A program containing the following fragment can crash an ARM1136 system 
with a Data Abort in the kernel:

	struct arm_sync_icache_args a;

	a.addr = malloc(PAGE_SIZE * 3);
	a.len = PAGE_SIZE * 3;
	sysarch(ARM_SYNC_ICACHE, &a);

The ARMv6 Virtually Indexed Physically Tagged cache maintenance system 
control coprocessor instructions that invalidate lines based on Modified 
Virtual Addresses throw Data Abort exceptions for virtual addresses not 
mapped in the PTE.  On previous VIVT cache revisions of the 
architecture, a PTE lookup was not necessary, and so callers that synced 
cache lines in pages not actually written did not incur this problem.

One workaround is to have the syscall version invalidate the entire 
cache (another popular UNIX variant does this a lot due to ARM1136 
errata).  Or invalidate based on set/way (which at 4KB ways means 
invalidating a whole lotta cache).  Or figure out the cause of the 
kernel Data Abort and either send the process a SIGSEGV or skip faulting 
instructions (or fix up address range and restart for MCRR range 
instructions).

I'll send a patch for one of those options if nobody raises any 
objections or alternate suggestions.  Thanks,


-- 
Todd