Re: Fatal kernel mode data abort: 'Translation Fault (S)'

To: Jun Ebihara <jun%soum.co.jp@localhost>
Subject: Re: Fatal kernel mode data abort: 'Translation Fault (S)'
From: Takahiro HAYASHI <t-hash%abox3.so-net.ne.jp@localhost>
Date: Tue, 08 Oct 2013 18:33:52 +0900

Hi,

I sent PR about this problem, but that mail has been deferred
more than 14 hours prolly due to greylisting.

--- from here
>Submitter-Id:  net
>Originator:    
>Organization:
>Confidential:  no
>Synopsis:      panic when attaching vcaudio on raspberry pi
>Severity:      non-critical
>Priority:      low
>Category:      port-ebvarm
>Class:         sw-bug
>Release:       NetBSD 6.99.24
>Environment:
System: NetBSD rpi 6.99.24 NetBSD 6.99.24 (MYRPI) #13: Mon Oct  7 16:00:16 JST 
2013  root@halt:/usr/build2/obj.evbarm/sys/arch/evbarm/compile/MYRPI evbarm
Architecture: arm
Machine: evbarm
>Description:
        Kernel panics when attaching vcaudio at boot on Raspberry Pi.

        The vchiq code uses curlwp pointer as client_id instead of pid,
        then client_id is now expressed as 11 digits in signed decimal
        (e.g. -1045735424 in my rpi).
        In function vchiq_use_internal() this client_id is sprintf'ed
        into slightly short buffer. The buffer is enough large to put
        5 digits pid number but is not for 11 digits lwp pointer.
        This may break other variable on stack.

>How-To-Repeat:
        install recent (after 2013.09.19.15.13.43) kernel.img and boot
>Fix:
        In functions vchiq_use_internal and vchiq_release_internal
        - enlarge buffer entity[] enough to store whole strings
        - use snprintf
--- end


On Mon, 07 Oct 2013 23:51:15 +0900 (JST)
Jun Ebihara <jun%soum.co.jp@localhost> wrote:

> fetch from nyftp, NetBSD-6.99.24-evbarm-arm-201310061640Z.iso
> rpi.img boot failed.
> 
>  :
> root file system type: ffs
> vchiq: local ver 6 (min 3), remote ver 6.
> vcaudio0 at vchiq0: AUDS
> WARNING: no TOD clock present
> WARNING: using filesystem time
> WARNING: CHECK AND RESET THE DATE!
> 
> uvm_fault(0xc04b1c24, 0, 1) -> e
> Fatal kernel mode data abort: 'Translation Fault (S)'
> trapframe: 0xca66cd68
> FSR=00000005, FAR=00000010, spsr=80000153
> r0 =0000000c, r1 =00000003, r2 =03000000, r3 =ca66ce40
> r4 =00000000, r5 =00000000, r6 =0000000c, r7 =c15d98b4
> r8 =c15c140c, r9 =00000000, r10=00000018, r11=ca66ce20
> r12=ca66ce24, ssp=ca66cdb8, slr=c02d74cc, pc =c02d54f8
> 
> Stopped in pid 0.36 (system) at netbsd:queue_message+0x2c:      ldr     r2, 
> [r4,
>  #0x010]
> db> bt
> 0xca66ce20: netbsd:queue_message+0xc
> 0xca66ce60: netbsd:vchiq_open_service_internal+0x70
> 0xca66ce84: netbsd:vchiq_open_service+0xa8
> 0xca66ceb8: netbsd:vchi_service_open+0x78
> 0xca66cf2c: netbsd:vcaudio_attach+0x1bc
> 0xca66cf58: netbsd:config_attach_loc+0x19c
> 0xca66cf70: netbsd:config_found_ia+0x2c
> 0xca66cf94: netbsd:vchiq_defer+0x64
> 0xca66cfac: netbsd:config_mountroot_thread+0x48
> db> 
> 
> --
> Jun Ebihara

Follow-Ups:
- Re: Fatal kernel mode data abort: 'Translation Fault (S)'
  - From: Jun Ebihara

References:
- Fatal kernel mode data abort: 'Translation Fault (S)'
  - From: Jun Ebihara

Prev by Date: Re: Raspberry Pi installation comments
Next by Date: Re: iMX233/OLinuXino status update
Previous by Thread: Fatal kernel mode data abort: 'Translation Fault (S)'
Next by Thread: Re: Fatal kernel mode data abort: 'Translation Fault (S)'
Indexes:

Home | Main Index | Thread Index | Old Index