misc/160176: Kernel panic on AR7161 platform with AR9220 (BGN) WIFI card while AH_DEBUG used.

Su Kang Yin paradyse at gmail.com
Thu Aug 25 08:20:18 UTC 2011 

>Number:         160176
>Category:       misc
>Synopsis:       Kernel panic on AR7161 platform with AR9220 (BGN) WIFI card while AH_DEBUG used.
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 25 08:20:17 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator:     Su Kang Yin
>Release:        SVN HEAD
>Organization:
>Environment:
FreeBSD TEST 9.0-BETA1 FreeBSD 9.0-BETA1 #63 r225075:225163M: Sat Aug 20 22:32:37 HKT 2011 
>Description:
Kernel panic on AR7161 platform with AR9220 WIFI card while AH_DEBUG used. 

After some debug and tracing, found that it is caused by ath_hal_reg_read(_ah, _reg). I replaced it with inline version and it just works fine. But it is not a proper fix. 

Index: ah_osdep.h
===================================================================
--- ah_osdep.h	(revision 225165)
+++ ah_osdep.h	(working copy)
@@ -91,8 +91,15 @@
  * defined below.
  */
 #if defined(AH_DEBUG) || defined(AH_REGOPS_FUNC) || defined(AH_DEBUG_ALQ)
+
 #define	OS_REG_WRITE(_ah, _reg, _val)	ath_hal_reg_write(_ah, _reg, _val)
-#define	OS_REG_READ(_ah, _reg)		ath_hal_reg_read(_ah, _reg)
+//#define	OS_REG_READ(_ah, _reg)		ath_hal_reg_read(_ah, _reg)
+#define OS_REG_READ(_ah, _reg)						\
+	(OS_REG_UNSWAPPED(_reg) ?					\
+		bus_space_read_4((bus_space_tag_t)(_ah)->ah_st,		\
+		    (bus_space_handle_t)(_ah)->ah_sh, (_reg)) :		\
+		bus_space_read_stream_4((bus_space_tag_t)(_ah)->ah_st,	\
+		    (bus_space_handle_t)(_ah)->ah_sh, (_reg)))
 
 extern	void ath_hal_reg_write(struct ath_hal *ah, u_int reg, u_int32_t val);
 extern	u_int32_t ath_hal_reg_read(struct ath_hal *ah, u_int reg);

>How-To-Repeat:
Atheros AR7161 BIG ENDIAN platform  + AR9220 WIFI CARD + KERNEL enable "AH_DEBUG"
---
# Wireless NIC cards
options         IEEE80211_DEBUG
#options                IEEE80211_SUPPORT_MESH
options         IEEE80211_SUPPORT_TDMA
device          wlan            # 802.11 support
device          wlan_wep        # 802.11 WEP support
device          wlan_ccmp       # 802.11 CCMP support
device          wlan_tkip       # 802.11 TKIP support

device          ath             # Atheros NIC's
device          ath_pci         # Atheros pci/cardbus glue
options         ATH_DEBUG
device          ath_hal
options AH_DEBUG
option          AH_SUPPORT_AR5416
option          AH_RXCFG_SDMAMW_4BYTES  # See NOTES for details of this WAR
device          ath_rate_sample
--------------
avail memory = 53080064 (50MB)
nexus0: <MIPS32 root nexus>
clock0: <Generic MIPS32 ticker> on nexus0
Timecounter "MIPS32" frequency 340000000 Hz quality 800
Event timer "MIPS32" frequency 340000000 Hz quality 800
apb0 at irq 4 on nexus0
uart0: <16550 or compatible> on apb0
uart0: console (115200,n,8,1)
pcib0 at irq 0 on nexus0
pci0: <PCI bus> on pcib0
pci0: <old, non-VGA display device> at device 0.0 (no driver attached)
ath0: <Atheros 9280> irq 1 at device 18.0 on pci0
Trap cause = 7 (bus error (load or store) - kernel mode)
[ thread pid 0 tid 100000 ]
Stopped at      ar5416SetPowerMode+0xdc:        andi    v0,v0,0xf
db> bt
Tracing pid 0 tid 100000 td 0x80961880
db_trace_thread+30 (?,?,?,?) ra 80055bd0 sp 80aee5b0 sz 24
80055abc+114 (0,?,ffffffff,?) ra 8005518c sp 80aee5c8 sz 32
80054e04+388 (?,?,?,?) ra 80055310 sp 80aee5e8 sz 168
db_command_loop+70 (?,?,?,?) ra 800579d4 sp 80aee690 sz 24
800578e0+f4 (?,?,?,?) ra 801b6328 sp 80aee6a8 sz 424
kdb_trap+104 (?,?,?,?) ra 8034eaa0 sp 80aee850 sz 40
trap+e58 (?,?,?,?) ra 80346780 sp 80aee878 sz 168
MipsKernGenException+134 (0,b0007044,7044,0) ra 80098ebc sp 80aee920 sz 200
ar5416SetPowerMode+dc (?,?,?,?) ra 800a1558 sp 80aee9e8 sz 56
800a1360+1f8 (?,?,?,?) ra 8006c1ac sp 80aeea20 sz 80
ath_hal_attach+a0 (?,?,?,?) ra 80064efc sp 80aeea70 sz 64
ath_attach+d4 (?,?,?,?) ra 8005c52c sp 80aeeab0 sz 152
8005c23c+2f0 (?,?,?,?) ra 801b0854 sp 80aeeb48 sz 88
device_attach+354 (?,?,?,?) ra 801b16bc sp 80aeeba0 sz 72
device_probe_and_attach+5c (?,?,?,?) ra 801b16f4 sp 80aeebe8 sz 24
bus_generic_attach+20 (?,?,?,?) ra 800c85a4 sp 80aeec00 sz 24
800c8498+10c (?,?,?,?) ra 801b0854 sp 80aeec18 sz 40
device_attach+354 (?,?,?,?) ra 801b16bc sp 80aeec40 sz 72
device_probe_and_attach+5c (?,?,?,?) ra 801b16f4 sp 80aeec88 sz 24

bus_generic_attach+20 (?,?,?,?) ra 8036509c sp 80aeeca0 sz 24
80364e4c+250 (?,?,?,?) ra 801b0854 sp 80aeecb8 sz 56
device_attach+354 (?,?,?,?) ra 801b16bc sp 80aeecf0 sz 72
device_probe_and_attach+5c (?,?,?,?) ra 801b16f4 sp 80aeed38 sz 24
bus_generic_attach+20 (?,?,?,?) ra 8035c968 sp 80aeed50 sz 24
8035c944+24 (?,?,?,?) ra 801b0854 sp 80aeed68 sz 24
device_attach+354 (?,?,?,?) ra 801b16bc sp 80aeed80 sz 72
device_probe_and_attach+5c (?,?,?,?) ra 801b1978 sp 80aeedc8 sz 24
bus_generic_new_pass+10c (?,?,?,?) ra 801af514 sp 80aeede0 sz 40
bus_set_pass+c0 (?,?,?,?) ra 801af584 sp 80aeee08 sz 40
root_bus_configure+14 (?,?,?,?) ra 803459cc sp 80aeee30 sz 24
803459bc+10 (?,?,?,?) ra 80135b14 sp 80aeee48 sz 24
mi_startup+138 (?,?,?,?) ra 80050190 sp 80aeee60 sz 32
_start+90 (?,?,?,?) ra 0 sp 80aeee80 sz 0

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list