Wierd Emmc and random reboots - myTouch 4G General

I have a mytouch 4g rooted with visionary but it has a different emmc all together. I have searched the internet but didnt find anyone with the same emmc chip.
#cat /sys/class/block/mmcblk0/device/name
M4G1FB
#
And it now keeps rebooting randomly. i have flashed roms, kernels, wiped, wiped in different file systems(ext4 and ext3) but still keeps rebooting.
It sometimes gets stuck on the splash screen sometimes in bootanimation. it has even rebooted in recovery twice.
Help???
Dunno wat to do. I dont get any of those errors in recovery.
What could the problem be?
Edit: I dont think its the battery cause after those reboots it hold it charge, for example if i was left with 50% battery before it rebooted, i still would have that same 50% once its done with the reboot.
So i have just runned lastkmsg and this is what i got.
[ 411.407928] unwind: Unknown symbol address c0052e4c
[ 411.408172] unwind: Index not found c0052e4c
[ 411.408294] Code: e59f00b8 e59f10b8 e59f20a0 eb0e4246 (e5943080)
[ 411.408508] ---[ end trace da227214a82491ba ]---
[ 411.408630] Kernel panic - not syncing: Fatal exception in interrupt
[ 411.408843] unwind: Unknown symbol address c0034b88
[ 411.408966] unwind: Index not found c0034b88
[ 411.409179] Rebooting in 5 seconds..
[ 416.401153] Restarting Linux version 2.6.32.21-g899d047 ([email protected])
(gcc version 4.4.0 (GCC) ) #1 PREEMPT Tue Oct 26 16:10:01 CST 2010
[ 416.401153]
[ 416.401489] unwind: Unknown symbol address c0034b88
[ 416.401702] unwind: Index not found c0034b88
[ 416.401824] ARM9 has CRASHED
[ 416.401947] smem: DIAG '[WCDMA] 04:13:52 FATAL: (cm :Undef :65535) Excepti
on detected (irq:0)
[ 416.401977] '
5 Corrected bytes, 0 unrecoverable blocks
Can anyone tell me why it keeps rebooting??

Related

Diagnosing Forced Reboot into Recovery

I was hoping someone could help me figure out why my phone had a force reboot which went into recovery. Right now it is stock ICS with stock kernel and setting - though it is rooted. I went to a clean stock install today with the hopes of it stopping the issue but it happened again.
Below is from the last_kmsg file at the time of the crash - any help interpreting it and maybe pointing to the cause of the reboots would be welcome:
[ 3.925411] s3c-rtc s3c2410-rtc: setting system clock to 2012-06-16 22:59:24 UTC (1339887564)
[ 3.926991] FIMC0 registered successfully
[ 3.928373] FIMC1 registered successfully
[ 3.929790] FIMC2 registered successfully
[ 3.929994] max8998_charger_probe : MAX8998 Charger Driver Loading
[ 3.931981] max8998_charger_probe : pmic interrupt registered
[ 3.933422] wake enabled for irq 39
[ 3.933706] Freeing init memory: 152K
[ 3.997046] init: Unable to open persistent property directory /data/property errno: 2
[ 3.999240] enabling adb
[ 4.000259] adb_open
[ 4.058176] yaffs: dev is 32505860 name is "mtdblock4" rw
[ 4.058274] yaffs: passed flags ""
[ 4.058431] yaffs: yaffs: Attempting MTD mount of 31.4,"mtdblock4"
[ 4.064059] yaffs: yaffs_read_super: is_checkpointed 1
[ 4.194496] mmc0: new high speed MMC card at address 0001
[ 4.201024] mmcblk0: mmc0:0001 SEM16G 14.8 GiB
[ 4.201455] mmcblk0: p1 (system) p2 (userdata) p3 (media)
[ 11.794385] Restarting system.
[ 11.794487]
[ 11.794572] Restarting Linux version 2.6.35.14KalimochoAz+ ([email protected]) (gcc version 4.4.3 (GCC) ) #13 PREEMPT Wed Sep 21 15:59:01 CEST 2011
[ 11.794584]
[ 11.796704] arch_reset: attempting watchdog reset

What .ko's from kernel build?

I just successfully built a kernel with my phone over nfs (wifi). I used gcc-armhf or rather to be specific, when it complained I set 'CROSS_COMPILER=/usr/bin/', cleaned, and retried. Everything seems to have went fine, and as expected I have the zImage in arch/arm/boot and the modules are scattered around, but theres a list on stdout I can use to copy them somewhere.
1.) Which kernel object files do I need?
2.) I will look at the device/samsung/d2spr/extract-files.sh file to see where I should put them, but where should I put the ones that may have been created from the config changes and are not listed?
My first couple of trys failed due to the kernel being too large, so I changed some things to modules that I think can wait to load or set up an init script. I also didn't use mkbootimg, I used abootimg, that may have been why, not too sure. I used unmkbootimg and saved the stdout to a file this time and built the kernel on my phone, still, those are some questions I still have.
Edit: Another way to ask this question...
3.) Do I need to replace the 'blobs' that I got from the official CM ROM with the ones I just built?
4.) Do the modules I built contain the proprietary code to run the hardware, or where some (wifi driver for instance) 'filled' in with 'dummy code'?
Note: The zImage built was 3699216 bytes or about 3.6 MB. The zImage I need to replace is "Kernel size 3907440" or roughly 3.9MB, things are looking good, for once! :highfive:
Just use a script to find and copy all of them
Code:
find . -iname '*.ko' -exec cp {} MODULES_OUTPUT_FOLDER_HERE \;
Run from the root folder of your kernel source
Kernel modules go in the system/lib/modules folder
They contain code to assist the kernel, it's not so much proprietary blobs like pulling libs from stock to get AOSP working but they are device and kernel specific. The entire source for each module is there...so it's not proprietary or else someone would get sued
And no, they don't get filled in with dummy code, they get built with drivers that have been adapted for the specific board and then for the specific phone model and kernel code. Modules add in what the kernel leaves out...the kernel might say "initialize wifi chip, load driver and then connect", but the main code with all the specifics of how to do that is actually stored in the wifi module (dhd.ko)
CNexus said:
Just use a script to find and copy all of them
Code:
find . -iname '*.ko' -exec cp {} MODULES_OUTPUT_FOLDER_HERE \;
Run from the root folder of your kernel source
Kernel modules go in the system/lib/modules folder
They contain code to assist the kernel, it's not so much proprietary blobs like pulling libs from stock to get AOSP working but they are device and kernel specific. The entire source for each module is there...so it's not proprietary or else someone would get sued
And no, they don't get filled in with dummy code, they get built with drivers that have been adapted for the specific board and then for the specific phone model and kernel code. Modules add in what the kernel leaves out...the kernel might say "initialize wifi chip, load driver and then connect", but the main code with all the specifics of how to do that is actually stored in the wifi module (dhd.ko)
Click to expand...
Click to collapse
Well, I hope all is not lost.
I took my last working zip I built and used an archive manager to crack it open, I replaced the zImage with the one I built on my phone. Then I replaced all .ko files that where built in system/lib/modules and closed the archive. I flashed it to my phone and installed it, now I am stuck in aboot loop and can't get to recovery.
What should I do? Can I fix it with Oden or something? That is what I used to originally root it.
Scratch that, I pulled the battery and pushed the buttons more cautiously (nervous shakes), in recovery.
What do ya think it coulda been?
I disabled paranoid networking, removed CIFS, and changed NFS to Modules instead of built-ins.
Edit: I'll try cross compiling on my lap-top, maybe had to do with the toolchain and arm abei(sp?), maybe wifi nfs is unreliable in witing to the disk?
Maybe if I use the original .ko files that I pulled from the device as per the CM extract-files.sh script, and just add the new kernel and new modules that didn't already exit?
I'll have to brute this out and hope I don't brick my phone in the process.
Kernels won't brick your phone unless it overclocks to the point where it's melting, otherwise you're good
What it sounds like is something went wrong and you had a kernel panic...or maybe the kernel didn't load at all
Check /proc/last_kmsg to see if it loaded at all
CNexus said:
Kernels won't brick your phone unless it overclocks to the point where it's melting, otherwise you're good
What it sounds like is something went wrong and you had a kernel panic...or maybe the kernel didn't load at all
Check /proc/last_kmsg to see if it loaded at all
Click to expand...
Click to collapse
My bad, as soon as I got into recovery I flashed a known working zip.
I am going to keep trying to build a custom kernel but I would like to figure out how to configure it within my source tree and let it get compiled with a rom.
but here is a cat of /proc/last_kmsg just incase it survived.
Code:
[ 0.000000] Truncating memory at 0xc0000000 to fit in 32-bit physical address space
[ 0.000000] smem_find(137, 80): wrong size 72
[ 0.023561] AXI: msm_bus_fabric_init_driver(): msm_bus_fabric_init_driver
[ 0.056035] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056035] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056065] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056065] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056065] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056096] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056096] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.056096] msm_rpm_get_status(): Status id 433 not defined for target
[ 0.076056] msm_gpiomux_install: write failure: -14
[ 0.076056] msm_gpiomux_install: write failure: -14
[ 0.076056] msm_gpiomux_install: write failure: -14
[ 0.076087] msm_gpiomux_install: write failure: -14
[ 0.125194] [msm8960_init_cam:1572]setting done!!
[ 0.177262] i2c i2c-14: Invalid 7-bit I2C address 0x00
[ 0.177384] i2c i2c-14: Can't create device at 0x00
[ 0.177872] i2c i2c-19: Failed to register i2c client cmc624 at 0x38 (-16)
[ 0.177964] i2c i2c-19: Can't create device at 0x38
[ 0.178483] Error-Bad Function Input
[ 0.179185] max8952 19-0060: DVS modes disabled because VID0 and VID1 do not have proper controls.
[ 0.407630] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: scm_pas
[ 0.418953] smd_channel_probe_worker: allocation table not initialized
[ 0.429757] msm_ipc_router_init: Unable to create IPC logging for IPC RTR
[ 0.430581] msm_ipc_router_ipc_log_init: Unable to create IPC logging for Req/Resp
[ 0.430856] msm_ipc_router_ipc_log_init: Unable to create IPC logging for Indications
[ 0.437082] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: acpuclk-8960
[ 0.473950] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: dtv
[ 0.477857] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: mdp
[ 0.491316] pm_runtime: fail to wake up
[ 0.991881] hdmi_msm hdmi_msm.1: external_common_state_create: sysfs group eeb42a08
[ 0.993804] Inside writeback_driver_init
[ 0.994353] Inside writeback_probe
[ 1.534289] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: rotator
[ 1.548023] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: grp3d
[ 1.558583] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: grp2d0
[ 1.568686] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: grp2d1
[ 1.602289] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: qsee
[ 1.789500] cm36651_setup_reg: initial proximity value = 0
[ 1.910697] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: usb
[ 1.930016] mms_ts 3-0048: [TSP] ISC Ver [0xbd] [0x22] [0x22]
[ 1.934777] mms_ts 3-0048: [TSP] fw is latest. Do not update.
[ 1.947077] [__s5c73m3_probe:3868] S5C73M3 probe
[ 1.950862] [s5c73m3_sensor_probe_cb:3843] Entered
[ 1.955562] [s5c73m3_i2c_probe:3725] Entered
[ 1.959896] [s5c73m3_init_client:3424] Entered
[ 1.965359] [s5c73m3_i2c_probe:3745] Exit
[ 1.968655] [s5c73m3_sensor_probe:3776] Entered
[ 1.973081] [s5c73m3_spi_init:226] Entered
[ 1.977170] [s5c73m3_spi_probe:191] Entered
[ 1.981321] [s5c73m3_spi_probe:201] s5c73m3_spi successfully probed
[ 1.987669] [s5c73m3_sensor_probe : 3799] Probe_done!!
[ 2.042698] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: msm_sdcc
[ 2.049076] couldn't get usb power supply
[ 2.057530] mmc0: No card detect facilities available
[ 2.064153] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: msm_sdcc
[ 2.081245] AXI: msm_bus_scale_register_client(): msm_bus_scale_register_client: name: msm_sdcc
[ 2.093575] aat1290a_led_probe : Probe
[ 2.378849] bam_dmux_init : unable to create IPC Logging Context
[ 2.419594] cypress_touchkey 16-0020: Touchkey FW Version: 0x06
[ 2.534594] init: invalid uid 'fm_radio'
[ 2.950068] enable_store: android_usb: already disabled
[ 2.954768] init: Unable to open persistent property directory /data/property errno: 2
[ 87.924614] SysRq : Emergency Remount R/O
[ 88.153181] Restarting system.
No errors detected
Maybe disabling Android's Paranoid Networking breaks other things?
If this wont work, maybe I will try writing a post installation script for apt-get and try to get Android to recognize the new packages nd define some permission for that .xml file I know is hiding somewhere. I might have to create a database of permissions required for all the packages in the repos (that would suck). But really, if I could just get basic Linux filesystem permissions I wouldn't need to do all of that. That whole, "only allow certain groups to create sockets" option is pulling the chair out from under me. I'll have to study the source for the filesystem a little deeper, maybe I can disable it (or at least allow root) from the source without taking it out of the kernel config.
For instance, postgresql needs to open a socket and bind to a port, it tries ipv4 an ipv6 AF_INET and AF_INET6, and this paranoid feature will check the processes gid as well as other permissions I think to see if it can. So I tried setting the gid bit to run /etc/init.d/postrgresql as gid AID_INET but it still fails, probably because the file is not listed in that .xml file I mentioned earlier. I think a post installation script might work best if I can't turn the feature off or fix it to be more permissive.
I think the packing have some issue.. Go into my github check moto_tool their u can see unpack repack txt file open it. Change the value as per you phone and you are done

[Completed] How to read last_kmsg after crash?

My Moto X (2013, Dev Edition on VZW, 5.1 L w/ Xposed and root and unlocked BL) seem to spontaneous reboot a couple times a day, doing different things, usually Bluetooth is on while I'm doing something else, but can't find any other common factors. Sometimes I'm just checking Google Now topics, sometimes I'm checking links in Chrome (but also happens with Dolphin)
I searched XDA and it says to check out last_kmsg which I got, but it's rather... dense? But there seems to be no kernel error. The log mainly contains "wlan:" notes, until it reaches the following:
[ 1021.376560,1] wlan: [1142:E :HDD] wlan_hdd_set_filter: Packet Filter Request
: FA 1 params 2
[ 1021.376651,0] wlan: [1118:E :CTL] Data Offset 4 Data Len 6
[ 1021.376682,0]
[ 1021.376834,0] wlan: [1118:E :CTL] CData: 51:51:255:154:134:164
[ 1021.376834,0]
[ 1021.376956,0] wlan: [1118:E :CTL] MData: 0:0:0:0:0:0
[ 1021.376956,0]
[ 1021.377658,0] wlan: [1118:E :CTL] UsData Off 8 UsSend 68 cfg -549414016
[ 1021.377780,0] wlan: [1118:E :CTL] Out: FID 3 FT 1
[ 1021.377841,0] wlan: [1118:E :CTL] NParams 2 CT 0
[ 1021.377903,0] wlan: [1118:E :CTL] Outroto 2 Comp Flag 1
[ 1021.377903,0]
[ 1021.378086,0] wlan: [1118:E :CTL] Data Offset 6 Data Len 2
[ 1021.378086,0]
[ 1021.378238,0] wlan: [1118:E :CTL] CData: 8:6:0:0:0:0
[ 1021.378238,0]
[ 1021.378360,0] wlan: [1118:E :CTL] MData: 0:0:0:0:0:0
[ 1021.378360,0]
[ 1021.378543,0] wlan: [1118:E :CTL] Outroto 2 Comp Flag 1
[ 1021.378543,0]
[ 1021.378666,0] wlan: [1118:E :CTL] Data Offset 32 Data Len 4
[ 1021.378666,0]
[ 1021.378849,0] wlan: [1118:E :CTL] CData: 10:0:0:4:0:0
[ 1021.378849,0]
[ 1021.379032,0] wlan: [1118:E :CTL] MData: 0:0:0:0:0:0
[ 1021.379032,0]
[ 1027.570333,1] SysRq : Emergency Remount R/O
[ 1027.621913,1] EXT4-fs (mmcblk0p36): re-mounted. Opts: (null)
[ 1027.661437,1] EXT4-fs (mmcblk0p23): re-mounted. Opts: (null)
[ 1027.671447,1] pn544 reboot notification received
[ 1027.671509,1] pn544_dev_ioctl ven_logic_high = 1.
[ 1027.671570,1] pn544_dev_ioctl ven_logic_low = 0.
[ 1027.671661,1] pn544_dev_ioctl discharge_delay = 0.
[ 1027.671722,1] pn544_dev_ioctl : power off
[ 1027.705997,1] pn544 calling ioctl power off returned = 0
[ 1027.706058,1] mmc0: reboot notification received
[ 1027.759132,1] EXT4-fs (mmcblk0p28): re-mounted. Opts: (null)
[ 1027.759377,1] Emergency Remount complete
[ 1028.306851,1] Disabling non-boot CPUs ...
[ 1028.308896,0] CPU1: shutdown
[ 1028.314115,0] Restarting system with command ''.
[ 1028.314176,0] Current task:init(1) Parent task:swapper/0(0)
[ 1028.314298,0] Going down for restart now
ABOOT.GIT = MBM-NG-V30.BE-0-g34b7ccb
TZ.GIT = MBM-NG-V30.BE-0-gc10fd11
RPM.GIT = MBM-NG-V30.BE-0-g2aa06de
SBL3.GIT = MBM-NG-V30.BE-0-gb2b97c8
SBL2.GIT = MBM-NG-V30.BE-0-gb2b97c8
SBL1.GIT = MBM-NG-V30.BE-0-gb2b97c8
Linux version 3.4.42-g756aa87 ([email protected]) (gcc version 4.8 (GCC) ) #1 S
MP PREEMPT Mon Aug 17 07:58:00 CDT 2015
RAM: Samsung, S4 SDRAM, 2048 MB, MR5:0x01, MR6:0x11, MR7:0x00, MR8:0x18
ACPU Krait PVS: 2 Hexagon: 1 Fuse: 0x10800
socinfo: id=138, ver=1.1, raw_id=2017, raw_ver=1, hw_plat=0, hw_plat_ver=65536,
hw_plat_subtype=0
No errors detected
Click to expand...
Click to collapse
So for 6 seconds WiFi went blank, which caused OS to panic and reboot? I'm a little confused. Where do I go and what do I read to figure out what's my phone's problem?
kschang said:
My Moto X (2013, Dev Edition on VZW, 5.1 L w/ Xposed and root and unlocked BL) seem to spontaneous reboot a couple times a day, doing different things, usually Bluetooth is on while I'm doing something else, but can't find any other common factors. Sometimes I'm just checking Google Now topics, sometimes I'm checking links in Chrome (but also happens with Dolphin)
I searched XDA and it says to check out last_kmsg which I got, but it's rather... dense? But there seems to be no kernel error. The log mainly contains "wlan:" notes, until it reaches the following:
So for 6 seconds WiFi went blank, which caused OS to panic and reboot? I'm a little confused. Where do I go and what do I read to figure out what's my phone's problem?
Click to expand...
Click to collapse
Greetings,
As a senior member of this site, with a device that has a dedicated forum, you are expected to know how to find your way. XDA Assist is for new members who need help finding their way, it is not a help desk for troubleshooting issues. Please re-read the sticky threads for this forum so you have a better understanding of what we do here.
Regards,
The_Merovingian
Forum Moderator
Thread closed.

Need help, Phone rebooting randomly

I am using Moto G 3(2015)
My phone is rebooting randomly without doing anything. It generally happen 2 - 3 times in a day.
I have taken bug report for last 5 reboot. I found below information in "Last kmsg" from bugreport file :
[ 17.103106,1] msm_cci_release invalid ref count 0 / cci state 1
[ 17.103122,1] msm_sensor_cci_i2c_util line 512 rc = -22
[ 17.103127,1] msm_actuator_close:1439 cci_init failed
[ 17.103423,1] msm_csid_init: CSID_VERSION = 0x30010000
[ 17.103884,1] msm_csid_init: Failed in getting TOP gdscr regulator handle
[ 17.105711,1] msm_csid_init: CSID_VERSION = 0x30010000
[ 17.107891,1] msm_csid_init: Failed in getting TOP gdscr regulator handle
[ 17.112417,0] msm_vfe40_init_qos_parms: NO D/S entries found
[ 17.112433,0] msm_vfe40_init_vbif_parms: NO VBIF entries found
[ 17.129867,0] MSM-CPP cpp_init_hardware:952 CPP HW Version: 0x40000000
[ 17.129883,0] MSM-CPP cpp_init_hardware:973 stream_cnt:0
[ 17.156069,1] MSM-CPP cpp_load_fw:1110 MC Bootloader Version: 0x312e3176
[ 17.161889,1] MSM-CPP cpp_load_fw:1123 CPP FW Version: 0x10040005
[ 17.437125,2] camera_check_event_status : event_data status out of bounds
[ 17.437141,2] camera_check_event_status : Line 71 event_data->status 0X10001
[ 17.437148,2] camera_v4l2_open : checking event status fails Line 592 rc -14
[ 17.438450,3] mdss_fb_release_all: try to close unopened fb 1! from init
[ 17.438474,3] mdss_fb_release_all: try to close unopened fb 0! from init
[ 17.439087,0] Restarting system with command 'post-wdt'.
[ 17.439099,0] Current task:init(1) Parent task:swapper/0(0)
[ 17.439114,0] Going down for restart now
[ 17.440404,0] scm_call failed: func id 0x82000109, arginfo: 0x2, args: 0x1, 0x0, 0x0, 0x0, ret: -2, syscall returns: 0xfffffffc, 0x0, 0x0
[ 17.440417,0] Failed to disable secure wdog debug: -22
Need help to find root cause of issue.
Information of phone:
Build: MPI24.65-25
Build fingerprint: 'motorola/osprey_retasia_ds_2gb/osprey_ud2:6.0/MPI24.65-25/28:user/release-keys'
Bootloader: 0x80CB
Radio: msm
Kernel: Linux version 3.10.49-g88eb8b3 ([email protected]) (gcc version 4.8 (GCC) ) #1 SMP PREEMPT Tue Dec 8 05:34:29 CST 2015
My moto g is also rebooting randomely :/
mcnico said:
My moto g is also rebooting randomely :/
Click to expand...
Click to collapse
My phone is rebooting in safe mode too, I think it is some hardware bug.
Maybe you can capture bug report for your phone and check if you are getting same error message.
Firstly I am too getting this issue. My phone reboots randomly 2-3 a day. Strangely it reboots even when it is idle for quiet some time.
Secondly did anyone resolve this issue.
Thirdly how do I get the BUG report that you got in the first post?

[SOLVED] Bootloop/kernel panic in meminfo_proc_show() 3.10.65+ trying to port LOS12.1

Hello Android kernel hackers,
I am trying to port the current ASB-patched LOS12.1 (github "cm12-amami") to a Teclast 98 (M1E9) tablet for which kernel sources are missing. My build completes fine, however, I run into a boot loop due to kernel panic with an (at least for me) totally unhelpful stack trace:
During init.rc processing, the kernel panics on logd startup when logd tries to read from /proc/meminfo with the following stack trace:
Code:
[ 126.200788]00:02:29.656321 openat(AT_FDCWD, "/proc/meminfo", O_RDONLY) = 4
[ 126.200956]00:02:29.656496 fstat(4, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
[ 126.201077]00:02:29.656614 mprotect(0x7faf52b000, 4096, PROT_READ|PROT_WRITE) = 0
[ 126.201187]00:02:29.656726 mprotect(0x7faf52b000, 4096, PROT_READ) = 0
[ 126.202709]00:02:29.656833 read(4,
* KERNEL PANIC HAPPENS HERE!!! *
Code:
[ 126.202739]<1> (1)[949:logd]<1>start....
[ 126.202805]<1> (1)[949:logd]Unable to handle kernel NULL pointer dereference at virtual address 00000016
[ 126.202817]<1> (1)[949:logd]pgd = ffffffc070dee000
[ 126.202828]<1> (1)[949:logd][00000016] *pgd=0000000000000000 (1)[949:logd]
[ 126.202846]<1> (1)[949:logd][KERN Warning] ERROR/WARN forces debug_lock off!
[ 126.202854]<1> (1)[949:logd][KERN Warning] check backtrace:
[ 126.202868]<1> (1)[949:logd]CPU: 1 PID: 949 Comm: logd Tainted: G W 3.10.65+ #1
[ 126.202878]<1> (1)[949:logd]Call trace:
[ 126.202899]<1> (1)[949:logd][<ffffffc000088f50>] dump_backtrace+0x0/0x16c
[ 126.202913]<1> (1)[949:logd][<ffffffc0000890cc>] show_stack+0x10/0x1c
[ 126.202931]<1> (1)[949:logd][<ffffffc0009a69a0>] dump_stack+0x1c/0x28
[ 126.202947]<1> (1)[949:logd][<ffffffc0002f7210>] debug_locks_off+0x40/0x5c
[ 126.202960]<1> (1)[949:logd][<ffffffc00009a260>] oops_enter+0xc/0x28
[ 126.202974]<1> (1)[949:logd][<ffffffc000089100>] die+0x28/0x1d8
[ 126.202989]<1> (1)[949:logd][<ffffffc0009a49ec>] __do_kernel_fault.part.5+0x70/0x84
[ 126.203003]<1> (1)[949:logd][<ffffffc000094260>] do_page_fault+0x348/0x34c
[ 126.203017]<1> (1)[949:logd][<ffffffc000094350>] do_translation_fault+0x40/0x4c
[ 126.203030]<1> (1)[949:logd][<ffffffc0000813fc>] do_mem_abort+0x38/0x98
which does not seem to uncover the root cause, but rather the root cause stack trace seems to be:
Code:
[ 133.341226]<1>-(1)[949:logd]Call trace:
[ 133.341239]<1>-(1)[949:logd][<ffffffc0001f37d8>] meminfo_proc_show+0x50/0x3c4
[ 133.341255]<1>-(1)[949:logd][<ffffffc0001aefb8>] seq_read+0x1a4/0x40c
[ 133.341271]<1>-(1)[949:logd][<ffffffc0001ebeec>] proc_reg_read+0x4c/0x7c
[ 133.341285]<1>-(1)[949:logd][<ffffffc00018e75c>] vfs_read+0x88/0x170
[ 133.341298]<1>-(1)[949:logd][<ffffffc00018ebf0>] SyS_read+0x40/0x8c
[ 133.341310]<1>-(1)[949:logd]Code: 52800001 91326000 97fe67c1 aa0003f3 (f9400c00)
[ 133.341322]<1>-(1)[949:logd]---[ end trace 1b75b31a2719ed20 ]---
[ 133.341332]<1>-(1)[949:logd]Kernel panic - not syncing: Fatal exception
[ 133.341423]<1>-(1)[949:logd]mrdump: cpu[1] tsk:ffffffc073a3e000 ti:ffffffc070e64000
[ 134.241428]<1>-(1)[949:logd]
Most interestingly, the exact same kernel blob can successfully boot stock Android 5.1 and successfully read from /proc/meminfo when booted from stock boot.img while it crashes with my LOS12.1 build boot.img.
bootimg.cfg (using abootimg) is identical in both cases (except the boot size):
Code:
bootsize = 0x780000
pagesize = 0x800
kerneladdr = 0x40080000
ramdiskaddr = 0x44000000
secondaddr = 0x40f00000
tagsaddr = 0x4e000000
name = 1513588375
cmdline = bootopt=64S3,32N2,64N2 androidboot.selinux=permissive
Thanks a million in advance for any ideas or pointers about what might be going wrong with this stock kernel blob and my LOS12.1 build with regards to meminfo_proc_show()! :highfive:
awl14
Issue resolved!
Finally resolved by making changes (a whole number of, so I haven't tracked it down to one particular change) to my CM12.1 build's system partition, making it resemble the stock image more closely.
I still don't have any clues why the kernel would crash on reading from /proc/meminfo due to "wrong"/buggy contents in the system partition (/system file system), but as the issue is resolved, this can be regarded as a proof that such content in system can indeed matter in a critical way for the behaviour of the kernel...
My custom ROM for Teclast 98 (M1E9) runs fine now, I will publish a download link soon on xda.
Panic caused by kernel reading file /system/bin/cpuinfo
I encountered the same issue and was able to find the root cause. The kernel I'm dealing with has been modified by Chinese crooks who fake the amount of memory in the device by intercepting meminfo_proc_show(). In this routine, they read the file /system/bin/cpuinfo, apparently extracting the value to be shown to the user as the memory size from that file. The code does not even test the return code from the file opening routine, and simply crashes the kernel if the file is not present.

Categories

Resources