On Mon, 2007-12-24 at 22:45 +0100, Johannes Berg wrote:
> > [ 98.415423] ------------[ cut here ]------------
> > [ 98.415627] Badness at e221c924 [verbose debug info unavailable]
>
> > [ 98.416905] NIP [e221c924] __ieee80211_rx+0x48c/0xd44 [mac80211]
>
> ieee80211_rx_monitor() is inlined into __ieee80211_rx() and that +0x48c
> is quite a high number, so I'm guessing it's this:
>
> /*
> * Drivers are required to align the payload data to a four-byte
> * boundary, so the last two bits of the address where it starts
> * may not be set. The header is required to be directly before
> * the payload data, padding like atheros hardware adds which is
> * inbetween the 802.11 header and the payload is not supported,
> * the driver is required to move the 802.11 header further back
> * in that case.
> */
> hdrlen = ieee80211_get_hdrlen(rx.fc);
> WARN_ON_ONCE(((unsigned long)(skb->data + hdrlen)) & 3);
Yup, that's what it is, Michael sent me the assembly, __ieee80211_rx
starts at 0x1990 and we find at 0x1990+0x48c == 0x1e1c
1df8: 48 00 00 01 bl 1df8 <__ieee80211_rx+0x468>
1df8: R_PPC_REL24 ieee80211_get_hdrlen
1dfc: 80 18 00 a0 lwz r0,160(r24)
1e00: 7c 00 1a 14 add r0,r0,r3
1e04: 70 09 00 03 andi. r9,r0,3
1e08: 41 a2 00 2c beq+ 1e34 <__ieee80211_rx+0x4a4>
1e0c: 3d 20 00 00 lis r9,0
1e0e: R_PPC_ADDR16_HA .sbss
1e10: 80 09 00 00 lwz r0,0(r9)
1e12: R_PPC_ADDR16_LO .sbss
1e14: 7c 00 00 34 cntlzw r0,r0
1e18: 54 00 d9 7e rlwinm r0,r0,27,5,31
1e1c: 0f 00 00 00 twnei r0,0
which is exactly the WARN_ON_ONCE above.
johannes
Attachment:
signature.asc
Description: This is a digitally signed message part
