Date: Thu, 5 Nov 2015 12:20:42 +0100 From: Hans Petter Selasky <hps@selasky.org> To: Lars Engels <lars.engels@0x20.net>, arm@freebsd.org Subject: Re: [Banana Pi] Fatal kernel mode data abort: 'Alignment Fault' on read Message-ID: <563B3B8A.40102@selasky.org> In-Reply-To: <563B372E.20607@selasky.org> References: <20151105104859.GQ66179@e-new.0x20.net> <563B372E.20607@selasky.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, On 11/05/15 12:02, Hans Petter Selasky wrote: > On 11/05/15 11:48, Lars Engels wrote: >> Using FreeBSD-armv6-11.0-A20-290366.img I can reproducible crash the >> kernel by USB-tethering the Banana Pi to a mobile phone and run " >> pkg bootstrap". It looks like this: >> >> root@bananapi:/ # pkg bootstrap >> The package management tool is not yet installed on your system. >> Do you want to fetch and install it now? [y/N]: y >> Bootstrapping pkg from >> pkg+http://pkg.FreeBSD.org/FreeBSD:11:armv6/latest, please wait... >> Fatal kernel mode data abort: 'Alignment Fault' on read >> trapframe: 0xea576a90 >> FSR=00000001, FAR=c43a1d6e, spsr=60000113 >> r0 =00000014, r1 =0000003c, r2 =0000003c, r3 =00000903 >> r4 =00000000, r5 =c43a1d6a, r6 =00000028, r7 =c43a1d56 >> r8 =00000000, r9 =00000014, r10=00000028, r11=ea576bf8 >> r12=00000000, ssp=ea576b20, slr=c061aba4, pc =c04f68e8 >> >> [ thread pid 13 tid 100024 ] >> Stopped at tcp_input+0x820: ldr r0, [r5, #0x004] > > Hi, > > Could you "objdump -Dx --source /boot/kernel/kernel" and figure out > which code line "tcp_input+0x820" corresponds to? > > According to if_rndis, the IP-header should be aligned via the > ETHER_ALIGN macro, to 32-bits. The issue is possibly outside USB. > Wild guess: This piece of code: > case TCPOPT_SACK: > if (optlen <= 2 || (optlen - 2) % TCPOLEN_SACK != 0) > continue; > if (flags & TO_SYN) > continue; > to->to_flags |= TOF_SACK; > to->to_nsacks = (optlen - 2) / TCPOLEN_SACK; > to->to_sacks = cp + 2; ^^^ more specifically here > TCPSTAT_INC(tcps_sack_rcv_blocks); > break; Causes +2 bytes unaligned access below for ARM? > case TOF_SACK: > { > int sackblks = 0; > struct sackblk *sack = (struct sackblk *)to->to_sacks; > tcp_seq sack_seq; > > while (!optlen || optlen % 4 != 2) { > optlen += TCPOLEN_NOP; > *optp++ = TCPOPT_NOP; > } > if (TCP_MAXOLEN - optlen < TCPOLEN_SACKHDR + TCPOLEN_SACK) > continue; > optlen += TCPOLEN_SACKHDR; > *optp++ = TCPOPT_SACK; > sackblks = min(to->to_nsacks, > (TCP_MAXOLEN - optlen) / TCPOLEN_SACK); > *optp++ = TCPOLEN_SACKHDR + sackblks * TCPOLEN_SACK; > while (sackblks--) { > sack_seq = htonl(sack->start); > bcopy((u_char *)&sack_seq, optp, sizeof(sack_seq)); > optp += sizeof(sack_seq); > sack_seq = htonl(sack->end); > bcopy((u_char *)&sack_seq, optp, sizeof(sack_seq)); > optp += sizeof(sack_seq); > optlen += TCPOLEN_SACK; > sack++; > } > TCPSTAT_INC(tcps_sack_send_blocks); > break; > } ???? --HPS
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?563B3B8A.40102>