操作系统:嵌入式linux 2.4.31(snapgear)
CPU :intel IXP425
问题模块:madwifi无线驱动
现象:当用户从AP去关联时,串口打印如下信息后,重新启动。
Unable to handle kernel paging request at virtual address 203c6469
pgd = c0004000
[203c6469] *pgd=00000000, *pmd = 00000000
Internal error: Oops: f3
CPU: 0
pc : [] lr : [] Not tainted
sp : c0197edc ip : 203c6469 fp : 00000000
r10: c01ad728 r9 : 00000000 r8 : c162c160
r7 : 3d22625f r6 : 00000000 r5 : c0dec5f8 r4 : c0dec000
r3 : 3d22625f r2 : 00000001 r1 : 60000013 r0 : 203c6469
Flags: nzcv IRQs off FIQs on Mode SVC_32 Segment kernel
Control: 39FF Table: 01E08000 DAC: 0000001D
Process swapper (pid: 0, stack limit = 0xc0196368)
Stack: (0xc0197edc to 0xc0198000)
7ec0: 00000000
7ee0: c162c160 c0dec000 00000002 c0198040 c01ad728 c397d788 00000000 00000000
7f00: c398e834 c397d36c 00000000 00000000 c01ad2c0 c0198040 c0197f28 00015aac
7f20: c01adf58 c0059aa8 c0197f28 c0197f28 c01ad2e0 00000000 00000000 c01ad2c0
7f40: c0198040 ffffffff 00015aac 00000000 c0055ed8 c01ad2e0 c0055dd0 c0198060
7f60: 00000001 fffffffe 00000000 60000093 c0055a8c c0197f98 c0197fe0 00000001
7f80: c0045670 60000013 c0055b58 c00450ec c0197fcc c0044180 00000000 00000032
7fa0: 0000001d 60000013 c0045640 80000000 c01a4ca8 c01a4c9c c0198d2c 690541c2
7fc0: 00015aac 00000000 20000013 c0197fe0 c00456cc c0045670 60000013 ffffffff
7fe0: c01aebb0 c01cd758 c004202c c0008708 c01a50b8 c01d60e4 c01d60e4 c0008080
Backtrace: no frame pointer
Code: e15c0005 0a00000a e5953008 e1a0000c (e59cc000)
Kernel panic: Aiee, killing interrupt handler
In interrupt handler - not syncing
根据pc值,断定所涉及到的函数有(cat /proc/ksyms)
c3989874 trafficbufdepth [wlan]
c39671a0 ieee80211_trafficupsave [wlan]
c3967390 ieee80211_trafficdownsave [wlan]
c396746c ieee80211_node_trafficupq_drain [wlan]
c3967538 ieee80211_node_trafficdownq_drain [wlan]
c39675e4 ieee80211_trafficuprelease [wlan]
c39675ec ieee80211_trafficdownrelease [wlan]
c39675f4 ieee80211_trafficupqlen [wlan]
c39675fc ieee80211_trafficdownqlen [wlan]
c3967604 ieee80211_trafficuprelease1 [wlan]
c3967754 ieee80211_trafficdownrelease1 [wlan]
c396791c ieee80211_trafficupdo [wlan]
c3967854 ieee80211_trafficdowndo [wlan]
c3989878 ieee80211_mgt_subtype_name [wlan]
c39898b8 ieee80211_ctl_subtype_name [wlan]
c39898f8 ieee80211_state_name [wlan]
c398990c ieee80211_wme_acnames [wlan]
c3967f0c ieee80211_authenticator_register [wlan]
c3967f20 ieee80211_authenticator_unregister [wlan]
c3967f38 ieee80211_authenticator_backend_register [wlan]
c3967f60 ieee80211_authenticator_backend_unregister [wlan]
c3967f8c ieee80211_authenticator_backend_get [wlan]
c3967fe4 ieee80211_aclator_register [wlan]
c3967ff4 ieee80211_aclator_unregister [wlan]
c3968010 ieee80211_aclator_get [wlan]
经过多次printk调试,发现是使用了数组中的无效数据成员导致的。
无线用户加入时,向数组中加入一个数据成员。当用户去关联时,没有将数据成员置为空(NULL),从而出现了上面的问题。
在用户关联之后,如果直接拔去无线网卡,不出再现上述现象。