* wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it.
@ 2009-11-01 15:18 Jeff Chua
2009-11-01 15:29 ` Johannes Berg
0 siblings, 1 reply; 6+ messages in thread
From: Jeff Chua @ 2009-11-01 15:18 UTC (permalink / raw)
To: Johannes Berg, John W. Linville; +Cc: Linux Kernel, Linus Torvalds
wpa2 (wpa_supplicant) hangs v2.6.32-rc5-402-gb6727b1.
Reverting 7d930bc33653d5592dc386a76a38f39c2e962344 fixes it.
Here's the bad commit.
Thanks,
Jeff.
7d930bc33653d5592dc386a76a38f39c2e962344 is the first bad commit
commit 7d930bc33653d5592dc386a76a38f39c2e962344
Author: Johannes Berg <johannes@sipsolutions.net>
Date: Tue Oct 20 15:08:53 2009 +0900
cfg80211: sme: deauthenticate on assoc failure
When the in-kernel SME gets an association failure from
the AP we don't deauthenticate, and thus get into a very
confused state which will lead to warnings later on. Fix
this by actually deauthenticating when the AP indicates
an association failure.
(Brought to you by the hacking session at Kernel Summit 2009 in Tokyo,
Japan. -- JWL)
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
^ permalink raw reply [flat|nested] 6+ messages in thread* Re: wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it. 2009-11-01 15:18 wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it Jeff Chua @ 2009-11-01 15:29 ` Johannes Berg [not found] ` <b6a2187b0911011612v4a874640s62105a7323b01ad0@mail.gmail.com> 0 siblings, 1 reply; 6+ messages in thread From: Johannes Berg @ 2009-11-01 15:29 UTC (permalink / raw) To: Jeff Chua; +Cc: John W. Linville, Linux Kernel, Linus Torvalds [-- Attachment #1: Type: text/plain, Size: 274 bytes --] On Sun, 2009-11-01 at 23:18 +0800, Jeff Chua wrote: > wpa2 (wpa_supplicant) hangs v2.6.32-rc5-402-gb6727b1. Explain? > Reverting 7d930bc33653d5592dc386a76a38f39c2e962344 fixes it. Certainly not a good idea, will break when your AP denies association. johannes [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 801 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <b6a2187b0911011612v4a874640s62105a7323b01ad0@mail.gmail.com>]
* Re: wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it. [not found] ` <b6a2187b0911011612v4a874640s62105a7323b01ad0@mail.gmail.com> @ 2009-11-02 0:53 ` Linus Torvalds 2009-11-02 8:49 ` Johannes Berg 0 siblings, 1 reply; 6+ messages in thread From: Linus Torvalds @ 2009-11-02 0:53 UTC (permalink / raw) To: Jeff Chua; +Cc: Johannes Berg, John W. Linville, Linux Kernel On Mon, 2 Nov 2009, Jeff Chua wrote: > > I don't know how to redirect the console dump to a file. So, attached is > what it displayed taken from a camera. That decodes to cfg80211_conn_work+89: 3: 89 ef mov %ebp,%edi 5: e8 6f be 41 e1 callq 0xffffffffe141be79 a: 48 8b 43 20 mov 0x20(%rbx),%rax e: f6 40 48 01 testb $0x1,0x48(%rax) 12: 74 5d je 0x71 14: 83 bb 8c 00 00 00 01 cmpl $0x1,0x8c(%rbx) 1b: 75 54 jne 0x71 1d: 48 ?? 50 08 ??? 0x8(%rax) ???? uncertain instruction ???? 21:* 8b 02 mov (%rdx),%eax <-- trapping instruction 23: 41 89 45 00 mov %eax,0x0(%r13) 27: 66 8b 42 04 mov 0x4(%rdx),%ax 2b: 66 41 89 45 04 mov %ax,0x4(%r13) 30: e8 f5 ea ff ff callq 0xffffffffffffeb2a trace: __cfg80111_scan_done worker_thread which looks like it matches this code: movq %r14, %rdi # D.43604, call mutex_lock # movq 32(%rbx), %rax # <variable>.netdev, <variable>.netdev testb $1, 72(%rax) #, <variable>.state je .L215 #, cmpl $1, 140(%rbx) #, <variable>.sme_state jne .L215 #, movq 144(%rbx), %rax # <variable>.conn, <variable>.conn movq %rbx, %rdi # wdev, movq 8(%rax), %rax # <variable>.params.bssid, <variable>.params.bssid movl (%rax), %edx #* <variable>.params.bssid, tmp74 movl %edx, 0(%r13) # tmp74, bssid movw 4(%rax), %ax #, tmp75 movw %ax, 4(%r13) # tmp75, bssid call cfg80211_conn_do_work # ie it looks like 'conn->params.bssid' is NULL and we oops when we try to load bssid from there. The code is: memcpy(bssid, wdev->conn->params.bssid, ETH_ALEN); where ETH_ALEN is 6 bytes, so the memcpy is inlined.. And yes, that "memcpy()" was added in that buggy commit. So reverting 7d930bc33653d5592dc386a76a38f39c2e962344 is the correct thing to do. Or somebody needs to fix that piece-of-shit code. Linus ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it. 2009-11-02 0:53 ` Linus Torvalds @ 2009-11-02 8:49 ` Johannes Berg [not found] ` <b6a2187b0911020705v2377928dn15523318d7c2f09d@mail.gmail.com> 0 siblings, 1 reply; 6+ messages in thread From: Johannes Berg @ 2009-11-02 8:49 UTC (permalink / raw) To: Linus Torvalds; +Cc: Jeff Chua, John W. Linville, Linux Kernel [-- Attachment #1: Type: text/plain, Size: 2519 bytes --] On Sun, 2009-11-01 at 16:53 -0800, Linus Torvalds wrote: > That decodes to > > cfg80211_conn_work+89: > > 3: 89 ef mov %ebp,%edi > 5: e8 6f be 41 e1 callq 0xffffffffe141be79 > a: 48 8b 43 20 mov 0x20(%rbx),%rax > e: f6 40 48 01 testb $0x1,0x48(%rax) > 12: 74 5d je 0x71 > 14: 83 bb 8c 00 00 00 01 cmpl $0x1,0x8c(%rbx) > 1b: 75 54 jne 0x71 > 1d: 48 ?? 50 08 ??? 0x8(%rax) ???? uncertain instruction ???? > 21:* 8b 02 mov (%rdx),%eax <-- trapping instruction > 23: 41 89 45 00 mov %eax,0x0(%r13) > 27: 66 8b 42 04 mov 0x4(%rdx),%ax > 2b: 66 41 89 45 04 mov %ax,0x4(%r13) > 30: e8 f5 ea ff ff callq 0xffffffffffffeb2a > > trace: > __cfg80111_scan_done > worker_thread > > which looks like it matches this code: > > movq %r14, %rdi # D.43604, > call mutex_lock # > movq 32(%rbx), %rax # <variable>.netdev, <variable>.netdev > testb $1, 72(%rax) #, <variable>.state > je .L215 #, > cmpl $1, 140(%rbx) #, <variable>.sme_state > jne .L215 #, > movq 144(%rbx), %rax # <variable>.conn, <variable>.conn > movq %rbx, %rdi # wdev, > movq 8(%rax), %rax # <variable>.params.bssid, <variable>.params.bssid > movl (%rax), %edx #* <variable>.params.bssid, tmp74 > movl %edx, 0(%r13) # tmp74, bssid > movw 4(%rax), %ax #, tmp75 > movw %ax, 4(%r13) # tmp75, bssid > call cfg80211_conn_do_work # > > ie it looks like 'conn->params.bssid' is NULL and we oops when we try to > load bssid from there. The code is: > > memcpy(bssid, wdev->conn->params.bssid, ETH_ALEN); > > where ETH_ALEN is 6 bytes, so the memcpy is inlined.. > > And yes, that "memcpy()" was added in that buggy commit. Indeed, thank you. I'd analysed this before but not made the connection with Jeff's report. > So reverting 7d930bc33653d5592dc386a76a38f39c2e962344 is the correct thing > to do. Or somebody needs to fix that piece-of-shit code. Yes ... that params.bssid was != NULL was a bad assumption in that commit. The right thing to do is to add a check and pass NULL through, like I did here: http://thread.gmane.org/gmane.linux.kernel.wireless.general/41695 johannes [-- Attachment #2: This is a digitally signed message part --] [-- Type: application/pgp-signature, Size: 801 bytes --] ^ permalink raw reply [flat|nested] 6+ messages in thread
[parent not found: <b6a2187b0911020705v2377928dn15523318d7c2f09d@mail.gmail.com>]
* Re: wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it. [not found] ` <b6a2187b0911020705v2377928dn15523318d7c2f09d@mail.gmail.com> @ 2009-11-02 17:10 ` John W. Linville 0 siblings, 0 replies; 6+ messages in thread From: John W. Linville @ 2009-11-02 17:10 UTC (permalink / raw) To: Jeff Chua; +Cc: Johannes Berg, Linus Torvalds, Linux Kernel On Mon, Nov 02, 2009 at 11:05:07PM +0800, Jeff Chua wrote: > On Mon, Nov 2, 2009 at 4:49 PM, Johannes Berg <johannes@sipsolutions.net>wrote: > > > On Sun, 2009-11-01 at 16:53 -0800, Linus Torvalds wrote: > > > That decodes to > > > cfg80211_conn_work+89: > > > ie it looks like 'conn->params.bssid' is NULL and we oops when we try to > > > load bssid from there. The code is: > > > memcpy(bssid, wdev->conn->params.bssid, ETH_ALEN); > > > And yes, that "memcpy()" was added in that buggy commit. > > > > Indeed, thank you. I'd analysed this before but not made the connection > > with Jeff's report. > > > > > So reverting 7d930bc33653d5592dc386a76a38f39c2e962344 is the correct > > thing > > > to do. Or somebody needs to fix that piece-of-shit code. > > > > Yes ... that params.bssid was != NULL was a bad assumption in that > > commit. The right thing to do is to add a check and pass NULL through, > > like I did here: > > http://thread.gmane.org/gmane.linux.kernel.wireless.general/41695 > > > > That patch fixes the WPA2 hanging the system problem for me. > > Thanks for the quick responses! I'll roll that up with a few other fixes and send it to Dave M. today. John -- John W. Linville Someday the world will need a hero, and you linville@tuxdriver.com might be all we have. Be ready. ^ permalink raw reply [flat|nested] 6+ messages in thread
* wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it.
@ 2009-11-01 15:17 Jeff Chua
0 siblings, 0 replies; 6+ messages in thread
From: Jeff Chua @ 2009-11-01 15:17 UTC (permalink / raw)
To: Johannes Berg, John W. Linville; +Cc: Linux Kernel, Linus Torvalds
wpa2 (wpa_supplicant) hangs v2.6.32-rc5-402-gb6727b1.
Reverting 7d930bc33653d5592dc386a76a38f39c2e962344 fixes it.
Here's the bad commit.
Thanks,
Jeff.
7d930bc33653d5592dc386a76a38f39c2e962344 is the first bad commit
commit 7d930bc33653d5592dc386a76a38f39c2e962344
Author: Johannes Berg <johannes@sipsolutions.net>
Date: Tue Oct 20 15:08:53 2009 +0900
cfg80211: sme: deauthenticate on assoc failure
When the in-kernel SME gets an association failure from
the AP we don't deauthenticate, and thus get into a very
confused state which will lead to warnings later on. Fix
this by actually deauthenticating when the AP indicates
an association failure.
(Brought to you by the hacking session at Kernel Summit 2009 in Tokyo,
Japan. -- JWL)
Signed-off-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
^ permalink raw reply [flat|nested] 6+ messages in threadend of thread, other threads:[~2009-11-02 17:15 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-11-01 15:18 wpa2 hangs v2.6.32-rc5-402-gb6727b1. Revert 7d930bc33653d5592dc386a76a38f39c2e962344 fixed it Jeff Chua
2009-11-01 15:29 ` Johannes Berg
[not found] ` <b6a2187b0911011612v4a874640s62105a7323b01ad0@mail.gmail.com>
2009-11-02 0:53 ` Linus Torvalds
2009-11-02 8:49 ` Johannes Berg
[not found] ` <b6a2187b0911020705v2377928dn15523318d7c2f09d@mail.gmail.com>
2009-11-02 17:10 ` John W. Linville
-- strict thread matches above, loose matches on Subject: below --
2009-11-01 15:17 Jeff Chua
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox