I am writing code for a linux kernel module that allocates space and stores some data in it, but the kmalloc allocation happens in the write function for the vfs api as i need the size of the buffer coming from the user application and i cannot access it outside the write function. where should i place the kfree() function? i cannot place it in under cleanup because it gives me an error whenever i try to uninstall the module.
ssize_t hcsr04_write(struct file *filp, const char *buffer, size_t length, loff_t * offset)
{
if (pulsecount < (5)){
pulseptr[pulsecount] = kmalloc(sizeof(buffer),GFP_ATOMIC);
sprintf (pulseptr[pulsecount],"%s",buffer);
pulsecount++;
}
else{
int j = 0;
while (j<4){
sprintf (pulseptr[j], "%s", (pulseptr[j+1]) ); // [5 , 20 , 30 , 70 , 50] ===> [20 , 30 , 70 , 50 , 50]
j++;
}
sprintf (pulseptr[4],"%s",buffer);
}
}
this is my write function.
static void __exit hcsr04_module_cleanup(void)
{
//if (pulseptr!= {NULL,NULL,NULL,NULL,NULL}){
kfree(pulseptr);
printk(KERN_INFO "Dynamic memory freed successfully.");
//}
//pulseptr = {NULL,NULL,NULL,NULL,NULL};
gpio_free( GPIO_OUT );
gpio_free( GPIO_IN );
hcsr04_lock = 0;
cdev_del(&hcsr04_cdev);
unregister_chrdev_region( hcsr04_dev, 1 );
kobject_put( hcsr04_kobject );
}
this is the cleanup function. if i execute rmmod command with the cleanup function like this i get the following error :
[ 93.294821] 8<--- cut here ---
[ 93.297928] Unable to handle kernel paging request at virtual address bcf03574
[ 93.305253] pgd = 3cdbb3d3
[ 93.307993] [bcf03574] *pgd=00000000
[ 93.311621] Internal error: Oops: 5 [#1] SMP ARM
[ 93.316301] Modules linked in: hcsr04(O-) nfc bnep bluetooth ecdh_generic ecc ipv6 hello(PO) g_serial libcomposite udc_core brcmfmac brcmutil sha256_generic libsha256 vc4 cfg80211 bcm2835_codec(C) rfkill bcm2835_isp(C) bcm2835_v4l2(C) v4l2_mem2mem cec bcm2835_mmal_vchiq(C) videobuf2_dma_contig snd_soc_core videobuf2_vmalloc videobuf2_memops videobuf2_v4l2 snd_compress snd_pcm_dmaengine videobuf2_common snd_pcm videodev snd_timer mc snd raspberrypi_hwmon vc_sm_cma(C) uio_pdrv_genirq uio fixed
[ 93.360563] CPU: 0 PID: 478 Comm: rmmod Tainted: P C O 5.4.72-v7 #1
[ 93.368060] Hardware name: BCM2835
[ 93.371516] PC is at kfree+0x48/0x2bc
[ 93.375235] LR is at hcsr04_module_cleanup+0x18/0xcac [hcsr04]
[ 93.381148] pc : [<802fd004>] lr : [<7f17a36c>] psr: 20010013
[ 93.387501] sp : b80abf08 ip : b80abf38 fp : b80abf34
[ 93.392797] r10: 00000081 r9 : b80aa000 r8 : 801011c4
[ 93.398095] r7 : 7f17a36c r6 : 7e92dc38 r5 : 7f17c000 r4 : bcf03570
[ 93.404713] r3 : bab24000 r2 : 00000024 r1 : 00000000 r0 : 7f17c000
[ 93.411333] Flags: nzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 93.418568] Control: 10c5383d Table: 38d5806a DAC: 00000055
[ 93.424394] Process rmmod (pid: 478, stack limit = 0x274b04e4)
[ 93.430307] Stack: (0xb80abf08 to 0xb80ac000)
[ 93.434728] bf00: 801c8158 80989110 7f17c0c0 00000000 7e92dc38 00000081
[ 93.443026] bf20: 801011c4 b80aa000 b80abf4c b80abf38 7f17a36c 802fcfc8 7f17c0c0 00000000
[ 93.451324] bf40: b80abfa4 b80abf50 801ca940 7f17a360 72736368 00003430 00000000 80da6b10
[ 93.459621] bf60: 80101068 7e92cbe8 00000000 801011c4 b80aa000 00000006 b80abfac b80abf88
[ 93.467918] bf80: 80228294 8022938c 00000000 80e05f88 00000000 7e92de2c 00000000 b80abfa8
[ 93.476216] bfa0: 80101000 801ca7e0 00000000 7e92de2c 01677694 00000800 6a0f1b00 7e92dbe4
[ 93.484513] bfc0: 00000000 7e92de2c 7e92dc38 00000081 7e92df1f 7e92dc34 01677190 00000001
[ 93.492811] bfe0: 004e1f70 7e92dbec 004c866f 76f37218 60010030 01677694 00000000 00000000
[ 93.501100] Backtrace:
[ 93.503593] [<802fcfbc>] (kfree) from [<7f17a36c>] (hcsr04_module_cleanup+0x18/0xcac [hcsr04])
[ 93.512331] r9:b80aa000 r8:801011c4 r7:00000081 r6:7e92dc38 r5:00000000 r4:7f17c0c0
[ 93.520195] [<7f17a354>] (hcsr04_module_cleanup [hcsr04]) from [<801ca940>] (sys_delete_module+0x16c/0x244)
[ 93.530073] r5:00000000 r4:7f17c0c0
[ 93.533704] [<801ca7d4>] (sys_delete_module) from [<80101000>] (ret_fast_syscall+0x0/0x28)
[ 93.542084] Exception stack(0xb80abfa8 to 0xb80abff0)
[ 93.547209] bfa0: 00000000 7e92de2c 01677694 00000800 6a0f1b00 7e92dbe4
[ 93.555507] bfc0: 00000000 7e92de2c 7e92dc38 00000081 7e92df1f 7e92dc34 01677190 00000001
[ 93.563801] bfe0: 004e1f70 7e92dbec 004c866f 76f37218
[ 93.568922] r5:7e92de2c r4:00000000
[ 93.572549] Code: e3a02024 e5933000 e1a04624 e0243492 (e5943004)
[ 93.578730] ---[ end trace cff8773499967501 ]---
the error goes away once i comment out kfree
I Realised what i did wrong. I shouldve done kfree(pulseptr[0]) where 0 can be the index number of the memory locations i have allocated.
I'm trying to the state of the PRM_RSTST register of my ARM Cortex A8 processor to find the reason of resets because WDIOC_GETBOOTSTATUS isn't implemented for my processor, a TI8148. I know for the datasheet that the offset/adress is supposed to be 0xA8. However if I try to read in in my kernel driver with __raw_readl(0xA8) I get a seg fault. The other idea I had was to use /dev/mem, however if I go in with devmem2 0xA8 I get
/dev/mem opened.Unhandled fault: Precise External Abort on non-linefetch (0x018) at 0x401270a8
Memory mapped at address 0x40127000.
Bus error (core dumped)
So I looked at the mapping of memory with cat /proc/iomem
00000000-00000000 : omap2-nand.0
08000000-08000003 : omap2-nand
20000000-2fffffff : pcie-nonprefetch
47400000-47400fff : usbss
47401000-474017ff : musb0
47401000-474017ff : musb0
47401800-47401fff : musb1
47401800-47401fff : musb1
48010000-480100ff : omap-iommu.1
48010000-480100ff : omap-iommu.1
48020000-48021fff : omap_uart.0
48020000-48021fff : omap_uart
48022000-48023fff : omap_uart.1
48022000-48023fff : omap_uart
48024000-48025fff : omap_uart.2
48024000-48025fff : omap_uart
48028000-48028fff : omap_i2c.1
48028000-48028fff : omap_i2c
4802a000-4802afff : omap_i2c.2
4802a000-4802afff : omap_i2c
48030100-480301ff : omap2_mcspi.1
48030100-480301ff : omap2_mcspi.1
48032000-48032fff : omap_gpio.0
48038000-4803afff : mcasp
48038000-4803afff : davinci-mcasp
4803c000-4803efff : mcasp
4803c000-4803efff : davinci-mcasp
4804c000-4804cfff : omap_gpio.1
48080000-48081fff : omap2_elm.1
48080000-48081fff : omap2_elm.1
480c0000-480c0fff : omap_rtc
480c0000-480c0fff : omap_rtc
480c8000-480c8143 : omap-mailbox
48105500-481058ff : ti81xxvin
48105a00-48105dff : ti81xxvin
481a0100-481a01ff : omap2_mcspi.2
481a0100-481a01ff : omap2_mcspi.2
481a2100-481a21ff : omap2_mcspi.3
481a2100-481a21ff : omap2_mcspi.3
481a4100-481a41ff : omap2_mcspi.4
481a4100-481a41ff : omap2_mcspi.4
481a6000-481a7fff : omap_uart.3
481a6000-481a7fff : omap_uart
481a8000-481a9fff : omap_uart.4
481a8000-481a9fff : omap_uart
481aa000-481abfff : omap_uart.5
481aa000-481abfff : omap_uart
481ac000-481acfff : omap_gpio.2
481ae000-481aefff : omap_gpio.3
481c7000-481c7fff : omap_wdt
481c7000-481c7fff : omap_wdt
481cc000-481cffff : d_can
481cc000-481cffff : d_can
481d8100-481e80ff : mmci-omap-hs.0
481d8100-481e80ff : mmci-omap-hs
49000000-49007fff : edma_cc0
49000000-49007fff : edma
49800000-498003ff : edma_tc0
49900000-499003ff : edma_tc1
49a00000-49a003ff : edma_tc2
49b00000-49b003ff : edma_tc3
4a100000-4a1007ff : cpsw.0
4a100000-4a1007ff : eth0
4a100800-4a1008ff : davinci_mdio.0
4a100800-4a1008ff : davinci_mdio.0
4a100900-4a1009ff : cpsw.0
4a100900-4a1009ff : eth0
4a140000-4a150fff : ahci.0
51000000-51003fff : pcie-regs
55082000-550820ff : omap-iommu.0
55082000-550820ff : omap-iommu.0
80000000-bfffffff : pcie-inbound0
80000000-917fffff : System RAM
80044000-8058cfff : Kernel text
8058e000-8061770f : Kernel data
bd000000-bf7fffff : System RAM
So apparently 0x40127000, where devmem2 wants to look isn't mapped.
So where do I find the register with offset 0xA8?
I wanted to write a simple PCI express driver for Xilinx FPGA. But I am not able to request memory region for PCI.
Question is: How to claim that I/O memory area for custom driver. I want to write 3. byte of that area using driver.
Below are the details. What am I missing ? Thanks
1-) I am getting this error:
[ 4.345350] Unable to handle kernel paging request for data at address 0x00000005
[ 4.353978] Faulting instruction address: 0x80000000002c9370
[ 4.358337] Oops: Kernel access of bad area, sig: 11 [#1]
[ 4.362426] BE SMP NR_CPUS=24 CoreNet Generic
[ 4.365477] Modules linked in: fpgapcie(O+) ucc_uart
[ 4.369139] CPU: 0 PID: 1999 Comm: udevd Tainted: G O 4.19.26+gc0c2141 #1
[ 4.375924] NIP: 80000000002c9370 LR: 80000000002c9350 CTR: c00000000053acfc
[ 4.381753] REGS: c0000001ee2bb1c0 TRAP: 0300 Tainted: G O (4.19.26+gc0c2141)
[ 4.389146] MSR: 000000008002b000 <CE,EE,FP,ME> CR: 22228242 XER: 20000000
[ 4.394982] DEAR: 0000000000000005 ESR: 0000000000800000 IRQMASK: 0
GPR00: 80000000002c9350 c0000001ee2bb440 80000000002d1f00 000000000000001a
GPR04: 0000000000000001 000000000000022d c000000000f30548 c000000001013000
GPR08: 00000001fec37000 0000000000000003 0000000000000000 0000000000000020
GPR12: 0000000028228444 c000000001013000 0000000000020000 000000013c323ac8
GPR16: 000000013c323ae0 80000000002cc000 c000000000a194b0 c0000001f0eaa1c0
GPR20: 00000000006000c0 c000000000ed9da0 0000000000000000 0000000000000100
GPR24: 000000000000001c 000000000f700000 c0000001f3034880 0000000000000000
GPR28: c0000001f337b800 00000000000000f7 c0000001f337b8a0 0000000000000000
2-) Code piece in PCI probe function:
static int pci_probe(struct pci_dev *dev, const struct pci_device_id *id)
{
int ret, minor;
struct cdev *cdev;
dev_t devno;
unsigned long pci_io_addr = 0;
/* add this pci device in pci_cdev */
if ((minor = pci_cdev_add(pci_cdev, MAX_DEVICE, dev)) < 0)
goto error;
/* compute major/minor number */
devno = MKDEV(major, minor);
/* allocate struct cdev */
cdev = cdev_alloc();
/* initialise struct cde
cdev_init(cdev, &pci_ops);
cdev->owner = THIS_MODULE;
/* register cdev */
ret = cdev_add(cdev, devno, 1);
if (ret < 0) {
dev_err(&(dev->dev), "Can't register character device\n");
goto error;
}
pci_cdev[minor].cdev = cdev;
dev_info(&(dev->dev), "%s The major device number is %d (%d).\n",
"Registeration is a success", MAJOR(devno), MINOR(devno));
dev_info(&(dev->dev), "If you want to talk to the device driver,\n");
dev_info(&(dev->dev), "you'll have to create a device file. \n");
dev_info(&(dev->dev), "We suggest you use:\n");
dev_info(&(dev->dev), "mknod %s c %d %d\n", DEVICE_NAME, MAJOR(devno), MINOR(devno));
dev_info(&(dev->dev), "The device file name is important, because\n");
dev_info(&(dev->dev), "the ioctl program assumes that's the\n");
dev_info(&(dev->dev), "file you'll use.\n");
/* enable the device */
pci_enable_device(dev);
/* 'alloc' IO to talk with the card */
if (pci_request_region(dev, BAR_IO, "IO-pci") == 0) {
printk(KERN_ALERT "The memory you requested from fpgapcie is already reserved by CORE pci driver.");
}
check that BAR_IO is *really* IO region
if ((pci_resource_flags(dev, BAR_IO) & IORESOURCE_IO) != IORESOURCE_IO) {
dev_err(&(dev->dev), "BAR2 isn't an IO region\n");
cdev_del(cdev);
goto error;
}
pci_io_addr = pci_resource_start(dev,BAR_IO);
printk(KERN_INFO "PCI start adress: %02X", &pci_io_addr);
outb(pci_io_addr+3, 5);
printk(KERN_INFO "Message from PCI device to user: 5");
return 1;
error:
printk(KERN_INFO "An error occuder while probing pci");
return 0;
}
3-) lspci -v output:
0001:01:00.0 Memory controller: Xilinx Corporation Device 7021
Subsystem: Xilinx Corporation Device 0007
Flags: bus master, fast devsel, latency 0, IRQ 41
Memory at c10000000 (32-bit, non-prefetchable) [size=2K]
Capabilities: [40] Power Management version 3
Capabilities: [48] MSI: Enable- Count=1/1 Maskable- 64bit+
Capabilities: [60] Express Endpoint, MSI 00
Capabilities: [100] Device Serial Number 00-00-00-01-01-00-0a-35
Kernel driver in use: yusufpci
Kernel modules: fpgapcie
4-) full dmesg:
[ 4.285663] Module pci init
[ 4.294787] yusufpci 0001:01:00.0: Registeration is a success The major device number is 247 (0).
[ 4.302367] yusufpci 0001:01:00.0: If you want to talk to the device driver,
[ 4.308116] yusufpci 0001:01:00.0: you'll have to create a device file.
[ 4.313516] yusufpci 0001:01:00.0: We suggest you use:
[ 4.317354] yusufpci 0001:01:00.0: mknod virtual_pci c 247 0
[ 4.321713] yusufpci 0001:01:00.0: The device file name is important, because
[ 4.327553] yusufpci 0001:01:00.0: the ioctl program assumes that's the
[ 4.332866] yusufpci 0001:01:00.0: file you'll use.
[ 4.336459] The memory you requested from fpgapcie is already reserved by CORE pci driver. This is not an error.
[ 4.336463] PCI start adress: EE2BB4B0
[ 4.345350] Unable to handle kernel paging request for data at address 0x00000005
[ 4.353978] Faulting instruction address: 0x80000000002c9370
[ 4.358337] Oops: Kernel access of bad area, sig: 11 [#1]
[ 4.362426] BE SMP NR_CPUS=24 CoreNet Generic
[ 4.365477] Modules linked in: fpgapcie(O+) ucc_uart
[ 4.369139] CPU: 0 PID: 1999 Comm: udevd Tainted: G O 4.19.26+gc0c2141 #1
[ 4.375924] NIP: 80000000002c9370 LR: 80000000002c9350 CTR: c00000000053acfc
[ 4.381753] REGS: c0000001ee2bb1c0 TRAP: 0300 Tainted: G O (4.19.26+gc0c2141)
[ 4.389146] MSR: 000000008002b000 <CE,EE,FP,ME> CR: 22228242 XER: 20000000
[ 4.394982] DEAR: 0000000000000005 ESR: 0000000000800000 IRQMASK: 0
GPR00: 80000000002c9350 c0000001ee2bb440 80000000002d1f00 000000000000001a
GPR04: 0000000000000001 000000000000022d c000000000f30548 c000000001013000
GPR08: 00000001fec37000 0000000000000003 0000000000000000 0000000000000020
GPR12: 0000000028228444 c000000001013000 0000000000020000 000000013c323ac8
GPR16: 000000013c323ae0 80000000002cc000 c000000000a194b0 c0000001f0eaa1c0
GPR20: 00000000006000c0 c000000000ed9da0 0000000000000000 0000000000000100
GPR24: 000000000000001c 000000000f700000 c0000001f3034880 0000000000000000
GPR28: c0000001f337b800 00000000000000f7 c0000001f337b8a0 0000000000000000
[ 4.453632] NIP [80000000002c9370] .pci_probe+0x220/0x2b4 [fpgapcie]
[ 4.458680] LR [80000000002c9350] .pci_probe+0x200/0x2b4 [fpgapcie]
[ 4.463639] Call Trace:
[ 4.464775] [c0000001ee2bb440] [80000000002c9350] .pci_probe+0x200/0x2b4 [fpgapcie] (unreliable)
[ 4.472262] [c0000001ee2bb500] [c0000000004b77c8] .pci_device_probe+0x11c/0x1f4
[ 4.478270] [c0000001ee2bb5a0] [c000000000561ebc] .really_probe+0x26c/0x38c
[ 4.483927] [c0000001ee2bb640] [c0000000005621ac] .driver_probe_device+0x78/0x154
[ 4.490106] [c0000001ee2bb6d0] [c0000000005623d8] .__driver_attach+0x150/0x154
[ 4.496025] [c0000001ee2bb760] [c00000000055f424] .bus_for_each_dev+0x94/0xdc
[ 4.501856] [c0000001ee2bb800] [c0000000005615fc] .driver_attach+0x24/0x38
[ 4.507426] [c0000001ee2bb870] [c000000000560ec8] .bus_add_driver+0x264/0x2a4
[ 4.513258] [c0000001ee2bb910] [c000000000563384] .driver_register+0x88/0x178
[ 4.519089] [c0000001ee2bb990] [c0000000004b5a68] .__pci_register_driver+0x50/0x64
[ 4.525355] [c0000001ee2bba00] [80000000002c9564] .pci_init_module+0xc0/0x444 [fpgapcie]
[ 4.532144] [c0000001ee2bba80] [c0000000000020b4] .do_one_initcall+0x64/0x224
[ 4.537978] [c0000001ee2bbb50] [c0000000000f443c] .do_init_module+0x70/0x260
[ 4.543722] [c0000001ee2bbbf0] [c0000000000f6564] .load_module+0x1e6c/0x2400
[ 4.549467] [c0000001ee2bbd10] [c0000000000f6d28] .__se_sys_finit_module+0xcc/0x100
[ 4.555819] [c0000001ee2bbe30] [c0000000000006b0] system_call+0x60/0x6c
[ 4.561127] Instruction dump:
[ 4.562785] e86a8080 38810070 f9210070 4800041d e8410028 e9210070 3d420000 e94a8088
[ 4.569231] 39290003 5529063e e94a0000 7c0004ac <992a0005> 39200001 3d420000 992d0684
[ 4.575854] ---[ end trace 2d15cff7ba1b3255 ]---
Problem solved. But when I write the third byte of Memory Mapped area, FPGA programmed to answer with lighting its GPIO leds. I tried to write first 15 byte of MMIO but it did not work. The leds did not lighted. But the code stopped giving errors.
I also cannot read the bytes on MMIO space using readb() function. It's
giving
unrecoverable machine check error
Problem solved using this code.
pci_request_regions(dev, "fpgapcie");
pci_io_startaddr = pci_resource_start(dev,BAR_IO);
pci_io_endaddr = pci_resource_end(dev,BAR_IO);
pci_io_size = pci_resource_len(dev,BAR_IO);
printk(KERN_INFO "Region start: %lX, Region end: %lX, Size: % lX",pci_io_startaddr,pci_io_endaddr,pci_io_size);
pci_io_addr = ioremap(pci_io_startaddr, pci_io_endaddr);
printk(KERN_INFO "PCI start adress: %lX", pci_io_addr);
for(i = 0;i<15;i++) /* Write first 15 byte */
{
writeb(2, pci_io_addr+i);
printk(KERN_INFO "%lX, Message from PCI device to user: 2", pci_io_addr+i);
}
and the dmesg output:
fpgapcie: loading out-of-tree module taints kernel.
fpgapcie 0001:01:00.0: Registeration is a success The major device number is 247 (0).
fpgapcie 0001:01:00.0: If you want to talk to the device driver,
fsl-fman-port ffe488000.port fm1-gb0: renamed from eth0
fpgapcie 0001:01:00.0: you'll have to create a device file.
fpgapcie 0001:01:00.0: We suggest you use:
fpgapcie 0001:01:00.0: mknod virtual_pci c 247 0
fpgapcie 0001:01:00.0: The device file name is important, because
fpgapcie 0001:01:00.0: the ioctl program assumes that's the
fpgapcie 0001:01:00.0: file you'll use.
Region start: 210000000, Region end: 2100007FF, Size: 800
PCI start adress: 8000080088900000
8000080088900000, Message from PCI device to user: 2
8000080088900001, Message from PCI device to user: 2
8000080088900002, Message from PCI device to user: 2
8000080088900003, Message from PCI device to user: 2
8000080088900004, Message from PCI device to user: 2
8000080088900005, Message from PCI device to user: 2
8000080088900006, Message from PCI device to user: 2
8000080088900007, Message from PCI device to user: 2
8000080088900008, Message from PCI device to user: 2
8000080088900009, Message from PCI device to user: 2
800008008890000A, Message from PCI device to user: 2
800008008890000B, Message from PCI device to user: 2
800008008890000C, Message from PCI device to user: 2
800008008890000D, Message from PCI device to user: 2
800008008890000E, Message from PCI device to user: 2
I want to reserve a page in physical memory so that kernel will not allocate it for anything else. Standard solution is to use memmap. I defined it in my uboot parameter (memmap=4K$0xA4D000) but it is not taking effect. I have verified full argument passed to the kernel from /proc/commandline. Is there any kernel configuration that needs to be enabled?
*uname -a
Linux hostname 3.12.19-rt30 #5 SMP Thu Sep 1 23:23:49 IST 2016 ppc64 GNU/Linux*
*cat /proc/cmdline
root=/dev/mtdblock9 rw rootfstype=jffs2 init=/init siq_board_type=CU_200103 default_hugepagesz=256m hugepagesz=256m hugepages=1 usdpaa_mem=256M bportals=s0 qportals=s0 isolcpus=1,2,3,4,7 DEBUG_MODE=y memmap=4K$0xA4D000 memblock=debug console=ttyS1,115200 HOSTNAME=airv_cu PRIPART=4 ip=10.208.26.101:10.204.1.3:10.208.26.254:255.255.255.0:airv_cu:eth0:off panic=1*
cat /proc/iomem
00000000-bfffffff : System RAM
fe8000000-fefffffff : fe8000000.nor
ffe008000-ffe008fff : mpc85xx_mc_err
ffe009000-ffe009fff : mpc85xx_mc_err
ffe11c500-ffe11c507 : serial
ffe11c600-ffe11c607 : serial
ffe11d500-ffe11d507 : serial
ffe11d600-ffe11d607 : serial
ffe1e0000-ffe1e07ff : rman-inbound-block0
ffe1e0b00-ffe1e0fff : rman-uio
ffe1e1000-ffe1e17ff : rman-inbound-block1
ffe1e2000-ffe1e27ff : rman-inbound-block2
ffe1e3000-ffe1e37ff : rman-inbound-block3
ffe400000-ffe4fffff : fman
ffe400000-ffe47ffff : fman-muram
ffe482000-ffe482fff : fman-port-hc
ffe483000-ffe483fff : fman-port-hc
ffe484000-ffe484fff : fman-port-hc
ffe485000-ffe485fff : fman-port-hc
ffe486000-ffe486fff : fman-port-hc
ffe487000-ffe487fff : fman-port-hc
ffe488000-ffe488fff : fman-port-hc
ffe489000-ffe489fff : fman-port-hc
ffe48a000-ffe48afff : fman-port-hc
ffe48b000-ffe48bfff : fman-port-hc
ffe48c000-ffe48cfff : fman-port-hc
ffe48d000-ffe48dfff : fman-port-hc
ffe490000-ffe490fff : fman-port-hc
ffe491000-ffe491fff : fman-port-hc
ffe4a8000-ffe4a8fff : fman-port-hc
ffe4a9000-ffe4a9fff : fman-port-hc
ffe4aa000-ffe4aafff : fman-port-hc
ffe4ab000-ffe4abfff : fman-port-hc
ffe4ac000-ffe4acfff : fman-port-hc
ffe4ad000-ffe4adfff : fman-port-hc
ffe4b0000-ffe4b0fff : fman-port-hc
ffe4b1000-ffe4b1fff : fman-port-hc
ffe4dc000-ffe4dcfff : fman-vsp
ffe4e0000-ffe4e0fff : mac
ffe4e2000-ffe4e2fff : mac
ffe4e4000-ffe4e4fff : mac
ffe4e6000-ffe4e6fff : mac
ffe4fe000-ffe4fefff : fman-rtc
On a ARM Cortex-A9 (Freescale iMX6SL) running Linux kernel 3.0.35, I am seeing a kernel oops with PC and LR (0x402aca32/0x402ac3cd) that is in user space. Mode is USER_32 and ISA is Thumb. There is no code on this system that executes in Thumb mode.
[ 597.195954] Unable to handle kernel paging request at virtual address 000a34d4
[ 597.205436] pgd = c35dc000
[ 597.208149] [000a34d4] *pgd=8c454831, *pte=8374c1cf, *ppte=8374ca3e
[ 597.214657] Internal error: Oops: 81f [#1] PREEMPT
[ 597.219609] Modules linked in: ...<snip>...
[ 597.243075] CPU: 0 Tainted: P W (3.0.35-aaaaaa #1)
[ 597.249162] PC is at 0x402aca32
[ 597.252304] LR is at 0x402ac3cd
[ 597.255448] pc : [<402aca32>] lr : [<402ac3cd>] psr: 60000030
[ 597.255453] sp : be8fc220 ip : 00000000 fp : 00000809
[ 597.266940] r10: 00000004 r9 : 40336ea0 r8 : 00000818
[ 597.272168] r7 : 4034c25c r6 : 00011b31 r5 : 00001250 r4 : 000a2cc8
[ 597.278698] r3 : 00000000 r2 : 000a34d0 r1 : 00011b30 r0 : 00000809
[ 597.285229] Flags: nZCv IRQs on FIQs on Mode USER_32 ISA Thumb Segment user
[ 597.292629] Control: 10c53c7d Table: 835dc059 DAC: 00000015
[ 597.298378] Process wancontrol (pid: 7551, stack limit = 0xce9f02e8)
[ 597.307890] ---[ end trace f50414d2a3d239df ]---
[ 597.312516] Kernel panic - not syncing: Fatal exception in interrupt
[ 597.325257] Backtrace:
[ 597.327567] [<c0135248>] (dump_backtrace+0x0/0x110) from [<c041e188>] (dump_stack+0x18/0x1c)
[ 597.336837] r6:c3088d20 r5:ce9f02e8 r4:c0537b48 r3:00000002
[ 597.342382] [<c041e170>] (dump_stack+0x0/0x1c) from [<c041e200>] (panic+0x74/0x194)
[ 597.350794] [<c041e18c>] (panic+0x0/0x194) from [<c01355b0>] (die+0x1a4/0x1e4)
[ 597.358402] r3:07ffff00 r2:ce9f1db8 r1:c0537f90 r0:c04ac8ba
[ 597.364044] r7:00000000
[ 597.366591] [<c013540c>] (die+0x0/0x1e4) from [<c013a7b0>] (__do_kernel_fault+0x6c/0x8c)
[ 597.375465] r8:00000000 r7:ce9f1fb0 r6:cee35900 r5:0000081f r4:000a34d4
[ 597.382060] [<c013a744>] (__do_kernel_fault+0x0/0x8c) from [<c013aa90>] (do_page_fault+0x2c0/0x2f0)
[ 597.391760] r8:cee35900 r7:000a34d4 r6:c3088d20 r5:ce9f1fb0 r4:00000001
[ 597.398438] r3:ce9f1fb0
[ 597.400909] [<c013a7d0>] (do_page_fault+0x0/0x2f0) from [<c012c1b8>] (do_DataAbort+0x38/0xa0)
[ 597.410178] [<c012c180>] (do_DataAbort+0x0/0xa0) from [<c0131a88>] (ret_from_exception+0x0/0x10)
[ 597.419298] Exception stack(0xce9f1fb0 to 0xce9f1ff8)
[ 597.424664] 1fa0: 00000809 00011b30 000a34d0 00000000
[ 597.434300] 1fc0: 000a2cc8 00001250 00011b31 4034c25c 00000818 40336ea0 00000004 00000809
[ 597.442488] 1fe0: 00000000 be8fc220 402ac3cd 402aca32 60000030 ffffffff
[ 597.455455] r8:00000818 r7:4034c25c r6:00011b31 r5:0000000f r4:0000040f
If code was executing in user space, it should get SEGV.
void arm_notify_die(const char *str, struct pt_regs *regs,
struct siginfo *info, unsigned long err, unsigned long trap)
{
if (user_mode(regs)) {
current->thread.error_code = err;
current->thread.trap_no = trap;
force_sig_info(info->si_signo, info, current);
} else {
die(str, regs, err);
}
}
Why does it go into die()?
This happens repeatedly with the same backtrace for the same address 0x000a34d4. I can't say the stack has been hosed because the values look the same in different instances of this kernel oops.