read(2) into some addresses doesn't return data on RPi

Peter Jeremy peter at rulingia.com
Sat Jan 10 06:56:35 UTC 2015


Trying to access the boot partition using mtools consistently fails on my
RPi because the kernel is returning NULs for the first sector.  The second
sector is correct.  If I use dd(2) then the expected data is returned.

This is running 11-current r276818 (but ISTR seeing it on older kernels).

I did some digging and found that read(2)s of the SD card device return
successful but do not actually write anything to the buffer for some
addresses (and they happen to contain all NULs in mtools).  This doesn't
appear to affect reads of normal files.

Running the attached program on /dev/mmcsd0s1 gave me the following results:
- There are no partial reads.  Either all 512 bytes are updated or none are.
- There are two blocks of addresses 0xbfff0e00 thru 0xbfff0e00 and 0xbfff2e00
  thru 0xbfff2e00 where reads work on a 32-byte alignment but not otherwise.
- Reads consistently fail between 0xbfff1e08 and 0xbfff1ff8
- Reads consistently fail between 0xbfff3e08 and 0xbfff3f?? (I got a hang).
- The program never completes.  In 3 runs, I've gotten:
  - panic: null_fetch_syscall_args
  - kernel hang
  - panic: malloc: bad malloc type magic
  I don't have a serial console and so can't debug kernel panics.

Putting that together, it seems to related to accesses that aren't cache-line
aligned and cross page boundaries but I'm not sure why it behaves differently
at different page boundaries.  The hangs/panics suggest that it's writing to
random other kernel addresses instead.

Does this ring a bell for anyone?

-- 
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 949 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-arm/attachments/20150110/e1dd785b/attachment.sig>


More information about the freebsd-arm mailing list