<div dir="ltr"><div><div><div>Hi All, </div>What I found is UnwrapExtMemoryCallBack() function from eurasia_km\services4\srvkm\common\devicemem.c always calls omap_gem_put_pages(), however just before the crash it calls omap_gem_put_paddr() and it crashes in it due to NULL pointer dereference of &obj->dev->struct_mutex. instead of omap_gem_put_pages(). Does this gives any clue on what might be going wrong? What OMAP_BO_TILED_MASK signifies? See the function below: static PVRSRV_ERROR UnwrapExtMemoryCallBack(IMG_PVOID pvParam, IMG_UINT32 ui32Param, IMG_BOOL bDummy) { PVRSRV_KERNEL_MEM_INFO *psMemInfo = (PVRSRV_KERNEL_MEM_INFO *)pvParam; #if defined(SUPPORT_DRI_DRM_EXTERNAL) IMG_BOOL bPhysContig = (IMG_BOOL)ui32Param; struct drm_gem_object *buf = BM_GetGEM(psMemInfo->sMemBlk.hBuffer); #endif PVRSRV_ERROR err = FreeMemCallBackCommon(psMemInfo, ui32Param, PVRSRV_FREE_CALLBACK_ORIGIN_ALLOCATOR); PVR_UNREFERENCED_PARAMETER(bDummy); #if defined(SUPPORT_DRI_DRM_EXTERNAL) if (buf) { if (omap_gem_flags(buf) & OMAP_BO_TILED_MASK) { omap_gem_put_paddr(buf); } else { if (bPhysContig) { omap_gem_put_paddr(buf); } else { omap_gem_put_pages(buf); } } } #endif /* SUPPORT_DRI_DRM_EXTERNAL */ return err; } </div>Thanks & Regards, </div>Vikash <div><div><div> </div></div></div></div><div class="gmail_extra"> <div class="gmail_quote">On Mon, Dec 1, 2014 at 7:38 PM, Vikas Patil <<a href="mailto:vikasmpatil@gmail.com" target="_blank">vikasmpatil@gmail.com</a>> wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Hi, </div>I am running camera capture application (based on omap iss, v4l2, videobuf2-dma-contig, x11, gles2) on customized OMAP5 board with 3.8 kernel and rootfs based on GLSDK 6.04.00.02. However within 12 to 30 minutes it crashes with following trace. </div><div>I have reverted Link 1 patch from omap_gem.c and integrated link 2 patch to fix another crash I was observing </div><div>Link1: <a href="http://git.omapzoom.org/?p=kernel/omap.git;a=commitdiff;h=f968e920452aa3061fb1dfff1a55a55f8af60dde;hp=1bca805f90dc31eac5a2093074cf70fe1b806f55" target="_blank">http://git.omapzoom.org/?p=kernel/omap.git;a=commitdiff;h=f968e920452aa3061fb1dfff1a55a55f8af60dde;hp=1bca805f90dc31eac5a2093074cf70fe1b806f55</a> </div><div>Link2: <a href="http://omapzoom.org/?p=kernel/omap.git;a=commitdiff;h=0f88f7ca8283f9407a17f150968c6fc1a980231c;hp=0421a5efd6e44bb29e3abe2dc80b4b2564083df9" target="_blank">http://omapzoom.org/?p=kernel/omap.git;a=commitdiff;h=0f88f7ca8283f9407a17f150968c6fc1a980231c;hp=0421a5efd6e44bb29e3abe2dc80b4b2564083df9</a> </div><div>Could anyone give some inputs/suggestion to understand and fix this crash? How should I start debugging it? </div><div>Regards & Thanks, </div><div>Vikash </div><div> </div>Crash log: [ 114.055145] systemd[1]: Converting job network.service/restart -> network.service/start [ 114.061676] Unable to handle kernel NULL pointer dereference at virtual address 00000014 [ 114.061676] pgd = 80004000 [ 114.061676] [00000014] *pgd=00000000 [ 114.061676] Internal error: Oops: 17 [#1] PREEMPT SMP ARM [ 114.061706] Modules linked in: omap5_iss ov10635 videobuf2_dma_contig tc358746xbg ser913q_de914q sd8xxx(O) mlan(PO) omapdrm_pvr(O) [ 114.061706] CPU: 0 Tainted: P O (3.8.13 #14) [ 114.061737] PC is at mutex_lock+0x1c/0x58 [ 114.061737] LR is at omap_gem_put_paddr+0x24/0xb8 [ 114.061737] pc : [<804c4ff0>] lr : [<80324a80>] psr: 00000013 [ 114.061737] sp : ef0b9e10 ip : ef0b9e28 fp : ef0b9e24 [ 114.061737] r10: 00000000 r9 : 00000000 r8 : 8073ef0c [ 114.061737] r7 : ee9653c0 r6 : 00000000 r5 : 00000000 r4 : 00000014 [ 114.061767] r3 : f0000000 r2 : 0001d838 r1 : 60000013 r0 : 00000014 [ 114.061767] Flags: nzcv IRQs on FIQs on Mode SVC_32 ISA ARM Segment kernel [ 114.061767] Control: 10c5387d Table: ecd3406a DAC: 00000015 [ 114.061767] Process kworker/u:0 (pid: 6, stack limit = 0xef0b8240) [ 114.061767] Stack: (0xef0b9e10 to 0xef0ba000) [ 114.061767] 9e00: f0000000 ecfe5300 ef0b9e3c ef0b9e28 [ 114.061798] 9e20: 80324a80 804c4fe0 ecfe5300 00000000 ef0b9e5c ef0b9e40 7f009e44 80324a68 [ 114.061798] 9e40: 7f009de0 ee965b00 00000001 00000000 ef0b9e84 ef0b9e60 7f014d88 7f009dec [ 114.061798] 9e60: 7f04711c ecd40854 eeb55340 ee965b00 00000000 ecf68880 ef0b9e9c ef0b9e88 [ 114.061798] 9e80: 7f0155b4 7f014d4c ee9653c0 7f0268a0 ef0b9ebc ef0b9ea0 7f009314 7f01555c [ 114.061798] 9ea0: 00000000 ee965420 807bbaa4 7f0092e0 ef0b9edc ef0b9ec0 803244e0 7f0092ec [ 114.061828] 9ec0: ef0661c0 ee965420 8073ee00 ef2aca00 ef0b9f24 ef0b9ee0 80058198 803244ac [ 114.061828] 9ee0: ef0661c0 8073ef0c ef0b8000 ef0661c0 8073ef0c 00000000 8073ee00 ef0661c0 [ 114.061828] 9f00: 8073ef0c ef0b8000 8073ee00 ef0661d4 8073ef0c 8073ef0c ef0b9f5c ef0b9f28 [ 114.061828] 9f20: 80058808 80057f2c 00000000 ef0661c0 80058590 ef0a5e58 00000000 ef0661c0 [ 114.061828] 9f40: 80058590 00000000 00000000 00000000 ef0b9fac ef0b9f60 800600d4 8005859c [ 114.061828] 9f60: 00102d58 00000000 ef0b9f94 ef0661c0 00000000 00000000 ef0b9f78 ef0b9f78 [ 114.061859] 9f80: 00000000 00000000 ef0b9f88 ef0b9f88 ef0a5e58 80060018 00000000 00000000 [ 114.061859] 9fa0: 00000000 ef0b9fb0 8000ee18 80060024 00000000 00000000 00000000 00000000 [ 114.061859] 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 114.061859] 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 40c04a08 00412274 [ 114.061859] Backtrace: [ 114.061889] [<804c4fd4>] (mutex_lock+0x0/0x58) from [<80324a80>] (omap_gem_put_paddr+0x24/0xb8) [ 114.061889] r4:ecfe5300 r3:f0000000 [ 114.061920] [<80324a5c>] (omap_gem_put_paddr+0x0/0xb8) from [<7f009e44>] (UnwrapExtMemoryCallBack+0x64/0x74 [omapdrm_pvr]) [ 114.061920] r5:00000000 r4:ecfe5300 [ 114.061981] [<7f009de0>] (UnwrapExtMemoryCallBack+0x0/0x74 [omapdrm_pvr]) from [<7f014d88>] (FreeResourceByPtr+0x48/0xe8 [omapdrm_pvr]) [ 114.061981] r6:00000000 r5:00000001 r4:ee965b00 r3:7f009de0 [ 114.062042] [<7f014d40>] (FreeResourceByPtr+0x0/0xe8 [omapdrm_pvr]) from [<7f0155b4>] (ResManFreeResByPtr+0x64/0x80 [omapdrm_pvr]) [ 114.062042] r6:ecf68880 r5:00000000 r4:ee965b00 [ 114.062072] [<7f015550>] (ResManFreeResByPtr+0x0/0x80 [omapdrm_pvr]) from [<7f009314>] (async_unmap+0x34/0x54 [omapdrm_pvr]) [ 114.062103] r5:7f0268a0 r4:ee9653c0 [ 114.062103] [<7f0092e0>] (async_unmap+0x0/0x54 [omapdrm_pvr]) from [<803244e0>] (notify_worker+0x40/0x48) [ 114.062133] r6:7f0092e0 r5:807bbaa4 r4:ee965420 r3:00000000 [ 114.062133] [<803244a0>] (notify_worker+0x0/0x48) from [<80058198>] (process_one_work+0x278/0x488) [ 114.062133] r7:ef2aca00 r6:8073ee00 r5:ee965420 r4:ef0661c0 [ 114.062164] [<80057f20>] (process_one_work+0x0/0x488) from [<80058808>] (worker_thread+0x278/0x398) [ 114.062164] [<80058590>] (worker_thread+0x0/0x398) from [<800600d4>] (kthread+0xbc/0xcc) [ 114.062164] [<80060018>] (kthread+0x0/0xcc) from [<8000ee18>] (ret_from_fork+0x14/0x20) [ 114.062194] r7:00000000 r6:00000000 r5:80060018 r4:ef0a5e58 [ 114.062194] Code: e52de004 e8bd4000 e1a04000 f57ff05f (e1903f9f) [ 114.062194] ---[ end trace 2441b1bbdffd41ef ]--- [ 114.062286] Unable to handle kernel paging request at virtual address ffffffec [ 114.062286] pgd = 80004000 [ 114.062286] [ffffffec] *pgd=ef7fe821, *pte=00000000, *ppte=00000000 [ 114.062286] Internal error: Oops: 17 [#2] PREEMPT SMP ARM [ 114.062316] Modules linked in: omap5_iss ov10635 videobuf2_dma_contig tc358746xbg ser913q_de914q sd8xxx(O) mlan(PO) omapdrm_pvr(O) [ 114.062316] CPU: 0 Tainted: P D O (3.8.13 #14) [ 114.062316] PC is at kthread_data+0x18/0x20 [ 114.062316] LR is at wq_worker_sleeping+0x1c/0xac [ 114.062347] pc : [<800605c8>] lr : [<80058a54>] psr: 00000193 [ 114.062347] sp : ef0b9ae0 ip : ef0b9af0 fp : ef0b9aec [ 114.062347] r10: 00000000 r9 : ef0a17fc r8 : 806b5740 [ 114.062347] r7 : ef0a1878 r6 : 00000000 r5 : 8901a740 r4 : ef0a1680 [ 114.062347] r3 : 00000000 r2 : 00000001 r1 : 00000000 r0 : ef0a1680 [ 114.062347] Flags: nzcv IRQs off FIQs on Mode SVC_32 ISA ARM Segment user [ 114.062347] Control: 10c5387d Table: ecd3406a DAC: 00000015 [ 114.062347] Process kworker/u:0 (pid: 6, stack limit = 0xef0b8240) [ 114.062377] Stack: (0xef0b9ae0 to 0xef0ba000) [ 114.062377] 9ae0: ef0b9b0c ef0b9af0 80058a54 800605bc 0420806c ef0a1680 8901a740 ef0b8000 [ 114.062377] 9b00: ef0b9bac ef0b9b10 804c5b68 80058a44 ee95b64c 80247ec4 60000113 000dd53c [ 114.062377] 9b20: ef0a17fc ef0a1678 804c6280 806b5740 80116e80 804c1b2c ee95b640 ee95b64c [ 114.062377] 9b40: 00000001 60000113 ef0a17fc ef0a1678 ef0b9b7c ef0b9b60 80247ec4 80116d6c [ 114.062408] 9b60: ee95b640 00000000 ee95b64c 60000113 ef0b9b9c ef0b9b80 80247f90 80247e30 [ 114.062408] 9b80: ee95b640 ef0a1680 00000001 ef0b9a4c 00000001 ef0a17fc ef0a17fc ef0a1678 [ 114.062408] 9ba0: ef0b9bbc ef0b9bb0 804c6280 804c5a70 ef0b9bec ef0b9bc0 80040998 804c61f8 [ 114.062408] 9bc0: 0000000b 804c4ff2 ef0b9c3a ef0a1844 13661366 ef0b9bd0 8003ae8c 804c4ff0 [ 114.062408] 9be0: ef0b9c6c ef0b9bf0 80013b58 8004013c ef0b8240 0000000b 80004000 805cd484 [ 114.062408] 9c00: 60000113 00000000 65000028 65643235 20343030 64623865 30303034 61316520 [ 114.062438] 9c20: 30303430 35662030 30666637 28206635 30393165 66396633 80002029 804bffb8 [ 114.062438] 9c40: 805e282a 00000014 00000017 00000000 ef0b9dc8 00000000 00000028 00000017 [ 114.062438] 9c60: ef0b9c84 ef0b9c70 804bfa08 80013804 ef0b9dc8 ef0a1680 ef0b9d1c ef0b9c88 [ 114.062438] 9c80: 8001bf34 804bf9b0 ef0b9cac ef0b8000 a0000013 ffffffff ef0b9d04 8000e960 [ 114.062438] 9ca0: 00000000 00000000 ef0b9ccc ef0b9cb8 804c65ac 804c5a70 7f013ec4 7f01f238 [ 114.062438] 9cc0: ef0b9d44 ef0b9cd0 8000e978 804c6568 00000000 00000041 000000ba f0cea000 [ 114.062469] 9ce0: ee973c00 104ba000 00000094 f0d4b000 000000fa 00000017 806c2d38 00000014 [ 114.062469] 9d00: ef0b9dc8 8073ef0c 00000000 00000000 ef0b9dc4 ef0b9d20 80008524 8001bc48 [ 114.062469] 9d20: ef0b9d80 ee965b80 ee965bc0 00000000 8073ef0c 00000000 ef0b9d54 ef0b9d48 [ 114.062469] 9d40: 7f004de8 80116bb8 ef0b9d78 ef0b9d58 7f004f78 7f004d5c 00000001 7f004de8 [ 114.062469] 9d60: ef0b9dc0 ee9c0940 ecf68880 00000000 8073ef0c 00000000 ef0b9d94 ef0b9d88 [ 114.062499] 9d80: 7f004de8 80116bb8 ef0b9db8 ef0b9d98 7f004f78 7f004d5c ef0b9dbc ef0b9dc0 [ 114.062499] 9da0: f0000000 7f0069b8 804c4ff0 00000013 ffffffff ef0b9dfc ef0b9e24 ef0b9dc8 [ 114.062499] 9dc0: 8000e8d8 800084ec 00000014 60000013 0001d838 f0000000 00000014 00000000 [ 114.062499] 9de0: 00000000 ee9653c0 8073ef0c 00000000 00000000 ef0b9e24 ef0b9e28 ef0b9e10 [ 114.062499] 9e00: 80324a80 804c4ff0 00000013 ffffffff f0000000 ecfe5300 ef0b9e3c ef0b9e28 [ 114.062499] 9e20: 80324a80 804c4fe0 ecfe5300 00000000 ef0b9e5c ef0b9e40 7f009e44 80324a68 [ 114.062530] 9e40: 7f009de0 ee965b00 00000001 00000000 ef0b9e84 ef0b9e60 7f014d88 7f009dec [ 114.062530] 9e60: 7f04711c ecd40854 eeb55340 ee965b00 00000000 ecf68880 ef0b9e9c ef0b9e88 [ 114.062530] 9e80: 7f0155b4 7f014d4c ee9653c0 7f0268a0 ef0b9ebc ef0b9ea0 7f009314 7f01555c [ 114.062530] 9ea0: 00000000 ee965420 807bbaa4 7f0092e0 ef0b9edc ef0b9ec0 803244e0 7f0092ec [ 114.062530] 9ec0: ef0661c0 ee965420 8073ee00 ef2aca00 ef0b9f24 ef0b9ee0 80058198 803244ac [ 114.062530] 9ee0: ef0661c0 8073ef0c ef0b8000 ef0661c0 8073ef0c 00000000 8073ee00 ef0661c0 [ 114.062561] 9f00: 8073ef0c ef0b8000 8073ee00 ef0661d4 8073ef0c 8073ef0c ef0b9f5c ef0b9f28 [ 114.062561] 9f20: 80058808 80057f2c 00000000 ef0661c0 80058590 ef0a5e58 00000000 ef0661c0 [ 114.062561] 9f40: 80058590 00000000 00000000 00000000 ef0b9fac ef0b9f60 800600d4 8005859c [ 114.062561] 9f60: 00102d58 00000000 ef0b9f94 ef0661c0 00000000 00000000 ef0b9f78 ef0b9f78 [ 114.062561] 9f80: 00000001 00010001 ef0b9f88 ef0b9f88 ef0a5e58 80060018 00000000 00000000 [ 114.062591] 9fa0: 00000000 ef0b9fb0 8000ee18 80060024 00000000 00000000 00000000 00000000 [ 114.062591] 9fc0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 114.062591] 9fe0: 00000000 00000000 00000000 00000000 00000013 00000000 40c04a08 00412274 [ 114.062591] Backtrace: [ 114.062591] [<800605b0>] (kthread_data+0x0/0x20) from [<80058a54>] (wq_worker_sleeping+0x1c/0xac) [ 114.062622] [<80058a38>] (wq_worker_sleeping+0x0/0xac) from [<804c5b68>] (__schedule+0x104/0x678) [ 114.062622] r6:ef0b8000 r5:8901a740 r4:ef0a1680 r3:0420806c [ 114.062622] [<804c5a64>] (__schedule+0x0/0x678) from [<804c6280>] (schedule+0x94/0x98) [ 114.062622] [<804c61ec>] (schedule+0x0/0x98) from [<80040998>] (do_exit+0x868/0x8d8) [ 114.062652] [<80040130>] (do_exit+0x0/0x8d8) from [<80013b58>] (die+0x360/0x3d8) [ 114.062652] r7:804c4ff0 [ 114.062652] [<800137f8>] (die+0x0/0x3d8) from [<804bfa08>] (__do_kernel_fault.part.9+0x64/0x84) [ 114.062652] [<804bf9a4>] (__do_kernel_fault.part.9+0x0/0x84) from [<8001bf34>] (do_page_fault+0x2f8/0x340) [ 114.062683] r7:ef0a1680 r3:ef0b9dc8 [ 114.062683] [<8001bc3c>] (do_page_fault+0x0/0x340) from [<80008524>] (do_DataAbort+0x44/0xa8) [ 114.062683] [<800084e0>] (do_DataAbort+0x0/0xa8) from [<8000e8d8>] (__dabt_svc+0x38/0x60) [ 114.062683] Exception stack(0xef0b9dc8 to 0xef0b9e10) [ 114.062683] 9dc0: 00000014 60000013 0001d838 f0000000 00000014 00000000 [ 114.062713] 9de0: 00000000 ee9653c0 8073ef0c 00000000 00000000 ef0b9e24 ef0b9e28 ef0b9e10 [ 114.062713] 9e00: 80324a80 804c4ff0 00000013 ffffffff [ 114.062713] r7:ef0b9dfc r6:ffffffff r5:00000013 r4:804c4ff0 [ 114.062713] [<804c4fd4>] (mutex_lock+0x0/0x58) from [<80324a80>] (omap_gem_put_paddr+0x24/0xb8) [ 114.062744] r4:ecfe5300 r3:f0000000 [ 114.062774] [<80324a5c>] (omap_gem_put_paddr+0x0/0xb8) from [<7f009e44>] (UnwrapExtMemoryCallBack+0x64/0x74 [omapdrm_pvr]) [ 114.062774] r5:00000000 r4:ecfe5300 [ 114.062805] [<7f009de0>] (UnwrapExtMemoryCallBack+0x0/0x74 [omapdrm_pvr]) from [<7f014d88>] (FreeResourceByPtr+0x48/0xe8 [omapdrm_pvr]) [ 114.062805] r6:00000000 r5:00000001 r4:ee965b00 r3:7f009de0 [ 114.062866] [<7f014d40>] (FreeResourceByPtr+0x0/0xe8 [omapdrm_pvr]) from [<7f0155b4>] (ResManFreeResByPtr+0x64/0x80 [omapdrm_pvr]) [ 114.062866] r6:ecf68880 r5:00000000 r4:ee965b00 [ 114.062927] [<7f015550>] (ResManFreeResByPtr+0x0/0x80 [omapdrm_pvr]) from [<7f009314>] (async_unmap+0x34/0x54 [omapdrm_pvr]) [ 114.062927] r5:7f0268a0 r4:ee9653c0 [ 114.062957] [<7f0092e0>] (async_unmap+0x0/0x54 [omapdrm_pvr]) from [<803244e0>] (notify_worker+0x40/0x48) [ 114.062957] r6:7f0092e0 r5:807bbaa4 r4:ee965420 r3:00000000 [ 114.062957] [<803244a0>] (notify_worker+0x0/0x48) from [<80058198>] (process_one_work+0x278/0x488) [ 114.062988] r7:ef2aca00 r6:8073ee00 r5:ee965420 r4:ef0661c0 [ 114.062988] [<80057f20>] (process_one_work+0x0/0x488) from [<80058808>] (worker_thread+0x278/0x398) [ 114.062988] [<80058590>] (worker_thread+0x0/0x398) from [<800600d4>] (kthread+0xbc/0xcc) [ 114.062988] [<80060018>] (kthread+0x0/0xcc) from [<8000ee18>] (ret_from_fork+0x14/0x20) [ 114.063018] r7:00000000 r6:00000000 r5:80060018 r4:ef0a5e58 [ 114.063018] Code: e24cb004 e52de004 e8bd4000 e59031cc (e5130014) [ 114.063018] ---[ end trace 2441b1bbdffd41f0 ]--- [ 114.063018] Fixing recursive fault but reboot is needed! </div> </blockquote></div> </div>