Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

Ticket #914 (closed defect: duplicate)

Opened 13 years ago

Last modified 12 years ago

Oops/Crash within HAL related to OS PCI register functions

Reported by: valins@soften.ktu.lt Assigned to:
Priority: major Milestone:
Component: madwifi: HAL Version: trunk
Keywords: Cc: valins@soften.ktu.lt
Patch is attached: 0 Pending:

Description

Today I have updated madwifi-ng sources to r1732 revision. Doing :

# ifconfig ath0 down
# iwconfig ath0 channel 0
# iwpriv ath0 mode 1
# iwconfig ath0 channel 42
# ifconfig ath0 192.168.4.1 up

[17179658.008000] Bad mode in data abort handler detected: mode IRQ_32
[17179658.008000] Internal error: Oops - bad mode: 0 [#1]
[17179658.008000] Modules linked in: bridge llc ath_pci ath_rate_sample wlan_scan_sta wlan_scan_ap wlan_xauth
 wlan_tkip wlan_ccmp wlan_acl wlan_wep wlan ath_hal ixp400_eth ixp400
[17179658.008000] CPU: 0
[17179658.008000] PC is at 0xffff0014
[17179658.008000] LR is at zz002db51c+0x44/0x3c8 [ath_hal]
[17179658.008000] pc : [<ffff0014>]    lr : [<bf0c9ff0>]    Tainted: P     
[17179658.008000] sp : c324dd30  ip : c324dd78  fp : c324dd98
[17179658.008000] r10: c02c0000  r9 : 00000006  r8 : c346af48
[17179658.008000] r7 : 00000000  r6 : c02c0000  r5 : c02c0000  r4 : c02c2688
[17179658.008000] r3 : c4820000  r2 : c02c0000  r1 : 00009930  r0 : c02c0000
[17179658.008000] Flags: nzCv  IRQs off  FIQs on  Mode IRQ_32  Segment user
[17179658.008000] Control: 39FF  Table: 032E8000  DAC: 00000015
[17179658.008000] Process ifconfig (pid: 1175, stack limit = 0xc324c250)
[17179658.008000] Stack: (0xc324dd30 to 0xc324e000)
[17179658.008000] dd20:                                     c02c0000 00009930 c02c0000 c4820000 
[17179658.008000] dd40: c02c2688 c02c0000 c02c0000 00000000 c346af48 00000006 c02c0000 c324dd98 
[17179658.008000] dd60: c324dd78 c324dd30 bf0c9ff0 ffff0014 20000092 ffffffff 02000000 c02c0000 
[17179658.008000] dd80: c346b1a4 00000000 c346af48 c324ddf0 c324dd9c bf0c6328 bf0c9fb8 c3aea5e0 
[17179658.008000] dda0: c3aea5e0 02000000 00000000 01000000 00000000 c02c04b4 00000000 00018000 
[17179658.008000] ddc0: 00000000 c01255b4 00000000 c346a280 c346b1a4 00000f26 c346af48 c346a000 
[17179658.008000] dde0: c02c0000 c324de28 c324ddf4 bf135740 bf0c6104 c324ddfc c002585c c01b2480 
[17179658.008000] de00: c346a000 c3fd2000 c3fd2280 c346a000 00000000 c3600d6c c38fa160 c324de3c 
[17179658.008000] de20: c324de2c c012c688 bf1355e0 c346a280 c324de60 c324de40 bf0f9a30 c012c630 
[17179658.008000] de40: c3fd2000 00001043 00001002 c324dec4 c38fa160 c324de70 c324de64 bf0f9ae0 
[17179658.008000] de60: bf0f9944 c324de84 c324de74 c012c688 bf0f9ad8 c3fd2000 c324dea4 c324de88 
[17179658.008000] de80: c012a390 c012c630 bee19d74 c324c000 00008914 c324dec4 c324df1c c324dea8 
[17179658.008000] dea0: c016c9ec c012a338 c324ded4 00000020 00000000 c3600d60 c3fd2000 00000000 
[17179658.008000] dec0: 00000000 61746830 00000000 00000000 00000000 10430000 c0a80401 0000bda0 
[17179658.008000] dee0: bee19dac 10430000 c0a80401 0000bda0 bee19dac 00008914 bee19d74 bee19d74 
[17179658.008000] df00: 00000036 c001af24 c324c000 bee19d98 c324df2c c324df20 c016d0d4 c016c384 
[17179658.008000] df20: c324df48 c324df30 c011f744 c016cf44 c033d460 bee19d74 00008914 c324df60 
[17179658.008000] df40: c324df4c c008853c c011f600 c033d460 bee19d74 c324df84 c324df64 c00885f8 
[17179658.008000] df60: c0088514 c0182664 c001e794 c033d460 fffffff7 00008914 c324dfa4 c324df88 
[17179658.008000] df80: c0088874 c008858c 00000000 00000004 00000000 bee19d74 00000000 c324dfa8 
[17179658.008000] dfa0: c001ad80 c0088840 00000004 00000000 00000005 00008914 bee19d74 bee19cec 
[17179658.008000] dfc0: 00000004 00000000 bee19d74 0004ec7c bee19e6c 0004ec20 bee19d98 00000005 
[17179658.008000] dfe0: 0005aae8 bee19cd8 000260e0 4004702c 20000010 00000005 00000000 00000000 
[17179658.008000] Backtrace:
[17179658.008000] [<bf0c9fac>] (zz002db51c+0x0/0x3c8 [ath_hal]) from [<bf0c6328>] (zz0002dbd2+0x230/0xf90 [at
h_hal])
[17179658.008000]  r8 = C346AF48  r7 = 00000000  r6 = C346B1A4  r5 = C02C0000
[17179658.008000]  r4 = 02000000 
[17179658.008000] [<bf0c60f8>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf135740>] (ath_init+0x16c/0x2f8 [ath_
pci])
[17179658.008000] [<bf1355d4>] (ath_init+0x0/0x2f8 [ath_pci]) from [<c012c688>] (dev_open+0x64/0xc4)
[17179658.008000] [<c012c624>] (dev_open+0x0/0xc4) from [<bf0f9a30>] (ieee80211_init+0xf8/0x164 [wlan])
[17179658.008000]  r4 = C346A280 
[17179658.008000] [<bf0f9938>] (ieee80211_init+0x0/0x164 [wlan]) from [<bf0f9ae0>] (ieee80211_open+0x14/0x18 
[wlan])
[17179658.008000]  r8 = C38FA160  r7 = C324DEC4  r6 = 00001002  r5 = 00001043
[17179658.008000]  r4 = C3FD2000 
[17179658.008000] [<bf0f9acc>] (ieee80211_open+0x0/0x18 [wlan]) from [<c012c688>] (dev_open+0x64/0xc4)
[17179658.008000] [<c012c624>] (dev_open+0x0/0xc4) from [<c012a390>] (dev_change_flags+0x64/0x138)
[17179658.008000]  r4 = C3FD2000 
[17179658.008000] [<c012a32c>] (dev_change_flags+0x0/0x138) from [<c016c9ec>] (devinet_ioctl+0x674/0x74c)
[17179658.008000]  r7 = C324DEC4  r6 = 00008914  r5 = C324C000  r4 = BEE19D74
[17179658.008000] [<c016c378>] (devinet_ioctl+0x0/0x74c) from [<c016d0d4>] (inet_ioctl+0x19c/0x1e8)
[17179658.008000] [<c016cf38>] (inet_ioctl+0x0/0x1e8) from [<c011f744>] (sock_ioctl+0x150/0x26c)
[17179658.008000] [<c011f5f4>] (sock_ioctl+0x0/0x26c) from [<c008853c>] (do_ioctl+0x34/0x78)
[17179658.008000]  r6 = 00008914  r5 = BEE19D74  r4 = C033D460 
[17179658.008000] [<c0088508>] (do_ioctl+0x0/0x78) from [<c00885f8>] (vfs_ioctl+0x78/0x2b4)
[17179658.008000]  r5 = BEE19D74  r4 = C033D460 
[17179658.008000] [<c0088580>] (vfs_ioctl+0x0/0x2b4) from [<c0088874>] (sys_ioctl+0x40/0x64)
[17179658.008000]  r6 = 00008914  r5 = FFFFFFF7  r4 = C033D460 
[17179658.008000] [<c0088834>] (sys_ioctl+0x0/0x64) from [<c001ad80>] (ret_fast_syscall+0x0/0x2c)
[17179658.008000]  r6 = BEE19D74  r5 = 00000000  r4 = 00000004 
[17179658.008000] Code: ea0000dd e59ff410 ea0000bb ea00009a (ea0000fa) 
[17179658.008000]  Segmentation fault

100% reproducable. r1724 was fine.

Also notice the top of backtrace:

[17179658.008000] PC is at 0xffff0014
[17179658.008000] LR is at [ath_hal]

Something is called at '0xffff0014' - does not seem correct and then it would have to return to 'zz002db51c+0x44/0x3c8' ... Something is fishy here already.

Attachments

wds-fixes.diff (1.7 kB) - added by Žilvinas Valinskas <valins@soften.ktu.lt> on 10/18/06 15:05:57.
Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>
phydisable.diff (0.8 kB) - added by Žilvinas Valinskas <valins@soften.ktu.lt> on 10/18/06 15:20:30.
Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>
phydisable.2.diff (0.8 kB) - added by Žilvinas Valinskas <valins@soften.ktu.lt> on 10/19/06 09:50:32.
Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>
wds-fixes.2.diff (1.8 kB) - added by Žilvinas Valinskas <valins@soften.ktu.lt> on 10/19/06 09:50:58.
Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>

Change History

09/25/06 10:38:21 changed by mrenzmann

Can you please try to narrow the culprit down to one of the changesets between r1725 and r1734? There have been no changes made to the HAL itself, but some to HAL-related files. I'm quite sure that the problem is caused outside the HAL, but only shows up inside.

09/25/06 10:42:46 changed by valins@soften.ktu.lt

Ok, I will try one change set at a time. Hold on.

09/25/06 11:41:33 changed by valins@soften.ktu.lt

r1727 - make install fixes seems harmless, so it must be r1726 is where problem starts.

# iwconfig ath0 channel 0
# [17179597.248000] Bad mode in data abort handler detected: mode ABT_32
[17179597.248000] Internal error: Oops - bad mode: 0 [#1]
[17179597.248000] Modules linked in: bridge llc ath_pci ath_rate_sample wlan_scan_sta wlan_scan_ap wlan_xauth
 wlan_tkip wlan_ccmp wlan_acl wlan_wep wlan ath_hal ixp400_eth ixp400
[17179597.248000] CPU: 0
[17179597.248000] PC is at 0xffff0284
[17179597.248000] LR is at zz0002dbd2+0x4c0/0xf90 [ath_hal]
[17179597.248000] pc : [<ffff0284>]    lr : [<bf0c65b8>]    Tainted: P     
[17179597.248000] sp : c01b1d8c  ip : c01b1dd4  fp : c01b1e28
[17179597.248000] r10: c02c0000  r9 : 00000006  r8 : bf0d7f34
[17179597.248000] r7 : 000000d3  r6 : c01b1e40  r5 : c02c0000  r4 : 00000006
[17179597.248000] r3 : c4820000  r2 : 00000000  r1 : 0000a228  r0 : c02c0000
[17179597.248000] Flags: nzCv  IRQs off  FIQs on  Mode ABT_32  Segment kernel
[17179597.248000] Control: 39FF  Table: 034C4000  DAC: 00000017
[17179597.248000] Process swapper (pid: 0, stack limit = 0xc01b0250)
[17179597.248000] Stack: (0xc01b1d8c to 0xc01b2000)
[17179597.248000] 1d80:                            c02c0000 0000a228 00000000 c4820000 00000006 
[17179597.248000] 1da0: c02c0000 c01b1e40 000000d3 bf0d7f34 00000006 c02c0000 c01b1e28 c01b1dd4 
[17179597.248000] 1dc0: c01b1d8c bf0c65b8 ffff0284 20000097 ffffffff 00000002 00000005 02000000 
[17179597.248000] 1de0: 00000020 00000001 000000a6 c02c04ec 00000000 00018000 00000001 bf134680 
[17179597.248000] 1e00: 00000001 c346a280 c346a3f4 c346a280 c02c0000 c346a280 c346a3f4 c01b1e74 
[17179597.248000] 1e20: c01b1e2c bf137b0c bf0c6104 c01b1e48 c0040348 c00402f8 00000008 c346a000 
[17179597.248000] 1e40: 098500d0 c01b1ec0 c01b1e54 c3497800 c346a280 c346a3f4 c3fd2280 7ffef502 
[17179597.248000] 1e60: 0000004b c01b615c c01b1e84 c01b1e78 bf0faefc bf137a18 c01b1ed4 c01b1e88 
[17179597.248000] 1e80: bf0fc1d0 bf0faef0 ffbf0fff c01b1f58 c01f9828 690541f1 00018568 c01b1ec0 
[17179597.248000] 1ea0: c3fd249c c0041720 c004cfd0 c01f9858 c01b1ed8 00000100 bf0fbfc0 c01b0000 
[17179597.248000] 1ec0: 00000000 c01b615c c01b1f08 c01b1ed8 c00406d0 bf0fbfcc c01b1ed8 c01b1ed8 
[17179597.248000] 1ee0: 00000001 c01f9630 0000000a c01f9600 00000001 690541f1 c01fb0e8 c01b1f30 
[17179597.248000] 1f00: c01b1f0c c003c528 c0040560 c01b2140 0000001f 00000020 c02023c4 0001866c 
[17179597.248000] 1f20: 00018568 c01b1f40 c01b1f34 c003c8e4 c003c4c4 c01b1f54 c01b1f44 c001b714 
[17179597.248000] 1f40: c003c8a8 ffffffff c01b1fc8 c01b1f58 c001a9e4 c001b6dc c0015360 60000013 
[17179597.248000] 1f60: 00000000 00000000 c001bf54 c01b0000 c01f3d28 c02023c4 0001866c 690541f1 
[17179597.248000] 1f80: 00018568 c01b1fc8 c01b1fb0 c01b1fa0 c001bd34 c001bf5c 60000013 ffffffff 
[17179597.248000] 1fa0: c01b1fc8 c01b1fb0 c001bd34 c001bf60 c01fbdcc c01f3da4 c01b4484 c01b1fd8 
[17179597.248000] 1fc0: c01b1fcc c001a2e4 c001bd08 c01b1ff4 c01b1fdc c00089fc c001a2cc c0008510 
[17179597.248000] 1fe0: c01f3e08 000039fd 00000000 c01b1ff8 00008030 c0008864 00000000 00000000 
[17179597.248000] Backtrace: 
[17179597.248000] [<bf0c60f8>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf137b0c>] (ath_set_channel+0x100/0x45
4 [ath_pci])
[17179597.248000] [<bf137a0c>] (ath_set_channel+0x0/0x454 [ath_pci]) from [<bf0faefc>] (change_channel+0x18/0
x1c [wlan])
[17179597.248000] [<bf0faee4>] (change_channel+0x0/0x1c [wlan]) from [<bf0fc1d0>] (scan_next+0x210/0x48c [wla
n])
[17179597.248000] [<bf0fbfc0>] (scan_next+0x0/0x48c [wlan]) from [<c00406d0>] (run_timer_softirq+0x17c/0x1fc)
[17179597.248000] [<c0040554>] (run_timer_softirq+0x0/0x1fc) from [<c003c528>] (__do_softirq+0x70/0xe0)
[17179597.248000] [<c003c4b8>] (__do_softirq+0x0/0xe0) from [<c003c8e4>] (irq_exit+0x48/0x50)
[17179597.248000] [<c003c89c>] (irq_exit+0x0/0x50) from [<c001b714>] (asm_do_IRQ+0x44/0x50)
[17179597.248000] [<c001b6d0>] (asm_do_IRQ+0x0/0x50) from [<c001a9e4>] (__irq_svc+0x24/0x60)
[17179597.248000]  r4 = FFFFFFFF 
[17179597.248000] [<c001bcfc>] (cpu_idle+0x0/0x54) from [<c001a2e4>] (rest_init+0x24/0x2c)
[17179597.248000]  r6 = C01B4484  r5 = C01F3DA4  r4 = C01FBDCC 
[17179597.248000] [<c001a2c0>] (rest_init+0x0/0x2c) from [<c00089fc>] (start_kernel+0x1a4/0x20c)
[17179597.248000] [<c0008858>] (start_kernel+0x0/0x20c) from [<00008030>] (0x8030)
[17179597.248000]  r4 = 000039FD 
[17179597.248000] Code: 00000000 00000000 00000000 e24ee008 (e88d4001) 
[17179597.248000]  <0>Kernel panic - not syncing: Aiee, killing interrupt handler!
[17179597.644000]  <0>Rebooting in 3 seconds..+Ethernet eth1: MAC address 00:01:af:00:20:ec

doing ifconfig ath0 down , before doesn't help either

# ifconfig ath0 down
# iwconfig ath0 channel 0
#  iwpriv ath0 mode 1
# iwconfig ath0 channel 42
# ifconfig ath0 192.168.4.1 up
[17179609.560000] Bad mode in data abort handler detected: mode ABT_32
[17179609.560000] Internal error: Oops - bad mode: 0 [#1]
[17179609.560000] Modules linked in: bridge llc ath_pci ath_rate_sample wlan_scan_sta wlan_scan_ap wlan_xauth
 wlan_tkip wlan_ccmp wlan_acl wlan_wep wlan ath_hal ixp400_eth ixp400
[17179609.560000] CPU: 0
[17179609.560000] PC is at 0xffff0284
[17179609.560000] LR is at zz0002dbd2+0x4dc/0xf90 [ath_hal]
[17179609.560000] pc : [<ffff0284>]    lr : [<bf0c65d4>]    Tainted: P     
[17179609.560000] sp : c3261c38  ip : c3261c80  fp : c3261cd4
[17179609.560000] r10: c02c0000  r9 : 00000006  r8 : bf0d7f34
[17179609.560000] r7 : 000000d3  r6 : c3261cec  r5 : c02c0000  r4 : 00000006
[17179609.560000] r3 : c4820000  r2 : c02c0000  r1 : 0000a228  r0 : c02c0000
[17179609.560000] Flags: nzCv  IRQs off  FIQs on  Mode ABT_32  Segment user
[17179609.560000] Control: 39FF  Table: 032D0000  DAC: 00000015
[17179609.560000] Process ifconfig (pid: 1108, stack limit = 0xc3260250)
[17179609.560000] Stack: (0xc3261c38 to 0xc3262000)
[17179609.560000] 1c20:                                                       c02c0000 0000a228 
[17179609.560000] 1c40: c02c0000 c4820000 00000006 c02c0000 c3261cec 000000d3 bf0d7f34 00000006 
[17179609.560000] 1c60: c02c0000 c3261cd4 c3261c80 c3261c38 bf0c65d4 ffff0284 20000097 ffffffff 
[17179609.560000] 1c80: 00000001 00000002 02000000 00000020 00000001 00000000 c02c07fc 00000000 
[17179609.560000] 1ca0: 00018000 00000001 bf134680 00000000 c32d4000 c346a280 c346a280 c02c0000 
[17179609.560000] 1cc0: c346a280 c346a464 c3261d20 c3261cd8 bf137b0c bf0c6104 c3261cf4 00000000 
[17179609.560000] 1ce0: 00000000 00000000 c346a000 145a0150 00000000 00000000 c3fd2280 c32d4000 
[17179609.560000] 1d00: c346a280 c32d4000 00000000 c346a280 c346a464 c3261d44 c3261d24 bf0f3250 
[17179609.560000] 1d20: bf137a18 c32d41b0 c32d4000 c3fd2280 c3fd249c c346a280 c3261d74 c3261d48 
[17179609.560000] 1d40: bf0f43a4 bf0f31e8 00000041 00000000 c346a280 00000001 c3fd2280 00000000 
[17179609.560000] 1d60: c32d4000 00000000 c3261da8 c3261d78 bf0fa5e4 bf0f41b8 c013ca98 c0032284 
[17179609.560000] 1d80: c346a280 c3fd2280 00000000 c346a000 c3fd2280 c02c0000 c346a280 c3261dc8 
[17179609.560000] 1da0: c3261dac bf0fad28 bf0fa3cc 00000000 0000114c 00000000 00000001 c3261e20 
[17179609.560000] 1dc0: c3261dcc bf13dc9c bf0faba4 00000000 c01c0c08 c01c4284 c346b9fc 00000000 
[17179609.560000] 1de0: 00000000 c346a000 c346a280 c32d4000 00000187 00000000 00000001 00000000 
[17179609.560000] 1e00: c3fd2280 c346a000 00000000 c35d1d6c c38fa160 c3261e3c c3261e24 bf0f8f2c 
[17179609.560000] 1e20: bf13db90 c346a280 c3fd2000 c3fd2280 c3261e60 c3261e40 bf0f9a08 bf0f8f08 
[17179609.560000] 1e40: c3fd2000 00001043 00001002 c3261ec4 c38fa160 c3261e70 c3261e64 bf0f9ae8 
[17179609.560000] 1e60: bf0f994c c3261e84 c3261e74 c012c688 bf0f9ae0 c3fd2000 c3261ea4 c3261e88 
[17179609.560000] 1e80: c012a390 c012c630 bed06d74 c3260000 00008914 c3261ec4 c3261f1c c3261ea8 
[17179609.560000] 1ea0: c016c9ec c012a338 c3261ed4 00000020 00000000 c35d1d60 c3fd2000 00000000 
[17179609.560000] 1ec0: 00000000 61746830 00000000 00000000 00000000 10430000 c0a80401 0000bda0 
[17179609.560000] 1ee0: bed06dac 10430000 c0a80401 0000bda0 bed06dac 00008914 bed06d74 bed06d74 
[17179609.560000] 1f00: 00000036 c001af24 c3260000 bed06d98 c3261f2c c3261f20 c016d0d4 c016c384 
[17179609.560000] 1f20: c3261f48 c3261f30 c011f744 c016cf44 c323fe80 bed06d74 00008914 c3261f60 
[17179609.560000] 1f40: c3261f4c c008853c c011f600 c323fe80 bed06d74 c3261f84 c3261f64 c00885f8 
[17179609.560000] 1f60: c0088514 bed06d98 c3261f9c c323fe80 fffffff7 00008914 c3261fa4 c3261f88 
[17179609.560000] 1f80: c0088874 c008858c 00000000 00000004 00000000 bed06d74 00000000 c3261fa8 
[17179609.560000] 1fa0: c001ad80 c0088840 00000004 00000000 00000005 00008914 bed06d74 bed06cec 
[17179609.560000] 1fc0: 00000004 00000000 bed06d74 0004ec7c bed06e6c 0004ec20 bed06d98 00000005 
[17179609.560000] 1fe0: 0005aae8 bed06cd8 000260e0 4004702c 20000010 00000005 00000000 00000000 
[17179609.560000] Backtrace: 
[17179609.560000] [<bf0c60f8>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf137b0c>] (ath_set_channel+0x100/0x45
4 [ath_pci])
[17179609.560000] [<bf137a0c>] (ath_set_channel+0x0/0x454 [ath_pci]) from [<bf0f3250>] (ieee80211_sta_join1+0
x74/0x14c [wlan])
[17179609.560000] [<bf0f31dc>] (ieee80211_sta_join1+0x0/0x14c [wlan]) from [<bf0f43a4>] (ieee80211_create_ibs
s+0x1f8/0x394 [wlan])
[17179609.560000]  r8 = C346A280  r7 = C3FD249C  r6 = C3FD2280  r5 = C32D4000
[17179609.560000]  r4 = C32D41B0 
[17179609.560000] [<bf0f41ac>] (ieee80211_create_ibss+0x0/0x394 [wlan]) from [<bf0fa5e4>] (__ieee80211_newsta
te+0x224/0x7d8 [wlan])
[17179609.560000] [<bf0fa3c0>] (__ieee80211_newstate+0x0/0x7d8 [wlan]) from [<bf0fad28>] (ieee80211_newstate+
0x190/0x274 [wlan])
[17179609.560000] [<bf0fab98>] (ieee80211_newstate+0x0/0x274 [wlan]) from [<bf13dc9c>] (ath_newstate+0x118/0x
7c4 [ath_pci])
[17179609.560000]  r6 = 00000001  r5 = 00000000  r4 = 0000114C 
[17179609.560000] [<bf13db84>] (ath_newstate+0x0/0x7c4 [ath_pci]) from [<bf0f8f2c>] (ieee80211_new_state+0x30
/0x40 [wlan])
[17179609.560000] [<bf0f8efc>] (ieee80211_new_state+0x0/0x40 [wlan]) from [<bf0f9a08>] (ieee80211_init+0xc8/0
x164 [wlan])
[17179609.560000]  r6 = C3FD2280  r5 = C3FD2000  r4 = C346A280 
[17179609.560000] [<bf0f9940>] (ieee80211_init+0x0/0x164 [wlan]) from [<bf0f9ae8>] (ieee80211_open+0x14/0x18 
[wlan])
[17179609.560000]  r8 = C38FA160  r7 = C3261EC4  r6 = 00001002  r5 = 00001043
[17179609.560000]  r4 = C3FD2000 
[17179609.560000] [<bf0f9ad4>] (ieee80211_open+0x0/0x18 [wlan]) from [<c012c688>] (dev_open+0x64/0xc4)
[17179609.560000] [<c012c624>] (dev_open+0x0/0xc4) from [<c012a390>] (dev_change_flags+0x64/0x138)
[17179609.560000]  r4 = C3FD2000 
[17179609.560000] [<c012a32c>] (dev_change_flags+0x0/0x138) from [<c016c9ec>] (devinet_ioctl+0x674/0x74c)
[17179609.560000]  r7 = C3261EC4  r6 = 00008914  r5 = C3260000  r4 = BED06D74
[17179609.560000] [<c016c378>] (devinet_ioctl+0x0/0x74c) from [<c016d0d4>] (inet_ioctl+0x19c/0x1e8)
[17179609.560000] [<c016cf38>] (inet_ioctl+0x0/0x1e8) from [<c011f744>] (sock_ioctl+0x150/0x26c)
[17179609.560000] [<c011f5f4>] (sock_ioctl+0x0/0x26c) from [<c008853c>] (do_ioctl+0x34/0x78)
[17179609.560000]  r6 = 00008914  r5 = BED06D74  r4 = C323FE80 
[17179609.560000] [<c0088508>] (do_ioctl+0x0/0x78) from [<c00885f8>] (vfs_ioctl+0x78/0x2b4)
[17179609.560000]  r5 = BED06D74  r4 = C323FE80 
[17179609.560000] [<c0088580>] (vfs_ioctl+0x0/0x2b4) from [<c0088874>] (sys_ioctl+0x40/0x64)
[17179609.560000]  r6 = 00008914  r5 = FFFFFFF7  r4 = C323FE80 
[17179609.560000] [<c0088834>] (sys_ioctl+0x0/0x64) from [<c001ad80>] (ret_fast_syscall+0x0/0x2c)
[17179609.560000]  r6 = BED06D74  r5 = 00000000  r4 = 00000004 
[17179609.560000] Code: 00000000 00000000 00000000 e24ee008 (e88d4001) 
[17179609.560000]  <0>Kernel panic - not syncing: Aiee, killing interrupt handler!
[17179610.184000]  <0>Rebooting in 3 seconds..+Ethernet eth1: MAC address 00:01:af:00:20:ec

09/25/06 12:04:31 changed by anonymous

See madwifi.org/changeset/1726#file10. Can this all be related to bswap32() removal ?

09/25/06 13:28:21 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

It doesn't seem to be related to madwifi.org/changeset/1726#file10. Looking to the backtrace, it seems very strange (note that ath0 is in master mode), yet there are :

dev_open ->
 ieee80211_open ->
  ieee80211_init ->
   ieee80211_create_ibss ->
    ieee80211_sta_join1  (!???? - ath0 interface is in 'master' mode)
     ath_set_channel() - no luck, kernel is dying here ...

09/25/06 15:09:46 changed by mentor

  • status changed from new to assigned.
  • owner set to mentor.

09/25/06 20:44:32 changed by mentor

I've obviously changed the way PCI registers are accessed in r1732. {read,write}{b,w,l} should perform native PCI endian to CPU/Host endian conversion automatically. raw_{read,write}{b,w,l}. Given the nature of the PCI register access in the IXP425, I must admit I am somewhat surprised that this ever worked.

09/26/06 10:27:45 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

I think you meant r1726 and r1729 changesets ? Those changes seems logical (perhaps I am missing something in this picture, but still, on IXP425 (BE) write{l,w,b}/read{l,w,b} expand like this :

include/asm-arm/arch-ixp4xx/io.h:

#define writel(v, p)                    __ixp4xx_writel(v, p)

__ixp4xx_writel() expands to:

__ixp4xx_writel(u32 value, volatile void __iomem *p)
        u32 addr = (u32)p;
        if (addr >= VMALLOC_START) {
                __raw_writel(value, addr);
                return;
        }

        ixp4xx_pci_write(addr, NP_CMD_MEMWRITE, value);
}


It doesn't seem that ixp4xx_pci_write() does any additonal byteswapping ? I don't understand how does it work then prior r1727 change.

Puzzled ... Don't know how to make it right too.

09/26/06 10:31:59 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

Generic ARM read{l,w,b}/write{l,w,b} from include/asm-arm/io.h file appears to do byteswapping as it was done previously (yet arch specific write/read{l,w,b} on ixp4xx ARCH doesn't do any byteswapping).

#define writel(v,c)             __raw_writel((__force __u32) \
                                        cpu_to_le32(v),__mem_pci(c))

....

#define readl(c) ({ __u32 __v = le32_to_cpu((__force __le32) \
                                        __raw_readl(__mem_pci(c))); __v; })

Buggy read{l,w,b}/write{l,w,b} on IXP4xx ?

09/26/06 10:59:59 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

on r1732 ath_hal_reg_write (gcc -E) output:

void
ath_hal_reg_write(struct ath_hal *ah, u_int reg, u_int32_t val)
{
 do { (0x4000 <= (reg) && (reg) < 0x5000) 
    ?  ((void)0, *(volatile unsigned int *)(((void *)((ah)->ah_sh + (reg)))) = (( __u32) ((__le32)(__builtin_constant_p((__u32)(((val)))) ? ({ __u32 __x = ((((val)))); ((__u32)( (((__u32)(__x) & (__u32)0x000000ffUL) << 24) | (((__u32)(__x) & (__u32)0x0000ff00UL) << 8) | (((__u32)(__x) & (__u32)0x00ff0000UL) >> 8) | (((__u32)(__x) & (__u32)0xff000000UL) >> 24) )); })   

    : __fswab32((((val)))))))) : ((void)0, *(volatile unsigned int *)((void *)((ah)->ah_sh + (reg))) = ((val))); } while (0);
}

on r1724 ath_hal_reg_write (gcc -E) output:

void
ath_hal_reg_write(struct ath_hal *ah, u_int reg, u_int32_t val)
{
 do { 
  if ( (reg) >= 0x4000 && (reg) < 0x5000) 
      *((volatile u_int32_t *)((ah)->ah_sh + (reg))) = __bswap32((val)); 
  else 
      *((volatile u_int32_t *)((ah)->ah_sh + (reg))) = (val); } while (0);
}

From what I see it does the same, perhaps my eyes and brain already wrapped too many times and I just don't see a difference. !? In both cases byteswaping in done if register is within [0x4000, 0x5000) range - code generated is different only. This explain why it does work, but doesn't explain why I get a crash with HAL :(

09/27/06 01:21:12 changed by mentor

Wow. Good work.

09/27/06 02:53:42 changed by mentor

hmm. The raw functions may be the wrong ones to use.

10/07/06 15:28:19 changed by bhanuprakash

I'm using madwifi r1693 and ixp. I don't believe its specific to r1732 but noticed in the version I'm using.

My script file looks -

ifconfig ath0 down ifconfig ath1 down ifconfig ath0 up ifconfig ath1 up

and it crashes. I was running this script to diagnose the problem find in my big script file.

Attaching logs to help further -

root:/etc# !sh

sh test.sh

+ ifconfig ath0 down

+ ifconfig ath1 down

+ ifconfig ath2 down

+ ifconfig ath3 down

+ ifconfig ath0 up

Bad mode in data abort handler detected: mode IRQ_32

Internal error: Oops - bad mode: 0 #1

Modules linked in: wlan_scan_ap xt_tcpudp ipt_TOS xt_physdev ipt_u32 iptable_filter iptable_mangle ip_tables x_tables af_packet ath_pci ath_rate_sample wlan ath_hal ixp400_eth ixp400

CPU: 0

pc : [<ffff01fc>] lr : [<bf10ac18>] Tainted: PF

sp : c082bd1c ip : c082bd64 fp : c082bd84

r10: c33e8000 r9 : 00000006 r8 : c33e8000

r7 : 00000000 r6 : c33e8000 r5 : c33e8000 r4 : c33ea704

r3 : c58a0000 r2 : c33e8000 r1 : 00009930 r0 : c33e8000

Flags: nZCv IRQs off FIQs on Mode IRQ_32 Segment user

Control: 397F Table: 00864000 DAC: 00000015

Process ifconfig (pid: 953, stack limit = 0xc082a198)

Stack: (0xc082bd1c to 0xc082c000)

bd00: c33e8000

bd20: 00009930 c33e8000 c58a0000 c33ea704 c33e8000 c33e8000 00000000 c33e8000

bd40: 00000006 c33e8000 c082bd84 c082bd64 c082bd1c bf10ac18 ffff01fc 60000092

bd60: ffffffff 02000000 c33e8000 c32ff180 00000000 c33e8000 c082bddc c082bd88

bd80: bf106f84 bf10abe0 c0e6b000 c082bdb0 02000000 00000000 00000002 00000000

bda0: c33e8304 00000000 00018000 00000000 c0072c48 00000000 c32fe260 c32ff180

bdc0: 00000000 c33e8000 c32fef24 c32fe000 c082be14 c082bde0 bf159f2c bf106d60

bde0: c082bde8 c004af74 c0fd6990 c32fe000 00000000 c0e6b000 c32fe000 00000000

be00: 00000000 c082becc c082be2c c082be18 c01a8bc0 bf159d84 c0e6b260 c32fe260

be20: c082be50 c082be30 bf1374b4 c01a8b68 c0e6b000 00000000 00001002 00000000

be40: c0e6b000 c082be60 c082be54 bf137574 bf13744c c082be78 c082be64 c01a8bc0

be60: bf13756c c0e6b000 00001043 c082be98 c082be7c c01aa2ec c01a8b68 00000000

be80: ffffff9d 00000000 bea96a4c c082bf04 c082be9c c01ec59c c01aa294 c082a000

bea0: 00000000 00000000 00008914 00001043 0001d44c bea96cc4 00000003 30687461

bec0: 00000000 00000000 00000000 00001043 0001d44c bea96cc4 00000003 c1d9a0a0

bee0: ffffffe7 00008914 bea96a4c 00000000 c082a000 4013e884 c082bf14 c082bf08

bf00: c01eda80 c01ec2c4 c082bf38 c082bf18 c019ed84 c01ed9dc c1d9a0a0 ffffffe7

bf20: 00008914 bea96a4c 00000000 c082bf58 c082bf3c c008b198 c019eb3c c1d9a0a0

bf40: fffffff7 bea96a4c 00000004 c082bf84 c082bf5c c008b4d0 c008b168 c002c404

bf60: ffffffff c1d9a0a0 fffffff7 00008914 00000036 c0020f24 c082bfa4 c082bf88

bf80: c008b530 c008b1fc 00000000 bea96a4c bea96ad4 00000041 00000000 c082bfa8

bfa0: c0020d80 c008b4fc bea96a4c bea96ad4 00000004 00008914 bea96a4c 00001043

bfc0: bea96a4c bea96ad4 00000041 0001d8f4 4013fd28 bea96bec 4013e884 00000000

bfe0: 0001dd4c bea96a4c 00009414 400e4934 60000010 00000004 00002031 00002431

Backtrace:

Function entered at [<bf10abd4>] from [<bf106f84>]

r8 = C33E8000 r7 = 00000000 r6 = C32FF180 r5 = C33E8000

r4 = 02000000

Function entered at [<bf106d54>] from [<bf159f2c>]

Function entered at [<bf159d78>] from [<c01a8bc0>]

Function entered at [<c01a8b5c>] from [<bf1374b4>]

r5 = C32FE260 r4 = C0E6B260

Function entered at [<bf137440>] from [<bf137574>]

r8 = C0E6B000 r7 = 00000000 r6 = 00001002 r5 = 00000000

r4 = C0E6B000

Function entered at [<bf137560>] from [<c01a8bc0>]

Function entered at [<c01a8b5c>] from [<c01aa2ec>]

r5 = 00001043 r4 = C0E6B000

Function entered at [<c01aa288>] from [<c01ec59c>]

r7 = BEA96A4C r6 = 00000000 r5 = FFFFFF9D r4 = 00000000

Function entered at [<c01ec2b8>] from [<c01eda80>]

Function entered at [<c01ed9d0>] from [<c019ed84>]

Function entered at [<c019eb30>] from [<c008b198>]

r8 = 00000000 r7 = BEA96A4C r6 = 00008914 r5 = FFFFFFE7

r4 = C1D9A0A0

Function entered at [<c008b15c>] from [<c008b4d0>]

r7 = 00000004 r6 = BEA96A4C r5 = FFFFFFF7 r4 = C1D9A0A0

Function entered at [<c008b1f0>] from [<c008b530>]

r8 = C0020F24 r7 = 00000036 r6 = 00008914 r5 = FFFFFFF7

r4 = C1D9A0A0

Function entered at [<c008b4f0>] from [<c0020d80>]

r6 = 00000041 r5 = BEA96AD4 r4 = BEA96A4C

Code: 00000000 00000000 00000000 00000000 (00000000)

test.sh: line 8: 953 Segmentation fault ifconfig ath0 up

+ ifconfig ath1 up

10/09/06 14:19:05 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

There is a "cure" for this problem, at least it doesn't crash on ifconfig ath0 up anymore.

"Fix":

$ <loads modules>
$ iwpriv ath0 mode 3
$ iwpriv ath0 channel 6 # set it to any fixed channel, prevent scan!
$ ifconfig ath0 up      # not crashing anymore. 

If iwconfig ath0 channel 6 is skipped, kernel will crash as reported in earlier posts.

10/09/06 14:36:46 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

Hello bhanuprakash,

Please enable in your kernel's .config:

CONFIG_KALLSYMS=y
CONFIG_KALLSYMS_ALL=y
CONFIG_KALLSYMS_EXTRA_PASS=y
CONFIG_DEBUG_BUGVERBOSE=y

And post kernel crash dump again, don't forget to surround stacktrace with {{{ ... }}}

10/17/06 06:33:47 changed by nasmaster@comcast.net

I am using subversion trunk release 1753. I still see this problem. I will try the kernel options right now.

# ifconfig ath0 up
Bad mode in data abort handler detected: mode IRQ_32
Internal error: Oops - bad mode: 0 [#1]
Modules linked in: ath_pci ath_rate_sample ath_hal wlan_scan_sta wlan_scan_ap wlan ixp400_eth ixp400
CPU: 0
PC is at 0xffff01fc
LR is at 0xc0310000
pc : [<ffff01fc>]    lr : [<c0310000>]    Tainted: P     
sp : c3969d2c  ip : 01ff01ff  fp : c3969da0
r10: c0310000  r9 : 00000006  r8 : bf108f48
r7 : 0000ffff  r6 : c0310000  r5 : c0310000  r4 : 00000001
r3 : c4860000  r2 : 01ff01ff  r1 : 0000a180  r0 : 0000a180
Flags: Nzcv  IRQs off  FIQs on  Mode IRQ_32  Segment user
Control: 39FF  Table: 03928000  DAC: 00000015
Process ifconfig (pid: 771, stack limit = 0xc3968194)
Stack: (0xc3969d2c to 0xc396a000)
9d20:                            0000a180 0000a180 01ff01ff c4860000 00000001 
9d40: c0310000 c0310000 0000ffff bf108f48 00000006 c0310000 c3969da0 01ff01ff 
9d60: c3969d2c c0310000 ffff01fc 80000092 ffffffff c3969dcc c3969d82 c3969d80 
9d80: 00350005 000000c4 c0310000 c030f14c 000000dd c3969df8 c3969da4 bf0f76bc 
9da0: bf0f9cfc 00000002 00000003 00000000 00000000 00000001 00000000 c031024c 
9dc0: 00000000 00000000 00000000 00000000 00000f2e c030e220 c030e220 00000f2c 
9de0: c0310000 c030eef0 c030e000 c3969e30 c3969dfc bf11f958 bf0f711c c3969e04 
9e00: c00e1cc4 c00e19ac c030e000 c030e220 c3920000 c030e000 00000000 00000001 
9e20: 00000000 c3969e48 c3969e34 c013e4d4 bf11f828 c3920220 c030e220 c3969e6c 
9e40: c3969e4c bf0be638 c013e484 c3920000 00001043 00001002 00000000 00000000 
9e60: c3969e7c c3969e70 bf0be714 bf0be5cc c3969e94 c3969e80 c013e4d4 bf0be70c 
9e80: c3920000 00001043 c3969eb4 c3969e98 c01400fc c013e484 be936c84 00008914 
9ea0: c3969ee0 00000000 c3969f18 c3969eb8 c018408c c01400a8 00000000 c3920000 
9ec0: 10430000 0001738c be936f32 0000b1c8 61746830 00000000 00000000 00000000 
9ee0: 10430000 0001738c be936f32 0000b1c8 00008914 be936c84 be936c84 c3a6d5a0 
9f00: c001fde4 c3968000 40058330 c3969f30 c3969f1c c018637c c0183d9c 00008914 
9f20: be936c84 c3969f48 c3969f34 c0134a14 c01861e4 00008914 be936c84 c3969f60 
9f40: c3969f4c c0084fe0 c0134790 c3a6d5a0 be936c84 c3969f80 c3969f64 c008531c 
9f60: c0084fb8 00008ba4 be936e64 00000004 00008914 c3969fa4 c3969f84 c0085378 
9f80: c0085134 00000000 be936c84 be936cd0 00000041 00000036 00000000 c3969fa8 
9fa0: c001fc60 c0085340 be936c84 c0027324 00000004 00008914 be936c84 be936c80 
9fc0: be936c84 be936cd0 00000041 be936e74 00008ba4 be936e64 40058330 be936e6c 
9fe0: 40058750 be936c68 40046634 400465f0 60000010 00000004 00000000 00049720 
Backtrace: 
[<bf0f9cf0>] (zz06e0fc0d+0x0/0xa1c [ath_hal]) from [<bf0f76bc>] (zz0002dbd2+0x5ac/0xf90 [ath_hal])
 r7 = 000000DD  r6 = C030F14C  r5 = C0310000  r4 = 000000C4
[<bf0f7110>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf11f958>] (ath_init+0x13c/0x27c [ath_pci])
[<bf11f81c>] (ath_init+0x0/0x27c [ath_pci]) from [<c013e4d4>] (dev_open+0x5c/0xc0)
[<c013e478>] (dev_open+0x0/0xc0) from [<bf0be638>] (ieee80211_init+0x78/0x140 [wlan])
 r5 = C030E220  r4 = C3920220 
[<bf0be5c0>] (ieee80211_init+0x0/0x140 [wlan]) from [<bf0be714>] (ieee80211_open+0x14/0x18 [wlan])
 r8 = 00000000  r7 = 00000000  r6 = 00001002  r5 = 00001043
 r4 = C3920000 
[<bf0be700>] (ieee80211_open+0x0/0x18 [wlan]) from [<c013e4d4>] (dev_open+0x5c/0xc0)
[<c013e478>] (dev_open+0x0/0xc0) from [<c01400fc>] (dev_change_flags+0x60/0x12c)
 r5 = 00001043  r4 = C3920000 
[<c014009c>] (dev_change_flags+0x0/0x12c) from [<c018408c>] (devinet_ioctl+0x2fc/0x634)
 r7 = 00000000  r6 = C3969EE0  r5 = 00008914  r4 = BE936C84
[<c0183d90>] (devinet_ioctl+0x0/0x634) from [<c018637c>] (inet_ioctl+0x1a4/0x1dc)
[<c01861d8>] (inet_ioctl+0x0/0x1dc) from [<c0134a14>] (sock_ioctl+0x290/0x2b4)
 r5 = BE936C84  r4 = 00008914 
[<c0134784>] (sock_ioctl+0x0/0x2b4) from [<c0084fe0>] (do_ioctl+0x34/0x78)
 r5 = BE936C84  r4 = 00008914 
[<c0084fac>] (do_ioctl+0x0/0x78) from [<c008531c>] (vfs_ioctl+0x1f4/0x20c)
 r5 = BE936C84  r4 = C3A6D5A0 
[<c0085128>] (vfs_ioctl+0x0/0x20c) from [<c0085378>] (sys_ioctl+0x44/0x64)
 r5 = 00008914  r4 = 00000004 
[<c0085334>] (sys_ioctl+0x0/0x64) from [<c001fc60>] (ret_fast_syscall+0x0/0x2c)
 r7 = 00000036  r6 = 00000041  r5 = BE936CD0  r4 = BE936C84
Code: 00000000 00000000 00000000 00000000 (00000000) 
 Segmentation fault
# 

10/17/06 06:58:43 changed by nasmaster@comcast.net

It looks the same...

# # create and configure AP interface
# wlanconfig ath0 create wlandev wifi0 wlanmode ap
ath0
# iwconfig ath0 essid "my_ap_essid" channel 11
# wlanconfig wdsath10 create wlandev wifi0 wlanmode wds
wdsath10
# iwpriv wdsath10 wds_add  00:11:F9:FD:28:A6
wdsath10: Added WDS MAC: 00:11:f9:fd:28:a6
# iwpriv wdsath10 wds 1
# 
# ifconfig ath0 up 
Bad mode in data abort handler detected: mode IRQ_32
Internal error: Oops - bad mode: 0 [#1]
Modules linked in: ath_pci ath_rate_sample ath_hal wlan_scan_sta wlan_scan_ap wlan ixp400_eth ixp400
CPU: 0
PC is at 0xffff0014
LR is at 0xc0318000
pc : [<ffff0014>]    lr : [<c0318000>]    Tainted: P     
sp : c3af9d2c  ip : 01ff01ff  fp : c3af9da0
r10: c0318000  r9 : 00000006  r8 : bf108f48
r7 : 0000ffff  r6 : c0318000  r5 : c0318000  r4 : 00000001
r3 : c4860000  r2 : 01ff01ff  r1 : 0000a180  r0 : 0000a180
Flags: Nzcv  IRQs off  FIQs on  Mode IRQ_32  Segment user
Control: 39FF  Table: 03984000  DAC: 00000015
Process ifconfig (pid: 766, stack limit = 0xc3af8194)
Stack: (0xc3af9d2c to 0xc3afa000)
9d20:                            0000a180 0000a180 01ff01ff c4860000 00000001 
9d40: c0318000 c0318000 0000ffff bf108f48 00000006 c0318000 c3af9da0 01ff01ff 
9d60: c3af9d2c c0318000 ffff0014 80000092 ffffffff c3af9dcc c3af9d82 c3af9d80 
9d80: 0034000b 000000c4 c0318000 c032114c 000000dd c3af9df8 c3af9da4 bf0f76bc 
9da0: bf0f9cfc 00000002 00000003 00000000 00000000 00000001 00000000 c031824c 
9dc0: 00000000 00000000 00000000 00000000 00000f2e c0320220 c0320220 00000f2c 
9de0: c0318000 c0320ef0 c0320000 c3af9e30 c3af9dfc bf11f978 bf0f711c c3af9e04 
9e00: c00e4b1c c00e47b0 c0320000 c0320220 c3cf4000 c0320000 00000000 00000001 
9e20: 00000000 c3af9e48 c3af9e34 c014237c bf11f848 c3cf4220 c0320220 c3af9e6c 
9e40: c3af9e4c bf0be968 c014232c c3cf4000 00001043 00001002 00000000 00000000 
9e60: c3af9e7c c3af9e70 bf0bea44 bf0be8fc c3af9e94 c3af9e80 c014237c bf0bea3c 
9e80: c3cf4000 00001043 c3af9eb4 c3af9e98 c0144018 c014232c beb95c84 00008914 
9ea0: c3af9ee0 00000000 c3af9f18 c3af9eb8 c01885d8 c0143fc4 00000000 c3cf4000 
9ec0: 10430000 0001738c beb95f32 0000b1c8 61746830 00000000 00000000 00000000 
9ee0: 10430000 0001738c beb95f32 0000b1c8 00008914 beb95c84 beb95c84 c3c7bd20 
9f00: c001fde4 c3af8000 40058330 c3af9f30 c3af9f1c c018a8c8 c01882e8 00008914 
9f20: beb95c84 c3af9f48 c3af9f34 c0138738 c018a730 00008914 beb95c84 c3af9f60 
9f40: c3af9f4c c0086d10 c01384b4 c3c7bd20 beb95c84 c3af9f80 c3af9f64 c008704c 
9f60: c0086ce8 00008ba4 beb95e64 00000004 00008914 c3af9fa4 c3af9f84 c00870a8 
9f80: c0086e64 00000000 beb95c84 beb95cd0 00000041 00000036 00000000 c3af9fa8 
9fa0: c001fc60 c0087070 beb95c84 c0027384 00000004 00008914 beb95c84 beb95c80 
9fc0: beb95c84 beb95cd0 00000041 beb95e74 00008ba4 beb95e64 40058330 beb95e6c 
9fe0: 40058750 beb95c68 40046634 400465f0 60000010 00000004 00000000 00000011 
Backtrace: 
[<bf0f9cf0>] (zz06e0fc0d+0x0/0xa1c [ath_hal]) from [<bf0f76bc>] (zz0002dbd2+0x5ac/0xf90 [ath_hal])
 r7 = 000000DD  r6 = C032114C  r5 = C0318000  r4 = 000000C4
[<bf0f7110>] (zz0002dbd2+0x0/0xf90 [ath_hal]) from [<bf11f978>] (ath_init+0x13c/0x27c [ath_pci])
[<bf11f83c>] (ath_init+0x0/0x27c [ath_pci]) from [<c014237c>] (dev_open+0x5c/0xc0)
[<c0142320>] (dev_open+0x0/0xc0) from [<bf0be968>] (ieee80211_init+0x78/0x140 [wlan])
 r5 = C0320220  r4 = C3CF4220 
[<bf0be8f0>] (ieee80211_init+0x0/0x140 [wlan]) from [<bf0bea44>] (ieee80211_open+0x14/0x18 [wlan])
 r8 = 00000000  r7 = 00000000  r6 = 00001002  r5 = 00001043
 r4 = C3CF4000 
[<bf0bea30>] (ieee80211_open+0x0/0x18 [wlan]) from [<c014237c>] (dev_open+0x5c/0xc0)
[<c0142320>] (dev_open+0x0/0xc0) from [<c0144018>] (dev_change_flags+0x60/0x12c)
 r5 = 00001043  r4 = C3CF4000 
[<c0143fb8>] (dev_change_flags+0x0/0x12c) from [<c01885d8>] (devinet_ioctl+0x2fc/0x634)
 r7 = 00000000  r6 = C3AF9EE0  r5 = 00008914  r4 = BEB95C84
[<c01882dc>] (devinet_ioctl+0x0/0x634) from [<c018a8c8>] (inet_ioctl+0x1a4/0x1dc)
[<c018a724>] (inet_ioctl+0x0/0x1dc) from [<c0138738>] (sock_ioctl+0x290/0x2b4)
 r5 = BEB95C84  r4 = 00008914 
[<c01384a8>] (sock_ioctl+0x0/0x2b4) from [<c0086d10>] (do_ioctl+0x34/0x78)
 r5 = BEB95C84  r4 = 00008914 
[<c0086cdc>] (do_ioctl+0x0/0x78) from [<c008704c>] (vfs_ioctl+0x1f4/0x20c)
 r5 = BEB95C84  r4 = C3C7BD20 
[<c0086e58>] (vfs_ioctl+0x0/0x20c) from [<c00870a8>] (sys_ioctl+0x44/0x64)
 r5 = 00008914  r4 = 00000004 
[<c0087064>] (sys_ioctl+0x0/0x64) from [<c001fc60>] (ret_fast_syscall+0x0/0x2c)
 r7 = 00000036  r6 = 00000041  r5 = BEB95CD0  r4 = BEB95C84
Code: ea0000dd e59ff410 ea0000bb ea00009a (ea0000fa) 
 Segmentation fault
# 

similar results if I set the mode before ifup;ing

# # create and configure AP interface
# wlanconfig ath0 create wlandev wifi0 wlanmode ap
ath0
# iwpriv ath0 mode 3
# iwconfig ath0 essid "my_ap_essid" channel 11
# ifconfig ath0 up 
Bad mode in data abort handler detected: mode IRQ_32
Internal error: Oops - bad mode: 0 [#1]
Modules linked in: ath_pci ath_rate_sample ath_hal wlan_scan_sta wlan_scan_ap wlan ixp400_eth ixp400
CPU: 0
PC is at 0xffff0014
LR is at zz00b6d6bc+0x28/0x54 [ath_hal]
pc : [<ffff0014>]    lr : [<bf0f6d78>]    Tainted: P     
sp : c3acdd4c  ip : c3acdd94  fp : c3acdda8
r10: c0320000  r9 : c0320ef0  r8 : c0320000
r7 : c0318000  r6 : 00000000  r5 : c0318000  r4 : c0318000
r3 : c4860000  r2 : 00000000  r1 : 0000810c  r0 : c0318000
Flags: nzCv  IRQs off  FIQs on  Mode IRQ_32  Segment user
Control: 39FF  Table: 03ADC000  DAC: 00000015
Process ifconfig (pid: 762, stack limit = 0xc3acc194)
Stack: (0xc3acdd4c to 0xc3ace000)
dd40:                            c0318000 0000810c 00000000 c4860000 c0318000 
dd60: c0318000 00000000 c0318000 c0320000 c0320ef0 c0320000 c3acdda8 c3acdd94 
dd80: c3acdd4c bf0f6d78 ffff0014 20000092 ffffffff c0318000 c0320220 c3acddbc 
dda0: c3acddac bf0fe530 bf0f6d5c c0318000 c3acddd0 c3acddc0 bf0f6bdc bf0fe518 
ddc0: 00000000 c3acddf8 c3acddd4 bf1294fc bf0f6b98 0000001a 00000f2e c0320220 
dde0: c0320220 00000f2c c0318000 c3acde30 c3acddfc bf11f9e4 bf129410 c3acde04 
de00: c3acde28 c3acde10 c0320000 c0320220 c3872000 c0320000 00000000 00000001 
de20: 00000000 c3acde48 c3acde34 c014237c bf11f848 c3872220 c0320220 c3acde6c 
de40: c3acde4c bf0be968 c014232c c3872000 00001043 00001002 00000000 00000000 
de60: c3acde7c c3acde70 bf0bea44 bf0be8fc c3acde94 c3acde80 c014237c bf0bea3c 
de80: c3872000 00001043 c3acdeb4 c3acde98 c0144018 c014232c bef07c84 00008914 
dea0: c3acdee0 00000000 c3acdf18 c3acdeb8 c01885d8 c0143fc4 00000000 c3872000 
dec0: 10430000 0001738c bef07f32 0000b1c8 61746830 00000000 00000000 00000000 
dee0: 10430000 0001738c bef07f32 0000b1c8 00008914 bef07c84 bef07c84 c3c7ddc0 
df00: c001fde4 c3acc000 40058330 c3acdf30 c3acdf1c c018a8c8 c01882e8 00008914 
df20: bef07c84 c3acdf48 c3acdf34 c0138738 c018a730 00008914 bef07c84 c3acdf60 
df40: c3acdf4c c0086d10 c01384b4 c3c7ddc0 bef07c84 c3acdf80 c3acdf64 c008704c 
df60: c0086ce8 00008ba4 bef07e64 00000004 00008914 c3acdfa4 c3acdf84 c00870a8 
df80: c0086e64 00000000 bef07c84 bef07cd0 00000041 00000036 00000000 c3acdfa8 
dfa0: c001fc60 c0087070 bef07c84 c0027384 00000004 00008914 bef07c84 bef07c80 
dfc0: bef07c84 bef07cd0 00000041 bef07e74 00008ba4 bef07e64 40058330 bef07e6c 
dfe0: 40058750 bef07c68 40046634 400465f0 60000010 00000004 00080b60 00080ba8 
Backtrace: 
[<bf0f6d50>] (zz00b6d6bc+0x0/0x54 [ath_hal]) from [<bf0fe530>] (zz00b6f04d+0x24/0x5c [ath_hal])
 r5 = C0320220  r4 = C0318000 
[<bf0fe50c>] (zz00b6f04d+0x0/0x5c [ath_hal]) from [<bf0f6bdc>] (zz0b721aed+0x50/0x5c [ath_hal])
 r4 = C0318000 
[<bf0f6b8c>] (zz0b721aed+0x0/0x5c [ath_hal]) from [<bf1294fc>] (ath_startrecv+0xf8/0x108 [ath_pci])
 r4 = 00000000 
[<bf129404>] (ath_startrecv+0x0/0x108 [ath_pci]) from [<bf11f9e4>] (ath_init+0x1a8/0x27c [ath_pci])
 r8 = C0318000  r7 = 00000F2C  r6 = C0320220  r5 = C0320220
 r4 = 00000F2E 
[<bf11f83c>] (ath_init+0x0/0x27c [ath_pci]) from [<c014237c>] (dev_open+0x5c/0xc0)
[<c0142320>] (dev_open+0x0/0xc0) from [<bf0be968>] (ieee80211_init+0x78/0x140 [wlan])
 r5 = C0320220  r4 = C3872220 
[<bf0be8f0>] (ieee80211_init+0x0/0x140 [wlan]) from [<bf0bea44>] (ieee80211_open+0x14/0x18 [wlan])
 r8 = 00000000  r7 = 00000000  r6 = 00001002  r5 = 00001043
 r4 = C3872000 
[<bf0bea30>] (ieee80211_open+0x0/0x18 [wlan]) from [<c014237c>] (dev_open+0x5c/0xc0)
[<c0142320>] (dev_open+0x0/0xc0) from [<c0144018>] (dev_change_flags+0x60/0x12c)
 r5 = 00001043  r4 = C3872000 
[<c0143fb8>] (dev_change_flags+0x0/0x12c) from [<c01885d8>] (devinet_ioctl+0x2fc/0x634)
 r7 = 00000000  r6 = C3ACDEE0  r5 = 00008914  r4 = BEF07C84
[<c01882dc>] (devinet_ioctl+0x0/0x634) from [<c018a8c8>] (inet_ioctl+0x1a4/0x1dc)
[<c018a724>] (inet_ioctl+0x0/0x1dc) from [<c0138738>] (sock_ioctl+0x290/0x2b4)
 r5 = BEF07C84  r4 = 00008914 
[<c01384a8>] (sock_ioctl+0x0/0x2b4) from [<c0086d10>] (do_ioctl+0x34/0x78)
 r5 = BEF07C84  r4 = 00008914 
[<c0086cdc>] (do_ioctl+0x0/0x78) from [<c008704c>] (vfs_ioctl+0x1f4/0x20c)
 r5 = BEF07C84  r4 = C3C7DDC0 
[<c0086e58>] (vfs_ioctl+0x0/0x20c) from [<c00870a8>] (sys_ioctl+0x44/0x64)
 r5 = 00008914  r4 = 00000004 
[<c0087064>] (sys_ioctl+0x0/0x64) from [<c001fc60>] (ret_fast_syscall+0x0/0x2c)
 r7 = 00000036  r6 = 00000041  r5 = BEF07CD0  r4 = BEF07C84
Code: ea0000dd e59ff410 ea0000bb ea00009a (ea0000fa) 
 Segmentation fault
# 

thanks for your help.

10/17/06 23:30:43 changed by nasmaster@comcast.net

Something between 1725 and 1727 borked this on my xscale system, I can't ifconfig ath0 up anything greater that subversion revision 1725. (1726 won't build, fixed in 1727)

10/17/06 23:58:38 changed by nasmaster@comcast.net

I added back the bswap32 stuff in _OS_REG_WRITE and _OS_REG_READ and it is working again.

Is anyone else using a big endian system and having luck with subversion < 1727?

10/17/06 23:59:26 changed by nasmaster@comcast.net

oops "Is anyone else using a big endian system and having luck with subversion > 1727?"

10/18/06 10:20:04 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

Hmm, interesting. It seems you are using WDS. In my case it does not crash if I set mode and channel before ifconfig ath0 up. I haven't tried myself WDS here, but other people also complaining that WDS is borked.

Changing OS macros to older version doesn't change anything here.

Btw, which kernel version are you using. I have 2.6.18 + some patches to sort out RedBoot? lies (it lies about available ram on board, 256MB instead of 64MB). What Xscale board are you using (AVILA, AP1000, Gemtek board ?)

10/18/06 15:05:57 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

  • attachment wds-fixes.diff added.

Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>

10/18/06 15:07:29 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

Mentors, nasmaster, and anybody who's seeing similar hangs, please try attached patch, wds-fixes.diff. This might help ... Anybody with a good driver knowledge please verify.

10/18/06 15:20:30 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

  • attachment phydisable.diff added.

Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>

10/18/06 15:22:29 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

nasmaster@comcast.net,

Could you please try a phydisable.diff attached to this ticket and see if that helps ? It doesn't oops on ifconfig ath0 up/down here anymore .... Quite a hack, but does help here.

10/19/06 06:55:05 changed by mrenzmann

Signed-off-by's should contain a valid e-mail address for every "signee", so it would be nice if you could update the two patches accordingly. Thanks.

10/19/06 09:50:32 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

  • attachment phydisable.2.diff added.

Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>

10/19/06 09:50:58 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

  • attachment wds-fixes.2.diff added.

Signed-off-by: Žilvinas Valinskas <valins@soften.ktu.lt>

10/19/06 09:52:11 changed by Žilvinas Valinskas <valins@soften.ktu.lt>

Mrenzmann, properly signed-off patches attached (see wds-fixes.2.diff and phydisable.2.diff).

12/18/06 15:56:40 changed by roee

I have the exact same problem when working as a station and not WDS. I'm also using IXP425 (board is ADI Pronghorn) and I can reproduce this in both the stock 0.9.2 or r1860 from December 15.

12/19/06 17:49:22 changed by mrenzmann

@roee: tried the patch that's attached to this ticket already

12/22/06 10:37:28 changed by rozteck@interia.pl

I have also the same problem on r1860. I tried two different hal releases with this driver and both fails. So it seems that the bug is not in hal itself rather than being in the hal sources. I have applied phydisable.2.diff and the problem is not appearing anymore, so this is still a working workaround for that bug.

12/24/06 12:01:23 changed by roee

In case it's not clear from my earlier post I've tried r1860 with the phydisable.2.diff patch and it still crashes. BTW, the ifconfig down/up sequence doesn't have to be done quickly for the crash to happen. I have a simple bash loop that sleeps for 1 second between each operation and it still occurs. I suspect the problem is only related to the operations that are done during ifconfig up.

01/29/07 22:25:10 changed by rozteck@interia.pl

I have embraced the ath_hal_phydisable() call with preempt_disable() and preempt_enable() and it seemed that helped on my 2.6.18-rt7 kernel, but... now I'm sometime getting crashes in ath_hal_reg_read() called from other functions. Disabling preempts in ath_hal_reg_read doesn't help at all. My thought is that the ath_hal_reg_read/write functions aren't atomic on my kernel thus I'm getting those crashes. Any clues?

03/09/07 01:15:57 changed by mentor

The WDS fixes mentioned are in the refcount branch and which will be merged fairly soon.

I believe the os_reg_read macros are marginally correct these days... What architecture are you using?

03/09/07 01:16:52 changed by mentor

  • summary changed from Crash within Atheros HAL to Oops/Crash within HAL related to OS PCI register functions.

03/20/07 22:56:09 changed by anonymous

I run hostapd ap_conf and returns following error,

Bad mode in data abort handler detected: mode IRQ_32 Internal error: Oops - bad mode: 0 #1 Modules linked in: wlan_ccmp wlan_acl wlan_tkip wlan_xauth wlan_wep ath_pci ath_hal ath_rate_onoeCPU: 0 PC is at 0xffff0204 LR is at zz002db51c+0x44/0x3b4 [ath_hal] pc : [<ffff0204>] lr : [<bf0ff618>] Tainted: P sp : c3a49d10 ip : c3a49d58 fp : c3a49d78 r10: c0378000 r9 : 00000006 r8 : c03d2f20 r7 : 00000000 r6 : c0378000 r5 : c0378000 r4 : c037a6ec r3 : c58a0000 r2 : c0378000 r1 : 00009930 r0 : c0378000 Flags: nzCv IRQs off FIQs on Mode IRQ_32 Segment user Control: 39FF Table: 03CE8000 DAC: 00000015 Process hostapd (pid: 843, stack limit = 0xc3a48194) Stack: (0xc3a49d10 to 0xc3a4a000) 9d00: c0378000 00009930 c0378000 c58a0000 9d20: c037a6ec c0378000 c0378000 00000000 c03d2f20 00000006 c0378000 c3a49d78 9d40: c3a49d58 c3a49d10 bf0ff618 ffff0204 20000092 ffffffff c03d2260 c0378000 9d60: c03d3178 00000000 c03d2f20 c3a49dd0 c3a49d7c bf0fbedc bf0ff5e0 c0378000 9d80: c3a49da0 02000000 00000000 01000000 00000000 c0378784 00000000 00018000 9da0: 00000000 c31b4390 c03d2260 c03d3178 c0378000 c03d2000 c03d2f20 00000000 9dc0: 00000f1a c3a49e08 c3a49dd4 bf11e89c bf0fbccc c3a49ddc c01179f4 c01176c8 9de0: c03d2000 00000000 c3a0f260 c03d2000 00000000 00008914 c3a49eb4 c3a49e20 9e00: c3a49e0c c017bdd4 bf11e7bc c3a0f000 c03d2260 c3a49e44 c3a49e24 bf0c2938 9e20: c017bd44 c3a0f000 00000000 00001002 00000000 ffffff9d c3a49e54 c3a49e48 9e40: bf0c2970 bf0c2818 c3a49e6c c3a49e58 c017bdd4 bf0c2968 c3a0f000 00001003 9e60: c3a49e8c c3a49e70 c017d7e8 c017bd44 00000000 bebb7d34 00000000 c3a48000 9e80: c3a49efc c3a49e90 c01bec60 c017d790 00000014 00000000 00000000 c3a0f000 9ea0: 00000000 10030000 00000000 00000000 00000000 61746830 00000000 00000000 9ec0: 00000000 10030000 00000000 00000000 00000000 00008914 bebb7d34 ffffffe7 9ee0: bebb7d34 c0021e64 c3a48000 00000000 c3a49f14 c3a49f00 c01c1084 c01be988 9f00: bebb7d34 00008914 c3a49f38 c3a49f18 c0171fdc c01c0efc bebb7d34 bebb7d34 9f20: ffffffe7 00008914 c0021e64 c3a49f58 c3a49f3c c008bbe0 c0171f24 c0fd05c0 9f40: bebb7d34 00000003 00000000 c3a49f80 c3a49f5c c008bd70 c008bb78 c3a49fac 9f60: c3a49f6c fffffff7 bebb7d34 00008914 c0fd05c0 c3a49fa4 c3a49f84 c008bf58 9f80: c008bd08 00000000 bebb7d34 00047938 00000001 00000036 00000000 c3a49fa8 9fa0: c0021ce0 c008bf20 bebb7d34 00047938 00000003 00008914 bebb7d34 00001003 9fc0: bebb7d34 00047938 00000001 00047080 00047938 00045d60 00000000 00000001 9fe0: 00046108 bebb7d34 00026880 40212104 20000010 00000003 e5833000 ea00318b Backtrace: [<bf0ff5d4>] (zz002db51c+0x0/0x3b4 [ath_hal]) from [<bf0fbedc>] (zz0002dbd2+0x21c/0xde8 [ath_hal) r8 = C03D2F20 r7 = 00000000 r6 = C03D3178 r5 = C0378000

r4 = C03D2260

[<bf0fbcc0>] (zz0002dbd2+0x0/0xde8 [ath_hal]) from [<bf11e89c>] (ath_init+0xec/0x25c [ath_pci]) [<bf11e7b0>] (ath_init+0x0/0x25c [ath_pci]) from [<c017bdd4>] (dev_open+0x9c/0xcc) [<c017bd38>] (dev_open+0x0/0xcc) from [<bf0c2938>] (ieee80211_init+0x12c/0x150 [wlan])

r5 = C03D2260 r4 = C3A0F000

[<bf0c280c>] (ieee80211_init+0x0/0x150 [wlan]) from [<bf0c2970>] (ieee80211_open+0x14/0x18 [wlan) r8 = FFFFFF9D r7 = 00000000 r6 = 00001002 r5 = 00000000

r4 = C3A0F000

[<bf0c295c>] (ieee80211_open+0x0/0x18 [wlan]) from [<c017bdd4>] (dev_open+0x9c/0xcc) [<c017bd38>] (dev_open+0x0/0xcc) from [<c017d7e8>] (dev_change_flags+0x64/0x13c)

r5 = 00001003 r4 = C3A0F000

[<c017d784>] (dev_change_flags+0x0/0x13c) from [<c01bec60>] (devinet_ioctl+0x2e4/0x628)

r7 = C3A48000 r6 = 00000000 r5 = BEBB7D34 r4 = 00000000

[<c01be97c>] (devinet_ioctl+0x0/0x628) from [<c01c1084>] (inet_ioctl+0x194/0x1e4) [<c01c0ef0>] (inet_ioctl+0x0/0x1e4) from [<c0171fdc>] (sock_ioctl+0xc4/0x2bc)

r5 = 00008914 r4 = BEBB7D34

[<c0171f18>] (sock_ioctl+0x0/0x2bc) from [<c008bbe0>] (do_ioctl+0x74/0x8c)

r8 = C0021E64 r7 = 00008914 r6 = FFFFFFE7 r5 = BEBB7D34 r4 = BEBB7D34

[<c008bb6c>] (do_ioctl+0x0/0x8c) from [<c008bd70>] (vfs_ioctl+0x74/0x218)

r7 = 00000000 r6 = 00000003 r5 = BEBB7D34 r4 = C0FD05C0

[<c008bcfc>] (vfs_ioctl+0x0/0x218) from [<c008bf58>] (sys_ioctl+0x44/0x68)

r7 = C0FD05C0 r6 = 00008914 r5 = BEBB7D34 r4 = FFFFFFF7

[<c008bf14>] (sys_ioctl+0x0/0x68) from [<c0021ce0>] (ret_fast_syscall+0x0/0x2c)

r7 = 00000036 r6 = 00000001 r5 = 00047938 r4 = BEBB7D34

Code: 00000000 00000000 00000000 e24ee004 (e88d4001)

Segmentation fault

04/07/07 23:07:57 changed by roee

Answering mentor's question from March 9th: I use XScale arch.

04/26/07 21:04:30 changed by mike.taylor@apprion.com

I believe this is the same as #1049.

I have posted instructions to workaround on that ticket, but I'm also sending an email to the devel list for help on knowing why it's necessary to maybe get to the root cause.

04/29/07 21:48:42 changed by mentor

Try the patch on #1049.

05/27/07 02:01:13 changed by mentor

  • status changed from assigned to new.
  • owner deleted.

06/08/07 21:10:46 changed by mtaylor

  • status changed from new to closed.
  • resolution set to duplicate.

This is now a duplicate of #1049.