT: 00062027 IPEND: 8030 SYSCFG: 0006
HWERRCAUSE: 0x18
EXCAUSE : 0x27
physical IVG15 asserted : <0xffa00d88> { _evt_system_call + 0x0 }
logical irq 6 mapped : <0xffa00364> { _timer_interrupt + 0x0 }
logical irq 18 mapped : <0x00095ab4> { _bfin_serial_dma_rx_int + 0x0
}
logical irq 19 mapped : <0x000955d0> { _bfin_serial_dma_tx_int + 0x0
}
logical irq 24 mapped : <0x0009e854> { _bfin_mac_interrupt + 0x0 }
logical irq 53 mapped : <0x000a7514> { _usb_hcd_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x00be5720> [ klogd vma:0xb80000-0xbe6000]
RETX: <0x00000480> /* Maybe fixed code section */
RETS: <0xffa00dec> { _evt_system_call + 0x64 }
PC : <0xffa00842> { _system_call + 0x22 }
DCPLB_FAULT_ADDR: <0x000001d8> /* Maybe null pointer? */
ICPLB_FAULT_ADDR: <0xffa00842> { _system_call + 0x22 }
PROCESSOR STATE:
R0 : ffa00dec R1 : 00be58b0 R2 : 00be5824 R3 : 00000008
R4 : 00b997bc R5 : 00000002 R6 : ffffe000 R7 : 00be4000
P0 : 000000ae P1 : 0000001f P2 : 00000000 P3 : 00be5d68
P4 : 00be5df4 P5 : 00be58b0 FP : 00be5808 SP : 00be5644
LB0: 00b8c5e6 LT0: 00b8c5e6 LC0: 00000000
LB1: 00b8b5e5 LT1: 00b8b5e4 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00be5e78
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00bdb228
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000
USP : 00be5eb8 ASTAT: 02000000
Hardware Trace:
0 Target : <0x000045b4> { _trap_c + 0x0 }
Source : <0xffa006c6> { _exception_to_level5 + 0x9e }
1 Target : <0xffa00628> { _exception_to_level5 + 0x0 }
Source : <0xffa00582> { _ex_trap_c + 0x72 }
2 Target : <0xffa00510> { _ex_trap_c + 0x0 }
Source : <0xffa0039a> { _ex_workaround_261 + 0x22 }
3 Target : <0xffa00378> { _ex_workaround_261 + 0x0 }
Source : <0xffa00750> { _trap + 0x28 }
4 Target : <0xffa00728> { _trap + 0x0 }
Source : <0xffa004b2> { _bfin_return_from_exception + 0xe }
5 Target : <0xffa004a4> { _bfin_return_from_exception + 0x0 }
Source : <0xffa0038a> { _ex_workaround_261 + 0x12 }
6 Target : <0xffa00378> { _ex_workaround_261 + 0x0 }
Source : <0xffa00750> { _trap + 0x28 }
7 Target : <0xffa00728> { _trap + 0x0 }
Source : <0xffa00840> { _system_call + 0x20 }
8 Target : <0xffa00820> { _system_call + 0x0 }
Source : <0xffa00de8> { _evt_system_call + 0x60 }
9 Target : <0xffa00d88> { _evt_system_call + 0x0 }
Source : <0xffa00464> { _ex_syscall + 0x8 }
10 Target : <0xffa0045c> { _ex_syscall + 0x0 }
Source : <0xffa00750> { _trap + 0x28 }
11 Target : <0xffa00728> { _trap + 0x0 }
Source : <0x00b94f4c> [ klogd vma:0xb80000-0xbe6000]
12 Target : <0x00b94f40> [ klogd vma:0xb80000-0xbe6000]
Source : <0x00b920a4> [ klogd vma:0xb80000-0xbe6000]
13 Target : <0x00b92080> [ klogd vma:0xb80000-0xbe6000]
Source : <0x00b8c5f8> [ klogd vma:0xb80000-0xbe6000]
14 Target : <0x00b8c5c0> [ klogd vma:0xb80000-0xbe6000]
Source : <0x00b9207c> [ klogd vma:0xb80000-0xbe6000]
15 Target : <0x00b92054> [ klogd vma:0xb80000-0xbe6000]
Source : <0x00b88436> [ klogd vma:0xb80000-0xbe6000]
Stack from 00be5624:
00000000 ffa006ca ffa00c2c 00be4000 0000ffff 00000000 00000000
00000000
00000480 00008030 00062027 00000000 00be5720 00000480 ffa00842
ffa00dec
ffa00dec 02000000 00b8b5e5 00b8c5e6 00b8b5e4 00b8c5e6 00000000
00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000
00000000 00000000 00bdb228 00be5e78 00be5eb8 00be5808 00be58b0
00be5df4
Call Trace:
[<00008000>] _l1sram_proc_read+0x84/0x9c
[<00002000>] _get_sclk+0x10/0x58
[<00006666>] _module_frob_arch_sections+0x136/0x298
[<00004000>] _show_regs+0x224/0x368
[<001acaed>] _bfin_init_mmr_debugfs+0x1db1/0x7074
Modules linked in:
Kernel panic - not syncing: Kernel exception
--
--- Robin Getz 2008-04-23 16:30:00
Ok - since no more double faults (which were my fault), reassigning to Michael,
who can have a look at the Bluetooth problem.
-Robin
--- Michael Hennerich 2008-04-30 08:48:58
I can't reproduce this issue on my side.
Please attach config files.
-Michael
root:/> modprobe pehci
drivers/usb/host/pehcd/hal/hal_pxa.c: pid 8210, vid 8210
drivers/usb/host/pehcd/hal/hal_pxa.c: controller address 001ae3c8
drivers/usb/host/pehcd/hal/hal_pxa.c: isp1761_register_driver(drv=008fbdf0)
isp1761 isp1761.0: PHILIPS ISP1761
isp1761 isp1761.0: new USB bus registered, assigned bus number 1
isp1761 isp1761.0: irq 57, io mem 0x00000000
usb usb1: configuration #1 chosen from 1 choice
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 1 port detected
drivers/usb/host/pehcd/hal/hal_pxa.c: Registered Driver Philips
drivers/usb/host/pehcd/host/pehci.c: Host Driver has been Registered
root:/> usb 1-1: new high speed USB device using isp1761 and address 2
usb 1-1: configuration #1 chosen from 1 choice
hub 1-1:1.0: USB hub found
hub 1-1:1.0: 3 ports detected
usb 1-1.2: new full speed USB device using isp1761 and address 3
usb 1-1.2: configuration #1 chosen from 1 choice
root:/> hciconfig
hci0: Type: USB
BD Address: 00:00:00:00:00:00 ACL MTU: 0:0 SCO MTU: 0:0
DOWN
RX bytes:0 acl:0 sco:0 events:0 errors:0
TX bytes:0 acl:0 sco:0 commands:0 errors:0
root:/> hciconfig hcio up
root:/> hciconfig
hci0: Type: USB
BD Address: 00:10:60:D0:0E:B4 ACL MTU: 384:8 SCO MTU: 64:8
UP RUNNING PSCAN ISCAN
RX bytes:340 acl:0 sco:0 events:11 errors:0
TX bytes:39 acl:0 sco:0 commands:11 errors:0
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> hcitool scan
Scanning ...
00:16:41:09:6C:83 APELLKOF-L02
root:/> version
kernel: Linux release 2.6.24.5-ADI-2008R2-pre-svn4686, build #6458 Wed Apr
30 14:38:14 CEST 2008
toolchain: bfin-uclinux-gcc release gcc version 4.1.2 (ADI svn)
user-dist: release svn-6612, build #2218 Wed Apr 30 14:37:46 CEST 2008
root:/>
--- Vivi Li 2008-05-05 06:03:22
It seems more difficult to reproduce this bug now. I tried several times
myself.
I used isp1362 and BF537-STAMP v.2.1 here.
Kernel config and image is attached. Bellow is my latest test result.
--
isp1362-hcd isp1362-hcd.0: ISP1362 Host Controller
isp1362-hcd isp1362-hcd.0: new USB bus registered, assigned bus number 1
isp1362_hc_reset:
isp1362-hcd isp1362-hcd.0: irq 53, io mem 0x20360000
isp1362_hc_start:
isp1362-hcd isp1362-hcd.0: ISP1362 Memory usage:
isp1362-hcd isp1362-hcd.0: ISTL: 2 * 256: 512 @ $0000:$0100
isp1362-hcd isp1362-hcd.0: INTL: 16 * ( 64+8): 1152 @ $0200
isp1362-hcd isp1362-hcd.0: ATL : 32 * ( 64+8): 2304 @ $0680
isp1362-hcd isp1362-hcd.0: USED/FREE: 3968 128
usb usb1: configuration #1 chosen from 1 choice
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 2 ports detected
ISP1362 Host Controller, irq 53
sl811: driver sl811-hcd, 19 May 2005
rtc-bfin rtc-bfin: rtc core: registered rtc-bfin as rtc0
bfin-wdt: initialized: timeout=20 sec (nowayout=0)
Bluetooth: HCI USB driver ver 2.9
usb 1-2: new full speed USB device using isp1362-hcd and address 2
usb 1-2: configuration #1 chosen from 1 choice
usbcore: registered new interface driver hci_usb
usbcore: registered new interface driver usbhid
drivers/hid/usbhid/hid-core.c: v2.6:USB HID core driver
TCP cubic registered
NET: Registered protocol family 1
NET: Registered protocol family 17
Bluetooth: L2CAP ver 2.9
Bluetooth: L2CAP socket layer initialized
Bluetooth: SCO (Voice Link) ver 0.5
Bluetooth: SCO socket layer initialized
Bluetooth: RFCOMM socket layer initialized
Bluetooth: RFCOMM TTY layer initialized
Bluetooth: RFCOMM ver 1.8
Bluetooth: BNEP (Ethernet Emulation) ver 1.2
Bluetooth: BNEP filters: protocol multicast
Bluetooth: HIDP (Human Interface Emulation) ver 1.2
root:/> hciconfig hci0
hci0: Type: USB
BD Address: 00:00:00:00:00:00 ACL MTU: 0:0 SCO MTU: 0:0
DOWN
RX bytes:0 acl:0 sco:0 events:0 errors:0
TX bytes:0 acl:0 sco:0 commands:0 errors:0
root:/> hciconfig hci0 up
root:/> hciconfig hci0
hci0: Type: USB
BD Address: 00:10:60:D0:8C:41 ACL MTU: 384:8 SCO MTU: 64:8
UP RUNNING PSCAN ISCAN
RX bytes:354 acl:0 sco:0 events:12 errors:0
TX bytes:39 acl:0 sco:0 commands:11 errors:0
root:/> hcitool scan
Scanning ...
00:1D:98:A1:2B:AB Nokia N81
root:/> hcitool scan
Scanning ...
00:1D:98:A1:2B:AB Nokia N81
root:/> hcitool scan
Scanning ...
00:1D:98:A1:2B:AB Nokia N81
root:/> hciconfig hci0
hci0: Type: USB
BD Address: 00:10:60:D0:8C:41 ACL MTU: 384:8 SCO MTU: 64:8
UP RUNNING PSCAN ISCAN
RX bytes:1195 acl:0 sco:0 events:24 errors:0
TX bytes:94 acl:0 sco:0 commands:16 errors:0
root:/> hcitool scan
Scanning ...
00:1D:98:A1:2B:AB Nokia N81
root:/> hcitool scan
Scanning ...
00:1D:98:A1:2B:AB Nokia N81
root:/> hcitool scan
Scanning ..BUG: scheduling while atomic: hcitool/178/0x04010000
SEQUENCER STATUS: Not tainted
SEQSTAT: 00000000 IPEND: 0002 SYSCFG: 0006
HWERRCAUSE: 0x0
EXCAUSE : 0x0
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x00490000> /* unknown address */
RETX: <0x004a6dd4> [ hcitool + 0x6d94 ]
RETS: <0x0003c1e4> { _do_readv_writev + 0xe4 }
PC : <0x0005ee6c> { _inotify_inode_queue_event + 0x10 }
PROCESSOR STATE:
R0 : 00000000 R1 : 00000002 R2 : 00000000 R3 : 001bb18c
R4 : 00000003 R5 : 0000000e R6 : 00000001 R7 : 00000002
P0 : 00000000 P1 : 001bb134 P2 : 000000f0 P3 : 004b1b2c
P4 : 00000092 P5 : 00482be4 FP : 0048fe34 SP : 0048fd34
LB0: ffa01836 LT0: ffa01836 LC0: 00000000
LB1: 000c47a6 LT1: 000c47a2 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00000002
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 00000000
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 0001f1a9 A0.x: 00000000 A1.w: 0000062d A1.x: 00000000
USP : 004b19b8 ASTAT: 02002020
NULL pointer access (probably)
Kernel OOPS in progress
Deferred Exception context
No Valid process in current context
return address: [0xffa00852]; contents of:
0xffa00830: e10a 2108 e14a ffe0 0023 9110 b070 3107
0xffa00840: b230 307e e106 e000 e146 ffff 55f7 3217
0xffa00850: 9152 [e716] 0076 e127 0166 3070 08be 1382
0xffa00860: 307e e106 e000 e146 ffff 55f7 3217 a097
SEQUENCER STATUS: Not tainted
SEQSTAT: 00060027 IPEND: 8030 SYSCFG: 0006
HWERRCAUSE: 0x18
EXCAUSE : 0x27
physical IVG15 asserted : <0xffa00d98> { _evt_system_call + 0x0 }
logical irq 6 mapped : <0xffa00364> { _timer_interrupt + 0x0 }
logical irq 18 mapped : <0x00095648> { _bfin_serial_dma_rx_int + 0x0
}
logical irq 19 mapped : <0x000955b4> { _bfin_serial_dma_tx_int + 0x0
}
logical irq 24 mapped : <0x0009e790> { _bfin_mac_interrupt + 0x0 }
logical irq 53 mapped : <0x000a7450> { _usb_hcd_irq + 0x0 }
RETE: <0x00000000> /* Maybe null pointer? */
RETN: <0x00265720> [ klogd vma:0x200000-0x266000]
RETX: <0x00000480> /* Maybe fixed code section */
RETS: <0xffa00dfc> { _evt_system_call + 0x64 }
PC : <0xffa00852> { _system_call + 0x22 }
DCPLB_FAULT_ADDR: <0x000001d8> /* Maybe null pointer? */
ICPLB_FAULT_ADDR: <0xffa00852> { _system_call + 0x22 }
PROCESSOR STATE:
R0 : ffa00dfc R1 : 002658b0 R2 : 00265824 R3 : 00000008
R4 : 002197bc R5 : 00000002 R6 : ffffe000 R7 : 00264000
P0 : 000000ae P1 : 0000001f P2 : 00000000 P3 : 00265d68
P4 : 00265df4 P5 : 002658b0 FP : 00265808 SP : 00265644
LB0: 0020c5e6 LT0: 0020c5e6 LC0: 00000000
LB1: 0020b5e5 LT1: 0020b5e4 LC1: 00000000
B0 : 00000000 L0 : 00000000 M0 : 00000000 I0 : 00265e78
B1 : 00000000 L1 : 00000000 M1 : 00000000 I1 : 0025b330
B2 : 00000000 L2 : 00000000 M2 : 00000000 I2 : 00000000
B3 : 00000000 L3 : 00000000 M3 : 00000000 I3 : 00000000
A0.w: 00000000 A0.x: 00000000 A1.w: 00000000 A1.x: 00000000
USP : 00265eb8 ASTAT: 02000000
Hardware Trace:
0 Target : <0x000045bc> { _trap_c + 0x0 }
Source : <0xffa006d8> { _exception_to_level5 + 0x9c }
1 Target : <0xffa0063c> { _exception_to_level5 + 0x0 }
Source : <0xffa00596> { _ex_trap_c + 0x72 }
2 Target : <0xffa00524> { _ex_trap_c + 0x0 }
Source : <0xffa0039a> { _ex_workaround_261 + 0x22 }
3 Target : <0xffa00378> { _ex_workaround_261 + 0x0 }
Source : <0xffa00760> { _trap + 0x28 }
4 Target : <0xffa00738> { _trap + 0x0 }
Source : <0xffa004c6> { _bfin_return_from_exception + 0xe }
5 Target : <0xffa004b8> { _bfin_return_from_exception + 0x0 }
Source : <0xffa0038a> { _ex_workaround_261 + 0x12 }
6 Target : <0xffa00378> { _ex_workaround_261 + 0x0 }
Source : <0xffa00760> { _trap + 0x28 }
7 Target : <0xffa00738> { _trap + 0x0 }
Source : <0xffa00850> { _system_call + 0x20 }
8 Target : <0xffa00830> { _system_call + 0x0 }
Source : <0xffa00df8> { _evt_system_call + 0x60 }
9 Target : <0xffa00d98> { _evt_system_call + 0x0 }
Source : <0xffa00464> { _ex_syscall + 0x8 }
10 Target : <0xffa0045c> { _ex_syscall + 0x0 }
Source : <0xffa00760> { _trap + 0x28 }
11 Target : <0xffa00738> { _trap + 0x0 }
Source : <0x00214f4c> [ klogd vma:0x200000-0x266000]
12 Target : <0x00214f40> [ klogd vma:0x200000-0x266000]
Source : <0x002120a4> [ klogd vma:0x200000-0x266000]
13 Target : <0x00212080> [ klogd vma:0x200000-0x266000]
Source : <0x0020c5f8> [ klogd vma:0x200000-0x266000]
14 Target : <0x0020c5c0> [ klogd vma:0x200000-0x266000]
Source : <0x0021207c> [ klogd vma:0x200000-0x266000]
15 Target : <0x00212054> [ klogd vma:0x200000-0x266000]
Source : <0x00208436> [ klogd vma:0x200000-0x266000]
Stack from 00265624:
00000000 ffa006dc ffa00c3c 00264000 0000ffff 00000000 00000000
00000000
00000480 00008030 00060027 00000000 00265720 00000480 ffa00852
ffa00dfc
ffa00dfc 02000000 0020b5e5 0020c5e6 0020b5e4 0020c5e6 00000000
00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000
00000000 00000000 00000000 00000000 00000000 00000000 00000000
00000000
00000000 00000000 0025b330 00265e78 00265eb8 00265808 002658b0
00265df4
Call Trace:
[<00008000>] _l1sram_proc_read+0x68/0x9c
[<00003830>] _do_signal+0xbe0/0xcbc
[<00004000>] _show_regs+0x20c/0x368
Modules linked in:
Kernel panic - not syncing: Kernel exception
--
root:/> version
kernel: Linux release 2.6.24.5-ADI-2008R2-pre-svn4691, build #23 Sun May 4
05:26:24 CST 2008
toolchain: bfin-uclinux-gcc release gcc version 4.1.2 (ADI svn)
user-dist: release svn-6639, build #301 Sun May 4 05:25:32 CST 2008
--
--- Michael Hennerich 2008-05-13 12:28:15
Fixed.
Please try again.
-Michael
--- Vivi Li 2008-05-14 03:17:55
I try it several times and it doesn't crash now. So close it.
Files
Changes
Commits
Dependencies
Duplicates
Associations
Tags
File Name File Type File Size Posted By
linux.bluetooth.tar.gz application/x-gzip-compressed 5244948 Vivi Li
config.bluetooth text/plain 32165 Vivi Li