Thread: [Madwifi-users] Crash about bsd-branch0602.
Status: Beta
Brought to you by:
otaku
From: Wang w. <wwj...@gm...> - 2005-06-30 00:50:43
|
Hi all,=20 Environment : 1: madwifi-bsd AP; 2 the STA with power saving mode; 3 AP pin= g=20 STA;4 linux kernel 2.4.18=20 --------------------------------------------------------crash=20 information--------------------- # ping 192.168.5.12 <http://192.168.5.12/> PING 192.168.5.12Warning: kfree_skb passed an skb still on a list (from=20 c009c4e8). kernel BUG at skbuff.c:317! Unable to handle kernel paging request at virtual address 00000000, epc =3D= =3D=20 8015e21c, ra =3D=3D 8015e21c=20 Oops in fault.c:do_page_fault, line 172: --=20 Regards, Wang. |
From: Wang w. <wwj...@gm...> - 2005-06-30 00:56:30
|
-------------------------------------------------cat=20 proc/ksyms----------------------------- c009827c ifmedia_ioctl [wlan] c009c4e8 - c009827c =3D 426c 4488 - 21c =3D426c 2005/6/30, Wang wenjuan <wwj...@gm...>:=20 >=20 >=20 > Hi all,=20 > Environment : 1: madwifi-bsd AP; 2 the STA with power saving mode; 3 AP= =20 > ping STA;4 linux kernel 2.4.18=20 > --------------------------------------------------------crash=20 > information--------------------- > # ping 192.168.5.12 <http://192.168.5.12/> > PING 192.168.5.12Warning: kfree_skb passed an skb still on a list (from= =20 > c009c4e8).=20 > kernel BUG at skbuff.c:317! > Unable to handle kernel paging request at virtual address 00000000, epc = =3D=3D=20 > 8015e21c, ra =3D=3D 8015e21c=20 > Oops in fault.c:do_page_fault, line 172: >=20 > --=20 > Regards, > Wang.=20 --=20 Regards, Wang. |
From: Wang w. <wwj...@gm...> - 2005-06-30 01:01:51
|
---------------------------------objdump -Sd wlan.o bule line is crash=20 line----------------------- objdump result: 0000021c <ifmedia_ioctl>: ................ =20 case IEEE80211_FC0_TYPE_CTL: IEEE80211_NODE_STAT(ni, rx_ctrl); 4360: 8e620160 lw v0,352(s3) 4364: 00000000 nop 4368: 24420001 addiu v0,v0,1 436c: ae620160 sw v0,352(s3)=20 ic->ic_stats.is_rx_ctl++; 4370: 8e420038 lw v0,56(s2) if (ic->ic_opmode =3D=3D IEEE80211_M_HOSTAP) { 4374: 8e430734 lw v1,1844(s2) 4378: 24420001 addiu v0,v0,1 437c: ae420038 sw v0,56(s2)=20 4380: 24020006 li v0,6 4384: 1462001e bne v1,v0,4400 <ieee80211_input+0x1100> 4388: 240200a0 li v0,160 switch (subtype) { 438c: 16c2001c bne s6,v0,4400 <ieee80211_input+0x1100>=20 4390: 02402021 move a0,s2 case IEEE80211_FC0_SUBTYPE_PS_POLL: ieee80211_recv_pspoll(ic, ni, skb); 4394: 02602821 move a1,s3 4398: 3c020001 lui v0,0x1 439c: 24428adc addiu v0,v0,-29988=20 43a0: 0040f809 jalr v0 43a4: 02803021 move a2,s4 break; 43a8: 08001100 j 4400 <ieee80211_input+0x1100> 43ac: 00000000 nop } } goto out; default: IEEE80211_DISCARD(ic, IEEE80211_MSG_ANY,=20 43b0: 8e420160 lw v0,352(s2) 43b4: 00000000 nop 43b8: 1040000b beqz v0,43e8 <ieee80211_input+0x10e8> 43bc: 02202821 move a1,s1 43c0: 8fa20028 lw v0,40(sp) 43c4: 00000000 nop=20 43c8: afa20010 sw v0,16(sp) 43cc: 02402021 move a0,s2 43d0: 3c070000 lui a3,0x0 43d4: 24e70ca8 addiu a3,a3,3240 43d8: 3c020001 lui v0,0x1=20 43dc: 24428e9c addiu v0,v0,-29028 43e0: 0040f809 jalr v0 43e4: 00003021 move a2,zero wh, NULL, "bad frame type 0x%x", type); /* should not come here */ break; } err: ic->ic_devstats->rx_errors++; 43e8: 8e430148 lw v1,328(s2) 43ec: 00000000 nop 43f0: 8c620010 lw v0,16(v1) 43f4: 00000000 nop 43f8: 24420001 addiu v0,v0,1 43fc: ac620010 sw v0,16(v1) out: if (skb !=3D NULL)=20 4400: 12800021 beqz s4,4488 <ieee80211_input+0x1188> 4404: 00000000 nop */ static inline void kfree_skb(struct sk_buff *skb) { if (atomic_read(&skb->users) =3D=3D 1 || atomic_dec_and_test(&skb->users))= =20 4408: 8e830078 lw v1,120(s4) 440c: 24020001 li v0,1 4410: 10620019 beq v1,v0,4478 <ieee80211_input+0x1178> 4414: 00000000 nop extern __inline__ int atomic_sub_return(int i, atomic_t * v)=20 { int temp, flags; save_flags(flags); 4418: 40036000 mfc0 v1,$12 */ extern __inline__ void __cli(void) { __asm__ __volatile__( 441c: 40016000 mfc0 at,$12 4420: 00000000 nop=20 4424: 34210001 ori at,at,0x1 4428: 38210001 xori at,at,0x1 442c: 40816000 mtc0 at,$12 ... int temp, flags; save_flags(flags); cli(); temp =3D v->counter; 443c: 8e820078 lw v0,120(s4) 4440: 00000000 nop temp -=3D i; 4444: 2442ffff addiu v0,v0,-1 v->counter =3D temp;=20 4448: ae820078 sw v0,120(s4) restore_flags(flags); 444c: 40016000 mfc0 at,$12 4450: 30630001 andi v1,v1,0x1 4454: 34210001 ori at,at,0x1 4458: 38210001 xori at,at,0x1 445c: 00611825 or v1,v1,at=20 4460: 40836000 mtc0 v1,$12 ... 4470: 14400005 bnez v0,4488 <ieee80211_input+0x1188> 4474: 00000000 nop static inline void kfree_skb(struct sk_buff *skb)=20 { if (atomic_read(&skb->users) =3D=3D 1 || atomic_dec_and_test(&skb->users))= =20 __kfree_skb(skb); 4478: 3c020000 lui v0,0x0 447c: 24420000 addiu v0,v0,0 4480: 0040f809 jalr v0 4484: 02802021 move a0,s4 dev_kfree_skb(skb); return type; 4488: 8fa20028 lw v0,40(sp) #undef HAS_SEQ #undef SEQ_LEQ } 2005/6/30, Wang wenjuan <wwj...@gm...>:=20 >=20 > -------------------------------------------------cat=20 > proc/ksyms----------------------------- c009827c ifmedia_ioctl [wlan] > c009c4e8 - c009827c =3D 426c > 4488 - 21c =3D426c >=20 >=20 > 2005/6/30, Wang wenjuan <wwj...@gm...>:=20 > >=20 > >=20 > > Hi all,=20 > > Environment : 1: madwifi-bsd AP; 2 the STA with power saving mode; 3 AP= =20 > > ping STA;4 linux kernel 2.4.18=20 > > --------------------------------------------------------crash=20 > > information--------------------- > > # ping 192.168.5.12 <http://192.168.5.12/> > > PING 192.168.5.12Warning: kfree_skb passed an skb still on a list (from= =20 > > c009c4e8).=20 > > kernel BUG at skbuff.c:317! > > Unable to handle kernel paging request at virtual address 00000000, epc= =20 > > =3D=3D 8015e21c, ra =3D=3D 8015e21c=20 > > Oops in fault.c:do_page_fault, line 172: > >=20 > > --=20 > > Regards, > > Wang.=20 >=20 >=20 >=20 >=20 > --=20 > Regards, > Wang.=20 --=20 Regards, Wang. |