This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

PMT detection in TSIF

Hi,

We are using TSIF interface for live capture in DVB-C. It is observed that if the input signal is not very good, PAT/PMT detection IOCTLs takes forever and there are no timeouts.

Problem is mainly with the PMT detection - if that gets stuck for a time - say longer than a few seconds, there is a kernel crash observed. PFA the log:

(Please note that "TSIF_GET_PMT_PKT : checking addresses"  message is added by me to verify that the addresses going to the IOCTL are correct.)

 TSIF_GET_PMT_PKT : checking addresses for NULL arg = 2495ce8 and =0

====
=================================
TRACK  :Entering for pmt pid 2010
Tsif            : TSIF_GET_PMT_CONFIG ok [2010, 1]
Tsif            : Waiting for PMT
=================================
==========PMT DETECTED===========
=================================
TRACK  :Entering for pmt pid 1988
Tsif            : TSIF_GET_PMT_CONFIG ok [1988, 1]
Tsif            : Waiting for PMT
...

kernel BUG at net/core/skbuff.c:1011!
Unable to handle kernel NULL pointer dereference at virtual address 00000000
pgd = c0004000
[00000000] *pgd=00000000
Internal error: Oops: 817 [#1] PREEMPT
Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000
CPU: 0    Not tainted  (2.6.32-rc2-davinci1-svn2201 #259)
PC is at __bug+0x20/0x2c
LR is at vprintk+0x398/0x408
pc : [<c002e500>]    lr : [<c004100c>]    psr: 40000013
sp : c0467e20  ip : c0467d80  fp : c0467e2c
r10: c0000040  r9 : 00000000  r8 : 80000013
r7 : c0249904  r6 : 1cf4995a  r5 : 00000040  r4 : c22c69c0
r3 : 00000000  r2 : c0466000  r1 : c0467d80  r0 : 0000002c
Flags: nZcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment kernel
Control: 0005317f  Table: 82270000  DAC: 00000017
Process swapper (pid: 0, stack limit = 0xc0466270)
Stack: (0xc0467e20 to 0xc0468000)
7e20: c0467e4c c0467e30 c02ccaf0 c002e4f0 00000040 c3100b00 c361c2e0 c22c69c0
7e40: c0467eac c0467e50 c0249904 c02ccacc 07d432b2 ffffffff 00000040 c361c2ec
7e60: c361c000 c361c210 00000001 c0466000 c22c69c0 c3e28022 00000040 c20d9480
7e80: 00000000 c361c2ec 00000040 00000001 c0466000 00000000 0000012c c0466000
7ea0: c0467ee4 c0467eb0 c02d5460 c024952c 60000093 ffffcc1e c0467edc 00000103
7ec0: 0000000c 00000001 c0466000 00000003 0000000a c049c480 c0467f24 c0467ee8
7ee0: c0045a18 c02d53c0 c0467f14 c0467ef8 c0466000 00000000 00000019 00000019
7f00: 00000000 c0025e14 00000002 00000001 c0466000 80023974 c0467f34 c0467f28
7f20: c0045afc c0045990 c0467f4c c0467f38 c002a074 c0045abc ffffffff fec48000
7f40: c0467fa4 c0467f50 c002aacc c002a010 00000000 0005317f 0005217f 60000013
7f60: c0466000 c049763c c0025e14 c046a388 800239a8 41069265 80023974 c0467fa4
7f80: 600000d3 c0467f98 c002b9d0 c002b9dc 60000013 ffffffff c0467fbc c0467fa8
7fa0: c002bf28 c002b9b8 c04abc6c c049763c c0467fcc c0467fc0 c0358f84 c002bec0
7fc0: c0467ff4 c0467fd0 c00089b8 c0358f24 c00084f0 00000000 00000000 c0025e18
7fe0: 00053175 c04976e4 00000000 c0467ff8 80008034 c0008760 00000000 00000000
Backtrace:
[<c002e4e0>] (__bug+0x0/0x2c) from [<c02ccaf0>] (skb_put+0x34/0x6c)
[<c02ccabc>] (skb_put+0x0/0x6c) from [<c0249904>] (emac_poll+0x3e8/0x650)
 r7:c22c69c0 r6:c361c2e0 r5:c3100b00 r4:00000040
[<c024951c>] (emac_poll+0x0/0x650) from [<c02d5460>] (net_rx_action+0xb0/0x224)
[<c02d53b0>] (net_rx_action+0x0/0x224) from [<c0045a18>] (__do_softirq+0x98/0x12c)
[<c0045980>] (__do_softirq+0x0/0x12c) from [<c0045afc>] (irq_exit+0x50/0xa8)
[<c0045aac>] (irq_exit+0x0/0xa8) from [<c002a074>] (asm_do_IRQ+0x74/0x8c)
[<c002a000>] (asm_do_IRQ+0x0/0x8c) from [<c002aacc>] (__irq_svc+0x4c/0x90)
Exception stack(0xc0467f50 to 0xc0467f98)
7f40:                                     00000000 0005317f 0005217f 60000013
7f60: c0466000 c049763c c0025e14 c046a388 800239a8 41069265 80023974 c0467fa4
7f80: 600000d3 c0467f98 c002b9d0 c002b9dc 60000013 ffffffff
 r5:fec48000 r4:ffffffff
[<c002b9a8>] (default_idle+0x0/0x38) from [<c002bf28>] (cpu_idle+0x78/0xe4)
[<c002beb0>] (cpu_idle+0x0/0xe4) from [<c0358f84>] (rest_init+0x70/0x84)
 r5:c049763c r4:c04abc6c
[<c0358f14>] (rest_init+0x0/0x84) from [<c00089b8>] (start_kernel+0x268/0x2c0)
[<c0008750>] (start_kernel+0x0/0x2c0) from [<80008034>] (0x80008034)
Code: e1a01000 e59f000c eb0cb456 e3a03000 (e5833000)
Kernel panic - not syncing: Fatal exception in interrupt
Backtrace:
[<c002e7e8>] (dump_backtrace+0x0/0x114) from [<c035b530>] (dump_stack+0x18/0x1c)
 r7:c0467dd8 r6:c04696b8 r5:c0466000 r4:c0497b50
[<c035b518>] (dump_stack+0x0/0x1c) from [<c035b588>] (panic+0x54/0x124)
[<c035b534>] (panic+0x0/0x124) from [<c002eb8c>] (die+0x170/0x19c)
 r3:00000100 r2:c0467cc0 r1:c0497b50 r0:c03f7cc3
[<c002ea1c>] (die+0x0/0x19c) from [<c0030628>] (__do_kernel_fault+0x6c/0x7c)
[<c00305bc>] (__do_kernel_fault+0x0/0x7c) from [<c0030808>] (do_page_fault+0x1d0/0x1e8)
 r7:00000000 r6:00000000 r5:c04696b8 r4:c046a654
[<c0030638>] (do_page_fault+0x0/0x1e8) from [<c002a288>] (do_DataAbort+0x3c/0x9c)
[<c002a24c>] (do_DataAbort+0x0/0x9c) from [<c002aa6c>] (__dabt_svc+0x4c/0x60)
Exception stack(0xc0467dd8 to 0xc0467e20)
7dc0:                                                       0000002c c0467d80
7de0: c0466000 00000000 c22c69c0 00000040 1cf4995a c0249904 80000013 00000000
7e00: c0000040 c0467e2c c0467d80 c0467e20 c004100c c002e500 40000013 ffffffff
 r8:80000013 r7:c0249904 r6:1cf4995a r5:c0467e0c r4:ffffffff
[<c002e4e0>] (__bug+0x0/0x2c) from [<c02ccaf0>] (skb_put+0x34/0x6c)
[<c02ccabc>] (skb_put+0x0/0x6c) from [<c0249904>] (emac_poll+0x3e8/0x650)
 r7:c22c69c0 r6:c361c2e0 r5:c3100b00 r4:00000040
[<c024951c>] (emac_poll+0x0/0x650) from [<c02d5460>] (net_rx_action+0xb0/0x224)
[<c02d53b0>] (net_rx_action+0x0/0x224) from [<c0045a18>] (__do_softirq+0x98/0x12c)
[<c0045980>] (__do_softirq+0x0/0x12c) from [<c0045afc>] (irq_exit+0x50/0xa8)
[<c0045aac>] (irq_exit+0x0/0xa8) from [<c002a074>] (asm_do_IRQ+0x74/0x8c)
[<c002a000>] (asm_do_IRQ+0x0/0x8c) from [<c002aacc>] (__irq_svc+0x4c/0x90)
Exception stack(0xc0467f50 to 0xc0467f98)
7f40:                                     00000000 0005317f 0005217f 60000013
7f60: c0466000 c049763c c0025e14 c046a388 800239a8 41069265 80023974 c0467fa4
7f80: 600000d3 c0467f98 c002b9d0 c002b9dc 60000013 ffffffff
 r5:fec48000 r4:fffffff

Regards,

-Sheetal.

  • Hi,

    As per your log, you are based on 2.6.32 kernel. Did you port the existing TSIF driver to this kernel?

    Also, the below kernel crash log corresponds to Ethernet and not TSIF. (net/core/skbuff.c:1011). Are you using a nfs based file system?

    Please run your oops message thru' ksymoops to get the names of functions in the back trace,

    That will help you to identify the crash.


    Regards,

    Nageswari

     

     

  • Hi Nageswari,

    We have ported the TSIF driver to the new kernel. The development is on DM6467T and there is only GIT support for the same. We needed only the Rx part.

    We observe exactly the same crash in TSIF_WAIT_FOR_RX_COMPLETE when the input transmission is bad. If there are many bit errors in the input signal, this crash is consistently seen. We are using TSIF in bypass mode.

    Do you have any pointers on what could be the connection between tsif_isr and the Ethernet driver? or under which circumstances could this happen?

    As soon as we comment the TSIF_WAIT_FOR_RX_COMPLETE call from the application, this crash does not occur.

    Thanks and regards,

    -Sheetal.

  • Sheetal,

    Can you explain more on what do you mean by "input transmission is bad"?

    Also, do you observe these errors even if the input transmission is good?

    Can you try with simple loop back in bypass mode to make sure there are no issues with the driver ported to latest kernel?

    Regards,

    Nageswari

  • Ok,

    We have DM6467T based hardware which has a hybrid tuner that can receive DVB-C transmission.

    When the input signal received on the wire is bad (this means there may be a lot of bit errors in the signal), this crash occurs. The behavior is consistent. We have also reproduced this by introducing a lot of bit errors in the input signal. What is more intriguing is why should the Ethernet driver have anything to do with the TSIF input signal being bad?

    BTW, this crash is not observed when the input signal is good. We have run the tests for as long as 24 hours. It is fine.

    Regards,

    -Sheetal.

  • Sheetal,

    Do you have an option of connecting hard disk to your system?

    Can you try root file system from hard disk instead of ethernet and try diabling ethernet in the kernel config.

    There is no connection between ethernet and TSIF isr but want to ensure that error goes away if there is no ethernet.

    Regards,

    Nageswari

  • Sheetal,

    Can you try diabling "CONFIG_PREEMPT" in menuconfig (Select - kernel Features->Pre emption model->NoForced Preemption).

    This could be the first step to try before moving to harddisk based rootfs.

    Regards,

    Nageswari

  • Hi Nageswari,

    We disabled the network driver from the kernel configuration and tried this test application.

    It crashes when bit errors are introduced at run time in the input signal.

    Following is the log:

    Received data for PID7
    Received data for PID7
    Received data for PID7
    Received data for PID7
    Received data for PID7
    Received data for PID7
    Received data for PID7
    RecUnable to handle kernel paging request at virtual address 4700001e
    eived data for PID7
    Received dapgd = c3ed4000
    ta for PID7
    Received data for P[4700001e] *pgd=00000000ID7
    Received data for PID7
    Rec
    eived data for PID7
    Received daInternal error: Oops: 1 [#1] PREEMPT
    Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000
    CPU: 0    Not tainted  (2.6.32-rc2-davinci1-svn3116 #259)
    PC is at fget_light+0x64/0xf8
    LR is at fget_light+0x60/0xf8
    pc : [<c009d45c>]    lr : [<c009d458>]    psr: 80000013
    sp : c20fbf50  ip : c20fbf50  fp : c20fbf6c
    r10: 00000964  r9 : c20fa000  r8 : 4001f000
    r7 : 00000017  r6 : c20fbf7c  r5 : 00000001  r4 : c3e56c00
    r3 : 00000001  r2 : 4700001e  r1 : 00000000  r0 : 00000001
    Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
    Control: 0005317f  Table: 83ed4000  DAC: 00000015
    Process tsif_mmap_buffe (pid: 2106, stack limit = 0xc20fa270)
    Stack: (0xc20fbf50 to 0xc20fc000)
    bf40:                                     00000017 4001f000 401805e8 00000017
    bf60: c20fbfa4 c20fbf70 c009cd94 c009d408 c20fbfa4 c20fbf80 c00aa858 00000000
    bf80: c0044b4c 00000017 4001f000 401805e8 00000004 c002a044 00000000 c20fbfa8
    bfa0: c0029ec0 c009cd84 00000017 4001f000 00000001 4001f000 00000017 00000000
    bfc0: 00000017 4001f000 401805e8 00000004 00000017 00000016 00000964 0000af64
    bfe0: 00000000 4218ed88 401291f4 4010eae4 60000010 00000001 401cb67c 401f8ffc
    Backtrace:
    [<c009d3f8>] (fget_light+0x0/0xf8) from [<c009cd94>] (sys_write+0x20/0x70)
     r7:00000017 r6:401805e8 r5:4001f000 r4:00000017
    [<c009cd74>] (sys_write+0x0/0x70) from [<c0029ec0>] (ret_fast_syscall+0x0/0x28)
     r8:c002a044 r7:00000004 r6:401805e8 r5:4001f000 r4:00000017
    Code: ea000022 e3a00001 ebfe6a5b e5942004 (e5923000)
    ta for PID7
    Received data for P---[ end trace 21ee417f2245a48f ]---
    ID7
    Received data for PID7
    Recnote: tsif_mmap_buffe[2106] exited with preempt_count 1
    eived data for PID7
    Received daBUG: scheduling while atomic: tsif_mmap_buffe/2106/0x40000002
    ta for PID7
    Received data for PModules linked in:ID7
    Received data for PID7
    Rec dsplinkkeived data for PID7
    Received da cmemkta for PID7
    Received data for P tsif_dataID7
    Received data for PID7
    Rec tsif_controleived data for PID7
    Received da SI2165ta for PID7
    Received data for P xc5000ID7
    Received data for PID7
    Rec
    eived data for PID7
    Received daBacktrace: ta for PID7
    Received data for P
    ID7
    Received data for PID7
    Rec[<c002d7e8>] eived data for PID7
    Received da(dump_backtrace+0x0/0x114) ta for PID7
    Received data for Pfrom [<c0349374>] ID7
    Received data for PID7
    Rec(dump_stack+0x18/0x1c)
    eived data for PID7
    Received da r7:c3cca898ta for PID7
    Received data for P r6:c30b9d40ID7
    Received data for PID7
    Rec r5:00000000eived data for PID7
    Received da r4:00000000ta for PID7
    Received data for P
    ID7
    Received data for PID7
    Rec[<c034935c>] eived data for PID7
    Received da(dump_stack+0x0/0x1c) ta for PID7
    Received data for Pfrom [<c0037c68>] ID7
    Received data for PID7
    Rec(__schedule_bug+0x54/0x60)
    eived data for PID7
    Received da[<c0037c14>] ta for PID7
    Received data for P(__schedule_bug+0x0/0x60) ID7
    Received data for PID7
    Recfrom [<c0349674>] eived data for PID7
    Received da(schedule+0x84/0x380)
    ta for PID7
    Received data for P r5:00000000ID7
    Received data for PID7
    Rec r4:c30b9d40eived data for PID7
    Received da
    ta for PID7
    Received data for P[<c03495f0>] ID7
    Received data for PID7
    Rec(schedule+0x0/0x380) eived data for PID7
    Received dafrom [<c0038008>] ta for PID7
    Received data for P(__cond_resched+0x18/0x24)
    ID7
    Received data for PID7
    Rec[<c0037ff0>] eived data for PID7
    Received da(__cond_resched+0x0/0x24) ta for PID7
    Received data for Pfrom [<c0349a8c>] ID7
    Received data for PID7
    Rec(_cond_resched+0x34/0x44)
    eived data for PID7
    Received da[<c0349a58>] ta for PID7
    Received data for P(_cond_resched+0x0/0x44) ID7
    Received data for PID7
    Recfrom [<c0089010>] eived data for PID7
    Received da(__get_user_pages+0x230/0x244)
    ta for PID7
    Received data for P[<c0088de0>] ID7
    Received data for PID7
    Rec(__get_user_pages+0x0/0x244) eived data for PID7
    Received dafrom [<c008912c>] ta for PID7
    Received data for P(get_user_pages+0x58/0x60)
    ID7
    Received data for PID7
    [<c00890d4>] (get_user_pages+0x0/0x60) from [<c0084a6c>] (get_user_pages_fast+0x68/0x80)
     r5:00000000 r4:c20fa000
    [<c0084a04>] (get_user_pages_fast+0x0/0x80) from [<c006353c>] (get_futex_key+0xa4/0x164)
    [<c0063498>] (get_futex_key+0x0/0x164) from [<c0063ce8>] (futex_wake+0x50/0x134)
    [<c0063c98>] (futex_wake+0x0/0x134) from [<c00656e0>] (do_futex+0xe4/0xd10)
     r8:00000000 r7:00000001 r6:00000000 r5:00000000 r4:00000001
    [<c00655fc>] (do_futex+0x0/0xd10) from [<c006645c>] (sys_futex+0x150/0x164)
    [<c006630c>] (sys_futex+0x0/0x164) from [<c003ced4>] (mm_release+0x90/0xa0)
    [<c003ce44>] (mm_release+0x0/0xa0) from [<c0040e4c>] (exit_mm+0x20/0x158)
     r7:c20fbf08 r6:c214e300 r5:c30b9d40 r4:0000000b
    [<c0040e2c>] (exit_mm+0x0/0x158) from [<c004295c>] (do_exit+0x19c/0x684)
     r7:c20fbf08 r6:c30b9d40 r5:c30b9d40 r4:0000000b
    [<c00427c0>] (do_exit+0x0/0x684) from [<c002db98>] (die+0x17c/0x19c)
    [<c002da1c>] (die+0x0/0x19c) from [<c002f628>] (__do_kernel_fault+0x6c/0x7c)
    [<c002f5bc>] (__do_kernel_fault+0x0/0x7c) from [<c002f884>] (do_bad_area+0x64/0x70)
     r7:00000000 r6:00000000 r5:00000000 r4:e5923000
    [<c002f820>] (do_bad_area+0x0/0x70) from [<c00315b4>] (do_alignment+0x5ac/0x700)
    [<c0031008>] (do_alignment+0x0/0x700) from [<c0029288>] (do_DataAbort+0x3c/0x9c)
    [<c002924c>] (do_DataAbort+0x0/0x9c) from [<c0029a6c>] (__dabt_svc+0x4c/0x60)
    Exception stack(0xc20fbf08 to 0xc20fbf50)
    bf00:                   00000001 00000000 4700001e 00000001 c3e56c00 00000001
    bf20: c20fbf7c 00000017 4001f000 c20fa000 00000964 c20fbf6c c20fbf50 c20fbf50
    bf40: c009d458 c009d45c 80000013 ffffffff                                    
     r8:4001f000 r7:00000017 r6:c20fbf7c r5:c20fbf3c r4:ffffffff
    [<c009d3f8>] (fget_light+0x0/0xf8) from [<c009cd94>] (sys_write+0x20/0x70)
     r7:00000017 r6:401805e8 r5:4001f000 r4:00000017
    [<c009cd74>] (sys_write+0x0/0x70) from [<c0029ec0>] (ret_fast_syscall+0x0/0x28)
     r8:c002a044 r7:00000004 r6:401805e8 r5:4001f000 r4:00000017
    Unable to handle kernel paging request at virtual address 04fd5cca
    pgd = c39f8000
    [04fd5cca] *pgd=00000000
    Internal error: Oops: 1 [#2] PREEMPT
    Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000
    CPU: 0    Tainted: G      D     (2.6.32-rc2-davinci1-svn3116 #259)
    PC is at kmem_cache_alloc+0x44/0xa8
    LR is at kmem_cache_alloc+0x34/0xa8
    pc : [<c0098d78>]    lr : [<c0098d68>]    psr: 20000093
    sp : c215dca8  ip : c215dca8  fp : c215dcd4
    r10: 000004d0  r9 : 000004d0  r8 : 000000c0
    r7 : c02be248  r6 : 60000013  r5 : 04fd5cca  r4 : c0450128
    r3 : 00000000  r2 : 00000000  r1 : 000004d0  r0 : 00000000
    Flags: nzCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment user
    Control: 0005317f  Table: 839f8000  DAC: 00000015
    Process klogd (pid: 1877, stack limit = 0xc215c270)
    Stack: (0xc215dca8 to 0xc215e000)
    dca0:                   c215dcc4 c215dcb8 00000000 000004d0 00000029 c0450128
    dcc0: c02b9260 00000000 c215dcfc c215dcd8 c02be248 c0098d44 00000000 c20de1a0
    dce0: 00000000 7fffffff c215c000 00000000 c215dd4c c215dd00 c02b9260 c02be224
    dd00: 00000029 c20de250 c215de58 7fffffff c215dd4c c215dd20 c003a308 c0037d10
    dd20: c39b9180 00000000 c20de9c0 c215df3c c20de1a0 c3983600 c215de58 00000000
    dd40: c215dd64 c215dd50 c02b94d4 c02b91d0 c215dd94 00000000 c215ddc4 c215dd68
    dd60: c0320d88 c02b94c4 c00b4d8c c01baa6c 00000029 00000000 00000000 c215ddd0
    dd80: 00000755 00000000 00000000 00000000 00000000 ffffffa6 c215de04 00000000
    dda0: 00000000 c215df3c c215ddc8 00000000 c215c000 00000000 c215deb4 c215ddc8
    ddc0: c02b6668 c0320c24 c00b4d8c c01baa6c 00000000 00000001 ffffffff 00000000
    dde0: 00000000 00000000 00000000 00000000 c3c5f0c0 c215de28 00000000 00000000
    de00: c00a76ac c3c5f0c0 c0055b8c c215de0c c215de0c c215dedc c318ac00 c215c000
    de20: c215de58 c215de30 c00b4d8c c01baa6c c3911680 c045d048 c215de64 c215de48
    de40: c00715ac c0070f20 c3911680 c215dec8 c3017000 ffffff9c c215de74 c215de68
    de60: c0071678 00000029 c3983600 c215de78 c215dd80 c215df3c c215df64 00004000
    de80: c215df60 00000029 c215deb4 c215de98 c02b5dcc c02b5024 c3983600 00004000
    dea0: 000ad188 00000029 c215df8c c215deb8 c02b6950 c02b65c8 c215dee4 c215dec8
    dec0: 00000000 00000000 c318ac00 c39b9100 c0044b4c c0037d10 c215defc 00000000
    dee0: c360ba80 00000105 00000001 00000000 c215df94 c391a440 c04506f0 000001b6
    df00: c215df3c c215df10 00000004 000001b6 c3b0c180 00000001 c04506f0 c050e200
    df20: c215df5c c215df30 c0098ce0 c01c5378 c215df5c c215df40 c009a2d0 00000000
    df40: 00000000 c215df58 00000001 00000000 00000000 00004000 000ad188 00000029
    df60: 00000000 fffffff7 00000000 401fba30 00001a30 00000121 c002a044 00000254
    df80: c215dfa4 c215df90 c02b6994 c02b68ac 00000000 00000000 00000000 c215dfa8
    dfa0: c0029ec0 c02b6984 00000000 401fba30 00000003 000ad188 00000029 00004000
    dfc0: 00000000 401fba30 00001a30 00000121 401fa000 ffffffff 00000254 00000000
    dfe0: 00000013 bea08bb8 401934f0 4019801c 60000010 00000003 00000000 00000000
    Backtrace:
    [<c0098d34>] (kmem_cache_alloc+0x0/0xa8) from [<c02be248>] (__alloc_skb+0x34/0x108)
    [<c02be214>] (__alloc_skb+0x0/0x108) from [<c02b9260>] (sock_alloc_send_pskb+0xa0/0x2f4)
    [<c02b91c0>] (sock_alloc_send_pskb+0x0/0x2f4) from [<c02b94d4>] (sock_alloc_send_skb+0x20/0x28)
    [<c02b94b4>] (sock_alloc_send_skb+0x0/0x28) from [<c0320d88>] (unix_dgram_sendmsg+0x174/0x518)
    [<c0320c14>] (unix_dgram_sendmsg+0x0/0x518) from [<c02b6668>] (sock_sendmsg+0xb0/0xd0)
    [<c02b65b8>] (sock_sendmsg+0x0/0xd0) from [<c02b6950>] (sys_sendto+0xb4/0xd8)
     r7:00000029 r6:000ad188 r5:00004000 r4:c3983600
    [<c02b689c>] (sys_sendto+0x0/0xd8) from [<c02b6994>] (sys_send+0x20/0x28)
    [<c02b6974>] (sys_send+0x0/0x28) from [<c0029ec0>] (ret_fast_syscall+0x0/0x28)
    Code: e5945080 e5948090 e3550000 1594308c (17953103)
    ---[ end trace 21ee417f2245a490 ]---
    Unable to handle kernel paging request at virtual address 47000015
    pgd = c3ed4000
    [47000015] *pgd=00000000
    Internal error: Oops: 1 [#3] PREEMPT
    Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000
    CPU: 0    Tainted: G      D     (2.6.32-rc2-davinci1-svn3116 #259)
    PC is at fget_light+0x64/0xf8
    LR is at fget_light+0x60/0xf8
    pc : [<c009d45c>]    lr : [<c009d458>]    psr: 20000013
    sp : c3db5f60  ip : c3db5f60  fp : c3db5f7c
    r10: 00000000  r9 : c3db4000  r8 : c002a044
    r7 : 00000036  r6 : c3db5f84  r5 : 00000006  r4 : c3e56c00
    r3 : 00000002  r2 : 47000015  r1 : 00000000  r0 : 00000001
    Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
    Control: 0005317f  Table: 83ed4000  DAC: 00000015
    Process tsif_mmap_buffe (pid: 2105, stack limit = 0xc3db4270)
    Stack: (0xc3db5f60 to 0xc3db6000)
    5f60: 00000006 00000000 0000531e 00000036 c3db5fa4 c3db5f80 c00aa824 c009d408
    5f80: 00000000 00000000 4198f4d8 4198f490 4002c550 00000036 00000000 c3db5fa8
    5fa0: c0029ec0 c00aa810 4198f4d8 4198f490 00000006 0000531e 00000000 00000006
    5fc0: 4198f4d8 4198f490 4002c550 00000036 003d0f00 400383d8 00000000 4198ee24
    5fe0: 00000152 4198ee10 00009f00 40115aec 80000010 00000006 00520006 0000002d
    Backtrace:
    [<c009d3f8>] (fget_light+0x0/0xf8) from [<c00aa824>] (sys_ioctl+0x24/0x64)
     r7:00000036 r6:0000531e r5:00000000 r4:00000006
    [<c00aa800>] (sys_ioctl+0x0/0x64) from [<c0029ec0>] (ret_fast_syscall+0x0/0x28)
     r7:00000036 r6:4002c550 r5:4198f490 r4:4198f4d8
    Code: ea000022 e3a00001 ebfe6a5b e5942004 (e5923000)
    ---[ end trace 21ee417f2245a491 ]---
    note: tsif_mmap_buffe[2105] exited with preempt_count 1
    BUG: scheduling while atomic: tsif_mmap_buffe/2105/0x40000002
    Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000
    Backtrace:
    [<c002d7e8>] (dump_backtrace+0x0/0x114) from [<c0349374>] (dump_stack+0x18/0x1c)
     r7:c3cca370 r6:c30bba80 r5:00000000 r4:00000000
    [<c034935c>] (dump_stack+0x0/0x1c) from [<c0037c68>] (__schedule_bug+0x54/0x60)
    [<c0037c14>] (__schedule_bug+0x0/0x60) from [<c0349674>] (schedule+0x84/0x380)
     r5:00000000 r4:c30bba80
    [<c03495f0>] (schedule+0x0/0x380) from [<c0038008>] (__cond_resched+0x18/0x24)
    [<c0037ff0>] (__cond_resched+0x0/0x24) from [<c0349a8c>] (_cond_resched+0x34/0x44)
    [<c0349a58>] (_cond_resched+0x0/0x44) from [<c0089010>] (__get_user_pages+0x230/0x244)
    [<c0088de0>] (__get_user_pages+0x0/0x244) from [<c008912c>] (get_user_pages+0x58/0x60)
    [<c00890d4>] (get_user_pages+0x0/0x60) from [<c0084a6c>] (get_user_pages_fast+0x68/0x80)
     r5:00000000 r4:c3db4000
    [<c0084a04>] (get_user_pages_fast+0x0/0x80) from [<c006353c>] (get_futex_key+0xa4/0x164)
    [<c0063498>] (get_futex_key+0x0/0x164) from [<c0063ce8>] (futex_wake+0x50/0x134)
    [<c0063c98>] (futex_wake+0x0/0x134) from [<c00656e0>] (do_futex+0xe4/0xd10)
     r8:00000000 r7:00000001 r6:00000000 r5:00000000 r4:00000001
    [<c00655fc>] (do_futex+0x0/0xd10) from [<c006645c>] (sys_futex+0x150/0x164)
    [<c006630c>] (sys_futex+0x0/0x164) from [<c003ced4>] (mm_release+0x90/0xa0)
    [<c003ce44>] (mm_release+0x0/0xa0) from [<c0040e4c>] (exit_mm+0x20/0x158)
     r7:c3db5f18 r6:c214e300 r5:c30bba80 r4:0000000b
    [<c0040e2c>] (exit_mm+0x0/0x158) from [<c004295c>] (do_exit+0x19c/0x684)
     r7:c3db5f18 r6:c30bba80 r5:c30bba80 r4:0000000b
    [<c00427c0>] (do_exit+0x0/0x684) from [<c002db98>] (die+0x17c/0x19c)
    [<c002da1c>] (die+0x0/0x19c) from [<c002f628>] (__do_kernel_fault+0x6c/0x7c)
    [<c002f5bc>] (__do_kernel_fault+0x0/0x7c) from [<c002f884>] (do_bad_area+0x64/0x70)
     r7:00000000 r6:00000000 r5:00000000 r4:e5923000
    [<c002f820>] (do_bad_area+0x0/0x70) from [<c00315b4>] (do_alignment+0x5ac/0x700)
    [<c0031008>] (do_alignment+0x0/0x700) from [<c0029288>] (do_DataAbort+0x3c/0x9c)
    [<c002924c>] (do_DataAbort+0x0/0x9c) from [<c0029a6c>] (__dabt_svc+0x4c/0x60)
    Exception stack(0xc3db5f18 to 0xc3db5f60)
    5f00:                                                       00000001 00000000
    5f20: 47000015 00000002 c3e56c00 00000006 c3db5f84 00000036 c002a044 c3db4000
    5f40: 00000000 c3db5f7c c3db5f60 c3db5f60 c009d458 c009d45c 20000013 ffffffff
     r8:c002a044 r7:00000036 r6:c3db5f84 r5:c3db5f4c r4:ffffffff
    [<c009d3f8>] (fget_light+0x0/0xf8) from [<c00aa824>] (sys_ioctl+0x24/0x64)
     r7:00000036 r6:0000531e r5:00000000 r4:00000006
    [<c00aa800>] (sys_ioctl+0x0/0x64) from [<c0029ec0>] (ret_fast_syscall+0x0/0x28)
     r7:00000036 r6:4002c550 r5:4198f490 r4:4198f4d8

  • Hi Nageswari,

    When we tried with CONFIG_PREEMPT, it crashed. Following is the log.

    Regards,

    -Sheetal.

    28/03/2011 08:37:12::MONITOR::[9] Ping to MC
    Unable to handle kernel paging request at virtual address 2701cb11
    pgd = c21e8000
    [2701cb11] *pgd=00000000
    Internal error: Oops: 1 [#1]
    Modules linked in: dsplinkk cmemk tsif_data tsif_control SI2165 xc5000 fpga_ci
    CPU: 0    Not tainted  (2.6.32-rc2-davinci1-svn3116 #258)
    PC is at kmem_cache_alloc+0x38/0x98
    LR is at __alloc_skb+0x34/0x108
    pc : [<c008e850>]    lr : [<c02a9604>]    psr: 20000093
    sp : c043bdd8  ip : c043be00  fp : c043bdfc
    r10: 00000000  r9 : 00000000  r8 : c02aa258
    r7 : 000000c0  r6 : 00000020  r5 : 60000093  r4 : 2701cb11
    r3 : 00000000  r2 : 00000000  r1 : 00000020  r0 : c043c128
    Flags: nzCv  IRQs off  FIQs on  Mode SVC_32  ISA ARM  Segment kernel
    Control: 0005317f  Table: 821e8000  DAC: 00000017
    Process swapper (pid: 0, stack limit = 0xc043a270)
    Stack: (0xc043bdd8 to 0xc043c000)
    bdc0:                                                       00000000 463476e8
    bde0: fec83f80 00000020 00000614 c043c128 c043be24 c043be00 c02a9604 c008e828
    be00: fec83f80 c31dc000 c31dc2e0 000005f4 c043be8c c000004a c043be34 c043be28
    be20: c02aa258 c02a95e0 c043be5c c043be38 c0228e14 c02aa248 fec83f80 c30bac00
    be40: c31dc2e0 00000001 80000013 00000000 c043bebc c043be60 c0229fe8 c0228e00
    be60: 000000ff c0443a48 0b8162e9 00000040 c31dc2ec c31dc000 c31dc210 00000001
    be80: 00000000 c04719e0 000000fe 000050d2 c043bedc c31dc2ec 00000040 0000000c
    bea0: 00000001 00000000 ffffee81 0000012c c043beec c043bec0 c02b08ec c0229dd4
    bec0: 000065f2 00000100 c043a000 0000000c 00000001 00000003 0000000a c0470480
    bee0: c043bf24 c043bef0 c004279c c02b0870 c04449b0 00000019 c360e0c0 00000019
    bf00: 00000000 c0024e14 c043e388 80023544 41069265 80023510 c043bf34 c043bf28
    bf20: c0042870 c0042728 c043bf4c c043bf38 c0029074 c0042838 ffffffff fec48000
    bf40: c043bfa4 c043bf50 c0029a78 c0029010 00000000 0005317f 0005217f 60000013
    bf60: c043a000 c046b63c c0024e14 c043e388 80023544 41069265 80023510 c043bfa4
    bf80: 600000d3 c043bf98 c002a8d4 c002a8e0 60000013 ffffffff c043bfbc c043bfa8
    bfa0: c002ae24 c002a8bc c047fc74 c046b63c c043bfcc c043bfc0 c032d06c c002adbc
    bfc0: c043bff4 c043bfd0 c00089a4 c032d020 c00084ec 00000000 00000000 c0024e18
    bfe0: 00053175 c046b6e4 00000000 c043bff8 80008034 c000875c 00000000 00000000
    Backtrace:
    [<c008e818>] (kmem_cache_alloc+0x0/0x98) from [<c02a9604>] (__alloc_skb+0x34/0x108)
     r7:c043c128 r6:00000614 r5:00000020 r4:fec83f80
    [<c02a95d0>] (__alloc_skb+0x0/0x108) from [<c02aa258>] (dev_alloc_skb+0x20/0x44)
    [<c02aa238>] (dev_alloc_skb+0x0/0x44) from [<c0228e14>] (emac_net_alloc_rx_buf+0x24/0xa8)
    [<c0228df0>] (emac_net_alloc_rx_buf+0x0/0xa8) from [<c0229fe8>] (emac_poll+0x224/0x5a0)
     r9:00000000 r8:80000013 r7:00000001 r6:c31dc2e0 r5:c30bac00
    r4:fec83f80
    [<c0229dc4>] (emac_poll+0x0/0x5a0) from [<c02b08ec>] (net_rx_action+0x8c/0x1bc)
    [<c02b0860>] (net_rx_action+0x0/0x1bc) from [<c004279c>] (__do_softirq+0x84/0x110)
    [<c0042718>] (__do_softirq+0x0/0x110) from [<c0042870>] (irq_exit+0x48/0x94)
    [<c0042828>] (irq_exit+0x0/0x94) from [<c0029074>] (asm_do_IRQ+0x74/0x8c)
    [<c0029000>] (asm_do_IRQ+0x0/0x8c) from [<c0029a78>] (__irq_svc+0x38/0x80)
    Exception stack(0xc043bf50 to 0xc043bf98)
    bf40:                                     00000000 0005317f 0005217f 60000013
    bf60: c043a000 c046b63c c0024e14 c043e388 80023544 41069265 80023510 c043bfa4
    bf80: 600000d3 c043bf98 c002a8d4 c002a8e0 60000013 ffffffff                  
     r5:fec48000 r4:ffffffff
    [<c002a8ac>] (default_idle+0x0/0x38) from [<c002ae24>] (cpu_idle+0x78/0xd4)
    [<c002adac>] (cpu_idle+0x0/0xd4) from [<c032d06c>] (rest_init+0x5c/0x70)
     r5:c046b63c r4:c047fc74
    [<c032d010>] (rest_init+0x0/0x70) from [<c00089a4>] (start_kernel+0x258/0x2b0)
    [<c000874c>] (start_kernel+0x0/0x2b0) from [<80008034>] (0x80008034)
    Code: e5904080 e5907090 e3540000 1590308c (17943103)
    Kernel panic - not syncing: Fatal exception in interrupt
    Backtrace:
    [<c002d69c>] (dump_backtrace+0x0/0x114) from [<c032f5e4>] (dump_stack+0x18/0x1c)
     r7:c043bd90 r6:c043d6b8 r5:c043a000 r4:c046bb50
    [<c032f5cc>] (dump_stack+0x0/0x1c) from [<c032f634>] (panic+0x4c/0x11c)
    [<c032f5e8>] (panic+0x0/0x11c) from [<c002d930>] (die+0x144/0x170)
     r3:00000100 r2:c043bc48 r1:c046bb50 r0:c03cb491
    [<c002d7ec>] (die+0x0/0x170) from [<c002f118>] (__do_kernel_fault+0x6c/0x7c)
    [<c002f0ac>] (__do_kernel_fault+0x0/0x7c) from [<c002f368>] (do_bad_area+0x64/0x70)
     r7:00000000 r6:00000000 r5:00000000 r4:17943103
    [<c002f304>] (do_bad_area+0x0/0x70) from [<c0030f60>] (do_alignment+0x5ac/0x700)
    [<c00309b4>] (do_alignment+0x0/0x700) from [<c002925c>] (do_DataAbort+0x3c/0x9c)
    [<c0029220>] (do_DataAbort+0x0/0x9c) from [<c0029a2c>] (__dabt_svc+0x4c/0x60)
    Exception stack(0xc043bd90 to 0xc043bdd8)
    bd80:                                     c043c128 00000020 00000000 00000000
    bda0: 2701cb11 60000093 00000020 000000c0 c02aa258 00000000 00000000 c043bdfc
    bdc0: c043be00 c043bdd8 c02a9604 c008e850 20000093 ffffffff                  
     r8:c02aa258 r7:000000c0 r6:00000020 r5:c043bdc4 r4:ffffffff
    [<c008e818>] (kmem_cache_alloc+0x0/0x98) from [<c02a9604>] (__alloc_skb+0x34/0x108)
     r7:c043c128 r6:00000614 r5:00000020 r4:fec83f80
    [<c02a95d0>] (__alloc_skb+0x0/0x108) from [<c02aa258>] (dev_alloc_skb+0x20/0x44)
    [<c02aa238>] (dev_alloc_skb+0x0/0x44) from [<c0228e14>] (emac_net_alloc_rx_buf+0x24/0xa8)
    [<c0228df0>] (emac_net_alloc_rx_buf+0x0/0xa8) from [<c0229fe8>] (emac_poll+0x224/0x5a0)
     r9:00000000 r8:80000013 r7:00000001 r6:c31dc2e0 r5:c30bac00
    r4:fec83f80
    [<c0229dc4>] (emac_poll+0x0/0x5a0) from [<c02b08ec>] (net_rx_action+0x8c/0x1bc)
    [<c02b0860>] (net_rx_action+0x0/0x1bc) from [<c004279c>] (__do_softirq+0x84/0x110)
    [<c0042718>] (__do_softirq+0x0/0x110) from [<c0042870>] (irq_exit+0x48/0x94)
    [<c0042828>] (irq_exit+0x0/0x94) from [<c0029074>] (asm_do_IRQ+0x74/0x8c)
    [<c0029000>] (asm_do_IRQ+0x0/0x8c) from [<c0029a78>] (__irq_svc+0x38/0x80)
    Exception stack(0xc043bf50 to 0xc043bf98)
    bf40:                                     00000000 0005317f 0005217f 60000013
    bf60: c043a000 c046b63c c0024e14 c043e388 80023544 41069265 80023510 c043bfa4
    bf80: 600000d3 c043bf98 c002a8d4 c002a8e0 60000013 ffffffff                  
     r5:fec48000 r4:ffffffff
    [<c002a8ac>] (default_idle+0x0/0x38) from [<c002ae24>] (cpu_idle+0x78/0xd4)
    [<c002adac>] (cpu_idle+0x0/0xd4) from [<c032d06c>] (rest_init+0x5c/0x70)
     r5:c046b63c r4:c047fc74
    [<c032d010>] (rest_init+0x0/0x70) from [<c00089a4>] (start_kernel+0x258/0x2b0)
    [<c000874c>] (start_kernel+0x0/0x2b0) from [<80008034>] (0x80008034)

  • Sheetal,

    As per your message, "When we tried with CONFIG_PREEMPT, it crashed. Following is the log..."

    But you need to disable CONFIG_PREEMPT.

    You need to select "No forced Preemption (Server)" in the kernel features instead of CONFIG_PREEMPT.

    Cna you try with this option?

    Your .config should look like this...

    CONFIG_PREEMPT_NONE=y
    # CONFIG_PREEMPT_VOLUNTARY is not set
    # CONFIG_PREEMPT is not set


    Regards

    Nageswari

  • Hi Nageswari,

    That was a typo. We have tried "without" CONFIG_PREEMPT. and the log corresponds to the same.

    Regards,

    -Sheetal.

  • Sheetal,

    One more question? In your earlier mails you said that PMT IOCTL freezes for ever but you also mentioned that you are using bypass mode.

    There is no support for PAT or PMT detection in bypass mode. PAT/PMT IOCTL can be used only in the PID filter enable mode (Semi automatic A/B or fully automatic)

    Can you clarify whether you are using PAT or PMT detection IOCTL in bypass mode?

     

    Regards,

    Nageswari

  • Nageswari,

    We are aware of most of the limitations of using the tsif port after having tried it for so long.

    It is like this:

    1. PAT detection in Semi A

    2. PMT detection in Semi A

    3. Reconfigure to change the mode to bypass and use it for SDT detection and so on.

    If the input signal is bad, irrespective of whether it is semi A or bypass - which means PAT/PMT detection or otherwise, it crashes.

    Regards,

    -Sheetal.

     

  • Sheetal,

    I was having problems with my TSIF ISR too.  I found that there two problems:

    1.  Printk's inside the ISR were causing too much delay and I was missing ISRs.  If you can try to comment those out.  Mine worked a ton better when I did.

    2.  The ISR needs to be non-interruptable.  When I ported the driver from a 2.4 kernel to 2.6, I did not catch this point right away.  When you request_irq, make sure you pass flag IRQF_DISABLED.  I found without this that my ISR was getting stuck in a race condition similar to what you describe above.

    Hope this helps!  Good luck.

    Brandy

  • Thanks Brandy for your response.

    >> 1.  Printk's inside the ISR were causing too much delay and I was missing ISRs.  If you can try to comment those out.  Mine worked a ton better when I did.

    There are no printks to remove in the port that we have :(

    >> 2.  The ISR needs to be non-interruptable.  When I ported the driver from a 2.4 kernel to 2.6, I did not catch this point right away.  When you request_irq, make sure you pass flag IRQF_DISABLED. 

    We already have it set to IRQF_DISABLED.

    Please let us know if there are any other suggestions. This is really important.

    Regards,

    -Sheetal.

  • What did you change your virtual address in tsif.h?  Maybe that is not correct since it looks like a paging error of some sorts?

    Heres what we are using:

    /* TSIF Base Address */
    #define TSIF_BASE       0x01C13000
    #define TSIF_VIRT_BASE  0xfec13000 

    We haven't seen a crash like this yet, although it should be easy to try - what do you mean by bad input data?  bits too long or too short?  Or the enable line goes away? 

  • Sheetal,

    Can you use GET_RX_BUF_STATUS to get the read/write poniters for every 1/3rd buffer read to the application in error and no-error condition.

    This can give a clue if there is any corner case exposed in  the driver or any issue with the memory handling in the application as the same buffer memory is used by application. 

    I would also request you to review the application for any errors....

    Regards,

    Nageswari

     

     

  • Nageswari and Sheetal,

    As you know, I have been following this post becuase it seems my post is not getting answered.  I apologize for "crashing the party" as we say and interrupting this post, but Nagaswari, is there any chance you can answer some of my questions here? Sudhakar started replying but I am not sure he is not anymore.

    http://e2e.ti.com/support/embedded/f/354/p/101262/360659.aspx#360659

    I have also tried what you suggested about GET_RX_BUF_STATUS becuase I think my application pointer keeps moving while the driver pointer lags behind (or maybe the opposite).  However, the pointers returned from this call are driver pointers - what function can I use to change these pointers to user space so that I can sychronize my application with the driver?

    Brandy

  • 2768.pro-arm-davinci-tsif-free-pages.patch.txtSheetal,

    There was one patch fix made on top of existing TSIF driver (MVL Pro 4 - 2.6.10 based) for freeing buffers during TSIF close.

    I am attaching this patch for your reference and you need to add this to your latest port.

    Since you are configuring the driver in Semi_Automatic A for getting PAT and PMT and later switching to bypass mode, this patch might be helpful.

    I assume you are following the below sequence...

    Step 1: TSIF_OPEN->Config for Semi_Auto(A)->Get PAT/PMT->TSIFClose

    Step2: TSIF_OPEN->Config for bypass->Get data in app->Close

    Can you modify your application to call the new IOCTL for freeing the buffer memory before opening it again for bypass mode. if you already have this code, then as I told in the previous post, please debug it in the app layer....

    Regards,

    Nageswari

     

     

     

  • Brandy,

    I will reply to your original post.


    Regards,

    Nageswari

  • Hi Nageswari,

    We already have this patch.

    As for the application, we have also tried with the sample application that came with the EVM. (tsif_mmap_buffer.c).

    We have modified the code a bit to run it continuously till the application is terminated. Original application exits after collecting a few bytes that are provided as a parameter to the application. Also, there is no PAT/PMT detection in this. It is just calling the TSIF_RX_COMPLETE in bypass mode. Last few logs are from this application itself. It shows the same behavior.

    Regards,

    -Sheetal.