[LEDE-DEV] ath9k crashes

Alexey Brodkin Alexey.Brodkin at synopsys.com
Wed Feb 1 03:29:35 PST 2017 

Hi Felix, Koen,

On Tue, 2017-01-31 at 08:27 +0100, Felix Fietkau wrote:
> On 2017-01-30 14:50, Koen Vandeputte wrote:
> > 
> > Hi Felix,
> > 
> > Since the latest ath9k fixes you've submitted I've seen a few NULL 
> > derefs on my cns3xxx boards the past few days.
> > 
> > I'm not sure if these are really the cause but .. any idea?
> > 
> > [   42.570000] [<c0013528>] (_raw_spin_unlock_irqrestore) from [<bf4748b8>] (ath9k_iowrite32+0x5c/0x7c [ath9k])
> > [   42.570000] [<bf47485c>] (ath9k_iowrite32 [ath9k]) from [<bf41757c>] (ath9k_hw_kill_interrupts+0x1a8/0x218
> > [ath9k_hw])
> > [   42.570000]  r9:00000000 r8:00000000 r7:bf47485c r6:00000002 r5:00023f60 r4:ce878010
> > [   42.570000] [<bf4174a0>] (ath9k_hw_kill_interrupts [ath9k_hw]) from [<bf417fdc>]
> > (ath9k_hw_resume_interrupts+0x84/0x88 [ath9k_hw])
> > [   42.570000]  r7:00000001 r6:00000001 r5:ce878010 r4:ce895540
> > [   42.570000] [<bf417f90>] (ath9k_hw_resume_interrupts [ath9k_hw]) from [<bf418000>]
> > (ath9k_hw_enable_interrupts+0x20/0x24 [ath9k_hw])
> > [   42.570000] [<bf417fe0>] (ath9k_hw_enable_interrupts [ath9k_hw]) from [<bf477b04>]
> > (ath9k_calculate_summary_state+0x3e8/0x5dc [ath9k])
> > [   42.570000] [<bf4779d4>] (ath9k_calculate_summary_state [ath9k]) from [<bf477c90>]
> > (ath9k_calculate_summary_state+0x574/0x5dc [ath9k])
> > [   42.570000]  r7:ce895ef0 r6:ce895edc r5:ce895ee8 r4:ce895540
> > [   42.570000] [<bf477b14>] (ath9k_calculate_summary_state [ath9k]) from [<bf477d74>] (ath_reset_work+0x28/0x34
> > [ath9k])
> > 
> > 
> > Full log:
> > 
> > http://pastebin.com/raw/7s5tqy88
> This does not look like a bug in ath9k to me. Seems that the cns3xxx
> GPIO IRQ handler/setup code might be broken.

That part of the log looks very suspicious:
-------------------------------------->8----------------------------------
[   42.570000] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[   42.570000] pgd = c0004000
[   42.570000] [00000000] *pgd=00000000
[   42.570000] Internal error: Oops: 80000007 [#1] SMP ARM
-------------------------------------->8----------------------------------

I'd say it is more likely some sort of memory corruption.
It may have something to do with IRQ handler or not.

How easy that one could be reproduced?
I.e. it happens all the time or only appeared once?

-Alexey

More information about the Lede-dev mailing list