[E3-hacking] FIQ

Matt Callow mc-spam at tesco.net
Wed Apr 5 16:22:17 BST 2006


Hi,

I've been trying to install the FIQ handler from the MontaVista 2.4 
kernel. Currently without much success. When the first gpio interrupt 
occurs I get a data abort, as show below:

<2>Bad mode in data abort handler detected: mode FIQ_32
Internal error: Oops - bad mode: 0 [#1]
Modules linked in: at76c505_rfmd2958 at76c503 at76_usbdfu
CPU: 0
PC is at 0xffff0028
LR is at serial8250_startup+0x384/0x488
pc : [<ffff0028>]    lr : [<c016571c>]    Not tainted
sp : c1941d78  ip : 00000002  fp : c1941dec
r10: c0309ecc  r9 : 00000000  r8 : c0309c44
r7 : 60000013  r6 : 00000288  r5 : c030a2b4  r4 : 00000000
r3 : eb000000  r2 : 00000002  r1 : 00000005  r0 : c030a2b4
Flags: nZCv  IRQs off  FIQs off  Mode FIQ_32  Segment user
Control: 317F  Table: 11B34000  DAC: 00000015
Process microcom (pid: 73, stack limit = 0xc1940194)
Stack: (0xc1941d78 to 0xc1942000)
1d60:                                                       c030a2b4 
00000005
1d80: 00000002 eb000000 00000000 c030a2b4 00000288 60000013 c0309c44 
00000000
1da0: c0309ecc c1941dec 00000002 c1941d78 c016571c ffff0028 600000d1 
ffffffff
1dc0: c0309ecc c030a2b4 c1b26d20 c1e76f08 00000000 00000000 c15fe2c0 
00000002
1de0: c1941e10 c1941df0 c01612e8 c01653a8 00000000 c1e76f08 c1b30000 
c02aa1e4
1e00: c1940000 c1941e6c c1941e14 c01632f0 c0161260 c003b4c4 c1941e6c 
c1941e28
1e20: c014b6c0 c014a784 00000000 00000000 c1e60fc4 c1b26f20 c1e60fb4 
c1b26a20
1e40: c1941e6c 00000000 c15fe2c0 c02a688c 00000000 00400041 c15fe2c0 
00000002
1e60: c1941e9c c1941e70 c014c8dc c0163074 c1b30000 00000001 00000000 
c1e77e04
1e80: c1940000 c1925cc4 00000001 00000000 c1941ecc c1941ea0 c0084f08 
c014c6c0
1ea0: 00000001 c15fe2c0 00000000 c1925cc4 c0084d34 00000001 c1a4daa8 
c0372220
1ec0: c1941ef8 c1941ed0 c00798b0 c0084d44 c15fe2c0 c1941f14 00000003 
00000005
1ee0: c0023e04 c1940000 c15b5000 c1941f10 c1941efc c0079a2c c007977c 
00000000
1f00: 00000002 c1941f6c c1941f14 c0079a80 c0079a08 c1a4daa8 c0372220 
00000000
1f20: 00000003 c03803c8 00000101 00000001 00000000 c1940000 c15b5000 
c1941f6c
1f40: c1941f4c c0079c88 c003a300 00000003 00000000 c15fe2c0 00000002 
00000000
1f60: c1941f94 c1941f70 c0079dcc c0079a50 00000002 be82af8a be82aed4 
00000005
1f80: c0023e04 400721fc c1941fa4 c1941f98 c0079e68 c0079d98 00000000 
c1941fa8
1fa0: c0023c80 c0079e68 00000002 be82af8a 000137f8 00000002 00000000 
00000002
1fc0: 00000002 be82af8a be82aed4 00000002 0000893c 00000002 400721fc 
00008dc0
1fe0: 4005f5ec be82ad20 00008f0c 4005f610 60000010 000137f8 00000000 
00000000
Backtrace:
[<c0165398>] (serial8250_startup+0x0/0x488) from [<c01612e8>] 
(uart_startup+0x98/0x1f0)
[<c0161250>] (uart_startup+0x0/0x1f0) from [<c01632f0>] 
(uart_open+0x28c/0x624)
 r8 = C1940000  r7 = C02AA1E4  r6 = C1B30000  r5 = C1E76F08
 r4 = 00000000
[<c0163064>] (uart_open+0x0/0x624) from [<c014c8dc>] (tty_open+0x22c/0x398)
[<c014c6b0>] (tty_open+0x0/0x398) from [<c0084f08>] 
(chrdev_open+0x1d4/0x1f4)
[<c0084d34>] (chrdev_open+0x0/0x1f4) from [<c00798b0>] 
(__dentry_open+0x144/0x28c)
[<c007976c>] (__dentry_open+0x0/0x28c) from [<c0079a2c>] 
(nameidata_to_filp+0x34/0x48)
[<c00799f8>] (nameidata_to_filp+0x0/0x48) from [<c0079a80>] 
(filp_open+0x40/0x48)
 r4 = 00000002
[<c0079a40>] (filp_open+0x0/0x48) from [<c0079dcc>] (do_sys_open+0x44/0xd0)
 r5 = 00000000  r4 = 00000002
[<c0079d88>] (do_sys_open+0x0/0xd0) from [<c0079e68>] (sys_open+0x10/0x14)
[<c0079e58>] (sys_open+0x0/0x14) from [<c0023c80>] 
(ret_fast_syscall+0x0/0x2c)
Code: ea000078 e3a0c4ff e38cc8fe e38ccccb (e59cb014)

 From what I can make of this, the FIQ handler is being executed (PC is 
at 0xffff0028), so if look at the FIQ code (which is at 0xffff001c), I see

 fff001c:       e3a0c4ff        mov     r12, #-16777216 ; 0xff000000
 fff0020:       e38cc8fe        orr     r12, r12, #16646144     ; 0xfe0000
 fff0024:       e38ccccb        orr     r12, r12, #51968        ; 0xcb00
 fff0028:       e59cb014        ldr     r11, [r12, #20]
 fff002c:       e589b030        str     r11, [r9, #48]
 fff0030:       e3a0c4ff        mov     r12, #-16777216 ; 0xff000000
 fff0034:       e38cc73f        orr     r12, r12, #16515072     ; 0xfc0000
 fff0038:       e38cca0e        orr     r12, r12, #57344        ; 0xe000
 fff003c:       e599a044        ldr     r10, [r9, #68]
 fff0040:       e28aa001        add     r10, r10, #1    ; 0x1
 fff0044:       e589a044        str     r10, [r9, #68]

So, at  0xfff0028, it's trying to load r11 with the contents of 
0xfffecb14, which is the SIR_FIQ_CODE register. How can that be causing 
a data abort?

Matt




More information about the e3-hacking mailing list