* mmc oops on suspend - remove device
@ 2013-08-10 16:10 Alban Browaeys
2013-08-12 7:08 ` Jaehoon Chung
2013-08-12 7:25 ` Seungwon Jeon
0 siblings, 2 replies; 4+ messages in thread
From: Alban Browaeys @ 2013-08-10 16:10 UTC (permalink / raw)
To: linux-mmc; +Cc: Chris Ball
The oops spots commit add710e , though I cannot tell if the commit is
at fault. That is could card from md->queue.card be null and then checks
are missing before dereference or is the issue that card is null when it
ought not.
This happens when I do :
# echo "mem" > /sys/power/state
mmc1 is emmc that can be detached:
dts (derived from exynos4412-odroidx and exynos4412-origen)
mshc@12550000 {
#address-cells = <1>;
#size-cells = <0>;
pinctrl-0 = <&sd4_clk &sd4_cmd &sd4_cd &sd4_bus8>;
pinctrl-names = "default";
vmmc-supply = <&ldo20_reg &buck8_reg>;
status = "okay";
num-slots = <1>;
supports-highspeed;
broken-cd;
fifo-depth = <0x80>;
card-detect-delay = <200>;
samsung,dw-mshc-ciu-div = <3>;
samsung,dw-mshc-sdr-timing = <2 3>;
samsung,dw-mshc-ddr-timing = <1 2>;
samsung,dw-mshc-hwreset-gpio = <&gpk1 2 1>;
slot@0 {
reg = <0>;
bus-width = <8>;
};
};
ie drivers/mmc/host/dw_mmc-exynos.c
The commit that produce the issue
commit add710eaa88606de8ba98a014d37178579e6dbaf
Author: Johan Rudholm <johan.rudholm@stericsson.com>
Date: Fri Dec 2 08:51:06 2011 +0100
mmc: boot partition ro lock support
Enable boot partitions to be read-only locked until next power on
via
a sysfs entry. There will be one sysfs entry for each boot
partition:
/sys/block/mmcblkXbootY/ro_lock_until_next_power_on
Each boot partition is locked by writing 1 to its file.
Signed-off-by: Johan Rudholm <johan.rudholm@stericsson.com>
Signed-off-by: John Beckett <john.beckett@stericsson.com>
Signed-off-by: Chris Ball <cjb@laptop.org>
Oops:
Unable to handle kernel NULL pointer dereference at virtual address 000002a8
pgd = ecd9c000
[000002a8] *pgd=6d082831, *pte=00000000, *ppte=00000000
Internal error: Oops: 17 [#1] SMP ARM
Modules linked in: bnep rfcomm smsc95xx usbnet mii bluetooth nfsd lockd nfs_acl exportfs auth_rpcgss sunrpc oid_registry vfat fat btrfs raid6_pq xor zlib_deflate
CPU: 3 PID: 2384 Comm: bash Not tainted 3.11.0-rc4-00869-ga7143f1-dirty #60
task: c46d9b00 ti: ecefc000 task.ti: ecefc000
PC is at mmc_blk_remove_req+0x58/0x88
LR is at _raw_spin_unlock_irqrestore+0xc/0x14
pc : [<c034e7d8>] lr : [<c0494ac8>] psr: 200f0053
sp : ecefddf8 ip : 00000000 fp : 000dc1e8
r10: c058ead8 r9 : ecce3f18 r8 : 00100100
r7 : 00200200 r6 : c26b7118 r5 : 00000000 r4 : c26b1dc0
r3 : 00000002 r2 : 00000000 r1 : 200f0053 r0 : 00000000
Flags: nzCv IRQs on FIQs off Mode SVC_32 ISA ARM Segment user
Control: 10c5387d Table: 6cd9c04a DAC: 00000015
Process bash (pid: 2384, stack limit = 0xecefc240)
Stack: (0xecefddf8 to 0xecefe000)
dde0: c26b2058 c26b6898
de00: c26b6898 c03512d0 d2623180 d2623188 c06bb90c c26b06d8 c26b6e80 c0351308
de20: 00000000 c0494ac8 d2623188 c06bbd54 c06bb90c c26b06d8 00000003 c034409c
de40: c0344084 c0265a20 c46d9b00 d26231bc d2623188 c0265a88 00000000 d2623188
de60: c479aafc c0265410 d2623188 c26b0448 00000001 c0262c04 d2623188 c26b0440
de80: 00000001 c034463c c26b0440 c0345124 c26b060c c0343fb0 c0343f1c fffffffc
dea0: c06bb3f8 00000000 00000000 c00413b4 c0690fec ffffffff 00000000 00000003
dec0: 00000004 c00417b4 00000000 c0497a70 00000003 00000003 c06c5a60 c0497a70
dee0: 00000003 c00417e4 00000000 00000003 c06c5a60 c0059d48 00000000 c005aa9c
df00: ed366000 00000003 c0497a70 c0059a68 00000004 ecefdf80 ecce3f00 d27f6d20
df20: 00000004 d27f5e80 c04b06b8 c01d610c 00000004 c012b224 ed0ee000 00000004
df40: 000af408 ecefdf80 00000000 00000000 00000000 c00d59d4 c4607900 00000001
df60: 0000000a ed0ee000 00000000 000af408 00000004 00000000 00000000 c00d5d3c
df80: 00000000 00000000 00000000 b6e98a78 00000004 000af408 00000004 c000ebc8
dfa0: ecefc000 c000ea20 b6e98a78 00000004 00000001 000af408 00000004 00000000
dfc0: b6e98a78 00000004 000af408 00000004 be9c596c 000a6094 00000000 000dc1e8
dfe0: 00000000 be9c58ec b6e07747 b6e3f11c 40070050 00000001 429a2201 8108f000
[<c034e7d8>] (mmc_blk_remove_req+0x58/0x88) from [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8)
[<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8) from [<c0351308>] (mmc_blk_remove+0x20/0x128)
[<c0351308>] (mmc_blk_remove+0x20/0x128) from [<c034409c>] (mmc_bus_remove+0x18/0x20)
[<c034409c>] (mmc_bus_remove+0x18/0x20) from [<c0265a20>] (__device_release_driver+0x7c/0xc8)
[<c0265a20>] (__device_release_driver+0x7c/0xc8) from [<c0265a88>] (device_release_driver+0x1c/0x28)
[<c0265a88>] (device_release_driver+0x1c/0x28) from [<c0265410>] (bus_remove_device+0x100/0x11c)
[<c0265410>] (bus_remove_device+0x100/0x11c) from [<c0262c04>] (device_del+0x110/0x174)
[<c0262c04>] (device_del+0x110/0x174) from [<c034463c>] (mmc_remove_card+0x64/0x78)
[<c034463c>] (mmc_remove_card+0x64/0x78) from [<c0345124>] (mmc_remove+0x24/0x30)
[<c0345124>] (mmc_remove+0x24/0x30) from [<c0343fb0>] (mmc_pm_notify+0x94/0xf8)
[<c0343fb0>] (mmc_pm_notify+0x94/0xf8) from [<c00413b4>] (notifier_call_chain+0x44/0x84)
[<c00413b4>] (notifier_call_chain+0x44/0x84) from [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60)
[<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60) from [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20)
[<c00417e4>] (blocking_notifier_call_chain+0x18/0x20) from [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c)
[<c0059d48>] (pm_notifier_call_chain+0x14/0x2c) from [<c005aa9c>] (pm_suspend+0xac/0x24c)
[<c005aa9c>] (pm_suspend+0xac/0x24c) from [<c0059a68>] (state_store+0xb0/0xc4)
[<c0059a68>] (state_store+0xb0/0xc4) from [<c01d610c>] (kobj_attr_store+0x14/0x20)
[<c01d610c>] (kobj_attr_store+0x14/0x20) from [<c012b224>] (sysfs_write_file+0x118/0x164)
[<c012b224>] (sysfs_write_file+0x118/0x164) from [<c00d59d4>] (vfs_write+0xd8/0x178)
[<c00d59d4>] (vfs_write+0xd8/0x178) from [<c00d5d3c>] (SyS_write+0x40/0x68)
[<c00d5d3c>] (SyS_write+0x40/0x68) from [<c000ea20>] (ret_fast_syscall+0x0/0x30)
Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
decodecode:
Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
All code
========
0: ebfc509b bl 0xfff14274
4: e59432dc ldr r3, [r4, #732] ; 0x2dc
8: e3130002 tst r3, #2
c: 0a000006 beq 0x2c
10:* e5d532a8 ldrb r3, [r5, #680] ; 0x2a8 <-- trapping instruction
Code starting with the faulting instruction
===========================================
0: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
from objdump -S:
static void mmc_blk_remove_req(struct mmc_blk_data *md)
{
c034e780: e92d4038 push {r3, r4, r5, lr}
struct mmc_card *card;
if (md) {
c034e784: e2504000 subs r4, r0, #0
c034e788: 08bd8038 popeq {r3, r4, r5, pc}
/*
* Flush remaining requests and free queues. It
* is freeing the queue that stops new requests
* from being accepted.
*/
mmc_cleanup_queue(&md->queue);
c034e78c: e2845014 add r5, r4, #20
c034e790: e1a00005 mov r0, r5
c034e794: eb000e2b bl c0352048 <mmc_cleanup_queue>
if (md->flags & MMC_BLK_PACKED_CMD)
c034e798: e59432a0 ldr r3, [r4, #672] ; 0x2a0
c034e79c: e3130004 tst r3, #4
c034e7a0: 0a000001 beq c034e7ac <mmc_blk_remove_req+0x2c>
mmc_packed_clean(&md->queue);
c034e7a4: e1a00005 mov r0, r5
c034e7a8: eb000df6 bl c0351f88 <mmc_packed_clean>
card = md->queue.card;
if (md->disk->flags & GENHD_FL_UP) {
c034e7ac: e5940010 ldr r0, [r4, #16]
* from being accepted.
*/
mmc_cleanup_queue(&md->queue);
if (md->flags & MMC_BLK_PACKED_CMD)
mmc_packed_clean(&md->queue);
card = md->queue.card;
c034e7b0: e5945014 ldr r5, [r4, #20]
if (md->disk->flags & GENHD_FL_UP) {
c034e7b4: e5903244 ldr r3, [r0, #580] ; 0x244
c034e7b8: e3130010 tst r3, #16
c034e7bc: 0a00000e beq c034e7fc <mmc_blk_remove_req+0x7c>
device_remove_file(disk_to_dev(md->disk), &md->force_ro);
c034e7c0: e2800068 add r0, r0, #104 ; 0x68
c034e7c4: e2841faf add r1, r4, #700 ; 0x2bc
c034e7c8: ebfc509b bl c0262a3c <device_remove_file>
if ((md->area_type & MMC_BLK_DATA_AREA_BOOT) &&
c034e7cc: e59432dc ldr r3, [r4, #732] ; 0x2dc
c034e7d0: e3130002 tst r3, #2
c034e7d4: 0a000006 beq c034e7f4 <mmc_blk_remove_req+0x74>
c034e7d8: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
c034e7dc: e3530000 cmp r3, #0
c034e7e0: 0a000003 beq c034e7f4 <mmc_blk_remove_req+0x74>
card->ext_csd.boot_ro_lockable)
device_remove_file(disk_to_dev(md->disk),
c034e7e4: e5940010 ldr r0, [r4, #16]
that is r5 is "card = md->queue.card;" and is null, then on
card->ext_csd.boot_ro_lockable oops ensue.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: mmc oops on suspend - remove device
2013-08-10 16:10 mmc oops on suspend - remove device Alban Browaeys
@ 2013-08-12 7:08 ` Jaehoon Chung
2013-08-12 13:00 ` Alban Browaeys
2013-08-12 7:25 ` Seungwon Jeon
1 sibling, 1 reply; 4+ messages in thread
From: Jaehoon Chung @ 2013-08-12 7:08 UTC (permalink / raw)
To: Alban Browaeys; +Cc: linux-mmc, Chris Ball
Hi, Alban.
I think that it needs be set to "non-removable" for emmc.
If emmc is set to removable, it should be removed when entered suspend.
Best Regards,
Jaehoon Chung
On 08/11/2013 01:10 AM, Alban Browaeys wrote:
>
> The oops spots commit add710e , though I cannot tell if the commit is
> at fault. That is could card from md->queue.card be null and then checks
> are missing before dereference or is the issue that card is null when it
> ought not.
> This happens when I do :
> # echo "mem" > /sys/power/state
>
> mmc1 is emmc that can be detached:
>
> dts (derived from exynos4412-odroidx and exynos4412-origen)
> mshc@12550000 {
> #address-cells = <1>;
> #size-cells = <0>;
> pinctrl-0 = <&sd4_clk &sd4_cmd &sd4_cd &sd4_bus8>;
> pinctrl-names = "default";
> vmmc-supply = <&ldo20_reg &buck8_reg>;
> status = "okay";
>
> num-slots = <1>;
> supports-highspeed;
> broken-cd;
> fifo-depth = <0x80>;
> card-detect-delay = <200>;
> samsung,dw-mshc-ciu-div = <3>;
> samsung,dw-mshc-sdr-timing = <2 3>;
> samsung,dw-mshc-ddr-timing = <1 2>;
> samsung,dw-mshc-hwreset-gpio = <&gpk1 2 1>;
>
> slot@0 {
> reg = <0>;
> bus-width = <8>;
> };
> };
>
> ie drivers/mmc/host/dw_mmc-exynos.c
>
>
> The commit that produce the issue
> commit add710eaa88606de8ba98a014d37178579e6dbaf
> Author: Johan Rudholm <johan.rudholm@stericsson.com>
> Date: Fri Dec 2 08:51:06 2011 +0100
>
> mmc: boot partition ro lock support
>
> Enable boot partitions to be read-only locked until next power on
> via
> a sysfs entry. There will be one sysfs entry for each boot
> partition:
>
> /sys/block/mmcblkXbootY/ro_lock_until_next_power_on
>
> Each boot partition is locked by writing 1 to its file.
>
> Signed-off-by: Johan Rudholm <johan.rudholm@stericsson.com>
> Signed-off-by: John Beckett <john.beckett@stericsson.com>
> Signed-off-by: Chris Ball <cjb@laptop.org>
>
>
>
> Oops:
>
> Unable to handle kernel NULL pointer dereference at virtual address 000002a8
> pgd = ecd9c000
> [000002a8] *pgd=6d082831, *pte=00000000, *ppte=00000000
> Internal error: Oops: 17 [#1] SMP ARM
> Modules linked in: bnep rfcomm smsc95xx usbnet mii bluetooth nfsd lockd nfs_acl exportfs auth_rpcgss sunrpc oid_registry vfat fat btrfs raid6_pq xor zlib_deflate
> CPU: 3 PID: 2384 Comm: bash Not tainted 3.11.0-rc4-00869-ga7143f1-dirty #60
> task: c46d9b00 ti: ecefc000 task.ti: ecefc000
> PC is at mmc_blk_remove_req+0x58/0x88
> LR is at _raw_spin_unlock_irqrestore+0xc/0x14
> pc : [<c034e7d8>] lr : [<c0494ac8>] psr: 200f0053
> sp : ecefddf8 ip : 00000000 fp : 000dc1e8
> r10: c058ead8 r9 : ecce3f18 r8 : 00100100
> r7 : 00200200 r6 : c26b7118 r5 : 00000000 r4 : c26b1dc0
> r3 : 00000002 r2 : 00000000 r1 : 200f0053 r0 : 00000000
> Flags: nzCv IRQs on FIQs off Mode SVC_32 ISA ARM Segment user
> Control: 10c5387d Table: 6cd9c04a DAC: 00000015
> Process bash (pid: 2384, stack limit = 0xecefc240)
> Stack: (0xecefddf8 to 0xecefe000)
> dde0: c26b2058 c26b6898
> de00: c26b6898 c03512d0 d2623180 d2623188 c06bb90c c26b06d8 c26b6e80 c0351308
> de20: 00000000 c0494ac8 d2623188 c06bbd54 c06bb90c c26b06d8 00000003 c034409c
> de40: c0344084 c0265a20 c46d9b00 d26231bc d2623188 c0265a88 00000000 d2623188
> de60: c479aafc c0265410 d2623188 c26b0448 00000001 c0262c04 d2623188 c26b0440
> de80: 00000001 c034463c c26b0440 c0345124 c26b060c c0343fb0 c0343f1c fffffffc
> dea0: c06bb3f8 00000000 00000000 c00413b4 c0690fec ffffffff 00000000 00000003
> dec0: 00000004 c00417b4 00000000 c0497a70 00000003 00000003 c06c5a60 c0497a70
> dee0: 00000003 c00417e4 00000000 00000003 c06c5a60 c0059d48 00000000 c005aa9c
> df00: ed366000 00000003 c0497a70 c0059a68 00000004 ecefdf80 ecce3f00 d27f6d20
> df20: 00000004 d27f5e80 c04b06b8 c01d610c 00000004 c012b224 ed0ee000 00000004
> df40: 000af408 ecefdf80 00000000 00000000 00000000 c00d59d4 c4607900 00000001
> df60: 0000000a ed0ee000 00000000 000af408 00000004 00000000 00000000 c00d5d3c
> df80: 00000000 00000000 00000000 b6e98a78 00000004 000af408 00000004 c000ebc8
> dfa0: ecefc000 c000ea20 b6e98a78 00000004 00000001 000af408 00000004 00000000
> dfc0: b6e98a78 00000004 000af408 00000004 be9c596c 000a6094 00000000 000dc1e8
> dfe0: 00000000 be9c58ec b6e07747 b6e3f11c 40070050 00000001 429a2201 8108f000
> [<c034e7d8>] (mmc_blk_remove_req+0x58/0x88) from [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8)
> [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8) from [<c0351308>] (mmc_blk_remove+0x20/0x128)
> [<c0351308>] (mmc_blk_remove+0x20/0x128) from [<c034409c>] (mmc_bus_remove+0x18/0x20)
> [<c034409c>] (mmc_bus_remove+0x18/0x20) from [<c0265a20>] (__device_release_driver+0x7c/0xc8)
> [<c0265a20>] (__device_release_driver+0x7c/0xc8) from [<c0265a88>] (device_release_driver+0x1c/0x28)
> [<c0265a88>] (device_release_driver+0x1c/0x28) from [<c0265410>] (bus_remove_device+0x100/0x11c)
> [<c0265410>] (bus_remove_device+0x100/0x11c) from [<c0262c04>] (device_del+0x110/0x174)
> [<c0262c04>] (device_del+0x110/0x174) from [<c034463c>] (mmc_remove_card+0x64/0x78)
>
> [<c034463c>] (mmc_remove_card+0x64/0x78) from [<c0345124>] (mmc_remove+0x24/0x30)
>
> [<c0345124>] (mmc_remove+0x24/0x30) from [<c0343fb0>] (mmc_pm_notify+0x94/0xf8)
> [<c0343fb0>] (mmc_pm_notify+0x94/0xf8) from [<c00413b4>] (notifier_call_chain+0x44/0x84)
> [<c00413b4>] (notifier_call_chain+0x44/0x84) from [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60)
> [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60) from [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20)
> [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20) from [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c)
> [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c) from [<c005aa9c>] (pm_suspend+0xac/0x24c)
> [<c005aa9c>] (pm_suspend+0xac/0x24c) from [<c0059a68>] (state_store+0xb0/0xc4)
> [<c0059a68>] (state_store+0xb0/0xc4) from [<c01d610c>] (kobj_attr_store+0x14/0x20)
> [<c01d610c>] (kobj_attr_store+0x14/0x20) from [<c012b224>] (sysfs_write_file+0x118/0x164)
> [<c012b224>] (sysfs_write_file+0x118/0x164) from [<c00d59d4>] (vfs_write+0xd8/0x178)
> [<c00d59d4>] (vfs_write+0xd8/0x178) from [<c00d5d3c>] (SyS_write+0x40/0x68)
> [<c00d5d3c>] (SyS_write+0x40/0x68) from [<c000ea20>] (ret_fast_syscall+0x0/0x30)
> Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
>
>
> decodecode:
> Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
> All code
> ========
> 0: ebfc509b bl 0xfff14274
> 4: e59432dc ldr r3, [r4, #732] ; 0x2dc
> 8: e3130002 tst r3, #2
> c: 0a000006 beq 0x2c
> 10:* e5d532a8 ldrb r3, [r5, #680] ; 0x2a8 <-- trapping instruction
>
> Code starting with the faulting instruction
> ===========================================
> 0: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
>
> from objdump -S:
> static void mmc_blk_remove_req(struct mmc_blk_data *md)
> {
> c034e780: e92d4038 push {r3, r4, r5, lr}
> struct mmc_card *card;
>
> if (md) {
> c034e784: e2504000 subs r4, r0, #0
> c034e788: 08bd8038 popeq {r3, r4, r5, pc}
> /*
> * Flush remaining requests and free queues. It
> * is freeing the queue that stops new requests
> * from being accepted.
> */
> mmc_cleanup_queue(&md->queue);
> c034e78c: e2845014 add r5, r4, #20
> c034e790: e1a00005 mov r0, r5
> c034e794: eb000e2b bl c0352048 <mmc_cleanup_queue>
> if (md->flags & MMC_BLK_PACKED_CMD)
> c034e798: e59432a0 ldr r3, [r4, #672] ; 0x2a0
> c034e79c: e3130004 tst r3, #4
> c034e7a0: 0a000001 beq c034e7ac <mmc_blk_remove_req+0x2c>
> mmc_packed_clean(&md->queue);
> c034e7a4: e1a00005 mov r0, r5
> c034e7a8: eb000df6 bl c0351f88 <mmc_packed_clean>
> card = md->queue.card;
> if (md->disk->flags & GENHD_FL_UP) {
> c034e7ac: e5940010 ldr r0, [r4, #16]
> * from being accepted.
> */
> mmc_cleanup_queue(&md->queue);
> if (md->flags & MMC_BLK_PACKED_CMD)
> mmc_packed_clean(&md->queue);
> card = md->queue.card;
> c034e7b0: e5945014 ldr r5, [r4, #20]
> if (md->disk->flags & GENHD_FL_UP) {
> c034e7b4: e5903244 ldr r3, [r0, #580] ; 0x244
> c034e7b8: e3130010 tst r3, #16
> c034e7bc: 0a00000e beq c034e7fc <mmc_blk_remove_req+0x7c>
> device_remove_file(disk_to_dev(md->disk), &md->force_ro);
> c034e7c0: e2800068 add r0, r0, #104 ; 0x68
> c034e7c4: e2841faf add r1, r4, #700 ; 0x2bc
> c034e7c8: ebfc509b bl c0262a3c <device_remove_file>
> if ((md->area_type & MMC_BLK_DATA_AREA_BOOT) &&
> c034e7cc: e59432dc ldr r3, [r4, #732] ; 0x2dc
> c034e7d0: e3130002 tst r3, #2
> c034e7d4: 0a000006 beq c034e7f4 <mmc_blk_remove_req+0x74>
> c034e7d8: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
> c034e7dc: e3530000 cmp r3, #0
> c034e7e0: 0a000003 beq c034e7f4 <mmc_blk_remove_req+0x74>
> card->ext_csd.boot_ro_lockable)
> device_remove_file(disk_to_dev(md->disk),
> c034e7e4: e5940010 ldr r0, [r4, #16]
>
>
> that is r5 is "card = md->queue.card;" and is null, then on
> card->ext_csd.boot_ro_lockable oops ensue.
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-mmc" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* RE: mmc oops on suspend - remove device
2013-08-10 16:10 mmc oops on suspend - remove device Alban Browaeys
2013-08-12 7:08 ` Jaehoon Chung
@ 2013-08-12 7:25 ` Seungwon Jeon
1 sibling, 0 replies; 4+ messages in thread
From: Seungwon Jeon @ 2013-08-12 7:25 UTC (permalink / raw)
To: 'Alban Browaeys', linux-mmc; +Cc: 'Chris Ball'
On Sun, August 11, 2013, Alban Browaeys wrote:
> The oops spots commit add710e , though I cannot tell if the commit is
> at fault. That is could card from md->queue.card be null and then checks
> are missing before dereference or is the issue that card is null when it
> ought not.
> This happens when I do :
> # echo "mem" > /sys/power/state
>
> mmc1 is emmc that can be detached:
>
> dts (derived from exynos4412-odroidx and exynos4412-origen)
> mshc@12550000 {
> #address-cells = <1>;
> #size-cells = <0>;
> pinctrl-0 = <&sd4_clk &sd4_cmd &sd4_cd &sd4_bus8>;
> pinctrl-names = "default";
> vmmc-supply = <&ldo20_reg &buck8_reg>;
> status = "okay";
>
> num-slots = <1>;
> supports-highspeed;
> broken-cd;
> fifo-depth = <0x80>;
> card-detect-delay = <200>;
> samsung,dw-mshc-ciu-div = <3>;
> samsung,dw-mshc-sdr-timing = <2 3>;
> samsung,dw-mshc-ddr-timing = <1 2>;
> samsung,dw-mshc-hwreset-gpio = <&gpk1 2 1>;
>
> slot@0 {
> reg = <0>;
> bus-width = <8>;
> };
> };
>
> ie drivers/mmc/host/dw_mmc-exynos.c
>
>
> The commit that produce the issue
> commit add710eaa88606de8ba98a014d37178579e6dbaf
> Author: Johan Rudholm <johan.rudholm@stericsson.com>
> Date: Fri Dec 2 08:51:06 2011 +0100
>
> mmc: boot partition ro lock support
>
> Enable boot partitions to be read-only locked until next power on
> via
> a sysfs entry. There will be one sysfs entry for each boot
> partition:
>
> /sys/block/mmcblkXbootY/ro_lock_until_next_power_on
>
> Each boot partition is locked by writing 1 to its file.
>
> Signed-off-by: Johan Rudholm <johan.rudholm@stericsson.com>
> Signed-off-by: John Beckett <john.beckett@stericsson.com>
> Signed-off-by: Chris Ball <cjb@laptop.org>
>
I think a actual cause seems from below.
'mq->card = NULL;' is done in mmc_cleanup_queue().
It needs to fix.
commit fdfa20c1631210d0ca218689204682ea80e170e3
Author: Paul Taysom <taysom@chromium.org>
Date: Tue Jun 4 14:42:40 2013 -0700
mmc: reordered shutdown sequence in mmc_bld_remove_req
We had a multi-partition SD-Card with two ext2 file systems. The partition
table was getting overwritten by a race between the card removal and
the unmount of the 2nd ext2 partition.
<...>
Addresses the problem described in http://crbug.com/240815
Signed-off-by: Paul Taysom <taysom@chromium.org>
Signed-off-by: Chris Ball <cjb@laptop.org>
Thanks,
Seungwon Jeon
>
>
> Oops:
>
> Unable to handle kernel NULL pointer dereference at virtual address 000002a8
> pgd = ecd9c000
> [000002a8] *pgd=6d082831, *pte=00000000, *ppte=00000000
> Internal error: Oops: 17 [#1] SMP ARM
> Modules linked in: bnep rfcomm smsc95xx usbnet mii bluetooth nfsd lockd nfs_acl exportfs auth_rpcgss
> sunrpc oid_registry vfat fat btrfs raid6_pq xor zlib_deflate
> CPU: 3 PID: 2384 Comm: bash Not tainted 3.11.0-rc4-00869-ga7143f1-dirty #60
> task: c46d9b00 ti: ecefc000 task.ti: ecefc000
> PC is at mmc_blk_remove_req+0x58/0x88
> LR is at _raw_spin_unlock_irqrestore+0xc/0x14
> pc : [<c034e7d8>] lr : [<c0494ac8>] psr: 200f0053
> sp : ecefddf8 ip : 00000000 fp : 000dc1e8
> r10: c058ead8 r9 : ecce3f18 r8 : 00100100
> r7 : 00200200 r6 : c26b7118 r5 : 00000000 r4 : c26b1dc0
> r3 : 00000002 r2 : 00000000 r1 : 200f0053 r0 : 00000000
> Flags: nzCv IRQs on FIQs off Mode SVC_32 ISA ARM Segment user
> Control: 10c5387d Table: 6cd9c04a DAC: 00000015
> Process bash (pid: 2384, stack limit = 0xecefc240)
> Stack: (0xecefddf8 to 0xecefe000)
> dde0: c26b2058 c26b6898
> de00: c26b6898 c03512d0 d2623180 d2623188 c06bb90c c26b06d8 c26b6e80 c0351308
> de20: 00000000 c0494ac8 d2623188 c06bbd54 c06bb90c c26b06d8 00000003 c034409c
> de40: c0344084 c0265a20 c46d9b00 d26231bc d2623188 c0265a88 00000000 d2623188
> de60: c479aafc c0265410 d2623188 c26b0448 00000001 c0262c04 d2623188 c26b0440
> de80: 00000001 c034463c c26b0440 c0345124 c26b060c c0343fb0 c0343f1c fffffffc
> dea0: c06bb3f8 00000000 00000000 c00413b4 c0690fec ffffffff 00000000 00000003
> dec0: 00000004 c00417b4 00000000 c0497a70 00000003 00000003 c06c5a60 c0497a70
> dee0: 00000003 c00417e4 00000000 00000003 c06c5a60 c0059d48 00000000 c005aa9c
> df00: ed366000 00000003 c0497a70 c0059a68 00000004 ecefdf80 ecce3f00 d27f6d20
> df20: 00000004 d27f5e80 c04b06b8 c01d610c 00000004 c012b224 ed0ee000 00000004
> df40: 000af408 ecefdf80 00000000 00000000 00000000 c00d59d4 c4607900 00000001
> df60: 0000000a ed0ee000 00000000 000af408 00000004 00000000 00000000 c00d5d3c
> df80: 00000000 00000000 00000000 b6e98a78 00000004 000af408 00000004 c000ebc8
> dfa0: ecefc000 c000ea20 b6e98a78 00000004 00000001 000af408 00000004 00000000
> dfc0: b6e98a78 00000004 000af408 00000004 be9c596c 000a6094 00000000 000dc1e8
> dfe0: 00000000 be9c58ec b6e07747 b6e3f11c 40070050 00000001 429a2201 8108f000
> [<c034e7d8>] (mmc_blk_remove_req+0x58/0x88) from [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8)
> [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8) from [<c0351308>] (mmc_blk_remove+0x20/0x128)
> [<c0351308>] (mmc_blk_remove+0x20/0x128) from [<c034409c>] (mmc_bus_remove+0x18/0x20)
> [<c034409c>] (mmc_bus_remove+0x18/0x20) from [<c0265a20>] (__device_release_driver+0x7c/0xc8)
> [<c0265a20>] (__device_release_driver+0x7c/0xc8) from [<c0265a88>] (device_release_driver+0x1c/0x28)
> [<c0265a88>] (device_release_driver+0x1c/0x28) from [<c0265410>] (bus_remove_device+0x100/0x11c)
> [<c0265410>] (bus_remove_device+0x100/0x11c) from [<c0262c04>] (device_del+0x110/0x174)
> [<c0262c04>] (device_del+0x110/0x174) from [<c034463c>] (mmc_remove_card+0x64/0x78)
>
> [<c034463c>] (mmc_remove_card+0x64/0x78) from [<c0345124>] (mmc_remove+0x24/0x30)
>
> [<c0345124>] (mmc_remove+0x24/0x30) from [<c0343fb0>] (mmc_pm_notify+0x94/0xf8)
> [<c0343fb0>] (mmc_pm_notify+0x94/0xf8) from [<c00413b4>] (notifier_call_chain+0x44/0x84)
> [<c00413b4>] (notifier_call_chain+0x44/0x84) from [<c00417b4>]
> (__blocking_notifier_call_chain+0x48/0x60)
> [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60) from [<c00417e4>]
> (blocking_notifier_call_chain+0x18/0x20)
> [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20) from [<c0059d48>]
> (pm_notifier_call_chain+0x14/0x2c)
> [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c) from [<c005aa9c>] (pm_suspend+0xac/0x24c)
> [<c005aa9c>] (pm_suspend+0xac/0x24c) from [<c0059a68>] (state_store+0xb0/0xc4)
> [<c0059a68>] (state_store+0xb0/0xc4) from [<c01d610c>] (kobj_attr_store+0x14/0x20)
> [<c01d610c>] (kobj_attr_store+0x14/0x20) from [<c012b224>] (sysfs_write_file+0x118/0x164)
> [<c012b224>] (sysfs_write_file+0x118/0x164) from [<c00d59d4>] (vfs_write+0xd8/0x178)
> [<c00d59d4>] (vfs_write+0xd8/0x178) from [<c00d5d3c>] (SyS_write+0x40/0x68)
> [<c00d5d3c>] (SyS_write+0x40/0x68) from [<c000ea20>] (ret_fast_syscall+0x0/0x30)
> Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
>
>
> decodecode:
> Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
> All code
> ========
> 0: ebfc509b bl 0xfff14274
> 4: e59432dc ldr r3, [r4, #732] ; 0x2dc
> 8: e3130002 tst r3, #2
> c: 0a000006 beq 0x2c
> 10:* e5d532a8 ldrb r3, [r5, #680] ; 0x2a8 <-- trapping instruction
>
> Code starting with the faulting instruction
> ===========================================
> 0: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
>
> from objdump -S:
> static void mmc_blk_remove_req(struct mmc_blk_data *md)
> {
> c034e780: e92d4038 push {r3, r4, r5, lr}
> struct mmc_card *card;
>
> if (md) {
> c034e784: e2504000 subs r4, r0, #0
> c034e788: 08bd8038 popeq {r3, r4, r5, pc}
> /*
> * Flush remaining requests and free queues. It
> * is freeing the queue that stops new requests
> * from being accepted.
> */
> mmc_cleanup_queue(&md->queue);
> c034e78c: e2845014 add r5, r4, #20
> c034e790: e1a00005 mov r0, r5
> c034e794: eb000e2b bl c0352048 <mmc_cleanup_queue>
> if (md->flags & MMC_BLK_PACKED_CMD)
> c034e798: e59432a0 ldr r3, [r4, #672] ; 0x2a0
> c034e79c: e3130004 tst r3, #4
> c034e7a0: 0a000001 beq c034e7ac <mmc_blk_remove_req+0x2c>
> mmc_packed_clean(&md->queue);
> c034e7a4: e1a00005 mov r0, r5
> c034e7a8: eb000df6 bl c0351f88 <mmc_packed_clean>
> card = md->queue.card;
> if (md->disk->flags & GENHD_FL_UP) {
> c034e7ac: e5940010 ldr r0, [r4, #16]
> * from being accepted.
> */
> mmc_cleanup_queue(&md->queue);
> if (md->flags & MMC_BLK_PACKED_CMD)
> mmc_packed_clean(&md->queue);
> card = md->queue.card;
> c034e7b0: e5945014 ldr r5, [r4, #20]
> if (md->disk->flags & GENHD_FL_UP) {
> c034e7b4: e5903244 ldr r3, [r0, #580] ; 0x244
> c034e7b8: e3130010 tst r3, #16
> c034e7bc: 0a00000e beq c034e7fc <mmc_blk_remove_req+0x7c>
> device_remove_file(disk_to_dev(md->disk), &md->force_ro);
> c034e7c0: e2800068 add r0, r0, #104 ; 0x68
> c034e7c4: e2841faf add r1, r4, #700 ; 0x2bc
> c034e7c8: ebfc509b bl c0262a3c <device_remove_file>
> if ((md->area_type & MMC_BLK_DATA_AREA_BOOT) &&
> c034e7cc: e59432dc ldr r3, [r4, #732] ; 0x2dc
> c034e7d0: e3130002 tst r3, #2
> c034e7d4: 0a000006 beq c034e7f4 <mmc_blk_remove_req+0x74>
> c034e7d8: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
> c034e7dc: e3530000 cmp r3, #0
> c034e7e0: 0a000003 beq c034e7f4 <mmc_blk_remove_req+0x74>
> card->ext_csd.boot_ro_lockable)
> device_remove_file(disk_to_dev(md->disk),
> c034e7e4: e5940010 ldr r0, [r4, #16]
>
>
> that is r5 is "card = md->queue.card;" and is null, then on
> card->ext_csd.boot_ro_lockable oops ensue.
>
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-mmc" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: mmc oops on suspend - remove device
2013-08-12 7:08 ` Jaehoon Chung
@ 2013-08-12 13:00 ` Alban Browaeys
0 siblings, 0 replies; 4+ messages in thread
From: Alban Browaeys @ 2013-08-12 13:00 UTC (permalink / raw)
To: Jaehoon Chung; +Cc: linux-mmc, Chris Ball
Le lundi 12 août 2013 à 16:08 +0900, Jaehoon Chung a écrit :
> Hi, Alban.
>
> I think that it needs be set to "non-removable" for emmc.
> If emmc is set to removable, it should be removed when entered suspend.
>
Indeed I thought so too. But everytime I try to set it as non removable
the emmc is not discovered on boot (this is the boot partition , this is
an emmc factor that "can" be removed but I believe it is not
hotplugable).
Seems the broken-cd in dw-mshc exynos is bound to a specific quirk
which is required for to get emmc working here.
upstream dts for exynos4412 odroidx and origen (which are closed to
odroid u2) do so too for emmc mshc.
Yesterday I looked anew at attempting to use non-removable without
success . I also did not find a test for non removable in the path from
mmc_pm_notify to mmc_blk_remove (ending up in mmc_blk_remove_req). Did I
miss it ?
Best regards
Alban
> Best Regards,
> Jaehoon Chung
>
> On 08/11/2013 01:10 AM, Alban Browaeys wrote:
> >
> > The oops spots commit add710e , though I cannot tell if the commit is
> > at fault. That is could card from md->queue.card be null and then checks
> > are missing before dereference or is the issue that card is null when it
> > ought not.
> > This happens when I do :
> > # echo "mem" > /sys/power/state
> >
> > mmc1 is emmc that can be detached:
> >
> > dts (derived from exynos4412-odroidx and exynos4412-origen)
> > mshc@12550000 {
> > #address-cells = <1>;
> > #size-cells = <0>;
> > pinctrl-0 = <&sd4_clk &sd4_cmd &sd4_cd &sd4_bus8>;
> > pinctrl-names = "default";
> > vmmc-supply = <&ldo20_reg &buck8_reg>;
> > status = "okay";
> >
> > num-slots = <1>;
> > supports-highspeed;
> > broken-cd;
> > fifo-depth = <0x80>;
> > card-detect-delay = <200>;
> > samsung,dw-mshc-ciu-div = <3>;
> > samsung,dw-mshc-sdr-timing = <2 3>;
> > samsung,dw-mshc-ddr-timing = <1 2>;
> > samsung,dw-mshc-hwreset-gpio = <&gpk1 2 1>;
> >
> > slot@0 {
> > reg = <0>;
> > bus-width = <8>;
> > };
> > };
> >
> > ie drivers/mmc/host/dw_mmc-exynos.c
> >
> >
> > The commit that produce the issue
> > commit add710eaa88606de8ba98a014d37178579e6dbaf
> > Author: Johan Rudholm <johan.rudholm@stericsson.com>
> > Date: Fri Dec 2 08:51:06 2011 +0100
> >
> > mmc: boot partition ro lock support
> >
> > Enable boot partitions to be read-only locked until next power on
> > via
> > a sysfs entry. There will be one sysfs entry for each boot
> > partition:
> >
> > /sys/block/mmcblkXbootY/ro_lock_until_next_power_on
> >
> > Each boot partition is locked by writing 1 to its file.
> >
> > Signed-off-by: Johan Rudholm <johan.rudholm@stericsson.com>
> > Signed-off-by: John Beckett <john.beckett@stericsson.com>
> > Signed-off-by: Chris Ball <cjb@laptop.org>
> >
> >
> >
> > Oops:
> >
> > Unable to handle kernel NULL pointer dereference at virtual address 000002a8
> > pgd = ecd9c000
> > [000002a8] *pgd=6d082831, *pte=00000000, *ppte=00000000
> > Internal error: Oops: 17 [#1] SMP ARM
> > Modules linked in: bnep rfcomm smsc95xx usbnet mii bluetooth nfsd lockd nfs_acl exportfs auth_rpcgss sunrpc oid_registry vfat fat btrfs raid6_pq xor zlib_deflate
> > CPU: 3 PID: 2384 Comm: bash Not tainted 3.11.0-rc4-00869-ga7143f1-dirty #60
> > task: c46d9b00 ti: ecefc000 task.ti: ecefc000
> > PC is at mmc_blk_remove_req+0x58/0x88
> > LR is at _raw_spin_unlock_irqrestore+0xc/0x14
> > pc : [<c034e7d8>] lr : [<c0494ac8>] psr: 200f0053
> > sp : ecefddf8 ip : 00000000 fp : 000dc1e8
> > r10: c058ead8 r9 : ecce3f18 r8 : 00100100
> > r7 : 00200200 r6 : c26b7118 r5 : 00000000 r4 : c26b1dc0
> > r3 : 00000002 r2 : 00000000 r1 : 200f0053 r0 : 00000000
> > Flags: nzCv IRQs on FIQs off Mode SVC_32 ISA ARM Segment user
> > Control: 10c5387d Table: 6cd9c04a DAC: 00000015
> > Process bash (pid: 2384, stack limit = 0xecefc240)
> > Stack: (0xecefddf8 to 0xecefe000)
> > dde0: c26b2058 c26b6898
> > de00: c26b6898 c03512d0 d2623180 d2623188 c06bb90c c26b06d8 c26b6e80 c0351308
> > de20: 00000000 c0494ac8 d2623188 c06bbd54 c06bb90c c26b06d8 00000003 c034409c
> > de40: c0344084 c0265a20 c46d9b00 d26231bc d2623188 c0265a88 00000000 d2623188
> > de60: c479aafc c0265410 d2623188 c26b0448 00000001 c0262c04 d2623188 c26b0440
> > de80: 00000001 c034463c c26b0440 c0345124 c26b060c c0343fb0 c0343f1c fffffffc
> > dea0: c06bb3f8 00000000 00000000 c00413b4 c0690fec ffffffff 00000000 00000003
> > dec0: 00000004 c00417b4 00000000 c0497a70 00000003 00000003 c06c5a60 c0497a70
> > dee0: 00000003 c00417e4 00000000 00000003 c06c5a60 c0059d48 00000000 c005aa9c
> > df00: ed366000 00000003 c0497a70 c0059a68 00000004 ecefdf80 ecce3f00 d27f6d20
> > df20: 00000004 d27f5e80 c04b06b8 c01d610c 00000004 c012b224 ed0ee000 00000004
> > df40: 000af408 ecefdf80 00000000 00000000 00000000 c00d59d4 c4607900 00000001
> > df60: 0000000a ed0ee000 00000000 000af408 00000004 00000000 00000000 c00d5d3c
> > df80: 00000000 00000000 00000000 b6e98a78 00000004 000af408 00000004 c000ebc8
> > dfa0: ecefc000 c000ea20 b6e98a78 00000004 00000001 000af408 00000004 00000000
> > dfc0: b6e98a78 00000004 000af408 00000004 be9c596c 000a6094 00000000 000dc1e8
> > dfe0: 00000000 be9c58ec b6e07747 b6e3f11c 40070050 00000001 429a2201 8108f000
> > [<c034e7d8>] (mmc_blk_remove_req+0x58/0x88) from [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8)
> > [<c03512d0>] (mmc_blk_remove_parts.isra.5+0x90/0xa8) from [<c0351308>] (mmc_blk_remove+0x20/0x128)
> > [<c0351308>] (mmc_blk_remove+0x20/0x128) from [<c034409c>] (mmc_bus_remove+0x18/0x20)
> > [<c034409c>] (mmc_bus_remove+0x18/0x20) from [<c0265a20>] (__device_release_driver+0x7c/0xc8)
> > [<c0265a20>] (__device_release_driver+0x7c/0xc8) from [<c0265a88>] (device_release_driver+0x1c/0x28)
> > [<c0265a88>] (device_release_driver+0x1c/0x28) from [<c0265410>] (bus_remove_device+0x100/0x11c)
> > [<c0265410>] (bus_remove_device+0x100/0x11c) from [<c0262c04>] (device_del+0x110/0x174)
> > [<c0262c04>] (device_del+0x110/0x174) from [<c034463c>] (mmc_remove_card+0x64/0x78)
> >
> > [<c034463c>] (mmc_remove_card+0x64/0x78) from [<c0345124>] (mmc_remove+0x24/0x30)
> >
> > [<c0345124>] (mmc_remove+0x24/0x30) from [<c0343fb0>] (mmc_pm_notify+0x94/0xf8)
> > [<c0343fb0>] (mmc_pm_notify+0x94/0xf8) from [<c00413b4>] (notifier_call_chain+0x44/0x84)
> > [<c00413b4>] (notifier_call_chain+0x44/0x84) from [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60)
> > [<c00417b4>] (__blocking_notifier_call_chain+0x48/0x60) from [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20)
> > [<c00417e4>] (blocking_notifier_call_chain+0x18/0x20) from [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c)
> > [<c0059d48>] (pm_notifier_call_chain+0x14/0x2c) from [<c005aa9c>] (pm_suspend+0xac/0x24c)
> > [<c005aa9c>] (pm_suspend+0xac/0x24c) from [<c0059a68>] (state_store+0xb0/0xc4)
> > [<c0059a68>] (state_store+0xb0/0xc4) from [<c01d610c>] (kobj_attr_store+0x14/0x20)
> > [<c01d610c>] (kobj_attr_store+0x14/0x20) from [<c012b224>] (sysfs_write_file+0x118/0x164)
> > [<c012b224>] (sysfs_write_file+0x118/0x164) from [<c00d59d4>] (vfs_write+0xd8/0x178)
> > [<c00d59d4>] (vfs_write+0xd8/0x178) from [<c00d5d3c>] (SyS_write+0x40/0x68)
> > [<c00d5d3c>] (SyS_write+0x40/0x68) from [<c000ea20>] (ret_fast_syscall+0x0/0x30)
> > Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
> >
> >
> > decodecode:
> > Code: ebfc509b e59432dc e3130002 0a000006 (e5d532a8)
> > All code
> > ========
> > 0: ebfc509b bl 0xfff14274
> > 4: e59432dc ldr r3, [r4, #732] ; 0x2dc
> > 8: e3130002 tst r3, #2
> > c: 0a000006 beq 0x2c
> > 10:* e5d532a8 ldrb r3, [r5, #680] ; 0x2a8 <-- trapping instruction
> >
> > Code starting with the faulting instruction
> > ===========================================
> > 0: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
> >
> > from objdump -S:
> > static void mmc_blk_remove_req(struct mmc_blk_data *md)
> > {
> > c034e780: e92d4038 push {r3, r4, r5, lr}
> > struct mmc_card *card;
> >
> > if (md) {
> > c034e784: e2504000 subs r4, r0, #0
> > c034e788: 08bd8038 popeq {r3, r4, r5, pc}
> > /*
> > * Flush remaining requests and free queues. It
> > * is freeing the queue that stops new requests
> > * from being accepted.
> > */
> > mmc_cleanup_queue(&md->queue);
> > c034e78c: e2845014 add r5, r4, #20
> > c034e790: e1a00005 mov r0, r5
> > c034e794: eb000e2b bl c0352048 <mmc_cleanup_queue>
> > if (md->flags & MMC_BLK_PACKED_CMD)
> > c034e798: e59432a0 ldr r3, [r4, #672] ; 0x2a0
> > c034e79c: e3130004 tst r3, #4
> > c034e7a0: 0a000001 beq c034e7ac <mmc_blk_remove_req+0x2c>
> > mmc_packed_clean(&md->queue);
> > c034e7a4: e1a00005 mov r0, r5
> > c034e7a8: eb000df6 bl c0351f88 <mmc_packed_clean>
> > card = md->queue.card;
> > if (md->disk->flags & GENHD_FL_UP) {
> > c034e7ac: e5940010 ldr r0, [r4, #16]
> > * from being accepted.
> > */
> > mmc_cleanup_queue(&md->queue);
> > if (md->flags & MMC_BLK_PACKED_CMD)
> > mmc_packed_clean(&md->queue);
> > card = md->queue.card;
> > c034e7b0: e5945014 ldr r5, [r4, #20]
> > if (md->disk->flags & GENHD_FL_UP) {
> > c034e7b4: e5903244 ldr r3, [r0, #580] ; 0x244
> > c034e7b8: e3130010 tst r3, #16
> > c034e7bc: 0a00000e beq c034e7fc <mmc_blk_remove_req+0x7c>
> > device_remove_file(disk_to_dev(md->disk), &md->force_ro);
> > c034e7c0: e2800068 add r0, r0, #104 ; 0x68
> > c034e7c4: e2841faf add r1, r4, #700 ; 0x2bc
> > c034e7c8: ebfc509b bl c0262a3c <device_remove_file>
> > if ((md->area_type & MMC_BLK_DATA_AREA_BOOT) &&
> > c034e7cc: e59432dc ldr r3, [r4, #732] ; 0x2dc
> > c034e7d0: e3130002 tst r3, #2
> > c034e7d4: 0a000006 beq c034e7f4 <mmc_blk_remove_req+0x74>
> > c034e7d8: e5d532a8 ldrb r3, [r5, #680] ; 0x2a8
> > c034e7dc: e3530000 cmp r3, #0
> > c034e7e0: 0a000003 beq c034e7f4 <mmc_blk_remove_req+0x74>
> > card->ext_csd.boot_ro_lockable)
> > device_remove_file(disk_to_dev(md->disk),
> > c034e7e4: e5940010 ldr r0, [r4, #16]
> >
> >
> > that is r5 is "card = md->queue.card;" and is null, then on
> > card->ext_csd.boot_ro_lockable oops ensue.
> >
> >
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-mmc" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> >
>
>
> !DSPAM:52088ab925158742279236!
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-08-12 13:01 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2013-08-10 16:10 mmc oops on suspend - remove device Alban Browaeys
2013-08-12 7:08 ` Jaehoon Chung
2013-08-12 13:00 ` Alban Browaeys
2013-08-12 7:25 ` Seungwon Jeon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox