[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: MMU Bus fault



Hi

Herewith a second simulation of the same problem. In stead of writing
directly to the port I access the port through a program. BULK is disabled
as mentioned in the earlier post.

I still get a double oops, but in this case can not decode the fist oops.


=====================================================
Here's the oopses:

# usb-host.c: (CTRL) Adding ctrl urb 0xc0cbd820 to empty list, epid 2
usb-host.c: (CTRL) Transfer for epid 2 is OUT
usb-host.c: (CTRL) This OUT transfer has an extra data stage
Unable to handle kernel access at virtual address 00188000
Oops: 0000
IRP: c0000086 SRP: 00081cd0 DCCR: 000004a4 USP: 9ffffe7c MOF: 00000000
 r0: 00189e0c  r1: 00081ca0   r2: 001897b4  r3: 00085f54
 r4: 000815f2  r5: 00082714   r6: 00082fe0  r7: 00081c32
 r8: 00000000  r9: 00000003  r10: 00000000 r11: 00000000
r12: 00000fff r13: 000875a8 oR10: 00000000
R_MMU_CAUSE: 0018903d
Process klogd (pid: 117, stackpage=c0d00000)

Stack from 9ffffe7c:
       000875a8 000821c4 00000000 3562be60 00081d0e 00000002 00080d94
35567088
       9ffffed4 3562fe74 35582c42 00000000 00000000 00000000 00000000
00000000
       000812c0 35566b14 000812ec 0008354c 3555e7a8 9ffffed0 9fffff77
9fffff87
Call Trace:
Stack from c0d01ea0:
       c00085a6 c0d01fe8 c005bf0a c005c068 00000000 00000000 c0d01fe8
c0d00000
       c00edd7c 00000000 c0d01fa4 c005c12e <1>Unable to handle kernel NULL
pointer dereference<1>Unable to handle kernel NULL pointer
dereference<1>Unable to handle kernel NULL pointer dereferenceusb-host.c:
(CTRL) Completing ctrl epid 2, urb 0xc0cbd820
Unable to handle kernel NULL pointer dereference at virtual address 00000000
Oops: 0000
IRP: c0005f56 SRP: c007782e DCCR: 00000484 USP: 9ffffe7c MOF: 00000000
 r0: c0c01ddc  r1: 00000000   r2: c0c01ddc  r3: c0cbd834
 r4: 00000010  r5: c0eb8500   r6: 00000002  r7: 00000000
 r8: c0d01838  r9: 00000004  r10: c0c01ddc r11: 00000003
r12: 00000001 r13: c0cbd838 oR10: c0c01ddc
R_MMU_CAUSE: 0000103d
Process klogd (pid: 117, stackpage=c0d00000)

Stack from 9ffffe7c:
       000875a8 000821c4 00000000 3562be60 00081d0e 00000002 00080d94
35567088
       9ffffed4 3562fe74 35582c42 00000000 00000000 00000000 00000000
00000000
       000812c0 35566b14 000812ec 0008354c 3555e7a8 9ffffed0 9fffff77
9fffff87
Call Trace:
Stack from c0d016b8:
       c00085a6 c0d01800 c005bf0a c005c068 00000003 00000000 00000010
c0d00000
       c00edd7c 00000000 c0d017bc c005c12e 00000000 c0d017bc c00085a6
c005e476
       c0d01838 00000000 00000002 c0eb8500 00000010 c0cbd834 c0cfe000
c0d017bc
Call Trace: [<c00085a6>] [<c005bf0a>] [<c005c068>] [<c005c12e>] [<c00085a6>]
[<c005e476>] [<d01700c0>]
       [<c00085a6>] [<d017d500>] [<d01755c0>] [<d01780c0>] [<c005e250>]
[<c005bd22>] [<c007782e>] [<c0005f56>]
       [<de690010>] [<c00191c6>] [<c00085a6>] [<c007782e>] [<c008c0d4>]
[<c008cbcc>] [<c008b378>] [<c005cb8e>]
       [<c005c9fa>] [<c005c996>] [<c005cb7c>] [<c005c996>] [<c00083ba>]
[<c005dd26>] [<c00083ba>] [<c0008534>]
       [<c000841a>] [<c0008530>] [<c000878c>] [<c00086e2>] [<c00085a6>]
[<c005e45c>] [<d01a5500>] [<d019d5c0>]
       [<d01a00c0>] [<c000d464>] [<c000a948>] [<c000a884>] [<c000a678>]
[<c005cbbc>] [<c005e250>] [<c005bd22>]
       [<c00087dc>] [<c0005f56>] [<de690110>] [<c0008534>] [<c00087dc>]
[<c00086e2>] [<c00085a6>] [<c005e45c>]
       [<d01b80c0>] [<c000d464>] [<c000a948>] [<c000a884>] [<c000a678>]
[<c005cbbc>] [<c005e250>] [<c005bd22>]
       [<c00087dc>] [<c0005f56>] [<de690110>] [<c0008534>] [<c00087dc>]
[<c00086e2>] [<c00085a6>] [<c005e45c>]
       [<c000d844>] [<c000d464>] [<c000a948>] [<c000a884>] [<c005e250>]
[<c005bd22>] [<c00087dc>] [<c0005f56>]
       [<de690110>] [<c0008534>] [<c00087dc>] [<c00086e2>] [<c005be8e>]
[<c005bf7a>] [<c005c12e>] [<c00085a6>]
       [<c005bf0a>] [<c005c068>] [<c005c12e>] [<c00085a6>] [<c005e476>]
[<c008e4ae>] [<c008e650>] [<c00202dc>]
       [<c005e250>] [<c005bd22>] [<c005bd62>]
Code: 3c a1 6c 9e 2a 20 0f 05 04 61 69 de (e9) cb 6c 96 e9 6f e9 db ed cb 6f
9e
Kernel panic: Aiee, killing interrupt handler!
In interrupt handler - not syncing



======================================================
Here's the decode of the 2nd oops.
 more debug.log
ksymoops 2.4.9 on i586 2.4.20-8.  Options used
     -v os/linux/vmlinux (specified)
     -K (specified)
     -L (specified)
     -O (specified)
     -m os/linux/System.map (specified)

Reading Oops report from the terminal
Unable to handle kernel access at virtual address 00188000
Oops: 0000
IRP: c0000086 SRP: 00081cd0 DCCR: 000004a4 USP: 9ffffe7c MOF: 00000000
Using defaults from ksymoops -t elf32-i386 -a i386
 r0: 00189e0c  r1: 00081ca0   r2: 001897b4  r3: 00085f54
 r4: 000815f2  r5: 00082714   r6: 00082fe0  r7: 00081c32
 r8: 00000000  r9: 00000003  r10: 00000000 r11: 00000000
r12: 00000fff r13: 000875a8 oR10: 00000000
Process klogd (pid: 117, stackpage=c0d00000)
Stack from 9ffffe7c:
       000875a8 000821c4 00000000 3562be60 00081d0e 00000002 00080d94
35567088
       9ffffed4 3562fe74 35582c42 00000000 00000000 00000000 00000000
00000000
       000812c0 35566b14 000812ec 0008354c 3555e7a8 9ffffed0 9fffff77
9fffff87
Call Trace:
Stack from c0d01ea0:
       c00085a6 c0d01fe8 c005bf0a c005c068 00000000 00000000 c0d01fe8
c0d00000
       c00edd7c 00000000 c0d01fa4 c005c12e <1>Unable to handle kernel NULL
point
er dereference<1>Unable to handle kernel NULL pointer dereference<1>Unable
to ha
ndle kernel NULL pointer dereferenceusb-host.c: (CTRL) Completing ctrl epid
2, u
rb 0xc0cbd820
Unable to handle kernel NULL pointer dereference at virtual address 00000000
Oops: 0000
IRP: c0005f56 SRP: c007782e DCCR: 00000484 USP: 9ffffe7c MOF: 00000000
 r0: c0c01ddc  r1: 00000000   r2: c0c01ddc  r3: c0cbd834
 r4: 00000010  r5: c0eb8500   r6: 00000002  r7: 00000000
 r8: c0d01838  r9: 00000004  r10: c0c01ddc r11: 00000003
r12: 00000001 r13: c0cbd838 oR10: c0c01ddc
Process klogd (pid: 117, stackpage=c0d00000)
Stack from 9ffffe7c:
       000875a8 000821c4 00000000 3562be60 00081d0e 00000002 00080d94
35567088
       9ffffed4 3562fe74 35582c42 00000000 00000000 00000000 00000000
00000000
       000812c0 35566b14 000812ec 0008354c 3555e7a8 9ffffed0 9fffff77
9fffff87
Call Trace:
Stack from c0d016b8:
       c00085a6 c0d01800 c005bf0a c005c068 00000003 00000000 00000010
c0d00000
       c00edd7c 00000000 c0d017bc c005c12e 00000000 c0d017bc c00085a6
c005e476
       c0d01838 00000000 00000002 c0eb8500 00000010 c0cbd834 c0cfe000
c0d017bc
Call Trace: [<c00085a6>] [<c005bf0a>] [<c005c068>] [<c005c12e>] [<c00085a6>]
[<c
005e476>] [<d01700c0>]
       [<c00085a6>] [<d017d500>] [<d01755c0>] [<d01780c0>] [<c005e250>]
[<c005bd
22>] [<c007782e>] [<c0005f56>]
       [<de690010>] [<c00191c6>] [<c00085a6>] [<c007782e>] [<c008c0d4>]
[<c008cb
cc>] [<c008b378>] [<c005cb8e>]
       [<c005c9fa>] [<c005c996>] [<c005cb7c>] [<c005c996>] [<c00083ba>]
[<c005dd
26>] [<c00083ba>] [<c0008534>]
       [<c000841a>] [<c0008530>] [<c000878c>] [<c00086e2>] [<c00085a6>]
[<c005e4
5c>] [<d01a5500>] [<d019d5c0>]
       [<d01a00c0>] [<c000d464>] [<c000a948>] [<c000a884>] [<c000a678>]
[<c005cb
bc>] [<c005e250>] [<c005bd22>]
       [<c00087dc>] [<c0005f56>] [<de690110>] [<c0008534>] [<c00087dc>]
[<c00086
e2>] [<c00085a6>] [<c005e45c>]
       [<d01b80c0>] [<c000d464>] [<c000a948>] [<c000a884>] [<c000a678>]
[<c005cb
bc>] [<c005e250>] [<c005bd22>]
       [<c00087dc>] [<c0005f56>] [<de690110>] [<c0008534>] [<c00087dc>]
[<c00086
e2>] [<c00085a6>] [<c005e45c>]
       [<c000d844>] [<c000d464>] [<c000a948>] [<c000a884>] [<c005e250>]
[<c005bd
22>] [<c00087dc>] [<c0005f56>]
       [<de690110>] [<c0008534>] [<c00087dc>] [<c00086e2>] [<c005be8e>]
[<c005bf
7a>] [<c005c12e>] [<c00085a6>]
       [<c005bf0a>] [<c005c068>] [<c005c12e>] [<c00085a6>] [<c005e476>]
[<c008e4
ae>] [<c008e650>] [<c00202dc>]
       [<c005e250>] [<c005bd22>] [<c005bd62>]
Code: 3c a1 6c 9e 2a 20 0f 05 04 61 69 de (e9) cb 6c 96 e9 6f e9 db ed cb 6f
9e


>>EIP; c0000086 <ibr_start+86/2000>   <=====

>>IRP; c0000086 <ibr_start+86/2000>
>>IRP; c0000086 <ibr_start+86/2000>

>>EIP; c0005f56 <__wake_up+48/94>   <=====

>>IRP; c0005f56 <__wake_up+48/94>
>>SRP; c007782e <usb_api_blocking_completion+16/18>
>>IRP; c0005f56 <__wake_up+48/94>
>>SRP; c007782e <usb_api_blocking_completion+16/18>
>>r0; c0c01ddc <_end+a2f1fc/e2d420>
>>r2; c0c01ddc <_end+a2f1fc/e2d420>
>>r3; c0cbd834 <_end+aeac54/e2d420>
>>r5; c0eb8500 <_end+ce5920/e2d420>
>>r8; c0d01838 <_end+b2ec58/e2d420>
>>r10; c0c01ddc <_end+a2f1fc/e2d420>
>>r13; c0cbd838 <_end+aeac58/e2d420>
>>oR10; c0c01ddc <_end+a2f1fc/e2d420>

Trace; c00085a6 <printk+0/14e>
Trace; c005bf0a <show_stack+0/8a>
Trace; c005c068 <show_registers+d4/13a>
Trace; c005c12e <die_if_kernel+34/46>
Trace; c00085a6 <printk+0/14e>
Trace; c005e476 <do_page_fault+222/2cc>
Trace; d01700c0 <END_OF_CODE+f1700c0/????>
Trace; c00085a6 <printk+0/14e>
Trace; d017d500 <END_OF_CODE+f17d500/????>
Trace; d01755c0 <END_OF_CODE+f1755c0/????>
Trace; d01780c0 <END_OF_CODE+f1780c0/????>
Trace; c005e250 <handle_mmu_bus_fault+b0/b4>
Trace; c005bd22 <mmu_bus_fault+28/30>
Trace; c007782e <usb_api_blocking_completion+16/18>
Trace; c0005f56 <__wake_up+48/94>
Trace; de690010 <END_OF_CODE+1d690010/????>
Trace; c00191c6 <kfree+0/38>
Trace; c00085a6 <printk+0/14e>
Trace; c007782e <usb_api_blocking_completion+16/18>
Trace; c008c0d4 <etrax_usb_complete_ctrl_urb+154/180>
Trace; c008cbcc <etrax_usb_complete_urb+2a/4a>
Trace; c008b378 <etrax_usb_rx_interrupt+33e/46a>
Trace; c005cb8e <do_IRQ+54/86>
Trace; c005c9fa <sIRQ25_interrupt+18/2e>
Trace; c005c996 <sIRQ24_interrupt+18/2e>
Trace; c005cb7c <do_IRQ+42/86>
Trace; c005c996 <sIRQ24_interrupt+18/2e>
Trace; c00083ba <__call_console_drivers+3e/4a>
Trace; c005dd26 <console_write+1a6/1a8>
Trace; c00083ba <__call_console_drivers+3e/4a>
Trace; c0008534 <emit_log_char+0/72>
Trace; c000841a <_call_console_drivers+54/58>
Trace; c0008530 <call_console_drivers+112/116>
Trace; c000878c <release_console_sem+3e/92>
Trace; c00086e2 <printk+13c/14e>
Trace; c00085a6 <printk+0/14e>
Trace; c005e45c <do_page_fault+208/2cc>
Trace; d01a5500 <END_OF_CODE+f1a5500/????>
Trace; d019d5c0 <END_OF_CODE+f19d5c0/????>
Trace; d01a00c0 <END_OF_CODE+f1a00c0/????>
Trace; c000d464 <timer_bh+a0/a4>
Trace; c000a948 <bh_action+24/58>
Trace; c000a884 <tasklet_hi_action+62/80>
Trace; c000a678 <do_softirq+58/9c>
Trace; c005cbbc <do_IRQ+82/86>
Trace; c005e250 <handle_mmu_bus_fault+b0/b4>
Trace; c005bd22 <mmu_bus_fault+28/30>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c0005f56 <__wake_up+48/94>
Trace; de690110 <END_OF_CODE+1d690110/????>
Trace; c0008534 <emit_log_char+0/72>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c00086e2 <printk+13c/14e>
Trace; c00085a6 <printk+0/14e>
Trace; c005e45c <do_page_fault+208/2cc>
Trace; d01b80c0 <END_OF_CODE+f1b80c0/????>
Trace; c000d464 <timer_bh+a0/a4>
Trace; c000a948 <bh_action+24/58>
Trace; c000a884 <tasklet_hi_action+62/80>
Trace; c000a678 <do_softirq+58/9c>
Trace; c005cbbc <do_IRQ+82/86>
Trace; c005e250 <handle_mmu_bus_fault+b0/b4>
Trace; c005bd22 <mmu_bus_fault+28/30>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c0005f56 <__wake_up+48/94>
Trace; de690110 <END_OF_CODE+1d690110/????>
Trace; c0008534 <emit_log_char+0/72>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c00086e2 <printk+13c/14e>
Trace; c00085a6 <printk+0/14e>
Trace; c005e45c <do_page_fault+208/2cc>
Trace; c000d844 <run_timer_list+e6/142>
Trace; c000d464 <timer_bh+a0/a4>
Trace; c000a948 <bh_action+24/58>
Trace; c000a884 <tasklet_hi_action+62/80>
Trace; c005e250 <handle_mmu_bus_fault+b0/b4>
Trace; c005bd22 <mmu_bus_fault+28/30>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c0005f56 <__wake_up+48/94>
Trace; de690110 <END_OF_CODE+1d690110/????>
Trace; c0008534 <emit_log_char+0/72>
Trace; c00087dc <release_console_sem+8e/92>
Trace; c00086e2 <printk+13c/14e>
Trace; c005be8e <show_trace+16/8e>
Trace; c005bf7a <show_stack+70/8a>
Trace; c005c12e <die_if_kernel+34/46>
Trace; c00085a6 <printk+0/14e>
Trace; c005bf0a <show_stack+0/8a>
Trace; c005c068 <show_registers+d4/13a>
Trace; c005c12e <die_if_kernel+34/46>
Trace; c00085a6 <printk+0/14e>
Trace; c005e476 <do_page_fault+222/2cc>
Trace; c008e4ae <sock_sendmsg+6e/84>
Trace; c008e650 <sock_write+82/88>
Trace; c00202dc <sys_write+f4/fc>
Trace; c005e250 <handle_mmu_bus_fault+b0/b4>
Trace; c005bd22 <mmu_bus_fault+28/30>
Trace; c005bd62 <IRQ1_interrupt+0/2c>

Code;  c0005f4a <__wake_up+3c/94>
00000000 <_EIP>:
Code;  c0005f4a <__wake_up+3c/94>
   0:   3c a1                     cmp    $0xa1,%al
Code;  c0005f4c <__wake_up+3e/94>
   2:   6c                        insb   (%dx),%es:(%edi)
Code;  c0005f4d <__wake_up+3f/94>
   3:   9e                        sahf
Code;  c0005f4e <__wake_up+40/94>
   4:   2a 20                     sub    (%eax),%ah
Code;  c0005f50 <__wake_up+42/94>
   6:   0f 05                     syscall
Code;  c0005f52 <__wake_up+44/94>
   8:   04 61                     add    $0x61,%al
Code;  c0005f54 <__wake_up+46/94>   <=====
   a:   69 de e9 cb 6c 96         imul   $0x966ccbe9,%esi,%ebx   <=====
Code;  c0005f5a <__wake_up+4c/94>
  10:   e9 6f e9 db ed            jmp    eddbe984 <_EIP+0xeddbe984>
Code;  c0005f5f <__wake_up+51/94>
  15:   cb                        lret
Code;  c0005f60 <__wake_up+52/94>
  16:   6f                        outsl  %ds:(%esi),(%dx)
Code;  c0005f61 <__wake_up+53/94>
  17:   9e                        sahf

Regards
Cedric



----- Original Message -----
From: "Orjan Friberg" <orjan.friberg@xxxxxxx.com>
To: "oss" <oss@xxxxxxx.za>
Cc: <cedric.stevens@xxxxxxx.com>
Sent: Tuesday, May 11, 2004 11:21 AM
Subject: Re: MMU Bus fault


> oss wrote:
> > Hi Orjan
> >
> > Thanks for the feedback.
> >
> > I am using the off-the-shelf devboard82_1-91 environment with a devboard
82 device. It's using the linux 2.4.22 kernel with only the standard axis
patches.
> >
> > The usb host controller seem to be version 1.19 as from the bootlog:
> > usb-host.c: ETRAX 100LX USB-HCD $Revision: 1.19 $ (c) 2001-2003 Axis
Communications AB
> >
> > Yes, I'm writing to a usb-serial converter. Booting is fine, but the
system PANICs when you write to the port, for example /dev/ttyUSB0
>
> Would you mind analyzing a couple of more oopses (with ksymoops, just
> like you did last time - I assume you used the options -v
> os/linux/vmlinux -K -L -O -m os/linux/System.map)?  The last stack dump
> looked a bit suspicious, as it seemed like there was an oops inside an
> oops (two occurences of die_if_kernel/show_registers/show_stack).
>
> Also, try defining USB_DEBUG_BULK and USB_DEBUG_CTRL in
> os/linux/arch/cris/drivers/usb-host.c and send the output.  It might
> reveal something.
>
> --
> Orjan Friberg
> Axis Communications
>
>