From: Thomas Backlund <tmb@mandriva.org>
To: Tomas Winkler <tomasw@gmail.com>
Cc: Thomas Backlund <tmb@mandriva.org>,
Ian Schram <ischram@telenet.be>,
"linux-wireless@vger.kernel.org" <linux-wireless@vger.kernel.org>
Subject: Re: iwl4965 oops in 2.6.26-rc5 x86_64
Date: Sat, 07 Jun 2008 16:28:21 +0300 [thread overview]
Message-ID: <484A8CF5.3060801@mandriva.org> (raw)
In-Reply-To: <1ba2fa240806061659j7672f9d3w107be4509b533f68@mail.gmail.com>
Tomas Winkler skrev:
> On Sat, Jun 7, 2008 at 12:43 AM, Thomas Backlund <tmb@mandriva.org> wrote:
>> Tomas Winkler skrev:
>>> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <tmb@mandriva.org> wrote:
>>>> Tomas Winkler skrev:
>>>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <tmb@mandriva.org>
>>>>> wrote:
>>>>>> Thomas Backlund skrev:
>>>>>>> Tomas Winkler skrev:
>>>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <ischram@telenet.be>
>>>>>>>> wrote:
>>>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>>>
>>>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>>>
>>>>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>>>>
>>>>>>>>> ian
>>>>>>>> Yes, it looks like.
>>>>>>> Ummm, what has a wep key to do with me trying to access a
>>>>>>> WPA2-Personal
>>>>>>> encrypted net ?
>>>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>>>
>>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>>>
>>>>> Try to set the encryption explicitly
>>>>> network={
>>>>> psk="*************************"
>>>>> scan_ssid=1
>>>>> ssid="dlink"
>>>>> pairwise=CCMP
>>>>> group=CCMP
>>>>> }
>>>>>
>>>>>
>>>> That didn't help at all.
>>>>
>>>> What's more it prevented the wifi to work on 2.6.24.7 so I had to remove
>>>> the
>>>> lines again...
>>>>
>>> So what's your AP configuration TKIP?
>>>
>> I've switched to clean WPA2-AES on the AP, but it does not do any
>> difference... I still get the oops...
>>
>
> I would like to see the log of this one
>
>>> Second try also with sw decryption:
>>>
>>> in /etc/modprobe.conf
>>> options iwl4965 swcrypto=1
>>>
>>
>> That works.
>> I now run a clean 2.6.26-rc5
>>
> Okay thanks for checking this one.
>
>> I also tried to bisect between 2.6.25 and 2.6.26-rc1 and ended up with:
>>
>> [root@5720g linux-2.6]# git bisect good
>> 8318d78a44d49ac1edf2bdec7299de3617c4232e is first bad commit
>> commit 8318d78a44d49ac1edf2bdec7299de3617c4232e
>> Author: Johannes Berg <johannes@sipsolutions.net>
>> Date: Thu Jan 24 19:38:38 2008 +0100
>>
>> cfg80211 API for channels/bitrates, mac80211 and driver conversion
>>
>>
>>
>> Any more I can provide to help finding the bug ?
>
> Just the log from AES try with I will try to reproduce this as soon
> as I get to this particular AP and 64 bits kernel.
>
with wpa_supplicant.conf:
network={
psk="*************************"
scan_ssid=1
ssid="dlink"
pairwise=CCMP
group=CCMP
}
I also rebuilt the 2.6.26-rc5 with enabled mac* and iwl* debug options,
so the configs are:
[thomas@5720g 1]$ grep MAC8 config-2.6.26-0.rc5.1mdvsmp
CONFIG_MAC80211=m
CONFIG_MAC80211_RC_DEFAULT_PID=y
# CONFIG_MAC80211_RC_DEFAULT_NONE is not set
CONFIG_MAC80211_RC_DEFAULT="pid"
CONFIG_MAC80211_RC_PID=y
CONFIG_MAC80211_MESH=y
CONFIG_MAC80211_LEDS=y
CONFIG_MAC80211_DEBUGFS=y
CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT=y
CONFIG_MAC80211_DEBUG=y
CONFIG_MAC80211_HT_DEBUG=y
CONFIG_MAC80211_VERBOSE_DEBUG=y
# CONFIG_MAC80211_LOWTX_FRAME_DUMP is not set
CONFIG_MAC80211_DEBUG_COUNTERS=y
CONFIG_MAC80211_IBSS_DEBUG=y
CONFIG_MAC80211_VERBOSE_PS_DEBUG=y
CONFIG_MAC80211_VERBOSE_MPL_DEBUG=y
[thomas@5720g 1]$ grep IWL config-2.6.26-0.rc5.1mdvsmp
CONFIG_IWLWIFI=m
CONFIG_IWLCORE=m
CONFIG_IWLWIFI_LEDS=y
CONFIG_IWLWIFI_RFKILL=y
CONFIG_IWL4965=m
CONFIG_IWL4965_HT=y
CONFIG_IWL4965_LEDS=y
CONFIG_IWL4965_SPECTRUM_MEASUREMENT=y
CONFIG_IWL4965_SENSITIVITY=y
CONFIG_IWLWIFI_DEBUG=y
CONFIG_IWLWIFI_DEBUGFS=y
CONFIG_IWL3945=m
CONFIG_IWL3945_SPECTRUM_MEASUREMENT=y
CONFIG_IWL3945_LEDS=y
CONFIG_IWL3945_DEBUG=y
Here is the log:
Jun 7 16:05:30 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:radio
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:assoc
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:RX
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:TX
Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
Jun 7 16:05:31 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not ready
Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
Jun 7 16:05:31 5720g kernel: BUG: unable to handle kernel NULL pointer
dereference at 0000000000000000
Jun 7 16:05:31 5720g kernel: IP: [<ffffffffa026e036>]
:iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: PGD 0
Jun 7 16:05:31 5720g kernel: Oops: 0000 [1] SMP
Jun 7 16:05:31 5720g kernel: CPU 1
Jun 7 16:05:31 5720g kernel: Modules linked in: af_packet kvm_intel kvm
snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device
snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables
x_tables binfmt_misc loop dm_mod cpufreq_ondemand cpufreq_conservative
cpufreq_powersave acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core
nvram pcmcia ohci1394 ieee1394 mmc_block battery ac arc4 ecb
crypto_blkcipher firewire_ohci firewire_core video container
yenta_socket rsrc_nonstatic crc_itu_t sdhci output snd_hda_intel
pcmcia_core snd_pcsp iwl4965 mmc_core snd_pcm firmware_class nsc_ircc
thermal button joydev rtc_cmos snd_timer iwlcore irda snd i2c_i801
rtc_core iTCO_wdt rfkill crc_ccitt evdev soundcore rtc_lib serio_raw
acer_wmi processor mac80211 wmi sr_mod iTCO_vendor_support
snd_page_alloc i2c_core intel_agp cdrom led_class sg cfg80211 tg3
ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3
jbd uhci_hcd ohci_hcd ehci_hcd usbcore [last unloaded: nf_conntrack]
Jun 7 16:05:31 5720g kernel: Pid: 10, comm: events/1 Not tainted
2.6.26-0.rc5.1mdvsmp #1
Jun 7 16:05:31 5720g kernel: RIP: 0010:[<ffffffffa026e036>]
[<ffffffffa026e036>] :iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: RSP: 0018:ffff81013fb15b60 EFLAGS: 00010086
Jun 7 16:05:31 5720g kernel: RAX: 0000000000000000 RBX:
ffff8100bf84c300 RCX: 0000000000000064
Jun 7 16:05:31 5720g kernel: RDX: 0000000000000022 RSI:
0000000000000000 RDI: ffff8100bf84c318
Jun 7 16:05:31 5720g kernel: RBP: ffff81013fb15bd0 R08:
ffff8100bf941100 R09: 0000000000000300
Jun 7 16:05:31 5720g kernel: R10: ffff81013fb15a10 R11:
ffff81013fb10a78 R12: ffff81013fb15cf0
Jun 7 16:05:31 5720g kernel: R13: 00000000a0290068 R14:
ffff81013e1021c0 R15: ffff8101364a1a20
Jun 7 16:05:31 5720g kernel: FS: 0000000000000000(0000)
GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
Jun 7 16:05:31 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
000000008005003b
Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000 CR3:
0000000000201000 CR4: 00000000000026e0
Jun 7 16:05:31 5720g kernel: DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
Jun 7 16:05:31 5720g kernel: DR3: 0000000000000000 DR6:
00000000ffff0ff0 DR7: 0000000000000400
Jun 7 16:05:31 5720g kernel: Process events/1 (pid: 10, threadinfo
ffff81013fb14000, task ffff81013fb102c0)
Jun 7 16:05:31 5720g kernel: Stack: ffff81013fb14000 ffffffff806f7ed8
0000000000000001 ffffffff806f8660
Jun 7 16:05:31 5720g kernel: ffffffff806f8648 ffffffff8075bb50
ffff81013e102c08 000000023fb10a10
Jun 7 16:05:31 5720g kernel: 0000000000000006 ffff8101364a1a00
ffff81013fb15cf0 ffff81013e1021c0
Jun 7 16:05:31 5720g kernel: Call Trace:
Jun 7 16:05:31 5720g kernel: [<ffffffffa021357e>]
:iwlcore:iwl_send_cmd_sync+0x94/0x313
Jun 7 16:05:31 5720g kernel: [<ffffffff80257ed5>] ?
__lock_acquire+0xbee/0xd5a
Jun 7 16:05:31 5720g kernel: [<ffffffffa021384e>]
:iwlcore:iwl_send_cmd+0x16/0x18
Jun 7 16:05:31 5720g kernel: [<ffffffffa0284784>]
:iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
Jun 7 16:05:31 5720g kernel: [<ffffffffa0284832>]
:iwl4965:iwl_set_default_wep_key+0xa4/0xbe
Jun 7 16:05:31 5720g kernel: [<ffffffffa026d14b>]
:iwl4965:iwl4965_mac_set_key+0x1c9/0x2d3
Jun 7 16:05:31 5720g kernel: [<ffffffff803049ed>] ?
debugfs_remove+0xd5/0xda
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e3ca>]
:mac80211:__ieee80211_key_todo+0x124/0x226
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e57a>]
:mac80211:ieee80211_key_todo+0x17/0x25
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e591>]
:mac80211:key_todo+0x9/0xb
Jun 7 16:05:31 5720g kernel: [<ffffffff80247104>] run_workqueue+0xfc/0x203
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e588>] ?
:mac80211:key_todo+0x0/0xb
Jun 7 16:05:31 5720g kernel: [<ffffffff802472eb>] worker_thread+0xe0/0xf1
Jun 7 16:05:31 5720g kernel: [<ffffffff8024acac>] ?
autoremove_wake_function+0x0/0x38
Jun 7 16:05:31 5720g kernel: [<ffffffff8024720b>] ? worker_thread+0x0/0xf1
Jun 7 16:05:31 5720g kernel: [<ffffffff8024a97b>] kthread+0x49/0x76
Jun 7 16:05:31 5720g kernel: [<ffffffff8020d248>] child_rip+0xa/0x12
Jun 7 16:05:31 5720g kernel: [<ffffffff8020c7dc>] ? restore_args+0x0/0x30
Jun 7 16:05:31 5720g kernel: [<ffffffff8024a932>] ? kthread+0x0/0x76
Jun 7 16:05:31 5720g kernel: [<ffffffff8020d23e>] ? child_rip+0x0/0x12
Jun 7 16:05:31 5720g kernel:
Jun 7 16:05:31 5720g kernel:
Jun 7 16:05:31 5720g kernel: Code: 69 c8 80 01 00 00 41 8a 04 24 4c 89
cb 49 03 9e c0 44 00 00 88 43 14 48 89 df f3 a5 48 8d 7b 18 41 0f b7 4c
24 02 49 8b 74 24 18 <f3> a4 c6 43 15 00 41 0f b6 96 94 44 00 00 89 d0
80 cc 04 f6 43
Jun 7 16:05:31 5720g kernel: RIP [<ffffffffa026e036>]
:iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: RSP <ffff81013fb15b60>
Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000
Jun 7 16:05:31 5720g kernel: ---[ end trace 61cbfb837f7cd04e ]---
> One more thing is suspicious in the WEP key try is that I don't see
> this can ever happen. The command that should be here iis
> wlcore:iwl_send_cmd_async
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>]
> :iwlcore:iwl_send_cmd_sync+0x94/0x257
> Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ? __lock_acquire+0xbee/0xd5a
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>]
> :iwlcore:iwl_send_cmd+0x16/0x1b
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>]
> :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>]
> :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
> Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>]
> :iwl4965:iwl4965_mac_set_key+0xf1/0x137
>
> The code there looks like this
>
> int iwl_send_static_wepkey_cmd(struct iwl_priv *priv, u8 send_if_empty)
> {
> int i, not_empty = 0;
> u8 buff[sizeof(struct iwl_wep_cmd) +
> sizeof(struct iwl_wep_key) * WEP_KEYS_MAX];
> struct iwl_wep_cmd *wep_cmd = (struct iwl_wep_cmd *)buff;
> size_t cmd_size = sizeof(struct iwl_wep_cmd);
> struct iwl_host_cmd cmd = {
> .id = REPLY_WEPKEY,
> .data = wep_cmd,
> .meta.flags = CMD_ASYNC, -----------------------------------------
> this is async
> };
>
> Thanks
> Tomas
> .
>
next prev parent reply other threads:[~2008-06-07 13:28 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-05 17:55 iwl4965 oops in 2.6.25-rc5 x86_64 Thomas Backlund
2008-06-05 18:03 ` Tomas Winkler
2008-06-05 18:09 ` Thomas Backlund
2008-06-05 20:10 ` Thomas Backlund
2008-06-05 21:48 ` iwl4965 oops in 2.6.26-rc5 x86_64 Thomas Backlund
2008-06-06 0:44 ` Ian Schram
2008-06-06 11:32 ` Tomas Winkler
2008-06-06 12:01 ` Thomas Backlund
2008-06-06 12:33 ` Thomas Backlund
2008-06-06 13:59 ` Tomas Winkler
2008-06-06 14:29 ` Dan Williams
2008-06-06 14:48 ` Thomas Backlund
2008-06-06 14:51 ` Thomas Backlund
2008-06-06 15:12 ` Tomas Winkler
2008-06-06 15:22 ` Dan Williams
2008-06-06 15:22 ` Dan Williams
2008-06-06 15:57 ` Thomas Backlund
2008-06-06 15:57 ` Thomas Backlund
2008-06-06 16:04 ` Dan Williams
2008-06-06 16:04 ` Dan Williams
2008-06-06 21:43 ` Thomas Backlund
2008-06-06 23:59 ` Tomas Winkler
2008-06-07 13:28 ` Thomas Backlund [this message]
2008-06-08 10:27 ` Tomas Winkler
2008-06-08 12:21 ` Thomas Backlund
2008-06-08 15:31 ` Tomas Winkler
2008-06-08 20:07 ` Thomas Backlund
2008-06-09 15:55 ` Dan Williams
2008-06-09 16:43 ` Tomas Winkler
2008-06-09 16:54 ` Dan Williams
2008-06-10 14:48 ` QUESTIONS to ieee80211_beacon_get AND ieee80211_get_buffered_bc Joe
2008-06-10 14:58 ` Johannes Berg
2008-06-10 14:58 ` Johannes Berg
[not found] ` <484E9B84.1070902@gmx.de>
2008-06-10 15:46 ` [english 87%] " Johannes Berg
2008-06-10 15:34 ` [english 95%] " Joe
2008-06-10 15:40 ` Johannes Berg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=484A8CF5.3060801@mandriva.org \
--to=tmb@mandriva.org \
--cc=ischram@telenet.be \
--cc=linux-wireless@vger.kernel.org \
--cc=tomasw@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.