Dear Dongas,
I can't run AR6K as kernel module :-(
Before it, I not using loadable modules.
Problem in:
http://lxr.free-electrons.com/source/arch/arm/mm/dma-mapping.c#L491
495
496 BUG_ON(!virt_addr_valid(start) || !virt_addr_valid(start + size -
1));
497
start = R0 = 0xbf0274f0
valid virtaual address space: 0xC0000000+
In this case we send variable 'cid' in function 'BMIGetTargetInfo'.
Module loaded at 0xbf000000, This variable allocated on stack?
--
Regards, Ivan.
========= report =========
Jan 1 00:00:12 (none) user.alert kernel: BMI Get Target Info: Enter (device:
0xc0323d60)
Jan 1 00:00:12 (none) user.debug kernel: sdio_ar6000 mmc0:0001:1:
HIFConfigureDevice
Jan 1 00:00:12 (none) user.debug kernel: sdio_ar6000 mmc0:0001:1: HIFReadWrite(device c0323d60, address 0x450, buffer bf0274f0,
length 4, request 0x259, context (null))
Jan 1 00:00:12 (none) user.debug kernel: mmc0: starting CMD53 arg 1408a004
flags 000001b5
Jan 1 00:00:12 (none) user.debug kernel: mmc0: blksz 4 blocks 1 flags
00000200 tsac 0 ms nsac 0
Jan 1 00:00:12 (none) user.debug kernel: Sending command 53 as 00051075, arg =
1408A004, blocks = 1, length = 4 (MR = 00049B01)
Jan 1 00:00:12 (none) user.debug kernel: pre dma read
Jan 1 00:00:12 (none) user.debug kernel: Using transfer index 0
Jan 1 00:00:12 (none) user.debug kernel: sg = c031a954
Jan 1 00:00:12 (none) user.alert kernel: Unable to handle kernel NULL pointer
dereference at virtual address 00000000
Jan 1 00:00:12 (none) user.alert kernel: pgd = c0010000
Jan 1 00:00:12 (none) user.alert kernel: [00000000] *pgd=20f16031,
*pte=00000000, *ppte=00000000
Jan 1 00:00:12 (none) user.warn kernel: Internal error: Oops: 817 [#1]
Jan 1 00:00:12 (none) user.warn kernel: Modules linked in: ar6000(+)
Jan 1 00:00:12 (none) user.warn kernel: CPU: 0 Not tainted (2.6.29 #69)
Jan 1 00:00:12 (none) user.warn kernel: PC is at dma_cache_maint+0x4c/0xd4
Jan 1 00:00:12 (none) user.warn kernel: LR is at
at91_mci_pre_dma_read+0xf4/0x1ac
Jan 1 00:00:12 (none) user.warn kernel: pc : [<c00260c8>] lr : [<c010a25c>]
psr: 80000013
Jan 1 00:00:12 (none) user.warn kernel: sp : c0339ad8 ip : c0339af8 fp :
c0339af4
Jan 1 00:00:12 (none) user.warn kernel: r10: 00000000 r9 : c0261d38 r8 :
c031a928
Jan 1 00:00:12 (none) user.warn kernel: r7 : c02c17a0 r6 : 00000004 r5 :
000004f0 r4 : bf0274f0
Jan 1 00:00:12 (none) user.warn kernel: r3 : 00000000 r2 : 00000002 r1 :
00000004 r0 : bf0274f0
Jan 1 00:00:12 (none) user.warn kernel: Flags: Nzcv IRQs on FIQs on Mode
SVC_32 ISA ARM Segment user
Jan 1 00:00:12 (none) user.warn kernel: Control: 0005317f Table: 20010000
DAC: 00000015
Jan 1 00:00:12 (none) user.warn kernel: Process modprobe (pid: 200, stack
limit = 0xc0338268)
Jan 1 00:00:12 (none) user.warn kernel: Stack: (0xc0339ad8 to 0xc033a000)
Jan 1 00:00:12 (none) user.warn kernel: Backtrace:
Jan 1 00:00:12 (none) user.warn kernel: [<c002607c>] (dma_cache_maint+0x0/0xd4) from [<c010a25c>]
(at91_mci_pre_dma_read+0xf4/0x1ac)
Jan 1 00:00:12 (none) user.warn kernel: r6:c031a954 r5:000004f0 r4:c024a4e0
Jan 1 00:00:12 (none) user.warn kernel: [<c010a168>] (at91_mci_pre_dma_read+0x0/0x1ac) from [<c010a514>]
(at91_mci_send_command+0x200/0x43c)
Jan 1 00:00:12 (none) user.warn kernel: [<c010a314>] (at91_mci_send_command+0x0/0x43c) from [<c010a7a8>]
(at91_mci_process_next+0x58/0x74)
Jan 1 00:00:12 (none) user.warn kernel: [<c010a750>] (at91_mci_process_next+0x0/0x74) from [<c010a900>]
(at91_mci_request+0x3c/0x44)
Jan 1 00:00:12 (none) user.warn kernel: r4:c02c17a0
Jan 1 00:00:12 (none) user.warn kernel: [<c010a8c4>] (at91_mci_request+0x0/0x44)
from [<c0104a70>] (mmc_start_request+0x208/0x220)
Jan 1 00:00:12 (none) user.warn kernel: r4:00000002
Jan 1 00:00:12 (none) user.warn kernel: [<c0104868>] (mmc_start_request+0x0/0x220)
from [<c0104ac0>] (mmc_wait_for_req+0x38/0x4c)
Jan 1 00:00:12 (none) user.warn kernel: r7:00000450 r6:00000010 r5:c02c1600
r4:c0339bdc
Jan 1 00:00:12 (none) user.warn kernel: [<c0104a88>] (mmc_wait_for_req+0x0/0x4c) from [<bf004dc8>] (HIFReadWrite+0x194/0x218
[ar6000])
Jan 1 00:00:12 (none) user.warn kernel: r4:c031a8e0
Jan 1 00:00:12 (none) user.warn kernel: [<bf004c34>] (HIFReadWrite+0x0/0x218 [ar6000]) from [<bf00523c>] (bmiBufferSend+0x50/0x134
[ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf0051ec>] (bmiBufferSend+0x0/0x134 [ar6000]) from [<bf0060b8>]
(BMIGetTargetInfo+0x74/0x1d8 [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf006044>] (BMIGetTargetInfo+0x0/0x1d8 [ar6000]) from [<bf0097a0>]
(ar6000_avail_ev+0x224/0x568 [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf00957c>] (ar6000_avail_ev+0x0/0x568 [ar6000]) from [<bf0043e4>]
(HTCTargetInsertedHandler+0x194/0x1fc [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf004250>] (HTCTargetInsertedHandler+0x0/0x1fc [ar6000]) from [<bf004b28>]
(sdio_ar6000_probe+0x1dc/0x2e8 [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf00494c>] (sdio_ar6000_probe+0x0/0x2e8 [ar6000]) from [<c0108adc>]
(sdio_bus_probe+0x64/0x70)
Jan 1 00:00:12 (none) user.warn kernel: [<c0108a78>] (sdio_bus_probe+0x0/0x70) from
[<c00f88e8>] (driver_probe_device+0xdc/0x190)
Jan 1 00:00:12 (none) user.warn kernel: r7:bf0272b4 r6:bf0272b4 r5:c02c1090
r4:c02c1008
Jan 1 00:00:12 (none) user.warn kernel: [<c00f880c>] (driver_probe_device+0x0/0x190)
from [<c00f8a08>] (__driver_attach+0x6c/0x90)
Jan 1 00:00:12 (none) user.warn kernel: r7:bf0272b4 r6:bf0272b4 r5:c02c1090
r4:c02c1008
Jan 1 00:00:12 (none) user.warn kernel: [<c00f899c>] (__driver_attach+0x0/0x90) from
[<c00f7cfc>] (bus_for_each_dev+0x54/0x88)
Jan 1 00:00:12 (none) user.warn kernel: r6:c00f899c r5:c0339de0 r4:00000000
Jan 1 00:00:12 (none) user.warn kernel: [<c00f7ca8>] (bus_for_each_dev+0x0/0x88)
from [<c00f8720>] (driver_attach+0x20/0x28)
Jan 1 00:00:12 (none) user.warn kernel: r7:c02c0a40 r6:bf027308 r5:bf0272b4
r4:00000000
Jan 1 00:00:12 (none) user.warn kernel: [<c00f8700>] (driver_attach+0x0/0x28) from
[<c00f82dc>] (bus_add_driver+0xa8/0x218)
Jan 1 00:00:12 (none) user.warn kernel: [<c00f8234>] (bus_add_driver+0x0/0x218) from
[<c00f8c3c>] (driver_register+0x98/0x120)
Jan 1 00:00:12 (none) user.warn kernel: r8:c01dd70c r7:bf0274ac r6:bf027308
r5:bf0272b4 r4:bf0274dc
Jan 1 00:00:12 (none) user.warn kernel: [<c00f8ba4>] (driver_register+0x0/0x120)
from [<c0108c68>] (sdio_register_driver+0x24/0x2c)
Jan 1 00:00:12 (none) user.warn kernel: [<c0108c44>] (sdio_register_driver+0x0/0x2c)
from [<bf004750>] (HIFInit+0x58/0x84 [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: [<bf0046f8>] (HIFInit+0x0/0x84 [ar6000])
from [<bf004138>] (HTCInit+0x8c/0xd8 [ar6000])
Jan 1 00:00:12 (none) user.warn kernel: r4:c0339e9c
Jan 1 00:00:12 (none) user.warn kernel: [<bf0040ac>] (HTCInit+0x0/0xd8 [ar6000]) from [<bf02c070>] (ar6000_init_module+0x70/0x9c
[ar6000])
Jan 1 00:00:12 (none) user.warn kernel: r7:bf02c000 r6:00056130 r5:bf0273b8
r4:c0339ee4
Jan 1 00:00:12 (none) user.warn kernel: [<bf02c000>] (ar6000_init_module+0x0/0x9c [ar6000]) from [<c0020294>]
(__exception_text_end+0x54/0x184)
Jan 1 00:00:12 (none) user.warn kernel: r4:0002f411
Jan 1 00:00:12 (none) user.warn kernel: [<c0020240>] (__exception_text_end+0x0/0x184) from [<c0051268>]
(sys_init_module+0x98/0x23c)
Jan 1 00:00:12 (none) user.warn kernel: [<c00511d0>] (sys_init_module+0x0/0x23c)
from [<c0020d40>] (ret_fast_syscall+0x0/0x2c)
----- Original Message -----
From: "dongas" <[email protected]>
To: "Ivan Petrov" <[email protected]>
Cc: <[email protected]>
Sent: Thursday, April 09, 2009 6:06 AM
Subject: Re: AR6000 driver failed on probe stage
Dear Ivan,
Can you help send me a total log of ar6000 driver initialization
process such as from you insmod ar6000.ko?
(with ar6000 driver loglevel = 0xFFF7 and openning the mmc core debug info)
The former log you'v sent me seems a little later of ar6000 initialization.
I can not compare with the my log of ar6000 driver initialization.
Thanks
Regards
Dongas
2009/4/8 dongas <[email protected]>:
2009/4/7 Ivan Petrov <[email protected]>:
I was have similar problem at start of driver port to AT91SAM9260, problem
was in SDIO_IRQ suport for my CPU in 4wire mode.
First, try turn off MMC_CAP_SDIO_IRQ in you MMC host controller. In this
case IRQ state will request every 10ms. Posible it help you.
- mmc->caps = MMC_CAP_SDIO_IRQ;
+ mmc->caps = 0; // MMC_CAP_SDIO_IRQ;
Bit unlucky on me. :-(
I have tried this method but the same issue still existed.
I double-checked the ar6000 driver's initialization process, as i
know, before the driver hanged
it only had done a few things as following steps:
1. enable sdio wifi function with CMD52
2. set function block size to 128 with CMD52
3. enable sdio irq with CMD52 (if turn it on)
4. disable ar6000 interrupts with CMD53
We have connected a logic analyzer to host to check that all above
CMD/DATA were sent successful.
So it seems not cause by some failure during the ar6000 driver initialization.
5. try to get BMI command credits by reading COUNTER_DEC register
AR6000 driver hanged on this step where it was trying to read a BMI
command credit from CONUTER_DEC register, but it alway got a NULL
value.
(The accurate addres the driver read is 0x450 which is calculated by
the following method defined in bmi.c
address = COUNT_DEC_ADDRESS + (HTC_MAILBOX_NUM_MAX + ENDPOINT1) * 4;)
Do you know why the content of CONUTER_DEC register of wifi card is alway 0?
In other words, why the target hasn't provided this initial command
credits for host?
Any one has any idea on this issue?
Your advice will be highly apprecaited.
Regards
Dongas
----- Original Message ----- From: "dongas" <[email protected]>
To: <[email protected]>
Sent: Tuesday, April 07, 2009 4:46 PM
Subject: Re: AR6000 driver failed on probe stage
2009/3/28 dongas <[email protected]>:
After digging into the code, i found that in bmiBufferSend function in
bmi.c,
the driver will try to repeatly read the COUNT_DEC register of the
card until the register value read back is Non-zero and then the
following
steps can go on.
But the value returned from register was alway zero , so ar6000 driver
hanged there and keeped doing almost the infinit loop
reading&checking.
Why the driver can not read a non-zero value from COUNT_DEC register
as it wanted?
After debugging i found that the ar6000 driver failed when it was
trying to read target version via BMI request of ar6000 in the routine
BMIGetTargetInfo because it was unable to get a BMI command credit(by
reading CONUTER_DEC register) for the next BMI request according to
the BMI flow control.
I think if the target(ar6000) initialized successful before after the
host enabled it, the target should have initially provided one command
credit to host according to the datasheet, but it hadn’t. (if wrong
pls correct me )
(The target is enabled by the CMD52 to write to ENABLE BIT of CCCR
register of card.
Once the target is enabled, it executes firmware that initializes SoC
and software states.)
So the driver repeatly tried to get this command credit and hanged there.
I went through some ar6001 related specs/documents, but still havn't
got the key of this issue that why the target failed to provided one
command credit to after it was enabled by host?
I guess the target failed to initailize itself or worked inproperly
but don't know which reason might cause it failed.
Now only one thing i can make sure is that wifi card is on I/O Ready
state after host enables it by checing CCCR register.
Any ideas about this issue?
Thanks
Regards
Dongas
