Hi,
(please cc me on replies as I'm not subscribed)
booting a 2.6.26-rc5 x86_64 kernel on a Acer TravelMate 6720G laptop
with a Intel a/b/g/n wireless gets me this oops in syslog...
> Jun 5 19:55:05 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:radio
> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:assoc
> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:RX
> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:TX
> Jun 5 19:55:05 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not ready
> Jun 5 19:55:06 5720g kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
> Jun 5 19:55:06 5720g kernel: IP: [<ffffffffa020b64d>] :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
> Jun 5 19:55:06 5720g kernel: PGD 0
> Jun 5 19:55:06 5720g kernel: Oops: 0000 [1] SMP
> Jun 5 19:55:06 5720g kernel: CPU 1
> Jun 5 19:55:06 5720g kernel: Modules linked in: af_packet kvm_intel kvm kqemu snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia snd_hda_intel ohci1394 mmc_block ieee1394 i2c_i801 arc4 ecb sdhci crypto_blkcipher firewire_ohci snd_pcsp battery firewire_core acer_wmi ac snd_pcm container mmc_core video output crc_itu_t i2c_core iTCO_wdt thermal snd_timer iTCO_vendor_support snd joydev iwl4965 wmi processor button yenta_socket rsrc_nonstatic pcmcia_core firmware_class soundcore snd_page_alloc sr_mod sg serio_raw evdev rtc_cmos nsc_ircc rtc_core rtc_lib intel_agp iwlcore tg3 rfkill mac80211 led_class cdrom irda crc_ccitt cfg80211 ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd usbcore [las
t unloaded: nf_conntrack]
> Jun 5 19:55:06 5720g kernel: Pid: 10, comm: events/1 Not tainted 2.6.26-0.rc5.1mdvsmp #1
> Jun 5 19:55:06 5720g kernel: RIP: 0010:[<ffffffffa020b64d>] [<ffffffffa020b64d>] :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
> Jun 5 19:55:06 5720g kernel: RSP: 0018:ffff81013fb15b90 EFLAGS: 00010086
> Jun 5 19:55:06 5720g kernel: RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000064
> Jun 5 19:55:06 5720g kernel: RDX: 0000000000000022 RSI: 0000000000000000 RDI: ffff8100bf84c318
> Jun 5 19:55:06 5720g kernel: RBP: ffff81013fb15be0 R08: ffff8100bf941100 R09: 0000000000000300
> Jun 5 19:55:06 5720g kernel: R10: ffff81013fb15a60 R11: ffff81013fb10a78 R12: ffff8100bf84c300
> Jun 5 19:55:06 5720g kernel: R13: ffff81013bc81f20 R14: ffff81013fb15d00 R15: 0000000000000002
> Jun 5 19:55:06 5720g kernel: FS: 0000000000000000(0000) GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
> Jun 5 19:55:06 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
> Jun 5 19:55:06 5720g kernel: CR2: 0000000000000000 CR3: 0000000000201000 CR4: 00000000000026e0
> Jun 5 19:55:06 5720g kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> Jun 5 19:55:06 5720g kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> Jun 5 19:55:06 5720g kernel: Process events/1 (pid: 10, threadinfo ffff81013fb14000, task ffff81013fb102c0)
> Jun 5 19:55:06 5720g kernel: Stack: ffffffff806f9de8 ffffffff8075c1e0 ffff81013bc82968 006881013fb10a10
> Jun 5 19:55:06 5720g kernel: 0000000000000006 ffff81013d1a5d00 ffff81013fb15d00 ffff81013bc81f20
> Jun 5 19:55:06 5720g kernel: 0000000000000246 ffff81013d1a5dac ffff81013fb15c60 ffffffffa018ee37
> Jun 5 19:55:06 5720g kernel: Call Trace:
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>] :iwlcore:iwl_send_cmd_sync+0x94/0x257
> Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ? __lock_acquire+0xbee/0xd5a
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>] :iwlcore:iwl_send_cmd+0x16/0x1b
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>] :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>] :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
> Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>] :iwl4965:iwl4965_mac_set_key+0xf1/0x137
> Jun 5 19:55:06 5720g kernel: [<ffffffffa01543f4>] :mac80211:__ieee80211_key_todo+0x106/0x200
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0154594>] :mac80211:ieee80211_key_todo+0x17/0x25
> Jun 5 19:55:06 5720g kernel: [<ffffffffa01545ab>] :mac80211:key_todo+0x9/0xb
> Jun 5 19:55:06 5720g kernel: [<ffffffff80247104>] run_workqueue+0xfc/0x203
> Jun 5 19:55:06 5720g kernel: [<ffffffffa01545a2>] ? :mac80211:key_todo+0x0/0xb
> Jun 5 19:55:06 5720g kernel: [<ffffffff802472eb>] worker_thread+0xe0/0xf1
> Jun 5 19:55:06 5720g kernel: [<ffffffff8024acac>] ? autoremove_wake_function+0x0/0x38
> Jun 5 19:55:06 5720g kernel: [<ffffffff8024720b>] ? worker_thread+0x0/0xf1
> Jun 5 19:55:06 5720g kernel: [<ffffffff8024a97b>] kthread+0x49/0x76
> Jun 5 19:55:06 5720g kernel: [<ffffffff8020d248>] child_rip+0xa/0x12
> Jun 5 19:55:06 5720g kernel: [<ffffffff8020c7dc>] ? restore_args+0x0/0x30
> Jun 5 19:55:06 5720g kernel: [<ffffffff8024a932>] ? kthread+0x0/0x76
> Jun 5 19:55:06 5720g kernel: [<ffffffff8020d23e>] ? child_rip+0x0/0x12
> Jun 5 19:55:06 5720g kernel:
> Jun 5 19:55:06 5720g kernel:
> Jun 5 19:55:06 5720g kernel: Code: 69 c8 80 01 00 00 41 8a 06 4d 89 cc 4d 03 a5 c0 44 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18 41 0f b7 4e 02 49 8b 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 94 44 00 00 89 d0 80 cc 04
> Jun 5 19:55:06 5720g kernel: RIP [<ffffffffa020b64d>] :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
> Jun 5 19:55:06 5720g kernel: RSP <ffff81013fb15b90>
> Jun 5 19:55:06 5720g kernel: CR2: 0000000000000000
> Jun 5 19:55:06 5720g kernel: ---[ end trace c03f2ff7573a0188 ]---
and shortly after the system locks up hard...
Config is here:
http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/kernel-linus/current/SOURCES/x86_64-smp.config?revision=215259&view=markup
lspci -vvv about the card:
> 04:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN Network Connection (rev 61)
> Subsystem: Intel Corporation Device 1101
> Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-
> Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR+ <PERR- INTx-
> Latency: 0, Cache Line Size: 64 bytes
> Interrupt: pin A routed to IRQ 11
> Region 0: Memory at f8000000 (64-bit, non-prefetchable) [size=8K]
> Capabilities: <access denied>
> Kernel modules: iwl4965
So far I have tested 2.6.26-rc3,rc4,rc5 and all ends up with this oops
If I remove the wlan0 config the kernel will boot, but as soon as I try
to configure it, I get a lockup...
If it makes any difference, I'm trying to connect to a WPA2-personal
encrypted wifi on a Dlink DIR-655 Draft-N router...
The last kernel that I used that works was a 2.6.24.7 series kernel
(I haven't yet tried to see if the 2.6.25.x kernel works)
I thought of posting it here before trying to dig into it any deeper...
Any thoughts?
--
Thomas
Tomas Winkler skrev:
>
> I'm not sure what distro are you running I haven't seen this
> ifcfg-wlan0 config options
> on my system but can it be that ifcg-wlan0 tries to set wep key which
> will conflict
> with wpa_supplicant setting. Can you try to remove this line from that file
>
> ifcfg-wlan0 -
> --- cut ---
> WIRELESS_ENC_KEY='s:*************************'
>
>
Nice.
The distro is Mandriva Cooker (development) but we have the same in
Mandriva 2008.1 Spring.
Now this has not been any problem with kernels older than 2.6.25, so
it's a regression, isn't it? I mean, shouldn't the module protect itself
against empty variables?
And that config option also exist in Redhat initscripts ifup-wireless...
Anyway, you found the initial problem, as the kernel now booted without
an oops, and seems to work, but:
firmware: requesting iwlwifi-4965-1.ucode
Registered led device: iwl-phy0:radio
Registered led device: iwl-phy0:assoc
Registered led device: iwl-phy0:RX
Registered led device: iwl-phy0:TX
phy0: HW CONFIG: freq=2412
ADDRCONF(NETDEV_UP): wlan0: link is not ready
phy0: HW CONFIG: freq=2412
phy0: HW CONFIG: freq=2412
phy0: HW CONFIG: freq=2412
wlan0: Initial auth_alg=0
wlan0: authenticate with AP 00:19:5b:51:dc:27
wlan0: RX authentication from 00:19:5b:51:dc:27 (alg=0 transaction=2
status=0)
wlan0: authenticated
wlan0: associate with AP 00:19:5b:51:dc:27
wlan0: RX AssocResp from 00:19:5b:51:dc:27 (capab=0x431 status=0 aid=1)
wlan0: associated
phy0: Allocated STA 00:19:5b:51:dc:27
phy0: Inserted STA 00:19:5b:51:dc:27
wlan0: WMM queue=2 aci=0 acm=0 aifs=3 cWmin=15 cWmax=1023 txop=0
wlan0: WMM queue=3 aci=1 acm=0 aifs=7 cWmin=15 cWmax=1023 txop=0
wlan0: WMM queue=1 aci=2 acm=0 aifs=2 cWmin=7 cWmax=15 txop=94
wlan0: WMM queue=0 aci=3 acm=0 aifs=2 cWmin=3 cWmax=7 txop=47
wlan0: switched to short barker preamble (BSSID=00:19:5b:51:dc:27)
wlan0 (WE) : Wireless Event too big (320)
ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
------------[ cut here ]------------
WARNING: at net/mac80211/rx.c:319
__ieee80211_rx_handle_packet+0x349/0x794 [mac80211]()
Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
mmc_block arc4 ecb crypto_blkcipher battery ac video container output
firewire_ohci firewire_core crc_itu_t sdhci iwl4965 firmware_class
mmc_core yenta_socket rsrc_nonstatic iwlcore pcmcia_core acer_wmi
thermal snd_hda_intel rfkill snd_pcsp button nsc_ircc snd_pcm mac80211
led_class i2c_i801 irda snd_timer rtc_cmos snd processor rtc_core wmi
rtc_lib i2c_core soundcore iTCO_wdt iTCO_vendor_support snd_page_alloc
tg3 cfg80211 intel_agp joydev crc_ccitt sr_mod serio_raw sg evdev cdrom
ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3
jbd uhci_hcd ohci_hcd ehci_hcd usbcore [last unloaded: nf_conntrack]
Pid: 0, comm: swapper Not tainted 2.6.26-0.rc5.1mdvsmp #1
Call Trace:
<IRQ> [<ffffffff802371ff>] warn_on_slowpath+0x58/0x94
[<ffffffff8044ad1b>] ? _spin_unlock_irqrestore+0x40/0x57
[<ffffffff8023c2f1>] ? __tasklet_schedule+0xae/0xc5
[<ffffffffa01eab1e>] ? :mac80211:ieee80211_rx_irqsafe+0x63/0x6a
[<ffffffffa0306d32>] ? :iwl4965:iwl4965_handle_data_packet+0x3c3/0x3fd
[<ffffffffa01eb1ce>] :mac80211:__ieee80211_rx_handle_packet+0x349/0x794
[<ffffffff8025791c>] ? __lock_acquire+0x635/0xd5a
[<ffffffffa01eba3c>] ? :mac80211:__ieee80211_rx+0x63/0x538
[<ffffffffa01ebe9d>] :mac80211:__ieee80211_rx+0x4c4/0x538
[<ffffffffa01dc348>] :mac80211:ieee80211_tasklet_handler+0x75/0x11b
[<ffffffff8023c079>] ? tasklet_action+0x4b/0xfb
[<ffffffff8023c0be>] tasklet_action+0x90/0xfb
[<ffffffff8023cae6>] __do_softirq+0x77/0x101
[<ffffffff8020d61c>] call_softirq+0x1c/0x28
[<ffffffff8020e92d>] do_softirq+0x4d/0xb0
[<ffffffff8023c5ab>] irq_exit+0x4e/0x8f
[<ffffffff8020ebc5>] do_IRQ+0xba/0xd8
[<ffffffff8020c6f2>] ret_from_intr+0x0/0x1e
<EOI> [<ffffffff8021fe6d>] ? native_irq_enable+0x6/0x7
[<ffffffffa018d45a>] ? :processor:acpi_idle_enter_bm+0x2cf/0x35e
[<ffffffff803c338a>] ? menu_select+0x6f/0x8f
[<ffffffff803c2395>] ? cpuidle_idle_call+0x95/0xc9
[<ffffffff803c2300>] ? cpuidle_idle_call+0x0/0xc9
[<ffffffff8020b1cc>] ? default_idle+0x0/0x55
[<ffffffff8020b184>] ? cpu_idle+0x9c/0xe4
[<ffffffff80444e86>] ? start_secondary+0x179/0x17d
---[ end trace a4f2fe9605e20ed0 ]---
--
Thomas
Hy all,
I have a question to he two methods:
ieee80211_beacon_get
ieee80211_get_buffered_bc
in tx.c
Both are called by the hardware to get the current beacon from the
ieee80211 stack, right?
So if I want to manipulate the beacons send out I would start at this
point right?
But where is the difference inbetween is it depending on the
hardwaredriver, which method is called?
How often refresh the hardwaredriver usually the requested beacon ? Per
transmission or only once for ther activity duration?
Which kind of hardwaredrivers does allready utilize this methods, isit
allready the standard way to transfer the generation of the beacons to
the stack?
An total independent question: Following the suggestion of Holger
Schurig I started to extend the Glossary in the wiki (with the
abbreviations in the source code) a few hours ago, but My extension was
removed again. Why?
All the Best
Sebastian
Tomas Winkler skrev:
>>
> Can you please verify with latest wireless-testing. git
> Thanks
> Tomas
Yep. will do...
I'll report back as soon as I have tried..
--
Thomas
On Sat, Jun 7, 2008 at 12:43 AM, Thomas Backlund <[email protected]> wrote:
> Tomas Winkler skrev:
>>
>> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> wrote:
>>>
>>> Tomas Winkler skrev:
>>>>
>>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]>
>>>> wrote:
>>>>>
>>>>> Thomas Backlund skrev:
>>>>>>
>>>>>> Tomas Winkler skrev:
>>>>>>>
>>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]>
>>>>>>> wrote:
>>>>>>>>
>>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>>
>>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>>
>>>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>>>
>>>>>>>> ian
>>>>>>>
>>>>>>> Yes, it looks like.
>>>>>>
>>>>>> Ummm, what has a wep key to do with me trying to access a
>>>>>> WPA2-Personal
>>>>>> encrypted net ?
>>>>
>>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>>
>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>>
>>>> Try to set the encryption explicitly
>>>> network={
>>>> psk="*************************"
>>>> scan_ssid=1
>>>> ssid="dlink"
>>>> pairwise=CCMP
>>>> group=CCMP
>>>> }
>>>>
>>>>
>>> That didn't help at all.
>>>
>>> What's more it prevented the wifi to work on 2.6.24.7 so I had to remove
>>> the
>>> lines again...
>>>
>> So what's your AP configuration TKIP?
>>
>
> I've switched to clean WPA2-AES on the AP, but it does not do any
> difference... I still get the oops...
>
I would like to see the log of this one
>> Second try also with sw decryption:
>>
>> in /etc/modprobe.conf
>> options iwl4965 swcrypto=1
>>
>
>
> That works.
> I now run a clean 2.6.26-rc5
>
Okay thanks for checking this one.
>
> I also tried to bisect between 2.6.25 and 2.6.26-rc1 and ended up with:
>
> [root@5720g linux-2.6]# git bisect good
> 8318d78a44d49ac1edf2bdec7299de3617c4232e is first bad commit
> commit 8318d78a44d49ac1edf2bdec7299de3617c4232e
> Author: Johannes Berg <[email protected]>
> Date: Thu Jan 24 19:38:38 2008 +0100
>
> cfg80211 API for channels/bitrates, mac80211 and driver conversion
>
>
>
> Any more I can provide to help finding the bug ?
Just the log from AES try with I will try to reproduce this as soon
as I get to this particular AP and 64 bits kernel.
One more thing is suspicious in the WEP key try is that I don't see
this can ever happen. The command that should be here iis
wlcore:iwl_send_cmd_async
Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>]
:iwlcore:iwl_send_cmd_sync+0x94/0x257
Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ? __lock_acquire+0xbee/0xd5a
Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>]
:iwlcore:iwl_send_cmd+0x16/0x1b
Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>]
:iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>]
:iwl4965:iwl_set_default_wep_key+0xa4/0xbe
Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>]
:iwl4965:iwl4965_mac_set_key+0xf1/0x137
The code there looks like this
int iwl_send_static_wepkey_cmd(struct iwl_priv *priv, u8 send_if_empty)
{
int i, not_empty = 0;
u8 buff[sizeof(struct iwl_wep_cmd) +
sizeof(struct iwl_wep_key) * WEP_KEYS_MAX];
struct iwl_wep_cmd *wep_cmd = (struct iwl_wep_cmd *)buff;
size_t cmd_size = sizeof(struct iwl_wep_cmd);
struct iwl_host_cmd cmd = {
.id = REPLY_WEPKEY,
.data = wep_cmd,
.meta.flags = CMD_ASYNC, -----------------------------------------
this is async
};
Thanks
Tomas
> thanks to your helpfull support, which enabled me to precise my request,
> which I edited in the follows:
You're this -> <- close to getting into my killfile.
Go read include/net/mac80211.h. At least the parts you can find with
"grep beacon"
johannes
Hello Johannes,
thanks to your helpfull support, which enabled me to precise my request,
which I edited in the follows:
> Hy all,
>
> I have a question to he two methods:
>
> ieee80211_beacon_get
> ieee80211_get_buffered_bc
> in tx.c
>
> Both are called by the hardware driver to get a current beacon from
> the ieee80211 stack. Thereby the ieee80211_beacon_get is called
> normally. The other method is just called, if a buffered /multicast
> channel(DTIM) is needed or used - but necessaryly the
> ieee80211_beacon_get must be called before. Is this right?
> So if I want to manipulate the beacons send out I would start at
> ieee80211_beacon_get right?
>
> How often refresh the hardwaredriver usually the requested beacon?
> Does "Returned skb is used only once and low-level driver is
> responsible of freeing it." means, that the method is called always
> when new Beacon frame will be transmitted? Or does this depend on the
> hardware?
> Which kind of hardwaredrivers does allready utilize this methods, isit
> allready the standard way to transfer the generation of the beacons to
> the stack?
>
> An total independent question: Following the suggestion of Holger
> Schurig I started to extend the Glossary in the wiki (with the
> abbreviations in the source code) a few hours ago, but My extension
> was removed again. Why?
>
> All the Best
> Sebastian
> ieee80211_beacon_get
> ieee80211_get_buffered_bc
> in tx.c
>
> Both are called by the hardware to get the current beacon from the
> ieee80211 stack, right?
No. Please read the available documentation and code.
johannes
Thomas Backlund skrev:
> Thomas Backlund skrev:
>> Tomas Winkler skrev:
>>>>
>>> Can you please verify with latest wireless-testing. git
>>> Thanks
>>> Tomas
>>
>> Yep. will do...
>>
>> I'll report back as soon as I have tried..
>>
>
> No go...
>
>> Jun 5 22:53:42 5720g kernel: firmware: requesting
>> iwlwifi-4965-1.ucode
>> Jun 5 22:53:42 5720g kernel: Registered led device:
>> iwl-phy0:radio
>> Jun 5 22:53:42 5720g kernel: Registered led device:
>> iwl-phy0:assoc
>> Jun 5 22:53:42 5720g kernel: Registered led device:
>> iwl-phy0:RX
>> Jun 5 22:53:42 5720g kernel: Registered led device:
>> iwl-phy0:TX
>> Jun 5 22:53:42 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not
>> ready
>> Jun 5 22:53:43 5720g kernel: BUG: unable to handle kernel NULL
>> pointer dereference at
>> 0000000000000000
>> Jun 5 22:53:43 5720g kernel: IP: [<ffffffffa02a6dfc>]
>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>> Jun 5 22:53:43 5720g kernel: PGD
>> 0
>> Jun 5 22:53:43 5720g kernel: Oops: 0000 [1]
>> SMP
>> Jun 5 22:53:43 5720g kernel: CPU
>> 1
>> Jun 5 22:53:43 5720g kernel: Modules linked in: af_packet kvm_intel
>> kvm snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq
>> snd_seq_device snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter
>> ip_tables x_tables binfmt_misc loop dm_mod cpufreq_ondemand
>> cpufreq_conservative cpufreq_powersave acpi_cpufreq freq_table tifm_sd
>> tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394 mmc_block arc4 ecb
>> sr_mod cdrom crypto_blkcipher sg battery video ac yenta_socket output
>> container firewire_ohci rsrc_nonstatic pcmcia_core sdhci firewire_core
>> iwl4965 iwlcore mmc_core crc_itu_t i2c_i801 snd_hda_intel rfkill
>> snd_pcsp intel_agp iTCO_wdt nsc_ircc thermal acer_wmi processor tg3
>> iTCO_vendor_support snd_pcm joydev i2c_core snd_timer rtc_cmos button
>> firmware_class rtc_core mac80211 led_class evdev serio_raw snd irda
>> soundcore wmi rtc_lib crc_ccitt snd_page_alloc cfg80211 ide_generic
>> piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd
>> uhci_hcd ohci_hcd ehci_hcd usbcore [last unlo
> aded:
> nf_conntrack]
>
>> Jun 5 22:53:43 5720g kernel: Pid: 10, comm: events/1 Not tainted
>> 2.6.26-rc4-wl
>> #1
>> Jun 5 22:53:43 5720g kernel: RIP: 0010:[<ffffffffa02a6dfc>]
>> [<ffffffffa02a6dfc>]
>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>> Jun 5 22:53:43 5720g kernel: RSP: 0018:ffff81013fb15b90 EFLAGS:
>> 00010086
>> Jun 5 22:53:43 5720g kernel: RAX: 0000000000000000 RBX:
>> 0000000000000000 RCX:
>> 0000000000000064
>> Jun 5 22:53:43 5720g kernel: RDX: 0000000000000024 RSI:
>> 0000000000000000 RDI:
>> ffff810139a4c578
>> Jun 5 22:53:43 5720g kernel: RBP: ffff81013fb15be0 R08:
>> ffff810139b31200 R09:
>> 0000000000000560
>> Jun 5 22:53:43 5720g kernel: R10: ffff81013fb15a60 R11:
>> ffff81013fb10a78 R12:
>> ffff810139a4c560
>> Jun 5 22:53:43 5720g kernel: R13: ffff81013bd51ba0 R14:
>> ffff81013fb15d00 R15:
>> 0000000000000004
>> Jun 5 22:53:43 5720g kernel: FS: 0000000000000000(0000)
>> GS:ffff81013fab8ac0(0000)
>> knlGS:0000000000000000
>> Jun 5 22:53:43 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
>> 000000008005003b
>> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000 CR3:
>> 0000000000201000 CR4:
>> 00000000000026e0
>> Jun 5 22:53:43 5720g kernel: DR0: 0000000000000000 DR1:
>> 0000000000000000 DR2:
>> 0000000000000000
>> Jun 5 22:53:43 5720g kernel: DR3: 0000000000000000 DR6:
>> 00000000ffff0ff0 DR7:
>> 0000000000000400
>> Jun 5 22:53:43 5720g kernel: Process events/1 (pid: 10, threadinfo
>> ffff81013fb14000, task
>> ffff81013fb102c0) Jun
>> 5 22:53:43 5720g kernel: Stack: ffffffff806f8338 ffffffff8075bca0
>> ffff81013bd52610
>> 006881013fb10a10
>> Jun 5 22:53:43 5720g kernel: 0000000000000006 ffff81013dc86500
>> ffff81013fb15d00
>> ffff81013bd51ba0
>> Jun 5 22:53:43 5720g kernel: 0000000000000246 0000000000000000
>> ffff81013fb15c60
>> ffffffffa02a5431
>> Jun 5 22:53:43 5720g kernel: Call
>> Trace:
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5431>]
>> :iwlcore:iwl_send_cmd_sync+0x8b/0x24e
>> Jun 5 22:53:43 5720g kernel: [<ffffffff80257f1d>] ?
>> __lock_acquire+0xbee/0xd5a
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5645>]
>> :iwlcore:iwl_send_cmd+0x16/0x19
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a84b3>]
>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a855f>]
>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02b98ae>]
>> :iwl4965:iwl4965_mac_set_key+0xed/0x136
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa01762da>]
>> :mac80211:__ieee80211_key_todo+0x109/0x203
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa017647a>]
>> :mac80211:ieee80211_key_todo+0x17/0x25
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176491>]
>> :mac80211:key_todo+0x9/0xb
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024717c>]
>> run_workqueue+0xfc/0x203
>> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176488>] ?
>> :mac80211:key_todo+0x0/0xb
>> Jun 5 22:53:43 5720g kernel: [<ffffffff80247363>]
>> worker_thread+0xe0/0xf1
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024ad24>] ?
>> autoremove_wake_function+0x0/0x38
>> Jun 5 22:53:43 5720g kernel: [<ffffffff80247283>] ?
>> worker_thread+0x0/0xf1
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9f3>]
>> kthread+0x49/0x76
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d238>] child_rip+0xa/0x12
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020c7cc>] ?
>> restore_args+0x0/0x30
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9aa>] ? kthread+0x0/0x76
>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d22e>] ? child_rip+0x0/0x12
>> Jun 5 22:53:43 5720g kernel:
>> Jun 5 22:53:43 5720g kernel:
>> Jun 5 22:53:43 5720g kernel: Code: 69 c8 58 01 00 00 41 8a 06 4d 89
>> cc 4d 03 a5 10 45 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18
>> 41 0f b7 4e 02 49 8b 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 e4 44
>> 00 00 89 d0 80 cc 04
>> Jun 5 22:53:43 5720g kernel: RIP [<ffffffffa02a6dfc>]
>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>> Jun 5 22:53:43 5720g kernel: RSP <ffff81013fb15b90>
>> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000
>> Jun 5 22:53:43 5720g kernel: ---[ end trace 58a672208ff93cb1 ]---
>
>
> And for reference I also tried 2.6.25.4 wich works as it should
>
And I have now tested 2.6.26-rc1 wich also has the oops, so I guess it's
bisect time...
> --
> Thomas
>
Thomas Backlund skrev:
> Tomas Winkler skrev:
>>>
>> Can you please verify with latest wireless-testing. git
>> Thanks
>> Tomas
>
> Yep. will do...
>
> I'll report back as soon as I have tried..
>
No go...
> Jun 5 22:53:42 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
> Jun 5 22:53:42 5720g kernel: Registered led device: iwl-phy0:radio
> Jun 5 22:53:42 5720g kernel: Registered led device: iwl-phy0:assoc
> Jun 5 22:53:42 5720g kernel: Registered led device: iwl-phy0:RX
> Jun 5 22:53:42 5720g kernel: Registered led device: iwl-phy0:TX
> Jun 5 22:53:42 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not ready
> Jun 5 22:53:43 5720g kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
> Jun 5 22:53:43 5720g kernel: IP: [<ffffffffa02a6dfc>] :iwlcore:iwl_enqueue_hcmd+0x142/0x227
> Jun 5 22:53:43 5720g kernel: PGD 0
> Jun 5 22:53:43 5720g kernel: Oops: 0000 [1] SMP
> Jun 5 22:53:43 5720g kernel: CPU 1
> Jun 5 22:53:43 5720g kernel: Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394 mmc_block arc4 ecb sr_mod cdrom crypto_blkcipher sg battery video ac yenta_socket output container firewire_ohci rsrc_nonstatic pcmcia_core sdhci firewire_core iwl4965 iwlcore mmc_core crc_itu_t i2c_i801 snd_hda_intel rfkill snd_pcsp intel_agp iTCO_wdt nsc_ircc thermal acer_wmi processor tg3 iTCO_vendor_support snd_pcm joydev i2c_core snd_timer rtc_cmos button firmware_class rtc_core mac80211 led_class evdev serio_raw snd irda soundcore wmi rtc_lib crc_ccitt snd_page_alloc cfg80211 ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd usbcore [last unlo
aded: nf_conntrack]
> Jun 5 22:53:43 5720g kernel: Pid: 10, comm: events/1 Not tainted 2.6.26-rc4-wl #1
> Jun 5 22:53:43 5720g kernel: RIP: 0010:[<ffffffffa02a6dfc>] [<ffffffffa02a6dfc>] :iwlcore:iwl_enqueue_hcmd+0x142/0x227
> Jun 5 22:53:43 5720g kernel: RSP: 0018:ffff81013fb15b90 EFLAGS: 00010086
> Jun 5 22:53:43 5720g kernel: RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000064
> Jun 5 22:53:43 5720g kernel: RDX: 0000000000000024 RSI: 0000000000000000 RDI: ffff810139a4c578
> Jun 5 22:53:43 5720g kernel: RBP: ffff81013fb15be0 R08: ffff810139b31200 R09: 0000000000000560
> Jun 5 22:53:43 5720g kernel: R10: ffff81013fb15a60 R11: ffff81013fb10a78 R12: ffff810139a4c560
> Jun 5 22:53:43 5720g kernel: R13: ffff81013bd51ba0 R14: ffff81013fb15d00 R15: 0000000000000004
> Jun 5 22:53:43 5720g kernel: FS: 0000000000000000(0000) GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
> Jun 5 22:53:43 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000 CR3: 0000000000201000 CR4: 00000000000026e0
> Jun 5 22:53:43 5720g kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> Jun 5 22:53:43 5720g kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> Jun 5 22:53:43 5720g kernel: Process events/1 (pid: 10, threadinfo ffff81013fb14000, task ffff81013fb102c0)
> Jun 5 22:53:43 5720g kernel: Stack: ffffffff806f8338 ffffffff8075bca0 ffff81013bd52610 006881013fb10a10
> Jun 5 22:53:43 5720g kernel: 0000000000000006 ffff81013dc86500 ffff81013fb15d00 ffff81013bd51ba0
> Jun 5 22:53:43 5720g kernel: 0000000000000246 0000000000000000 ffff81013fb15c60 ffffffffa02a5431
> Jun 5 22:53:43 5720g kernel: Call Trace:
> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5431>] :iwlcore:iwl_send_cmd_sync+0x8b/0x24e
> Jun 5 22:53:43 5720g kernel: [<ffffffff80257f1d>] ? __lock_acquire+0xbee/0xd5a
> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5645>] :iwlcore:iwl_send_cmd+0x16/0x19
> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a84b3>] :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a855f>] :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
> Jun 5 22:53:43 5720g kernel: [<ffffffffa02b98ae>] :iwl4965:iwl4965_mac_set_key+0xed/0x136
> Jun 5 22:53:43 5720g kernel: [<ffffffffa01762da>] :mac80211:__ieee80211_key_todo+0x109/0x203
> Jun 5 22:53:43 5720g kernel: [<ffffffffa017647a>] :mac80211:ieee80211_key_todo+0x17/0x25
> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176491>] :mac80211:key_todo+0x9/0xb
> Jun 5 22:53:43 5720g kernel: [<ffffffff8024717c>] run_workqueue+0xfc/0x203
> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176488>] ? :mac80211:key_todo+0x0/0xb
> Jun 5 22:53:43 5720g kernel: [<ffffffff80247363>] worker_thread+0xe0/0xf1
> Jun 5 22:53:43 5720g kernel: [<ffffffff8024ad24>] ? autoremove_wake_function+0x0/0x38
> Jun 5 22:53:43 5720g kernel: [<ffffffff80247283>] ? worker_thread+0x0/0xf1
> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9f3>] kthread+0x49/0x76
> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d238>] child_rip+0xa/0x12
> Jun 5 22:53:43 5720g kernel: [<ffffffff8020c7cc>] ? restore_args+0x0/0x30
> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9aa>] ? kthread+0x0/0x76
> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d22e>] ? child_rip+0x0/0x12
> Jun 5 22:53:43 5720g kernel:
> Jun 5 22:53:43 5720g kernel:
> Jun 5 22:53:43 5720g kernel: Code: 69 c8 58 01 00 00 41 8a 06 4d 89 cc 4d 03 a5 10 45 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18 41 0f b7 4e 02 49 8b 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 e4 44 00 00 89 d0 80 cc 04
> Jun 5 22:53:43 5720g kernel: RIP [<ffffffffa02a6dfc>] :iwlcore:iwl_enqueue_hcmd+0x142/0x227
> Jun 5 22:53:43 5720g kernel: RSP <ffff81013fb15b90>
> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000
> Jun 5 22:53:43 5720g kernel: ---[ end trace 58a672208ff93cb1 ]---
And for reference I also tried 2.6.25.4 wich works as it should
--
Thomas
Tomas Winkler skrev:
> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>> Isn't this the Oops Joonwoo Park wanted to patch with
>>
>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>
>> invalid length of webkey that would/should be handled in mac80211?
>>
>> ian
>
> Yes, it looks like.
Ummm, what has a wep key to do with me trying to access a WPA2-Personal
encrypted net ?
> Thomas can you send out your wpa_supplicant config fiele
>
I could, but since I would have to remove any sensitive info such as the
psk key, would it be of any use ?
> I will provide a patch that disable hw encryption on long wep keys. It
> get lost in my todo list.
> Tomas
>
--
Thomas
On Mon, Jun 9, 2008 at 6:55 PM, Dan Williams <[email protected]> wrote:
> On Sun, 2008-06-08 at 18:31 +0300, Tomas Winkler wrote:
>> On Sun, Jun 8, 2008 at 3:21 PM, Thomas Backlund <[email protected]> wrote:
>> > Tomas Winkler skrev:
>> >>
>> >> I'm not sure what distro are you running I haven't seen this
>> >> ifcfg-wlan0 config options
>> >> on my system but can it be that ifcg-wlan0 tries to set wep key which
>> >> will conflict
>> >> with wpa_supplicant setting. Can you try to remove this line from that
>> >> file
>> >>
>> >> ifcfg-wlan0 -
>> >> --- cut ---
>> >> WIRELESS_ENC_KEY='s:*************************'
>> >>
>> >>
>> >
>> >
>> > Nice.
>> >
>> > The distro is Mandriva Cooker (development) but we have the same in Mandriva
>> > 2008.1 Spring.
>> >
>> > Now this has not been any problem with kernels older than 2.6.25, so it's a
>> > regression, isn't it? I mean, shouldn't the module protect itself against
>> > empty variables?
>> >
>> This is not really regression. What happen is that we've enabled hw
>> crypto acceleration by default so when
>> you switched back to sw crypto it still worked.
>> There is bug no question, I believe it's the same bug as Ian Schram
>> and Joonwoo Park reported (PSK key is longer then 128 WEP Key)
>
> I thought that issues was about actual WEP keys larger than 128-bit;
> some D-Link APs and cards allowed 152-bit WEP keys back before WPA was
> common. We decided not to care about those right now, but I didn't
> think that would impact TKIP at all. Does the TKIP key material go
> through the same path in the iwl driver that WEP key material does?
>
> Dan
The problem was that key in ifcfg-wlan0 was used as a WEP key in this
particular case. I'm not sure how long it was (only Thomas know) so
it's just a guess.
What need to be done that driver should return error if long key is
assigned and not to crash.
Tomas
>
>
>> > And that config option also exist in Redhat initscripts ifup-wireless...
>> >
>> > Anyway, you found the initial problem, as the kernel now booted without an
>> > oops, and seems to work, but:
>> >
>>
>> Try to disable this one from th config file MAC80211_DEBUG_PACKET_ALIGNMENT
>>
>> Thanks
>> Tomas
>>
>> 0: switched to short barker preamble (BSSID=00:19:5b:51:dc:27)
>> > wlan0 (WE) : Wireless Event too big (320)
>> > ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
>> > ------------[ cut here ]------------
>> > WARNING: at net/mac80211/rx.c:319 __ieee80211_rx_handle_packet+0x349/0x794
>> > [mac80211]()
>> > Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
>> > snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
>> > xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
>> > cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
>> > freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
>> > mmc_block arc4 ecb crypto_blkcipher battery ac video container output
>> > firewire_ohci firewire_core crc_itu_t sdhci iwl4965 firmware_class mmc_core
>> > yenta_socket rsrc_nonstatic iwlcore pcmcia_core acer_wmi thermal
>> > snd_hda_intel rfkill snd_pcsp button nsc_ircc snd_pcm mac80211 led_class
>> > i2c_i801 irda snd_timer rtc_cmos snd processor rtc_core wmi rtc_lib i2c_core
>> > soundcore iTCO_wdt iTCO_vendor_support snd_page_alloc tg3 cfg80211 intel_agp
>> > joydev crc_ccitt sr_mod serio_raw sg evdev cdrom ide_generic piix ide_core
>> > ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd
>> > ehci_hcd usbcore [last unloaded: nf_conntrack]
>> > Pid: 0, comm: swapper Not tainted 2.6.26-0.rc5.1mdvsmp #1
>> >
>> > Call Trace:
>> > <IRQ> [<ffffffff802371ff>] warn_on_slowpath+0x58/0x94
>> > [<ffffffff8044ad1b>] ? _spin_unlock_irqrestore+0x40/0x57
>> > [<ffffffff8023c2f1>] ? __tasklet_schedule+0xae/0xc5
>> > [<ffffffffa01eab1e>] ? :mac80211:ieee80211_rx_irqsafe+0x63/0x6a
>> > [<ffffffffa0306d32>] ? :iwl4965:iwl4965_handle_data_packet+0x3c3/0x3fd
>> > [<ffffffffa01eb1ce>] :mac80211:__ieee80211_rx_handle_packet+0x349/0x794
>> > [<ffffffff8025791c>] ? __lock_acquire+0x635/0xd5a
>> > [<ffffffffa01eba3c>] ? :mac80211:__ieee80211_rx+0x63/0x538
>> > [<ffffffffa01ebe9d>] :mac80211:__ieee80211_rx+0x4c4/0x538
>> > [<ffffffffa01dc348>] :mac80211:ieee80211_tasklet_handler+0x75/0x11b
>> > [<ffffffff8023c079>] ? tasklet_action+0x4b/0xfb
>> > [<ffffffff8023c0be>] tasklet_action+0x90/0xfb
>> > [<ffffffff8023cae6>] __do_softirq+0x77/0x101
>> > [<ffffffff8020d61c>] call_softirq+0x1c/0x28
>> > [<ffffffff8020e92d>] do_softirq+0x4d/0xb0
>> > [<ffffffff8023c5ab>] irq_exit+0x4e/0x8f
>> > [<ffffffff8020ebc5>] do_IRQ+0xba/0xd8
>> > [<ffffffff8020c6f2>] ret_from_intr+0x0/0x1e
>> > <EOI> [<ffffffff8021fe6d>] ? native_irq_enable+0x6/0x7
>> > [<ffffffffa018d45a>] ? :processor:acpi_idle_enter_bm+0x2cf/0x35e
>> > [<ffffffff803c338a>] ? menu_select+0x6f/0x8f
>> > [<ffffffff803c2395>] ? cpuidle_idle_call+0x95/0xc9
>> > [<ffffffff803c2300>] ? cpuidle_idle_call+0x0/0xc9
>> > [<ffffffff8020b1cc>] ? default_idle+0x0/0x55
>> > [<ffffffff8020b184>] ? cpu_idle+0x9c/0xe4
>> > [<ffffffff80444e86>] ? start_secondary+0x179/0x17d
>> >
>> > ---[ end trace a4f2fe9605e20ed0 ]---
>> >
>> >
>> > --
>> > Thomas
>> >
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
On Sat, Jun 7, 2008 at 4:28 PM, Thomas Backlund <[email protected]> wrote:
> Tomas Winkler skrev:
>>
>> On Sat, Jun 7, 2008 at 12:43 AM, Thomas Backlund <[email protected]> wrote:
>>>
>>> Tomas Winkler skrev:
>>>>
>>>> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]>
>>>> wrote:
>>>>>
>>>>> Tomas Winkler skrev:
>>>>>>
>>>>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]>
>>>>>> wrote:
>>>>>>>
>>>>>>> Thomas Backlund skrev:
>>>>>>>>
>>>>>>>> Tomas Winkler skrev:
>>>>>>>>>
>>>>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]>
>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>>>>
>>>>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>>>>
>>>>>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>>>>>
>>>>>>>>>> ian
>>>>>>>>>
>>>>>>>>> Yes, it looks like.
>>>>>>>>
>>>>>>>> Ummm, what has a wep key to do with me trying to access a
>>>>>>>> WPA2-Personal
>>>>>>>> encrypted net ?
>>>>>>
>>>>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>>>>
>>>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>>>>
>>>>>> Try to set the encryption explicitly
>>>>>> network={
>>>>>> psk="*************************"
>>>>>> scan_ssid=1
>>>>>> ssid="dlink"
>>>>>> pairwise=CCMP
>>>>>> group=CCMP
>>>>>> }
>>>>>>
>>>>>>
>>>>> That didn't help at all.
>>>>>
>>>>> What's more it prevented the wifi to work on 2.6.24.7 so I had to
>>>>> remove
>>>>> the
>>>>> lines again...
>>>>>
>>>> So what's your AP configuration TKIP?
>>>>
>>> I've switched to clean WPA2-AES on the AP, but it does not do any
>>> difference... I still get the oops...
>>>
>>
>> I would like to see the log of this one
>>
>>>> Second try also with sw decryption:
>>>>
>>>> in /etc/modprobe.conf
>>>> options iwl4965 swcrypto=1
>>>>
>>>
>>> That works.
>>> I now run a clean 2.6.26-rc5
>>>
>> Okay thanks for checking this one.
>>
>>> I also tried to bisect between 2.6.25 and 2.6.26-rc1 and ended up with:
>>>
>>> [root@5720g linux-2.6]# git bisect good
>>> 8318d78a44d49ac1edf2bdec7299de3617c4232e is first bad commit
>>> commit 8318d78a44d49ac1edf2bdec7299de3617c4232e
>>> Author: Johannes Berg <[email protected]>
>>> Date: Thu Jan 24 19:38:38 2008 +0100
>>>
>>> cfg80211 API for channels/bitrates, mac80211 and driver conversion
>>>
>>>
>>>
>>> Any more I can provide to help finding the bug ?
>>
>> Just the log from AES try with I will try to reproduce this as soon
>> as I get to this particular AP and 64 bits kernel.
>>
>
> with wpa_supplicant.conf:
> network={
> psk="*************************"
> scan_ssid=1
> ssid="dlink"
> pairwise=CCMP
> group=CCMP
> }
>
> I also rebuilt the 2.6.26-rc5 with enabled mac* and iwl* debug options, so
> the configs are:
>
> [thomas@5720g 1]$ grep MAC8 config-2.6.26-0.rc5.1mdvsmp
> CONFIG_MAC80211=m
> CONFIG_MAC80211_RC_DEFAULT_PID=y
> # CONFIG_MAC80211_RC_DEFAULT_NONE is not set
> CONFIG_MAC80211_RC_DEFAULT="pid"
> CONFIG_MAC80211_RC_PID=y
> CONFIG_MAC80211_MESH=y
> CONFIG_MAC80211_LEDS=y
> CONFIG_MAC80211_DEBUGFS=y
> CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT=y
> CONFIG_MAC80211_DEBUG=y
> CONFIG_MAC80211_HT_DEBUG=y
> CONFIG_MAC80211_VERBOSE_DEBUG=y
> # CONFIG_MAC80211_LOWTX_FRAME_DUMP is not set
> CONFIG_MAC80211_DEBUG_COUNTERS=y
> CONFIG_MAC80211_IBSS_DEBUG=y
> CONFIG_MAC80211_VERBOSE_PS_DEBUG=y
> CONFIG_MAC80211_VERBOSE_MPL_DEBUG=y
>
> [thomas@5720g 1]$ grep IWL config-2.6.26-0.rc5.1mdvsmp
> CONFIG_IWLWIFI=m
> CONFIG_IWLCORE=m
> CONFIG_IWLWIFI_LEDS=y
> CONFIG_IWLWIFI_RFKILL=y
> CONFIG_IWL4965=m
> CONFIG_IWL4965_HT=y
> CONFIG_IWL4965_LEDS=y
> CONFIG_IWL4965_SPECTRUM_MEASUREMENT=y
> CONFIG_IWL4965_SENSITIVITY=y
> CONFIG_IWLWIFI_DEBUG=y
> CONFIG_IWLWIFI_DEBUGFS=y
> CONFIG_IWL3945=m
> CONFIG_IWL3945_SPECTRUM_MEASUREMENT=y
> CONFIG_IWL3945_LEDS=y
> CONFIG_IWL3945_DEBUG=y
>
>
> Here is the log:
>
> Jun 7 16:05:30 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
> Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:radio
> Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:assoc
> Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:RX
> Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:TX
> Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
> Jun 7 16:05:31 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not ready
> Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
> Jun 7 16:05:31 5720g kernel: BUG: unable to handle kernel NULL pointer
> dereference at 0000000000000000
> Jun 7 16:05:31 5720g kernel: IP: [<ffffffffa026e036>]
> :iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
> Jun 7 16:05:31 5720g kernel: PGD 0
> Jun 7 16:05:31 5720g kernel: Oops: 0000 [1] SMP
> Jun 7 16:05:31 5720g kernel: CPU 1
> Jun 7 16:05:31 5720g kernel: Modules linked in: af_packet kvm_intel kvm
> snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device
> snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables x_tables
> binfmt_misc loop dm_mod cpufreq_ondemand cpufreq_conservative
> cpufreq_powersave acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core nvram
> pcmcia ohci1394 ieee1394 mmc_block battery ac arc4 ecb crypto_blkcipher
> firewire_ohci firewire_core video container yenta_socket rsrc_nonstatic
> crc_itu_t sdhci output snd_hda_intel pcmcia_core snd_pcsp iwl4965 mmc_core
> snd_pcm firmware_class nsc_ircc thermal button joydev rtc_cmos snd_timer
> iwlcore irda snd i2c_i801 rtc_core iTCO_wdt rfkill crc_ccitt evdev soundcore
> rtc_lib serio_raw acer_wmi processor mac80211 wmi sr_mod iTCO_vendor_support
> snd_page_alloc i2c_core intel_agp cdrom led_class sg cfg80211 tg3
> ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd
> uhci_hcd ohci_hcd ehci_hcd usbcore [last unloaded: nf_conntrack]
> Jun 7 16:05:31 5720g kernel: Pid: 10, comm: events/1 Not tainted
> 2.6.26-0.rc5.1mdvsmp #1
> Jun 7 16:05:31 5720g kernel: RIP: 0010:[<ffffffffa026e036>]
> [<ffffffffa026e036>] :iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
> Jun 7 16:05:31 5720g kernel: RSP: 0018:ffff81013fb15b60 EFLAGS: 00010086
> Jun 7 16:05:31 5720g kernel: RAX: 0000000000000000 RBX: ffff8100bf84c300
> RCX: 0000000000000064
> Jun 7 16:05:31 5720g kernel: RDX: 0000000000000022 RSI: 0000000000000000
> RDI: ffff8100bf84c318
> Jun 7 16:05:31 5720g kernel: RBP: ffff81013fb15bd0 R08: ffff8100bf941100
> R09: 0000000000000300
> Jun 7 16:05:31 5720g kernel: R10: ffff81013fb15a10 R11: ffff81013fb10a78
> R12: ffff81013fb15cf0
> Jun 7 16:05:31 5720g kernel: R13: 00000000a0290068 R14: ffff81013e1021c0
> R15: ffff8101364a1a20
> Jun 7 16:05:31 5720g kernel: FS: 0000000000000000(0000)
> GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
> Jun 7 16:05:31 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
> 000000008005003b
> Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000 CR3: 0000000000201000
> CR4: 00000000000026e0
> Jun 7 16:05:31 5720g kernel: DR0: 0000000000000000 DR1: 0000000000000000
> DR2: 0000000000000000
> Jun 7 16:05:31 5720g kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0
> DR7: 0000000000000400
> Jun 7 16:05:31 5720g kernel: Process events/1 (pid: 10, threadinfo
> ffff81013fb14000, task ffff81013fb102c0)
> Jun 7 16:05:31 5720g kernel: Stack: ffff81013fb14000 ffffffff806f7ed8
> 0000000000000001 ffffffff806f8660
> Jun 7 16:05:31 5720g kernel: ffffffff806f8648 ffffffff8075bb50
> ffff81013e102c08 000000023fb10a10
> Jun 7 16:05:31 5720g kernel: 0000000000000006 ffff8101364a1a00
> ffff81013fb15cf0 ffff81013e1021c0
> Jun 7 16:05:31 5720g kernel: Call Trace:
> Jun 7 16:05:31 5720g kernel: [<ffffffffa021357e>]
> :iwlcore:iwl_send_cmd_sync+0x94/0x313
> Jun 7 16:05:31 5720g kernel: [<ffffffff80257ed5>] ?
> __lock_acquire+0xbee/0xd5a
> Jun 7 16:05:31 5720g kernel: [<ffffffffa021384e>]
> :iwlcore:iwl_send_cmd+0x16/0x18
> Jun 7 16:05:31 5720g kernel: [<ffffffffa0284784>]
> :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
> Jun 7 16:05:31 5720g kernel: [<ffffffffa0284832>]
> :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
> Jun 7 16:05:31 5720g kernel: [<ffffffffa026d14b>]
> :iwl4965:iwl4965_mac_set_key+0x1c9/0x2d3
> Jun 7 16:05:31 5720g kernel: [<ffffffff803049ed>] ?
> debugfs_remove+0xd5/0xda
> Jun 7 16:05:31 5720g kernel: [<ffffffffa017e3ca>]
> :mac80211:__ieee80211_key_todo+0x124/0x226
> Jun 7 16:05:31 5720g kernel: [<ffffffffa017e57a>]
> :mac80211:ieee80211_key_todo+0x17/0x25
> Jun 7 16:05:31 5720g kernel: [<ffffffffa017e591>]
> :mac80211:key_todo+0x9/0xb
> Jun 7 16:05:31 5720g kernel: [<ffffffff80247104>] run_workqueue+0xfc/0x203
> Jun 7 16:05:31 5720g kernel: [<ffffffffa017e588>] ?
> :mac80211:key_todo+0x0/0xb
> Jun 7 16:05:31 5720g kernel: [<ffffffff802472eb>] worker_thread+0xe0/0xf1
> Jun 7 16:05:31 5720g kernel: [<ffffffff8024acac>] ?
> autoremove_wake_function+0x0/0x38
> Jun 7 16:05:31 5720g kernel: [<ffffffff8024720b>] ? worker_thread+0x0/0xf1
> Jun 7 16:05:31 5720g kernel: [<ffffffff8024a97b>] kthread+0x49/0x76
> Jun 7 16:05:31 5720g kernel: [<ffffffff8020d248>] child_rip+0xa/0x12
> Jun 7 16:05:31 5720g kernel: [<ffffffff8020c7dc>] ? restore_args+0x0/0x30
> Jun 7 16:05:31 5720g kernel: [<ffffffff8024a932>] ? kthread+0x0/0x76
> Jun 7 16:05:31 5720g kernel: [<ffffffff8020d23e>] ? child_rip+0x0/0x12
> Jun 7 16:05:31 5720g kernel:
> Jun 7 16:05:31 5720g kernel:
> Jun 7 16:05:31 5720g kernel: Code: 69 c8 80 01 00 00 41 8a 04 24 4c 89 cb
> 49 03 9e c0 44 00 00 88 43 14 48 89 df f3 a5 48 8d 7b 18 41 0f b7 4c 24 02
> 49 8b 74 24 18 <f3> a4 c6 43 15 00 41 0f b6 96 94 44 00 00 89 d0 80 cc 04 f6
> 43
> Jun 7 16:05:31 5720g kernel: RIP [<ffffffffa026e036>]
> :iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
> Jun 7 16:05:31 5720g kernel: RSP <ffff81013fb15b60>
> Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000
> Jun 7 16:05:31 5720g kernel: ---[ end trace 61cbfb837f7cd04e ]---
>
>
>
>
>> One more thing is suspicious in the WEP key try is that I don't see
>> this can ever happen. The command that should be here iis
>> wlcore:iwl_send_cmd_async
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>]
>> :iwlcore:iwl_send_cmd_sync+0x94/0x257
>> Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ?
>> __lock_acquire+0xbee/0xd5a
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>]
>> :iwlcore:iwl_send_cmd+0x16/0x1b
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>]
>> :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>]
>> :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>]
>> :iwl4965:iwl4965_mac_set_key+0xf1/0x137
>>
>> The code there looks like this
>>
>> int iwl_send_static_wepkey_cmd(struct iwl_priv *priv, u8 send_if_empty)
>> {
>> int i, not_empty = 0;
>> u8 buff[sizeof(struct iwl_wep_cmd) +
>> sizeof(struct iwl_wep_key) * WEP_KEYS_MAX];
>> struct iwl_wep_cmd *wep_cmd = (struct iwl_wep_cmd *)buff;
>> size_t cmd_size = sizeof(struct iwl_wep_cmd);
>> struct iwl_host_cmd cmd = {
>> .id = REPLY_WEPKEY,
>> .data = wep_cmd,
>> .meta.flags = CMD_ASYNC,
>> -----------------------------------------
>> this is async
>> };
>>
>> Thanks
>> Tomas
>>
I'm not sure what distro are you running I haven't seen this
ifcfg-wlan0 config options
on my system but can it be that ifcg-wlan0 tries to set wep key which
will conflict
with wpa_supplicant setting. Can you try to remove this line from that file
ifcfg-wlan0 -
--- cut ---
WIRELESS_ENC_KEY='s:*************************'
Thanks
Tomas
On Fri, 2008-06-06 at 18:12 +0300, Tomas Winkler wrote:
> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> wr=
ote:
> > Tomas Winkler skrev:
> >>
> >> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]>=
wrote:
> >>>
> >>> Thomas Backlund skrev:
> >>>>
> >>>> Tomas Winkler skrev:
> >>>>>
> >>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]>=
wrote:
> >>>>>>
> >>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
> >>>>>>
> >>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
> >>>>>>
> >>>>>> invalid length of webkey that would/should be handled in mac80=
211?
> >>>>>>
> >>>>>> ian
> >>>>>
> >>>>> Yes, it looks like.
> >>>>
> >>>> Ummm, what has a wep key to do with me trying to access a WPA2-P=
ersonal
> >>>> encrypted net ?
> >>
> >> Not sure yet, but mac is trying to assign default/static wep key.
> >>
> >> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
> >> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
> >>
> >> Try to set the encryption explicitly
> >> network=3D{
> >> psk=3D"*************************"
> >> scan_ssid=3D1
> >> ssid=3D"dlink"
> >> pairwise=3DCCMP
> >> group=3DCCMP
> >> }
> >>
> >>
> >
> > That didn't help at all...
> >
> > What's more it prevented the wifi to work on 2.6.24.7 so I had to r=
emove the
> > lines again...
> >
> So what's your AP configuration TKIP?
Yeah, the supplicant log he posted clearly shows that the GTK is TKIP.
=EF=BB=BF> 1212763152.516781: wpa_driver_wext_set_key: alg=3D2 key_idx=3D=
1 set_tx=3D0 seq_len=3D6 key_len=3D32
> 1212763152.516790: WPA: Key negotiation completed with 00:xx:xx:xx:xx=
:xx [PTK=3DCCMP GTK=3DTKIP]
Dan
> Second try also with sw decryption:
>=20
> in /etc/modprobe.conf
> options iwl4965 swcrypto=3D1
>=20
>=20
> Tomas
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wirel=
ess" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Isn't this the Oops Joonwoo Park wanted to patch with
"[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
invalid length of webkey that would/should be handled in mac80211?
ian
Thomas Backlund wrote:
> Thomas Backlund skrev:
>> Thomas Backlund skrev:
>>> Tomas Winkler skrev:
>>>>>
>>>> Can you please verify with latest wireless-testing. git
>>>> Thanks
>>>> Tomas
>>>
>>> Yep. will do...
>>>
>>> I'll report back as soon as I have tried..
>>>
>>
>> No go...
>>
>>> Jun 5 22:53:42 5720g kernel: firmware: requesting
>>> iwlwifi-4965-1.ucode
>>> Jun 5 22:53:42 5720g kernel: Registered led device:
>>> iwl-phy0:radio
>>> Jun 5 22:53:42 5720g kernel: Registered led device:
>>> iwl-phy0:assoc
>>> Jun 5 22:53:42 5720g kernel: Registered led device:
>>> iwl-phy0:RX
>>> Jun 5 22:53:42 5720g kernel: Registered led device:
>>> iwl-phy0:TX
>>> Jun 5 22:53:42 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not
>>> ready
>>> Jun 5 22:53:43 5720g kernel: BUG: unable to handle kernel NULL
>>> pointer dereference at
>>> 0000000000000000
>>> Jun 5 22:53:43 5720g kernel: IP: [<ffffffffa02a6dfc>]
>>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>> Jun 5 22:53:43 5720g kernel: PGD
>>> 0
>>> Jun 5 22:53:43 5720g kernel: Oops: 0000 [1]
>>> SMP
>>> Jun 5 22:53:43 5720g kernel: CPU
>>> 1
>>> Jun 5 22:53:43 5720g kernel: Modules linked in: af_packet kvm_intel
>>> kvm snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq
>>> snd_seq_device snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp
>>> iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
>>> cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
>>> freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
>>> mmc_block arc4 ecb sr_mod cdrom crypto_blkcipher sg battery video ac
>>> yenta_socket output container firewire_ohci rsrc_nonstatic
>>> pcmcia_core sdhci firewire_core iwl4965 iwlcore mmc_core crc_itu_t
>>> i2c_i801 snd_hda_intel rfkill snd_pcsp intel_agp iTCO_wdt nsc_ircc
>>> thermal acer_wmi processor tg3 iTCO_vendor_support snd_pcm joydev
>>> i2c_core snd_timer rtc_cmos button firmware_class rtc_core mac80211
>>> led_class evdev serio_raw snd irda soundcore wmi rtc_lib crc_ccitt
>>> snd_page_alloc cfg80211 ide_generic piix ide_core ata_piix ahci
>>> libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd
>>> usbcore [last unlo
>> aded:
>> nf_conntrack]
>>
>>> Jun 5 22:53:43 5720g kernel: Pid: 10, comm: events/1 Not tainted
>>> 2.6.26-rc4-wl
>>> #1
>>> Jun 5 22:53:43 5720g kernel: RIP: 0010:[<ffffffffa02a6dfc>]
>>> [<ffffffffa02a6dfc>]
>>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>> Jun 5 22:53:43 5720g kernel: RSP: 0018:ffff81013fb15b90 EFLAGS:
>>> 00010086
>>> Jun 5 22:53:43 5720g kernel: RAX: 0000000000000000 RBX:
>>> 0000000000000000 RCX:
>>> 0000000000000064
>>> Jun 5 22:53:43 5720g kernel: RDX: 0000000000000024 RSI:
>>> 0000000000000000 RDI:
>>> ffff810139a4c578
>>> Jun 5 22:53:43 5720g kernel: RBP: ffff81013fb15be0 R08:
>>> ffff810139b31200 R09:
>>> 0000000000000560
>>> Jun 5 22:53:43 5720g kernel: R10: ffff81013fb15a60 R11:
>>> ffff81013fb10a78 R12:
>>> ffff810139a4c560
>>> Jun 5 22:53:43 5720g kernel: R13: ffff81013bd51ba0 R14:
>>> ffff81013fb15d00 R15:
>>> 0000000000000004
>>> Jun 5 22:53:43 5720g kernel: FS: 0000000000000000(0000)
>>> GS:ffff81013fab8ac0(0000)
>>> knlGS:0000000000000000
>>> Jun 5 22:53:43 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
>>> 000000008005003b
>>> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000 CR3:
>>> 0000000000201000 CR4:
>>> 00000000000026e0
>>> Jun 5 22:53:43 5720g kernel: DR0: 0000000000000000 DR1:
>>> 0000000000000000 DR2:
>>> 0000000000000000
>>> Jun 5 22:53:43 5720g kernel: DR3: 0000000000000000 DR6:
>>> 00000000ffff0ff0 DR7:
>>> 0000000000000400
>>> Jun 5 22:53:43 5720g kernel: Process events/1 (pid: 10, threadinfo
>>> ffff81013fb14000, task
>>> ffff81013fb102c0)
>>> Jun 5 22:53:43 5720g kernel: Stack: ffffffff806f8338
>>> ffffffff8075bca0 ffff81013bd52610
>>> 006881013fb10a10
>>> Jun 5 22:53:43 5720g kernel: 0000000000000006 ffff81013dc86500
>>> ffff81013fb15d00
>>> ffff81013bd51ba0
>>> Jun 5 22:53:43 5720g kernel: 0000000000000246 0000000000000000
>>> ffff81013fb15c60
>>> ffffffffa02a5431
>>> Jun 5 22:53:43 5720g kernel: Call
>>> Trace:
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5431>]
>>> :iwlcore:iwl_send_cmd_sync+0x8b/0x24e
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff80257f1d>] ?
>>> __lock_acquire+0xbee/0xd5a
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a5645>]
>>> :iwlcore:iwl_send_cmd+0x16/0x19
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a84b3>]
>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02a855f>]
>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa02b98ae>]
>>> :iwl4965:iwl4965_mac_set_key+0xed/0x136
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa01762da>]
>>> :mac80211:__ieee80211_key_todo+0x109/0x203
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa017647a>]
>>> :mac80211:ieee80211_key_todo+0x17/0x25
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176491>]
>>> :mac80211:key_todo+0x9/0xb
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024717c>]
>>> run_workqueue+0xfc/0x203
>>> Jun 5 22:53:43 5720g kernel: [<ffffffffa0176488>] ?
>>> :mac80211:key_todo+0x0/0xb
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff80247363>]
>>> worker_thread+0xe0/0xf1
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024ad24>] ?
>>> autoremove_wake_function+0x0/0x38
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff80247283>] ?
>>> worker_thread+0x0/0xf1
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9f3>]
>>> kthread+0x49/0x76
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d238>] child_rip+0xa/0x12
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020c7cc>] ?
>>> restore_args+0x0/0x30
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9aa>] ? kthread+0x0/0x76
>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d22e>] ? child_rip+0x0/0x12
>>> Jun 5 22:53:43 5720g kernel:
>>> Jun 5 22:53:43 5720g kernel:
>>> Jun 5 22:53:43 5720g kernel: Code: 69 c8 58 01 00 00 41 8a 06 4d 89
>>> cc 4d 03 a5 10 45 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18
>>> 41 0f b7 4e 02 49 8b 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 e4
>>> 44 00 00 89 d0 80 cc 04
>>> Jun 5 22:53:43 5720g kernel: RIP [<ffffffffa02a6dfc>]
>>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>> Jun 5 22:53:43 5720g kernel: RSP <ffff81013fb15b90>
>>> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000
>>> Jun 5 22:53:43 5720g kernel: ---[ end trace 58a672208ff93cb1 ]---
>>
>>
>> And for reference I also tried 2.6.25.4 wich works as it should
>>
>
> And I have now tested 2.6.26-rc1 wich also has the oops, so I guess it's
> bisect time...
>
>> --
>> Thomas
>>
>
> --
> To unsubscribe from this list: send the line "unsubscribe
> linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
>
On Thu, Jun 5, 2008 at 8:55 PM, Thomas Backlund <[email protected]> wrote:
> Hi,
> (please cc me on replies as I'm not subscribed)
>
> booting a 2.6.26-rc5 x86_64 kernel on a Acer TravelMate 6720G laptop with a
> Intel a/b/g/n wireless gets me this oops in syslog...
>
>> Jun 5 19:55:05 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
>> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:radio
>> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:assoc
>> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:RX
>> Jun 5 19:55:05 5720g kernel: Registered led device: iwl-phy0:TX
>> Jun 5 19:55:05 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not
>> ready
>> Jun 5 19:55:06 5720g kernel: BUG: unable to handle kernel NULL pointer
>> dereference at 0000000000000000
>> Jun 5 19:55:06 5720g kernel: IP: [<ffffffffa020b64d>]
>> :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
>> Jun 5 19:55:06 5720g kernel: PGD 0 Jun 5 19:55:06 5720g kernel: Oops:
>> 0000 [1] SMP Jun 5 19:55:06 5720g kernel: CPU 1 Jun 5 19:55:06 5720g
>> kernel: Modules linked in: af_packet kvm_intel kvm kqemu snd_seq_dummy
>> snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss
>> snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc
>> loop dm_mod cpufreq_ondemand cpufreq_conservative cpufreq_powersave
>> acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia
>> snd_hda_intel ohci1394 mmc_block ieee1394 i2c_i801 arc4 ecb sdhci
>> crypto_blkcipher firewire_ohci snd_pcsp battery firewire_core acer_wmi ac
>> snd_pcm container mmc_core video output crc_itu_t i2c_core iTCO_wdt thermal
>> snd_timer iTCO_vendor_support snd joydev iwl4965 wmi processor button
>> yenta_socket rsrc_nonstatic pcmcia_core firmware_class soundcore
>> snd_page_alloc sr_mod sg serio_raw evdev rtc_cmos nsc_ircc rtc_core rtc_lib
>> intel_agp iwlcore tg3 rfkill mac80211 led_class cdrom irda crc_ccitt
>> cfg80211 ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod
>> ext3 jbd uhci_hcd ohci_hcd ehci_hcd usbcore [las
>
> t unloaded: nf_conntrack]
>>
>> Jun 5 19:55:06 5720g kernel: Pid: 10, comm: events/1 Not tainted
>> 2.6.26-0.rc5.1mdvsmp #1
>> Jun 5 19:55:06 5720g kernel: RIP: 0010:[<ffffffffa020b64d>]
>> [<ffffffffa020b64d>] :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
>> Jun 5 19:55:06 5720g kernel: RSP: 0018:ffff81013fb15b90 EFLAGS: 00010086
>> Jun 5 19:55:06 5720g kernel: RAX: 0000000000000000 RBX: 0000000000000000
>> RCX: 0000000000000064
>> Jun 5 19:55:06 5720g kernel: RDX: 0000000000000022 RSI: 0000000000000000
>> RDI: ffff8100bf84c318
>> Jun 5 19:55:06 5720g kernel: RBP: ffff81013fb15be0 R08: ffff8100bf941100
>> R09: 0000000000000300
>> Jun 5 19:55:06 5720g kernel: R10: ffff81013fb15a60 R11: ffff81013fb10a78
>> R12: ffff8100bf84c300
>> Jun 5 19:55:06 5720g kernel: R13: ffff81013bc81f20 R14: ffff81013fb15d00
>> R15: 0000000000000002
>> Jun 5 19:55:06 5720g kernel: FS: 0000000000000000(0000)
>> GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
>> Jun 5 19:55:06 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
>> 000000008005003b
>> Jun 5 19:55:06 5720g kernel: CR2: 0000000000000000 CR3: 0000000000201000
>> CR4: 00000000000026e0
>> Jun 5 19:55:06 5720g kernel: DR0: 0000000000000000 DR1: 0000000000000000
>> DR2: 0000000000000000
>> Jun 5 19:55:06 5720g kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0
>> DR7: 0000000000000400
>> Jun 5 19:55:06 5720g kernel: Process events/1 (pid: 10, threadinfo
>> ffff81013fb14000, task ffff81013fb102c0)
>> Jun 5 19:55:06 5720g kernel: Stack: ffffffff806f9de8 ffffffff8075c1e0
>> ffff81013bc82968 006881013fb10a10
>> Jun 5 19:55:06 5720g kernel: 0000000000000006 ffff81013d1a5d00
>> ffff81013fb15d00 ffff81013bc81f20
>> Jun 5 19:55:06 5720g kernel: 0000000000000246 ffff81013d1a5dac
>> ffff81013fb15c60 ffffffffa018ee37
>> Jun 5 19:55:06 5720g kernel: Call Trace:
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>]
>> :iwlcore:iwl_send_cmd_sync+0x94/0x257
>> Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ?
>> __lock_acquire+0xbee/0xd5a
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>]
>> :iwlcore:iwl_send_cmd+0x16/0x1b
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>]
>> :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>]
>> :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>]
>> :iwl4965:iwl4965_mac_set_key+0xf1/0x137
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa01543f4>]
>> :mac80211:__ieee80211_key_todo+0x106/0x200
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa0154594>]
>> :mac80211:ieee80211_key_todo+0x17/0x25
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa01545ab>]
>> :mac80211:key_todo+0x9/0xb
>> Jun 5 19:55:06 5720g kernel: [<ffffffff80247104>]
>> run_workqueue+0xfc/0x203
>> Jun 5 19:55:06 5720g kernel: [<ffffffffa01545a2>] ?
>> :mac80211:key_todo+0x0/0xb
>> Jun 5 19:55:06 5720g kernel: [<ffffffff802472eb>]
>> worker_thread+0xe0/0xf1
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8024acac>] ?
>> autoremove_wake_function+0x0/0x38
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8024720b>] ?
>> worker_thread+0x0/0xf1
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8024a97b>] kthread+0x49/0x76
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8020d248>] child_rip+0xa/0x12
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8020c7dc>] ?
>> restore_args+0x0/0x30
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8024a932>] ? kthread+0x0/0x76
>> Jun 5 19:55:06 5720g kernel: [<ffffffff8020d23e>] ? child_rip+0x0/0x12
>> Jun 5 19:55:06 5720g kernel: Jun 5 19:55:06 5720g kernel: Jun 5
>> 19:55:06 5720g kernel: Code: 69 c8 80 01 00 00 41 8a 06 4d 89 cc 4d 03 a5 c0
>> 44 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18 41 0f b7 4e 02 49 8b
>> 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 94 44 00 00 89 d0 80 cc 04 Jun
>> 5 19:55:06 5720g kernel: RIP [<ffffffffa020b64d>]
>> :iwl4965:iwl4965_enqueue_hcmd+0x12a/0x20f
>> Jun 5 19:55:06 5720g kernel: RSP <ffff81013fb15b90>
>> Jun 5 19:55:06 5720g kernel: CR2: 0000000000000000
>> Jun 5 19:55:06 5720g kernel: ---[ end trace c03f2ff7573a0188 ]---
>
>
> and shortly after the system locks up hard...
>
> Config is here:
> http://svn.mandriva.com/cgi-bin/viewvc.cgi/packages/cooker/kernel-linus/current/SOURCES/x86_64-smp.config?revision=215259&view=markup
>
> lspci -vvv about the card:
>>
>> 04:00.0 Network controller: Intel Corporation PRO/Wireless 4965 AG or AGN
>> Network Connection (rev 61)
>> Subsystem: Intel Corporation Device 1101
>> Control: I/O- Mem+ BusMaster+ SpecCycle-
>> MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-
>> Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort-
>> <TAbort- <MAbort- >SERR+ <PERR- INTx- Latency: 0, Cache Line Size: 64
>> bytes
>> Interrupt: pin A routed to IRQ 11
>> Region 0: Memory at f8000000 (64-bit,
>> non-prefetchable) [size=8K]
>> Capabilities: <access denied>
>> Kernel modules: iwl4965
>>
>
> So far I have tested 2.6.26-rc3,rc4,rc5 and all ends up with this oops
>
> If I remove the wlan0 config the kernel will boot, but as soon as I try to
> configure it, I get a lockup...
>
> If it makes any difference, I'm trying to connect to a WPA2-personal
> encrypted wifi on a Dlink DIR-655 Draft-N router...
>
> The last kernel that I used that works was a 2.6.24.7 series kernel
> (I haven't yet tried to see if the 2.6.25.x kernel works)
>
> I thought of posting it here before trying to dig into it any deeper...
>
> Any thoughts?
>
> --
> Thomas
>
Can you please verify with latest wireless-testing. git
Thanks
Tomas
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
>
On Sun, Jun 8, 2008 at 3:21 PM, Thomas Backlund <[email protected]> wrote:
> Tomas Winkler skrev:
>>
>> I'm not sure what distro are you running I haven't seen this
>> ifcfg-wlan0 config options
>> on my system but can it be that ifcg-wlan0 tries to set wep key which
>> will conflict
>> with wpa_supplicant setting. Can you try to remove this line from that
>> file
>>
>> ifcfg-wlan0 -
>> --- cut ---
>> WIRELESS_ENC_KEY='s:*************************'
>>
>>
>
>
> Nice.
>
> The distro is Mandriva Cooker (development) but we have the same in Mandriva
> 2008.1 Spring.
>
> Now this has not been any problem with kernels older than 2.6.25, so it's a
> regression, isn't it? I mean, shouldn't the module protect itself against
> empty variables?
>
This is not really regression. What happen is that we've enabled hw
crypto acceleration by default so when
you switched back to sw crypto it still worked.
There is bug no question, I believe it's the same bug as Ian Schram
and Joonwoo Park reported (PSK key is longer then 128 WEP Key)
> And that config option also exist in Redhat initscripts ifup-wireless...
>
> Anyway, you found the initial problem, as the kernel now booted without an
> oops, and seems to work, but:
>
Try to disable this one from th config file MAC80211_DEBUG_PACKET_ALIGNMENT
Thanks
Tomas
0: switched to short barker preamble (BSSID=00:19:5b:51:dc:27)
> wlan0 (WE) : Wireless Event too big (320)
> ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
> ------------[ cut here ]------------
> WARNING: at net/mac80211/rx.c:319 __ieee80211_rx_handle_packet+0x349/0x794
> [mac80211]()
> Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
> snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
> xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
> cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
> freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
> mmc_block arc4 ecb crypto_blkcipher battery ac video container output
> firewire_ohci firewire_core crc_itu_t sdhci iwl4965 firmware_class mmc_core
> yenta_socket rsrc_nonstatic iwlcore pcmcia_core acer_wmi thermal
> snd_hda_intel rfkill snd_pcsp button nsc_ircc snd_pcm mac80211 led_class
> i2c_i801 irda snd_timer rtc_cmos snd processor rtc_core wmi rtc_lib i2c_core
> soundcore iTCO_wdt iTCO_vendor_support snd_page_alloc tg3 cfg80211 intel_agp
> joydev crc_ccitt sr_mod serio_raw sg evdev cdrom ide_generic piix ide_core
> ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd
> ehci_hcd usbcore [last unloaded: nf_conntrack]
> Pid: 0, comm: swapper Not tainted 2.6.26-0.rc5.1mdvsmp #1
>
> Call Trace:
> <IRQ> [<ffffffff802371ff>] warn_on_slowpath+0x58/0x94
> [<ffffffff8044ad1b>] ? _spin_unlock_irqrestore+0x40/0x57
> [<ffffffff8023c2f1>] ? __tasklet_schedule+0xae/0xc5
> [<ffffffffa01eab1e>] ? :mac80211:ieee80211_rx_irqsafe+0x63/0x6a
> [<ffffffffa0306d32>] ? :iwl4965:iwl4965_handle_data_packet+0x3c3/0x3fd
> [<ffffffffa01eb1ce>] :mac80211:__ieee80211_rx_handle_packet+0x349/0x794
> [<ffffffff8025791c>] ? __lock_acquire+0x635/0xd5a
> [<ffffffffa01eba3c>] ? :mac80211:__ieee80211_rx+0x63/0x538
> [<ffffffffa01ebe9d>] :mac80211:__ieee80211_rx+0x4c4/0x538
> [<ffffffffa01dc348>] :mac80211:ieee80211_tasklet_handler+0x75/0x11b
> [<ffffffff8023c079>] ? tasklet_action+0x4b/0xfb
> [<ffffffff8023c0be>] tasklet_action+0x90/0xfb
> [<ffffffff8023cae6>] __do_softirq+0x77/0x101
> [<ffffffff8020d61c>] call_softirq+0x1c/0x28
> [<ffffffff8020e92d>] do_softirq+0x4d/0xb0
> [<ffffffff8023c5ab>] irq_exit+0x4e/0x8f
> [<ffffffff8020ebc5>] do_IRQ+0xba/0xd8
> [<ffffffff8020c6f2>] ret_from_intr+0x0/0x1e
> <EOI> [<ffffffff8021fe6d>] ? native_irq_enable+0x6/0x7
> [<ffffffffa018d45a>] ? :processor:acpi_idle_enter_bm+0x2cf/0x35e
> [<ffffffff803c338a>] ? menu_select+0x6f/0x8f
> [<ffffffff803c2395>] ? cpuidle_idle_call+0x95/0xc9
> [<ffffffff803c2300>] ? cpuidle_idle_call+0x0/0xc9
> [<ffffffff8020b1cc>] ? default_idle+0x0/0x55
> [<ffffffff8020b184>] ? cpu_idle+0x9c/0xe4
> [<ffffffff80444e86>] ? start_secondary+0x179/0x17d
>
> ---[ end trace a4f2fe9605e20ed0 ]---
>
>
> --
> Thomas
>
> An total independent question: Following the suggestion of Holger
> Schurig I started to extend the Glossary in the wiki (with the
> abbreviations in the source code) a few hours ago, but My extension was
> removed again. Why?
I already explained.
johannes
Tomas Winkler skrev:
> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> wrote:
>> Tomas Winkler skrev:
>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
>>>> Thomas Backlund skrev:
>>>>> Tomas Winkler skrev:
>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>
>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>
>>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>>
>>>>>>> ian
>>>>>> Yes, it looks like.
>>>>> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
>>>>> encrypted net ?
>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>
>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>
>>> Try to set the encryption explicitly
>>> network={
>>> psk="*************************"
>>> scan_ssid=1
>>> ssid="dlink"
>>> pairwise=CCMP
>>> group=CCMP
>>> }
>>>
>>>
>> That didn't help at all.
>>
>> What's more it prevented the wifi to work on 2.6.24.7 so I had to remove the
>> lines again...
>>
> So what's your AP configuration TKIP?
>
I've switched to clean WPA2-AES on the AP, but it does not do any
difference... I still get the oops...
> Second try also with sw decryption:
>
> in /etc/modprobe.conf
> options iwl4965 swcrypto=1
>
That works.
I now run a clean 2.6.26-rc5
I also tried to bisect between 2.6.25 and 2.6.26-rc1 and ended up with:
[root@5720g linux-2.6]# git bisect good
8318d78a44d49ac1edf2bdec7299de3617c4232e is first bad commit
commit 8318d78a44d49ac1edf2bdec7299de3617c4232e
Author: Johannes Berg <[email protected]>
Date: Thu Jan 24 19:38:38 2008 +0100
cfg80211 API for channels/bitrates, mac80211 and driver conversion
Any more I can provide to help finding the bug ?
--
Thomas
On Fri, 2008-06-06 at 18:57 +0300, Thomas Backlund wrote:
> Dan Williams skrev:
> > On Fri, 2008-06-06 at 18:12 +0300, Tomas Winkler wrote:
> >> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]>=
wrote:
> >>> Tomas Winkler skrev:
> >>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]=
g> wrote:
> >>>>> Thomas Backlund skrev:
> >>>>>> Tomas Winkler skrev:
> >>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]=
e> wrote:
> >>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
> >>>>>>>>
> >>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
> >>>>>>>>
> >>>>>>>> invalid length of webkey that would/should be handled in mac=
80211?
> >>>>>>>>
> >>>>>>>> ian
> >>>>>>> Yes, it looks like.
> >>>>>> Ummm, what has a wep key to do with me trying to access a WPA2=
-Personal
> >>>>>> encrypted net ?
> >>>> Not sure yet, but mac is trying to assign default/static wep key=
=2E
> >>>>
> >>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
> >>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
> >>>>
> >>>> Try to set the encryption explicitly
> >>>> network=3D{
> >>>> psk=3D"*************************"
> >>>> scan_ssid=3D1
> >>>> ssid=3D"dlink"
> >>>> pairwise=3DCCMP
> >>>> group=3DCCMP
> >>>> }
> >>>>
> >>>>
> >>> That didn't help at all...
> >>>
> >>> What's more it prevented the wifi to work on 2.6.24.7 so I had to=
remove the
> >>> lines again...
> >>>
> >> So what's your AP configuration TKIP?
> >=20
> > Yeah, the supplicant log he posted clearly shows that the GTK is TK=
IP.
> >=20
> > =EF=BB=BF> 1212763152.516781: wpa_driver_wext_set_key: alg=3D2 key_=
idx=3D1 set_tx=3D0 seq_len=3D6 key_len=3D32
> >> 1212763152.516790: WPA: Key negotiation completed with 00:xx:xx:xx=
:xx:xx [PTK=3DCCMP GTK=3DTKIP]
> >=20
>=20
> The AP is actually set for TKIP+AES
>=20
> BTW, is that better or worse than a clean AES ?
> I'm reading up on it, but I get a lot of conflicting info...
It's less secure than straight AES.
WEP < TKIP < AES/CCMP
Dan
> > Dan
> >=20
> >> Second try also with sw decryption:
> >>
> >> in /etc/modprobe.conf
> >> options iwl4965 swcrypto=3D1
> >>
> >>
> >> Tomas
> >> --
> >> To unsubscribe from this list: send the line "unsubscribe linux-wi=
reless" in
> >> the body of a message to [email protected]
> >> More majordomo info at http://vger.kernel.org/majordomo-info.html
> >=20
>=20
> Thomas
On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> wrote:
> Tomas Winkler skrev:
>>
>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
>>>
>>> Thomas Backlund skrev:
>>>>
>>>> Tomas Winkler skrev:
>>>>>
>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>>>>>
>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>
>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>
>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>
>>>>>> ian
>>>>>
>>>>> Yes, it looks like.
>>>>
>>>> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
>>>> encrypted net ?
>>
>> Not sure yet, but mac is trying to assign default/static wep key.
>>
>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>
>> Try to set the encryption explicitly
>> network={
>> psk="*************************"
>> scan_ssid=1
>> ssid="dlink"
>> pairwise=CCMP
>> group=CCMP
>> }
>>
>>
>
> That didn't help at all...
>
> What's more it prevented the wifi to work on 2.6.24.7 so I had to remove the
> lines again...
>
So what's your AP configuration TKIP?
Second try also with sw decryption:
in /etc/modprobe.conf
options iwl4965 swcrypto=1
Tomas
Dan Williams skrev:
> On Fri, 2008-06-06 at 18:12 +0300, Tomas Winkler wrote:
>> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> w=
rote:
>>> Tomas Winkler skrev:
>>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]>=
wrote:
>>>>> Thomas Backlund skrev:
>>>>>> Tomas Winkler skrev:
>>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]>=
wrote:
>>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>>
>>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>>
>>>>>>>> invalid length of webkey that would/should be handled in mac80=
211?
>>>>>>>>
>>>>>>>> ian
>>>>>>> Yes, it looks like.
>>>>>> Ummm, what has a wep key to do with me trying to access a WPA2-P=
ersonal
>>>>>> encrypted net ?
>>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>>
>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>>
>>>> Try to set the encryption explicitly
>>>> network=3D{
>>>> psk=3D"*************************"
>>>> scan_ssid=3D1
>>>> ssid=3D"dlink"
>>>> pairwise=3DCCMP
>>>> group=3DCCMP
>>>> }
>>>>
>>>>
>>> That didn't help at all...
>>>
>>> What's more it prevented the wifi to work on 2.6.24.7 so I had to r=
emove the
>>> lines again...
>>>
>> So what's your AP configuration TKIP?
>=20
> Yeah, the supplicant log he posted clearly shows that the GTK is TKIP=
=2E
>=20
> =EF=BB=BF> 1212763152.516781: wpa_driver_wext_set_key: alg=3D2 key_id=
x=3D1 set_tx=3D0 seq_len=3D6 key_len=3D32
>> 1212763152.516790: WPA: Key negotiation completed with 00:xx:xx:xx:x=
x:xx [PTK=3DCCMP GTK=3DTKIP]
>=20
The AP is actually set for TKIP+AES
BTW, is that better or worse than a clean AES ?
I'm reading up on it, but I get a lot of conflicting info...
> Dan
>=20
>> Second try also with sw decryption:
>>
>> in /etc/modprobe.conf
>> options iwl4965 swcrypto=3D1
>>
>>
>> Tomas
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-wire=
less" in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>=20
Thomas
On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
> Thomas Backlund skrev:
>>
>> Tomas Winkler skrev:
>>>
>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>>>
>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>
>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>
>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>
>>>> ian
>>>
>>> Yes, it looks like.
>>
>> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
>> encrypted net ?
Not sure yet, but mac is trying to assign default/static wep key.
:iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
:iwlcore:iwl_set_default_wep_key+0xa2/0xbc
Try to set the encryption explicitly
network={
psk="*************************"
scan_ssid=1
ssid="dlink"
pairwise=CCMP
group=CCMP
}
>>
>>> Thomas can you send out your wpa_supplicant config fiele
>>>
>>
>> I could, but since I would have to remove any sensitive info such as the
>> psk key, would it be of any use ?
>
> Anyway, here configs are:
>
> wpa_supplicant.conf
> (I stripped all the comments from the file)
> --- cut ---
> ctrl_interface=/var/run/wpa_supplicant
>
> eapol_version=1
>
> ap_scan=1
>
> fast_reauth=1
>
> blob-base64-exampleblob={
> SGVsbG8gV29ybGQhCg==
> }
>
> network={
> psk="*************************"
> scan_ssid=1
> ssid="dlink"
> }
> --- cut ---
>
> ifcfg-wlan0
> --- cut ---
> DEVICE=wlan0
> BOOTPROTO=dhcp
> ONBOOT=yes
> METRIC=35
> MII_NOT_SUPPORTED=no
> USERCTL=no
> RESOLV_MODS=no
> WIRELESS_MODE=Managed
> WIRELESS_ESSID=dlink
> WIRELESS_ENC_KEY='s:*************************'
> WIRELESS_WPA_DRIVER=wext
> IPV6INIT=no
> IPV6TO4INIT=no
> DHCP_CLIENT=dhclient
> NEEDHOSTNAME=no
> PEERDNS=yes
> PEERYP=yes
> PEERNTPD=no
> --- cut ---
>
>>
>>> I will provide a patch that disable hw encryption on long wep keys. It
>>> get lost in my todo list.
>>> Tomas
>>>
>>
>
> --
> Thomas
>
>
>
On Fri, 2008-06-06 at 16:59 +0300, Tomas Winkler wrote:
> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
> > Thomas Backlund skrev:
> >>
> >> Tomas Winkler skrev:
> >>>
> >>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
> >>>>
> >>>> Isn't this the Oops Joonwoo Park wanted to patch with
> >>>>
> >>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
> >>>>
> >>>> invalid length of webkey that would/should be handled in mac80211?
> >>>>
> >>>> ian
> >>>
> >>> Yes, it looks like.
> >>
> >> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
> >> encrypted net ?
>
> Not sure yet, but mac is trying to assign default/static wep key.
The output of wpa_supplicant with "-dddt" would be quite useful in
figuring this out.
The supplicant does always _clear_ static WEP keys when it starts the
interface, when a connection drops, and when it quits. Maybe that's
where it's coming from? But it should just be setting the "disabled"
bit in the WEXT structure and sending a key of all zeros.
Dan
> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>
> Try to set the encryption explicitly
> network={
> psk="*************************"
> scan_ssid=1
> ssid="dlink"
> pairwise=CCMP
> group=CCMP
> }
>
>
> >>
> >>> Thomas can you send out your wpa_supplicant config fiele
> >>>
> >>
> >> I could, but since I would have to remove any sensitive info such as the
> >> psk key, would it be of any use ?
> >
> > Anyway, here configs are:
> >
> > wpa_supplicant.conf
> > (I stripped all the comments from the file)
> > --- cut ---
> > ctrl_interface=/var/run/wpa_supplicant
> >
> > eapol_version=1
> >
> > ap_scan=1
> >
> > fast_reauth=1
> >
> > blob-base64-exampleblob={
> > SGVsbG8gV29ybGQhCg==
> > }
> >
> > network={
> > psk="*************************"
> > scan_ssid=1
> > ssid="dlink"
> > }
> > --- cut ---
> >
> > ifcfg-wlan0
> > --- cut ---
> > DEVICE=wlan0
> > BOOTPROTO=dhcp
> > ONBOOT=yes
> > METRIC=35
> > MII_NOT_SUPPORTED=no
> > USERCTL=no
> > RESOLV_MODS=no
> > WIRELESS_MODE=Managed
> > WIRELESS_ESSID=dlink
> > WIRELESS_ENC_KEY='s:*************************'
> > WIRELESS_WPA_DRIVER=wext
> > IPV6INIT=no
> > IPV6TO4INIT=no
> > DHCP_CLIENT=dhclient
> > NEEDHOSTNAME=no
> > PEERDNS=yes
> > PEERYP=yes
> > PEERNTPD=no
> > --- cut ---
> >
> >>
> >>> I will provide a patch that disable hw encryption on long wep keys. It
> >>> get lost in my todo list.
> >>> Tomas
> >>>
> >>
> >
> > --
> > Thomas
> >
> >
> >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Tomas Winkler skrev:
> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
>> Thomas Backlund skrev:
>>> Tomas Winkler skrev:
>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>
>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>
>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>
>>>>> ian
>>>> Yes, it looks like.
>>> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
>>> encrypted net ?
>
> Not sure yet, but mac is trying to assign default/static wep key.
>
> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>
> Try to set the encryption explicitly
> network={
> psk="*************************"
> scan_ssid=1
> ssid="dlink"
> pairwise=CCMP
> group=CCMP
> }
>
>
That didn't help at all...
What's more it prevented the wifi to work on 2.6.24.7 so I had to remove
the lines again...
--
Thomas
Dan Williams skrev:
> On Fri, 2008-06-06 at 16:59 +0300, Tomas Winkler wrote:
>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]> wrote:
>>> Thomas Backlund skrev:
>>>> Tomas Winkler skrev:
>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>
>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>
>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>
>>>>>> ian
>>>>> Yes, it looks like.
>>>> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
>>>> encrypted net ?
>> Not sure yet, but mac is trying to assign default/static wep key.
>
> The output of wpa_supplicant with "-dddt" would be quite useful in
> figuring this out.
>
> The supplicant does always _clear_ static WEP keys when it starts the
> interface, when a connection drops, and when it quits. Maybe that's
> where it's coming from? But it should just be setting the "disabled"
> bit in the WEXT structure and sending a key of all zeros.
>
> Dan
>
Here you go:
> [root@5720g /]# wpa_supplicant -dddt -Dwext -iwlan0 -c/etc/wpa_supplicant.conf
> 1212763146.040022: Initializing interface 'wlan0' conf '/etc/wpa_supplicant.conf' driver 'wext' ctrl_interface 'N/A' bridge 'N/A'
> 1212763146.040145: Configuration file '/etc/wpa_supplicant.conf' -> '/etc/wpa_supplicant.conf'
> 1212763146.040159: Reading configuration file '/etc/wpa_supplicant.conf'
> 1212763146.040211: ctrl_interface='/var/run/wpa_supplicant'
> 1212763146.040235: eapol_version=1
> 1212763146.040245: ap_scan=1
> 1212763146.040253: fast_reauth=1
> 1212763146.040261: Line: 10 - start of a new named blob 'exampleblob'
> 1212763146.040287: Line: 14 - start of a new network block
> 1212763146.040305: PSK (ASCII passphrase) - hexdump_ascii(len=25): [REMOVED]
> 1212763146.040318: scan_ssid=1 (0x1)
> 1212763146.040331: ssid - hexdump_ascii(len=5):
> 64 6c 69 6e 6b dlink
> 1212763146.066118: PSK (from passphrase) - hexdump(len=32): [REMOVED]
> 1212763146.066180: Priority group 0
> 1212763146.066192: id=0 ssid='dlink'
> 1212763146.066201: Initializing interface (2) 'wlan0'
> 1212763146.093827: Interface wlan0 set UP - waiting a second for the driver to complete initialization
> 1212763147.094230: SIOCGIWRANGE: WE(compiled)=22 WE(source)=21 enc_capa=0xf
> 1212763147.094254: capabilities: key_mgmt 0xf enc 0xf
> 1212763147.114725: WEXT: Operstate: linkmode=1, operstate=5
> 1212763147.117011: Own MAC address: 00:1d:e0:3e:80:e1
> 1212763147.117018: wpa_driver_wext_set_wpa
> 1212763147.117025: wpa_driver_wext_set_key: alg=0 key_idx=0 set_tx=0 seq_len=0 key_len=0
> 1212763147.120005: wpa_driver_wext_set_key: alg=0 key_idx=1 set_tx=0 seq_len=0 key_len=0
> 1212763147.120011: wpa_driver_wext_set_key: alg=0 key_idx=2 set_tx=0 seq_len=0 key_len=0
> 1212763147.120016: wpa_driver_wext_set_key: alg=0 key_idx=3 set_tx=0 seq_len=0 key_len=0
> 1212763147.120020: wpa_driver_wext_set_countermeasures
> ioctl[SIOCSIWAUTH]: Operation not supported
> WEXT auth param 4 value 0x0 - 1212763147.120079: wpa_driver_wext_set_drop_unencrypted
> ioctl[SIOCSIWAUTH]: Operation not supported
> WEXT auth param 5 value 0x1 - 1212763147.120088: RSN: flushing PMKID list in the driver
> 1212763147.120099: Setting scan request: 0 sec 100000 usec
> 1212763147.121846: EAPOL: SUPP_PAE entering state DISCONNECTED
> 1212763147.121852: EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> 1212763147.121856: EAPOL: SUPP_BE entering state INITIALIZE
> 1212763147.121862: EAP: EAP entering state DISABLED
> 1212763147.121943: Added interface wlan0
> 1212763147.121962: Ignore event for foreign ifindex 3
> 1212763147.121967: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763147.121972: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> 1212763147.121978: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763147.121982: Wireless event: cmd=0x8b06 len=12
> 1212763147.221020: State: DISCONNECTED -> SCANNING
> 1212763147.221042: Starting AP scan (specific SSID)
> 1212763147.221045: Scan SSID - hexdump_ascii(len=5):
> 64 6c 69 6e 6b dlink
> 1212763147.221053: Trying to get current scan results first without requesting a new scan to speed up initial association
> 1212763147.221076: Received 0 bytes of scan results (0 BSSes)
> 1212763147.221092: CTRL-EVENT-SCAN-RESULTS
> 1212763147.221096: Selecting BSS from priority group 0
> 1212763147.221100: Try to find WPA-enabled AP
> 1212763147.221103: Try to find non-WPA AP
> 1212763147.221106: No suitable AP found.
> 1212763147.221109: Setting scan request: 0 sec 0 usec
> 1212763147.221118: Starting AP scan (broadcast SSID)
> 1212763147.221144: Scan requested (ret=0) - scan timeout 5 seconds
> 1212763148.123014: EAPOL: disable timer tick
> 1212763149.305979: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763149.306027: Wireless event: cmd=0x8b19 len=16
> 1212763149.306078: Received 299 bytes of scan results (1 BSSes)
> 1212763149.306096: CTRL-EVENT-SCAN-RESULTS
> 1212763149.306104: Selecting BSS from priority group 0
> 1212763149.306123: Try to find WPA-enabled AP
> 1212763149.306132: 0: 00:19:5b:51:dc:27 ssid='dlink' wpa_ie_len=0 rsn_ie_len=24 caps=0x11
> 1212763149.306160: selected based on RSN IE
> 1212763149.306167: selected WPA AP 00:19:5b:51:dc:27 ssid='dlink'
> 1212763149.306177: Try to find non-WPA AP
> 1212763149.306190: Trying to associate with 00:19:5b:51:dc:27 (SSID='dlink' freq=2472 MHz)
> 1212763149.306200: Cancelling scan request
> 1212763149.306207: WPA: clearing own WPA/RSN IE
> 1212763149.306214: Automatic auth_alg selection: 0x1
> 1212763149.306234: RSN: using IEEE 802.11i/D9.0
> 1212763149.306243: WPA: Selected cipher suites: group 8 pairwise 24 key_mgmt 2 proto 2
> 1212763149.306256: WPA: clearing AP WPA IE
> 1212763149.306263: WPA: set AP RSN IE - hexdump(len=26): 30 18 01 00 00 0f ac 02 02 00 00 0f ac 02 00 0f ac 04 01 00 00 0f ac 02 00 00
> 1212763149.306286: WPA: using GTK TKIP
> 1212763149.306294: WPA: using PTK CCMP
> 1212763149.306302: WPA: using KEY_MGMT WPA-PSK
> 1212763149.306310: WPA: Set own WPA IE default - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
> 1212763149.306330: No keys have been configured - skip key clearing
> 1212763149.306338: wpa_driver_wext_set_drop_unencrypted
> ioctl[SIOCSIWAUTH]: Operation not supported
> WEXT auth param 5 value 0x1 - 1212763149.306381: State: SCANNING -> ASSOCIATING
> 1212763149.306389: wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
> 1212763149.306397: WEXT: Operstate: linkmode=-1, operstate=5
> 1212763149.306421: wpa_driver_wext_associate
> 1212763149.310563: Setting authentication timeout: 10 sec 0 usec
> 1212763149.310612: EAPOL: External notification - EAP success=0
> 1212763149.310626: EAPOL: External notification - EAP fail=0
> 1212763149.310636: EAPOL: External notification - portControl=Auto
> 1212763149.310649: RSN: Ignored PMKID candidate without preauth flag
> 1212763149.310682: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763149.310694: Wireless event: cmd=0x8b06 len=12
> 1212763149.310706: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763149.310715: Wireless event: cmd=0x8b04 len=16
> 1212763149.310726: RTM_NEWLINK: operstate=0 ifi_flags=0x1003 ([UP])
> 1212763149.310734: Wireless event: cmd=0x8b1a len=21
> 1212763149.519153: RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
> 1212763149.519184: Wireless event: cmd=0x8b15 len=24
> 1212763149.519194: Wireless event: new AP: 00:19:5b:51:dc:27
> 1212763149.519206: State: ASSOCIATING -> ASSOCIATED
> 1212763149.519216: wpa_driver_wext_set_operstate: operstate 0->0 (DORMANT)
> 1212763149.519226: WEXT: Operstate: linkmode=-1, operstate=5
> 1212763149.530138: Associated to a new BSS: BSSID=00:19:5b:51:dc:27
> 1212763149.530157: No keys have been configured - skip key clearing
> 1212763149.530169: Associated with 00:19:5b:51:dc:27
> 1212763149.530233: WPA: Association event - clear replay counter
> 1212763149.530244: EAPOL: External notification - portEnabled=0
> 1212763149.530271: EAPOL: External notification - portValid=0
> 1212763149.530279: EAPOL: External notification - EAP success=0
> 1212763149.530287: EAPOL: External notification - portEnabled=1
> 1212763149.530294: EAPOL: SUPP_PAE entering state CONNECTING
> 1212763149.530301: EAPOL: enable timer tick
> 1212763149.530311: EAPOL: SUPP_BE entering state IDLE
> 1212763149.530322: Setting authentication timeout: 10 sec 0 usec
> 1212763149.530333: Cancelling scan request
> 1212763149.530345: RTM_NEWLINK: operstate=0 ifi_flags=0x11003 ([UP][LOWER_UP])
> 1212763149.530357: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> 1212763152.515014: RX EAPOL from 00:19:5b:51:dc:27
> 1212763152.515048: RX EAPOL - hexdump(len=99): 01 03 00 5f 02 00 8a 00 10 00 00 00 00 00 00 00 68 f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 1212763152.515091: Setting authentication timeout: 10 sec 0 usec
> 1212763152.515106: IEEE 802.1X RX: version=1 type=3 length=95
> 1212763152.515114: EAPOL-Key type=2
> 1212763152.515133: key_info 0x8a (ver=2 keyidx=0 rsvd=0 Pairwise Ack)
> 1212763152.515145: key_length=16 key_data_length=0
> 1212763152.515154: replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 68
> 1212763152.515158: key_nonce - hexdump(len=32): f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35
> 1212763152.515166: key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 1212763152.515171: key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
> 1212763152.515176: key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
> 1212763152.515180: key_mic - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 1212763152.515188: WPA: RX EAPOL-Key - hexdump(len=99): 01 03 00 5f 02 00 8a 00 10 00 00 00 00 00 00 00 68 f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 1212763152.515213: State: ASSOCIATED -> 4WAY_HANDSHAKE
> 1212763152.515217: WPA: RX message 1 of 4-Way Handshake from 00:19:5b:51:dc:27 (ver=2)
> 1212763152.515221: RSN: msg 1/4 key data - hexdump(len=0):
> 1212763152.515883: WPA: Renewed SNonce - hexdump(len=32): ac 4d 7a ca 6a 9b 0e 61 95 80 01 39 30 18 71 30 2d 20 69 a7 73 08 0c f2 99 03 aa 53 0a 89 01 50
> 1212763152.515905: WPA: PTK derivation - A1=00:1d:e0:3e:80:e1 A2=00:19:5b:51:dc:27
> 1212763152.515910: WPA: PMK - hexdump(len=32): [REMOVED]
> 1212763152.515913: WPA: PTK - hexdump(len=64): [REMOVED]
> 1212763152.515916: WPA: WPA IE for msg 2/4 - hexdump(len=22): 30 14 01 00 00 0f ac 02 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
> 1212763152.515924: WPA: Sending EAPOL-Key 2/4
> 1212763152.515930: WPA: TX EAPOL-Key - hexdump(len=121): 01 03 00 75 02 01 0a 00 00 00 00 00 00 00 00 00 68 ac 4d 7a ca 6a 9b 0e 61 95 80 01 39 30 18 71 30 2d 20 69 a7 73 08 0c f2 99 03 aa 53 0a 89 01 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 6f ec ba e2 f6 21 9c f7 f6 f3 09 7f ca 94 7b b3 00 16 30 14 01 00 00 0f ac 02 01 00 00 0f ac 04 01 00 00 0f ac 02 00 00
> 1212763152.516492: RX EAPOL from 00:19:5b:51:dc:27
> 1212763152.516503: RX EAPOL - hexdump(len=179): 01 03 00 af 02 13 ca 00 10 00 00 00 00 00 00 00 69 f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a f7 fa a0 c1 05 c8 0d 00 d4 7a 0b 55 57 fb 9d 00 50 dc 24 80 1b ca c4 a3 51 29 a7 e9 b2 0c 9e 08 9b 43 4e a2 9e 91 df e9 62 79 61 64 f2 98 0b 21 e9 5a 48 60 66 0d 9b ae d5 e9 c9 cb 1b 09 91 92 a2 39 8c e6 8d 8a 29 ff bd 04 d2 f2 50 62 61 ac 98 b1 76 38 d7 f5 ba 92 7e 55 26 ff e1 ae 34 49 a9
> 1212763152.516570: IEEE 802.1X RX: version=1 type=3 length=175
> 1212763152.516573: EAPOL-Key type=2
> 1212763152.516576: key_info 0x13ca (ver=2 keyidx=0 rsvd=0 Pairwise Install Ack MIC Secure Encr)
> 1212763152.516581: key_length=16 key_data_length=80
> 1212763152.516584: replay_counter - hexdump(len=8): 00 00 00 00 00 00 00 69
> 1212763152.516588: key_nonce - hexdump(len=32): f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35
> 1212763152.516596: key_iv - hexdump(len=16): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 1212763152.516601: key_rsc - hexdump(len=8): 00 00 00 00 00 00 00 00
> 1212763152.516605: key_id (reserved) - hexdump(len=8): 00 00 00 00 00 00 00 00
> 1212763152.516610: key_mic - hexdump(len=16): 0a f7 fa a0 c1 05 c8 0d 00 d4 7a 0b 55 57 fb 9d
> 1212763152.516616: WPA: RX EAPOL-Key - hexdump(len=179): 01 03 00 af 02 13 ca 00 10 00 00 00 00 00 00 00 69 f3 84 11 be 67 17 79 50 a3 97 e9 a5 89 82 5a 9b 08 04 58 b5 e4 ad a5 22 ea 94 70 b6 82 42 97 35 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0a f7 fa a0 c1 05 c8 0d 00 d4 7a 0b 55 57 fb 9d 00 50 dc 24 80 1b ca c4 a3 51 29 a7 e9 b2 0c 9e 08 9b 43 4e a2 9e 91 df e9 62 79 61 64 f2 98 0b 21 e9 5a 48 60 66 0d 9b ae d5 e9 c9 cb 1b 09 91 92 a2 39 8c e6 8d 8a 29 ff bd 04 d2 f2 50 62 61 ac 98 b1 76 38 d7 f5 ba 92 7e 55 26 ff e1 ae 34 49 a9
> 1212763152.516647: RSN: encrypted key data - hexdump(len=80): dc 24 80 1b ca c4 a3 51 29 a7 e9 b2 0c 9e 08 9b 43 4e a2 9e 91 df e9 62 79 61 64 f2 98 0b 21 e9 5a 48 60 66 0d 9b ae d5 e9 c9 cb 1b 09 91 92 a2 39 8c e6 8d 8a 29 ff bd 04 d2 f2 50 62 61 ac 98 b1 76 38 d7 f5 ba 92 7e 55 26 ff e1 ae 34 49 a9
> 1212763152.516679: WPA: decrypted EAPOL-Key key data - hexdump(len=72): [REMOVED]
> 1212763152.516683: State: 4WAY_HANDSHAKE -> 4WAY_HANDSHAKE
> 1212763152.516686: WPA: RX message 3 of 4-Way Handshake from 00:19:5b:51:dc:27 (ver=2)
> 1212763152.516691: WPA: IE KeyData - hexdump(len=72): 30 18 01 00 00 0f ac 02 02 00 00 0f ac 02 00 0f ac 04 01 00 00 0f ac 02 00 00 dd 26 00 0f ac 01 01 00 ab 64 ea 2a 8c 1c 5a 8e e6 e6 39 9b 95 a2 64 44 14 67 f2 01 ee 76 99 37 02 7f 39 2f 61 db 69 0b dd 00 00 00 00 00
> 1212763152.516706: WPA: Sending EAPOL-Key 4/4
> 1212763152.516711: WPA: TX EAPOL-Key - hexdump(len=99): 01 03 00 5f 02 03 0a 00 00 00 00 00 00 00 00 00 69 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 19 ef 3b 8a 23 ec ce 67 74 87 18 61 1f 8d 8f de 00 00
> 1212763152.516734: WPA: Installing PTK to the driver.
> 1212763152.516738: wpa_driver_wext_set_key: alg=3 key_idx=0 set_tx=1 seq_len=6 key_len=16
> 1212763152.516759: EAPOL: External notification - portValid=1
> 1212763152.516764: State: 4WAY_HANDSHAKE -> GROUP_HANDSHAKE
> 1212763152.516767: RSN: received GTK in pairwise handshake - hexdump(len=34): [REMOVED]
> 1212763152.516770: WPA: Group Key - hexdump(len=32): [REMOVED]
> 1212763152.516774: WPA: Installing GTK to the driver (keyidx=1 tx=0 len=32).
> 1212763152.516777: WPA: RSC - hexdump(len=6): 00 00 00 00 00 00
> 1212763152.516781: wpa_driver_wext_set_key: alg=2 key_idx=1 set_tx=0 seq_len=6 key_len=32
> 1212763152.516790: WPA: Key negotiation completed with 00:19:5b:51:dc:27 [PTK=CCMP GTK=TKIP]
> 1212763152.516794: Cancelling scan request
> 1212763152.516797: Cancelling authentication timeout
> 1212763152.516801: State: GROUP_HANDSHAKE -> COMPLETED
> 1212763152.516806: CTRL-EVENT-CONNECTED - Connection to 00:19:5b:51:dc:27 completed (auth) [id=0 id_str=]
> 1212763152.516809: wpa_driver_wext_set_operstate: operstate 0->1 (UP)
> 1212763152.516813: WEXT: Operstate: linkmode=-1, operstate=6
> 1212763152.520567: EAPOL: External notification - portValid=1
> 1212763152.520574: EAPOL: External notification - EAP success=1
> 1212763152.520578: EAPOL: SUPP_PAE entering state AUTHENTICATING
> 1212763152.520581: EAPOL: SUPP_BE entering state SUCCESS
> 1212763152.520591: EAP: EAP entering state DISABLED
> 1212763152.520595: EAPOL: SUPP_PAE entering state AUTHENTICATED
> 1212763152.520598: EAPOL: SUPP_BE entering state IDLE
> 1212763152.520602: EAPOL authentication completed successfully
> 1212763152.520614: RTM_NEWLINK: operstate=1 ifi_flags=0x11043 ([UP][RUNNING][LOWER_UP])
> 1212763152.520620: RTM_NEWLINK, IFLA_IFNAME: Interface 'wlan0' added
> 1212763152.531758: EAPOL: startWhen --> 0
> 1212763152.531766: EAPOL: disable timer tick
Tomas Winkler skrev:
> On Sat, Jun 7, 2008 at 12:43 AM, Thomas Backlund <[email protected]> wrote:
>> Tomas Winkler skrev:
>>> On Fri, Jun 6, 2008 at 5:51 PM, Thomas Backlund <[email protected]> wrote:
>>>> Tomas Winkler skrev:
>>>>> On Fri, Jun 6, 2008 at 3:33 PM, Thomas Backlund <[email protected]>
>>>>> wrote:
>>>>>> Thomas Backlund skrev:
>>>>>>> Tomas Winkler skrev:
>>>>>>>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]>
>>>>>>>> wrote:
>>>>>>>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>>>>>>>
>>>>>>>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>>>>>>>
>>>>>>>>> invalid length of webkey that would/should be handled in mac80211?
>>>>>>>>>
>>>>>>>>> ian
>>>>>>>> Yes, it looks like.
>>>>>>> Ummm, what has a wep key to do with me trying to access a
>>>>>>> WPA2-Personal
>>>>>>> encrypted net ?
>>>>> Not sure yet, but mac is trying to assign default/static wep key.
>>>>>
>>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>>> :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>>>
>>>>> Try to set the encryption explicitly
>>>>> network={
>>>>> psk="*************************"
>>>>> scan_ssid=1
>>>>> ssid="dlink"
>>>>> pairwise=CCMP
>>>>> group=CCMP
>>>>> }
>>>>>
>>>>>
>>>> That didn't help at all.
>>>>
>>>> What's more it prevented the wifi to work on 2.6.24.7 so I had to remove
>>>> the
>>>> lines again...
>>>>
>>> So what's your AP configuration TKIP?
>>>
>> I've switched to clean WPA2-AES on the AP, but it does not do any
>> difference... I still get the oops...
>>
>
> I would like to see the log of this one
>
>>> Second try also with sw decryption:
>>>
>>> in /etc/modprobe.conf
>>> options iwl4965 swcrypto=1
>>>
>>
>> That works.
>> I now run a clean 2.6.26-rc5
>>
> Okay thanks for checking this one.
>
>> I also tried to bisect between 2.6.25 and 2.6.26-rc1 and ended up with:
>>
>> [root@5720g linux-2.6]# git bisect good
>> 8318d78a44d49ac1edf2bdec7299de3617c4232e is first bad commit
>> commit 8318d78a44d49ac1edf2bdec7299de3617c4232e
>> Author: Johannes Berg <[email protected]>
>> Date: Thu Jan 24 19:38:38 2008 +0100
>>
>> cfg80211 API for channels/bitrates, mac80211 and driver conversion
>>
>>
>>
>> Any more I can provide to help finding the bug ?
>
> Just the log from AES try with I will try to reproduce this as soon
> as I get to this particular AP and 64 bits kernel.
>
with wpa_supplicant.conf:
network={
psk="*************************"
scan_ssid=1
ssid="dlink"
pairwise=CCMP
group=CCMP
}
I also rebuilt the 2.6.26-rc5 with enabled mac* and iwl* debug options,
so the configs are:
[thomas@5720g 1]$ grep MAC8 config-2.6.26-0.rc5.1mdvsmp
CONFIG_MAC80211=m
CONFIG_MAC80211_RC_DEFAULT_PID=y
# CONFIG_MAC80211_RC_DEFAULT_NONE is not set
CONFIG_MAC80211_RC_DEFAULT="pid"
CONFIG_MAC80211_RC_PID=y
CONFIG_MAC80211_MESH=y
CONFIG_MAC80211_LEDS=y
CONFIG_MAC80211_DEBUGFS=y
CONFIG_MAC80211_DEBUG_PACKET_ALIGNMENT=y
CONFIG_MAC80211_DEBUG=y
CONFIG_MAC80211_HT_DEBUG=y
CONFIG_MAC80211_VERBOSE_DEBUG=y
# CONFIG_MAC80211_LOWTX_FRAME_DUMP is not set
CONFIG_MAC80211_DEBUG_COUNTERS=y
CONFIG_MAC80211_IBSS_DEBUG=y
CONFIG_MAC80211_VERBOSE_PS_DEBUG=y
CONFIG_MAC80211_VERBOSE_MPL_DEBUG=y
[thomas@5720g 1]$ grep IWL config-2.6.26-0.rc5.1mdvsmp
CONFIG_IWLWIFI=m
CONFIG_IWLCORE=m
CONFIG_IWLWIFI_LEDS=y
CONFIG_IWLWIFI_RFKILL=y
CONFIG_IWL4965=m
CONFIG_IWL4965_HT=y
CONFIG_IWL4965_LEDS=y
CONFIG_IWL4965_SPECTRUM_MEASUREMENT=y
CONFIG_IWL4965_SENSITIVITY=y
CONFIG_IWLWIFI_DEBUG=y
CONFIG_IWLWIFI_DEBUGFS=y
CONFIG_IWL3945=m
CONFIG_IWL3945_SPECTRUM_MEASUREMENT=y
CONFIG_IWL3945_LEDS=y
CONFIG_IWL3945_DEBUG=y
Here is the log:
Jun 7 16:05:30 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:radio
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:assoc
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:RX
Jun 7 16:05:30 5720g kernel: Registered led device: iwl-phy0:TX
Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
Jun 7 16:05:31 5720g kernel: ADDRCONF(NETDEV_UP): wlan0: link is not ready
Jun 7 16:05:31 5720g kernel: phy0: HW CONFIG: freq=2412
Jun 7 16:05:31 5720g kernel: BUG: unable to handle kernel NULL pointer
dereference at 0000000000000000
Jun 7 16:05:31 5720g kernel: IP: [<ffffffffa026e036>]
:iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: PGD 0
Jun 7 16:05:31 5720g kernel: Oops: 0000 [1] SMP
Jun 7 16:05:31 5720g kernel: CPU 1
Jun 7 16:05:31 5720g kernel: Modules linked in: af_packet kvm_intel kvm
snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device
snd_pcm_oss snd_mixer_oss ipv6 xt_tcpudp iptable_filter ip_tables
x_tables binfmt_misc loop dm_mod cpufreq_ondemand cpufreq_conservative
cpufreq_powersave acpi_cpufreq freq_table tifm_sd tifm_7xx1 tifm_core
nvram pcmcia ohci1394 ieee1394 mmc_block battery ac arc4 ecb
crypto_blkcipher firewire_ohci firewire_core video container
yenta_socket rsrc_nonstatic crc_itu_t sdhci output snd_hda_intel
pcmcia_core snd_pcsp iwl4965 mmc_core snd_pcm firmware_class nsc_ircc
thermal button joydev rtc_cmos snd_timer iwlcore irda snd i2c_i801
rtc_core iTCO_wdt rfkill crc_ccitt evdev soundcore rtc_lib serio_raw
acer_wmi processor mac80211 wmi sr_mod iTCO_vendor_support
snd_page_alloc i2c_core intel_agp cdrom led_class sg cfg80211 tg3
ide_generic piix ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3
jbd uhci_hcd ohci_hcd ehci_hcd usbcore [last unloaded: nf_conntrack]
Jun 7 16:05:31 5720g kernel: Pid: 10, comm: events/1 Not tainted
2.6.26-0.rc5.1mdvsmp #1
Jun 7 16:05:31 5720g kernel: RIP: 0010:[<ffffffffa026e036>]
[<ffffffffa026e036>] :iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: RSP: 0018:ffff81013fb15b60 EFLAGS: 00010086
Jun 7 16:05:31 5720g kernel: RAX: 0000000000000000 RBX:
ffff8100bf84c300 RCX: 0000000000000064
Jun 7 16:05:31 5720g kernel: RDX: 0000000000000022 RSI:
0000000000000000 RDI: ffff8100bf84c318
Jun 7 16:05:31 5720g kernel: RBP: ffff81013fb15bd0 R08:
ffff8100bf941100 R09: 0000000000000300
Jun 7 16:05:31 5720g kernel: R10: ffff81013fb15a10 R11:
ffff81013fb10a78 R12: ffff81013fb15cf0
Jun 7 16:05:31 5720g kernel: R13: 00000000a0290068 R14:
ffff81013e1021c0 R15: ffff8101364a1a20
Jun 7 16:05:31 5720g kernel: FS: 0000000000000000(0000)
GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
Jun 7 16:05:31 5720g kernel: CS: 0010 DS: 0018 ES: 0018 CR0:
000000008005003b
Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000 CR3:
0000000000201000 CR4: 00000000000026e0
Jun 7 16:05:31 5720g kernel: DR0: 0000000000000000 DR1:
0000000000000000 DR2: 0000000000000000
Jun 7 16:05:31 5720g kernel: DR3: 0000000000000000 DR6:
00000000ffff0ff0 DR7: 0000000000000400
Jun 7 16:05:31 5720g kernel: Process events/1 (pid: 10, threadinfo
ffff81013fb14000, task ffff81013fb102c0)
Jun 7 16:05:31 5720g kernel: Stack: ffff81013fb14000 ffffffff806f7ed8
0000000000000001 ffffffff806f8660
Jun 7 16:05:31 5720g kernel: ffffffff806f8648 ffffffff8075bb50
ffff81013e102c08 000000023fb10a10
Jun 7 16:05:31 5720g kernel: 0000000000000006 ffff8101364a1a00
ffff81013fb15cf0 ffff81013e1021c0
Jun 7 16:05:31 5720g kernel: Call Trace:
Jun 7 16:05:31 5720g kernel: [<ffffffffa021357e>]
:iwlcore:iwl_send_cmd_sync+0x94/0x313
Jun 7 16:05:31 5720g kernel: [<ffffffff80257ed5>] ?
__lock_acquire+0xbee/0xd5a
Jun 7 16:05:31 5720g kernel: [<ffffffffa021384e>]
:iwlcore:iwl_send_cmd+0x16/0x18
Jun 7 16:05:31 5720g kernel: [<ffffffffa0284784>]
:iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
Jun 7 16:05:31 5720g kernel: [<ffffffffa0284832>]
:iwl4965:iwl_set_default_wep_key+0xa4/0xbe
Jun 7 16:05:31 5720g kernel: [<ffffffffa026d14b>]
:iwl4965:iwl4965_mac_set_key+0x1c9/0x2d3
Jun 7 16:05:31 5720g kernel: [<ffffffff803049ed>] ?
debugfs_remove+0xd5/0xda
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e3ca>]
:mac80211:__ieee80211_key_todo+0x124/0x226
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e57a>]
:mac80211:ieee80211_key_todo+0x17/0x25
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e591>]
:mac80211:key_todo+0x9/0xb
Jun 7 16:05:31 5720g kernel: [<ffffffff80247104>] run_workqueue+0xfc/0x203
Jun 7 16:05:31 5720g kernel: [<ffffffffa017e588>] ?
:mac80211:key_todo+0x0/0xb
Jun 7 16:05:31 5720g kernel: [<ffffffff802472eb>] worker_thread+0xe0/0xf1
Jun 7 16:05:31 5720g kernel: [<ffffffff8024acac>] ?
autoremove_wake_function+0x0/0x38
Jun 7 16:05:31 5720g kernel: [<ffffffff8024720b>] ? worker_thread+0x0/0xf1
Jun 7 16:05:31 5720g kernel: [<ffffffff8024a97b>] kthread+0x49/0x76
Jun 7 16:05:31 5720g kernel: [<ffffffff8020d248>] child_rip+0xa/0x12
Jun 7 16:05:31 5720g kernel: [<ffffffff8020c7dc>] ? restore_args+0x0/0x30
Jun 7 16:05:31 5720g kernel: [<ffffffff8024a932>] ? kthread+0x0/0x76
Jun 7 16:05:31 5720g kernel: [<ffffffff8020d23e>] ? child_rip+0x0/0x12
Jun 7 16:05:31 5720g kernel:
Jun 7 16:05:31 5720g kernel:
Jun 7 16:05:31 5720g kernel: Code: 69 c8 80 01 00 00 41 8a 04 24 4c 89
cb 49 03 9e c0 44 00 00 88 43 14 48 89 df f3 a5 48 8d 7b 18 41 0f b7 4c
24 02 49 8b 74 24 18 <f3> a4 c6 43 15 00 41 0f b6 96 94 44 00 00 89 d0
80 cc 04 f6 43
Jun 7 16:05:31 5720g kernel: RIP [<ffffffffa026e036>]
:iwl4965:iwl4965_enqueue_hcmd+0x175/0x2c2
Jun 7 16:05:31 5720g kernel: RSP <ffff81013fb15b60>
Jun 7 16:05:31 5720g kernel: CR2: 0000000000000000
Jun 7 16:05:31 5720g kernel: ---[ end trace 61cbfb837f7cd04e ]---
> One more thing is suspicious in the WEP key try is that I don't see
> this can ever happen. The command that should be here iis
> wlcore:iwl_send_cmd_async
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018ee37>]
> :iwlcore:iwl_send_cmd_sync+0x94/0x257
> Jun 5 19:55:06 5720g kernel: [<ffffffff80257ed5>] ? __lock_acquire+0xbee/0xd5a
> Jun 5 19:55:06 5720g kernel: [<ffffffffa018f04b>]
> :iwlcore:iwl_send_cmd+0x16/0x1b
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218c41>]
> :iwl4965:iwl_send_static_wepkey_cmd+0xcb/0xd5
> Jun 5 19:55:06 5720g kernel: [<ffffffffa0218cef>]
> :iwl4965:iwl_set_default_wep_key+0xa4/0xbe
> Jun 5 19:55:06 5720g kernel: [<ffffffffa020ae00>]
> :iwl4965:iwl4965_mac_set_key+0xf1/0x137
>
> The code there looks like this
>
> int iwl_send_static_wepkey_cmd(struct iwl_priv *priv, u8 send_if_empty)
> {
> int i, not_empty = 0;
> u8 buff[sizeof(struct iwl_wep_cmd) +
> sizeof(struct iwl_wep_key) * WEP_KEYS_MAX];
> struct iwl_wep_cmd *wep_cmd = (struct iwl_wep_cmd *)buff;
> size_t cmd_size = sizeof(struct iwl_wep_cmd);
> struct iwl_host_cmd cmd = {
> .id = REPLY_WEPKEY,
> .data = wep_cmd,
> .meta.flags = CMD_ASYNC, -----------------------------------------
> this is async
> };
>
> Thanks
> Tomas
> .
>
Thomas Backlund skrev:
> Tomas Winkler skrev:
>> On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
>>> Isn't this the Oops Joonwoo Park wanted to patch with
>>>
>>> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>>>
>>> invalid length of webkey that would/should be handled in mac80211?
>>>
>>> ian
>>
>> Yes, it looks like.
>
> Ummm, what has a wep key to do with me trying to access a WPA2-Personal
> encrypted net ?
>
>> Thomas can you send out your wpa_supplicant config fiele
>>
>
> I could, but since I would have to remove any sensitive info such as the
> psk key, would it be of any use ?
Anyway, here configs are:
wpa_supplicant.conf
(I stripped all the comments from the file)
--- cut ---
ctrl_interface=/var/run/wpa_supplicant
eapol_version=1
ap_scan=1
fast_reauth=1
blob-base64-exampleblob={
SGVsbG8gV29ybGQhCg==
}
network={
psk="*************************"
scan_ssid=1
ssid="dlink"
}
--- cut ---
ifcfg-wlan0
--- cut ---
DEVICE=wlan0
BOOTPROTO=dhcp
ONBOOT=yes
METRIC=35
MII_NOT_SUPPORTED=no
USERCTL=no
RESOLV_MODS=no
WIRELESS_MODE=Managed
WIRELESS_ESSID=dlink
WIRELESS_ENC_KEY='s:*************************'
WIRELESS_WPA_DRIVER=wext
IPV6INIT=no
IPV6TO4INIT=no
DHCP_CLIENT=dhclient
NEEDHOSTNAME=no
PEERDNS=yes
PEERYP=yes
PEERNTPD=no
--- cut ---
>
>> I will provide a patch that disable hw encryption on long wep keys. It
>> get lost in my todo list.
>> Tomas
>>
>
--
Thomas
Tomas Winkler skrev:
> On Sun, Jun 8, 2008 at 3:21 PM, Thomas Backlund <[email protected]> wrote:
>> Tomas Winkler skrev:
>>> I'm not sure what distro are you running I haven't seen this
>>> ifcfg-wlan0 config options
>>> on my system but can it be that ifcg-wlan0 tries to set wep key which
>>> will conflict
>>> with wpa_supplicant setting. Can you try to remove this line from that
>>> file
>>>
>>> ifcfg-wlan0 -
>>> --- cut ---
>>> WIRELESS_ENC_KEY='s:*************************'
>>>
>>>
>>
>> Nice.
>>
>> The distro is Mandriva Cooker (development) but we have the same in Mandriva
>> 2008.1 Spring.
>>
>> Now this has not been any problem with kernels older than 2.6.25, so it's a
>> regression, isn't it? I mean, shouldn't the module protect itself against
>> empty variables?
>>
> This is not really regression. What happen is that we've enabled hw
> crypto acceleration by default so when
> you switched back to sw crypto it still worked.
Yeah, you're right.
I forgot about that.
> There is bug no question, I believe it's the same bug as Ian Schram
> and Joonwoo Park reported (PSK key is longer then 128 WEP Key)
>
Any patch ready for testing ?
>> And that config option also exist in Redhat initscripts ifup-wireless...
>>
>> Anyway, you found the initial problem, as the kernel now booted without an
>> oops, and seems to work, but:
>>
>
> Try to disable this one from th config file MAC80211_DEBUG_PACKET_ALIGNMENT
>
That did it, thanks.
Thomas
On Mon, 2008-06-09 at 19:43 +0300, Tomas Winkler wrote:
> On Mon, Jun 9, 2008 at 6:55 PM, Dan Williams <[email protected]> wrote:
> > On Sun, 2008-06-08 at 18:31 +0300, Tomas Winkler wrote:
> >> On Sun, Jun 8, 2008 at 3:21 PM, Thomas Backlund <[email protected]> wrote:
> >> > Tomas Winkler skrev:
> >> >>
> >> >> I'm not sure what distro are you running I haven't seen this
> >> >> ifcfg-wlan0 config options
> >> >> on my system but can it be that ifcg-wlan0 tries to set wep key which
> >> >> will conflict
> >> >> with wpa_supplicant setting. Can you try to remove this line from that
> >> >> file
> >> >>
> >> >> ifcfg-wlan0 -
> >> >> --- cut ---
> >> >> WIRELESS_ENC_KEY='s:*************************'
> >> >>
> >> >>
> >> >
> >> >
> >> > Nice.
> >> >
> >> > The distro is Mandriva Cooker (development) but we have the same in Mandriva
> >> > 2008.1 Spring.
> >> >
> >> > Now this has not been any problem with kernels older than 2.6.25, so it's a
> >> > regression, isn't it? I mean, shouldn't the module protect itself against
> >> > empty variables?
> >> >
> >> This is not really regression. What happen is that we've enabled hw
> >> crypto acceleration by default so when
> >> you switched back to sw crypto it still worked.
> >> There is bug no question, I believe it's the same bug as Ian Schram
> >> and Joonwoo Park reported (PSK key is longer then 128 WEP Key)
> >
> > I thought that issues was about actual WEP keys larger than 128-bit;
> > some D-Link APs and cards allowed 152-bit WEP keys back before WPA was
> > common. We decided not to care about those right now, but I didn't
> > think that would impact TKIP at all. Does the TKIP key material go
> > through the same path in the iwl driver that WEP key material does?
> >
> > Dan
> The problem was that key in ifcfg-wlan0 was used as a WEP key in this
> particular case. I'm not sure how long it was (only Thomas know) so
> it's just a guess.
> What need to be done that driver should return error if long key is
> assigned and not to crash.
Oh right, definitely. The driver should be length-checking the keys and
returning EINVAL for WEP key sizes that are not 40 or 104 bit WEP keys.
Dan
> Tomas
> >
> >
> >> > And that config option also exist in Redhat initscripts ifup-wireless...
> >> >
> >> > Anyway, you found the initial problem, as the kernel now booted without an
> >> > oops, and seems to work, but:
> >> >
> >>
> >> Try to disable this one from th config file MAC80211_DEBUG_PACKET_ALIGNMENT
> >>
> >> Thanks
> >> Tomas
> >>
> >> 0: switched to short barker preamble (BSSID=00:19:5b:51:dc:27)
> >> > wlan0 (WE) : Wireless Event too big (320)
> >> > ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
> >> > ------------[ cut here ]------------
> >> > WARNING: at net/mac80211/rx.c:319 __ieee80211_rx_handle_packet+0x349/0x794
> >> > [mac80211]()
> >> > Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
> >> > snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
> >> > xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
> >> > cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
> >> > freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
> >> > mmc_block arc4 ecb crypto_blkcipher battery ac video container output
> >> > firewire_ohci firewire_core crc_itu_t sdhci iwl4965 firmware_class mmc_core
> >> > yenta_socket rsrc_nonstatic iwlcore pcmcia_core acer_wmi thermal
> >> > snd_hda_intel rfkill snd_pcsp button nsc_ircc snd_pcm mac80211 led_class
> >> > i2c_i801 irda snd_timer rtc_cmos snd processor rtc_core wmi rtc_lib i2c_core
> >> > soundcore iTCO_wdt iTCO_vendor_support snd_page_alloc tg3 cfg80211 intel_agp
> >> > joydev crc_ccitt sr_mod serio_raw sg evdev cdrom ide_generic piix ide_core
> >> > ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd
> >> > ehci_hcd usbcore [last unloaded: nf_conntrack]
> >> > Pid: 0, comm: swapper Not tainted 2.6.26-0.rc5.1mdvsmp #1
> >> >
> >> > Call Trace:
> >> > <IRQ> [<ffffffff802371ff>] warn_on_slowpath+0x58/0x94
> >> > [<ffffffff8044ad1b>] ? _spin_unlock_irqrestore+0x40/0x57
> >> > [<ffffffff8023c2f1>] ? __tasklet_schedule+0xae/0xc5
> >> > [<ffffffffa01eab1e>] ? :mac80211:ieee80211_rx_irqsafe+0x63/0x6a
> >> > [<ffffffffa0306d32>] ? :iwl4965:iwl4965_handle_data_packet+0x3c3/0x3fd
> >> > [<ffffffffa01eb1ce>] :mac80211:__ieee80211_rx_handle_packet+0x349/0x794
> >> > [<ffffffff8025791c>] ? __lock_acquire+0x635/0xd5a
> >> > [<ffffffffa01eba3c>] ? :mac80211:__ieee80211_rx+0x63/0x538
> >> > [<ffffffffa01ebe9d>] :mac80211:__ieee80211_rx+0x4c4/0x538
> >> > [<ffffffffa01dc348>] :mac80211:ieee80211_tasklet_handler+0x75/0x11b
> >> > [<ffffffff8023c079>] ? tasklet_action+0x4b/0xfb
> >> > [<ffffffff8023c0be>] tasklet_action+0x90/0xfb
> >> > [<ffffffff8023cae6>] __do_softirq+0x77/0x101
> >> > [<ffffffff8020d61c>] call_softirq+0x1c/0x28
> >> > [<ffffffff8020e92d>] do_softirq+0x4d/0xb0
> >> > [<ffffffff8023c5ab>] irq_exit+0x4e/0x8f
> >> > [<ffffffff8020ebc5>] do_IRQ+0xba/0xd8
> >> > [<ffffffff8020c6f2>] ret_from_intr+0x0/0x1e
> >> > <EOI> [<ffffffff8021fe6d>] ? native_irq_enable+0x6/0x7
> >> > [<ffffffffa018d45a>] ? :processor:acpi_idle_enter_bm+0x2cf/0x35e
> >> > [<ffffffff803c338a>] ? menu_select+0x6f/0x8f
> >> > [<ffffffff803c2395>] ? cpuidle_idle_call+0x95/0xc9
> >> > [<ffffffff803c2300>] ? cpuidle_idle_call+0x0/0xc9
> >> > [<ffffffff8020b1cc>] ? default_idle+0x0/0x55
> >> > [<ffffffff8020b184>] ? cpu_idle+0x9c/0xe4
> >> > [<ffffffff80444e86>] ? start_secondary+0x179/0x17d
> >> >
> >> > ---[ end trace a4f2fe9605e20ed0 ]---
> >> >
> >> >
> >> > --
> >> > Thomas
> >> >
> >> --
> >> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> >> the body of a message to [email protected]
> >> More majordomo info at http://vger.kernel.org/majordomo-info.html
> >
> >
On Sun, 2008-06-08 at 18:31 +0300, Tomas Winkler wrote:
> On Sun, Jun 8, 2008 at 3:21 PM, Thomas Backlund <[email protected]> wrote:
> > Tomas Winkler skrev:
> >>
> >> I'm not sure what distro are you running I haven't seen this
> >> ifcfg-wlan0 config options
> >> on my system but can it be that ifcg-wlan0 tries to set wep key which
> >> will conflict
> >> with wpa_supplicant setting. Can you try to remove this line from that
> >> file
> >>
> >> ifcfg-wlan0 -
> >> --- cut ---
> >> WIRELESS_ENC_KEY='s:*************************'
> >>
> >>
> >
> >
> > Nice.
> >
> > The distro is Mandriva Cooker (development) but we have the same in Mandriva
> > 2008.1 Spring.
> >
> > Now this has not been any problem with kernels older than 2.6.25, so it's a
> > regression, isn't it? I mean, shouldn't the module protect itself against
> > empty variables?
> >
> This is not really regression. What happen is that we've enabled hw
> crypto acceleration by default so when
> you switched back to sw crypto it still worked.
> There is bug no question, I believe it's the same bug as Ian Schram
> and Joonwoo Park reported (PSK key is longer then 128 WEP Key)
I thought that issues was about actual WEP keys larger than 128-bit;
some D-Link APs and cards allowed 152-bit WEP keys back before WPA was
common. We decided not to care about those right now, but I didn't
think that would impact TKIP at all. Does the TKIP key material go
through the same path in the iwl driver that WEP key material does?
Dan
> > And that config option also exist in Redhat initscripts ifup-wireless...
> >
> > Anyway, you found the initial problem, as the kernel now booted without an
> > oops, and seems to work, but:
> >
>
> Try to disable this one from th config file MAC80211_DEBUG_PACKET_ALIGNMENT
>
> Thanks
> Tomas
>
> 0: switched to short barker preamble (BSSID=00:19:5b:51:dc:27)
> > wlan0 (WE) : Wireless Event too big (320)
> > ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
> > ------------[ cut here ]------------
> > WARNING: at net/mac80211/rx.c:319 __ieee80211_rx_handle_packet+0x349/0x794
> > [mac80211]()
> > Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
> > snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
> > xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
> > cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
> > freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
> > mmc_block arc4 ecb crypto_blkcipher battery ac video container output
> > firewire_ohci firewire_core crc_itu_t sdhci iwl4965 firmware_class mmc_core
> > yenta_socket rsrc_nonstatic iwlcore pcmcia_core acer_wmi thermal
> > snd_hda_intel rfkill snd_pcsp button nsc_ircc snd_pcm mac80211 led_class
> > i2c_i801 irda snd_timer rtc_cmos snd processor rtc_core wmi rtc_lib i2c_core
> > soundcore iTCO_wdt iTCO_vendor_support snd_page_alloc tg3 cfg80211 intel_agp
> > joydev crc_ccitt sr_mod serio_raw sg evdev cdrom ide_generic piix ide_core
> > ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd
> > ehci_hcd usbcore [last unloaded: nf_conntrack]
> > Pid: 0, comm: swapper Not tainted 2.6.26-0.rc5.1mdvsmp #1
> >
> > Call Trace:
> > <IRQ> [<ffffffff802371ff>] warn_on_slowpath+0x58/0x94
> > [<ffffffff8044ad1b>] ? _spin_unlock_irqrestore+0x40/0x57
> > [<ffffffff8023c2f1>] ? __tasklet_schedule+0xae/0xc5
> > [<ffffffffa01eab1e>] ? :mac80211:ieee80211_rx_irqsafe+0x63/0x6a
> > [<ffffffffa0306d32>] ? :iwl4965:iwl4965_handle_data_packet+0x3c3/0x3fd
> > [<ffffffffa01eb1ce>] :mac80211:__ieee80211_rx_handle_packet+0x349/0x794
> > [<ffffffff8025791c>] ? __lock_acquire+0x635/0xd5a
> > [<ffffffffa01eba3c>] ? :mac80211:__ieee80211_rx+0x63/0x538
> > [<ffffffffa01ebe9d>] :mac80211:__ieee80211_rx+0x4c4/0x538
> > [<ffffffffa01dc348>] :mac80211:ieee80211_tasklet_handler+0x75/0x11b
> > [<ffffffff8023c079>] ? tasklet_action+0x4b/0xfb
> > [<ffffffff8023c0be>] tasklet_action+0x90/0xfb
> > [<ffffffff8023cae6>] __do_softirq+0x77/0x101
> > [<ffffffff8020d61c>] call_softirq+0x1c/0x28
> > [<ffffffff8020e92d>] do_softirq+0x4d/0xb0
> > [<ffffffff8023c5ab>] irq_exit+0x4e/0x8f
> > [<ffffffff8020ebc5>] do_IRQ+0xba/0xd8
> > [<ffffffff8020c6f2>] ret_from_intr+0x0/0x1e
> > <EOI> [<ffffffff8021fe6d>] ? native_irq_enable+0x6/0x7
> > [<ffffffffa018d45a>] ? :processor:acpi_idle_enter_bm+0x2cf/0x35e
> > [<ffffffff803c338a>] ? menu_select+0x6f/0x8f
> > [<ffffffff803c2395>] ? cpuidle_idle_call+0x95/0xc9
> > [<ffffffff803c2300>] ? cpuidle_idle_call+0x0/0xc9
> > [<ffffffff8020b1cc>] ? default_idle+0x0/0x55
> > [<ffffffff8020b184>] ? cpu_idle+0x9c/0xe4
> > [<ffffffff80444e86>] ? start_secondary+0x179/0x17d
> >
> > ---[ end trace a4f2fe9605e20ed0 ]---
> >
> >
> > --
> > Thomas
> >
> --
> To unsubscribe from this list: send the line "unsubscribe linux-wireless" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, Jun 6, 2008 at 3:44 AM, Ian Schram <[email protected]> wrote:
> Isn't this the Oops Joonwoo Park wanted to patch with
>
> "[PATCH] iwlwifi: fix oops on wep key insertion" 27/5/2008
>
> invalid length of webkey that would/should be handled in mac80211?
>
> ian
Yes, it looks like.
Thomas can you send out your wpa_supplicant config fiele
I will provide a patch that disable hw encryption on long wep keys. It
get lost in my todo list.
Tomas
>
> Thomas Backlund wrote:
>>
>> Thomas Backlund skrev:
>>>
>>> Thomas Backlund skrev:
>>>>
>>>> Tomas Winkler skrev:
>>>>>>
>>>>> Can you please verify with latest wireless-testing. git
>>>>> Thanks
>>>>> Tomas
>>>>
>>>> Yep. will do...
>>>>
>>>> I'll report back as soon as I have tried..
>>>>
>>>
>>> No go...
>>>
>>>> Jun 5 22:53:42 5720g kernel: firmware: requesting iwlwifi-4965-1.ucode
>>>>
>>>> Jun 5 22:53:42 5720g kernel: Registered led device: iwl-phy0:radio
>>>>
>>>> Jun 5 22:53:42 5720g kernel: Registered led device:
>>>> iwl-phy0:assoc
>>>> Jun 5 22:53:42 5720g kernel: Registered led
>>>> device: iwl-phy0:RX
>>>> Jun 5 22:53:42 5720g kernel: Registered
>>>> led device: iwl-phy0:TX
>>>> Jun 5 22:53:42 5720g kernel:
>>>> ADDRCONF(NETDEV_UP): wlan0: link is not ready
>>>> Jun 5 22:53:43 5720g
>>>> kernel: BUG: unable to handle kernel NULL pointer dereference at
>>>> 0000000000000000 Jun 5
>>>> 22:53:43 5720g kernel: IP: [<ffffffffa02a6dfc>]
>>>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>>> Jun 5 22:53:43 5720g kernel: PGD 0
>>>>
>>>> Jun 5 22:53:43 5720g kernel: Oops: 0000 [1]
>>>> SMP
>>>> Jun 5 22:53:43 5720g kernel: CPU 1
>>>>
>>>> Jun 5 22:53:43 5720g kernel:
>>>> Modules linked in: af_packet kvm_intel kvm snd_seq_dummy snd_seq_oss
>>>> snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss ipv6
>>>> xt_tcpudp iptable_filter ip_tables x_tables binfmt_misc loop dm_mod
>>>> cpufreq_ondemand cpufreq_conservative cpufreq_powersave acpi_cpufreq
>>>> freq_table tifm_sd tifm_7xx1 tifm_core nvram pcmcia ohci1394 ieee1394
>>>> mmc_block arc4 ecb sr_mod cdrom crypto_blkcipher sg battery video ac
>>>> yenta_socket output container firewire_ohci rsrc_nonstatic pcmcia_core sdhci
>>>> firewire_core iwl4965 iwlcore mmc_core crc_itu_t i2c_i801 snd_hda_intel
>>>> rfkill snd_pcsp intel_agp iTCO_wdt nsc_ircc thermal acer_wmi processor tg3
>>>> iTCO_vendor_support snd_pcm joydev i2c_core snd_timer rtc_cmos button
>>>> firmware_class rtc_core mac80211 led_class evdev serio_raw snd irda
>>>> soundcore wmi rtc_lib crc_ccitt snd_page_alloc cfg80211 ide_generic piix
>>>> ide_core ata_piix ahci libata dock sd_mod scsi_mod ext3 jbd uhci_hcd
>>>> ohci_hcd ehci_hcd usbcore [last unlo
>>>
>>> aded: nf_conntrack]
>>>
>>>>
>>>> Jun 5 22:53:43 5720g kernel: Pid: 10, comm: events/1 Not tainted
>>>> 2.6.26-rc4-wl #1
>>>> Jun 5 22:53:43 5720g kernel: RIP: 0010:[<ffffffffa02a6dfc>]
>>>> [<ffffffffa02a6dfc>] :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>>> Jun 5 22:53:43 5720g kernel: RSP: 0018:ffff81013fb15b90
>>>> EFLAGS: 00010086
>>>> Jun 5 22:53:43 5720g kernel: RAX: 0000000000000000
>>>> RBX: 0000000000000000 RCX: 0000000000000064
>>>> Jun 5 22:53:43 5720g kernel: RDX:
>>>> 0000000000000024 RSI: 0000000000000000 RDI: ffff810139a4c578
>>>> Jun 5 22:53:43 5720g kernel:
>>>> RBP: ffff81013fb15be0 R08: ffff810139b31200 R09: 0000000000000560
>>>> Jun 5 22:53:43 5720g
>>>> kernel: R10: ffff81013fb15a60 R11: ffff81013fb10a78 R12: ffff810139a4c560
>>>> Jun 5 22:53:43
>>>> 5720g kernel: R13: ffff81013bd51ba0 R14: ffff81013fb15d00 R15:
>>>> 0000000000000004
>>>> Jun 5 22:53:43 5720g kernel: FS: 0000000000000000(0000)
>>>> GS:ffff81013fab8ac0(0000) knlGS:0000000000000000
>>>> Jun 5 22:53:43 5720g kernel: CS: 0010 DS: 0018 ES:
>>>> 0018 CR0: 000000008005003b
>>>> Jun 5 22:53:43 5720g kernel: CR2:
>>>> 0000000000000000 CR3: 0000000000201000 CR4: 00000000000026e0
>>>> Jun 5 22:53:43 5720g kernel:
>>>> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>>>> Jun 5 22:53:43 5720g
>>>> kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
>>>> Jun 5 22:53:43
>>>> 5720g kernel: Process events/1 (pid: 10, threadinfo ffff81013fb14000, task
>>>> ffff81013fb102c0) Jun 5
>>>> 22:53:43 5720g kernel: Stack: ffffffff806f8338 ffffffff8075bca0
>>>> ffff81013bd52610 006881013fb10a10
>>>> Jun 5 22:53:43 5720g kernel: 0000000000000006 ffff81013dc86500
>>>> ffff81013fb15d00 ffff81013bd51ba0
>>>> Jun 5 22:53:43 5720g kernel: 0000000000000246
>>>> 0000000000000000 ffff81013fb15c60 ffffffffa02a5431
>>>> Jun 5 22:53:43 5720g kernel: Call Trace:
>>>>
>>>> Jun 5 22:53:43 5720g kernel:
>>>> [<ffffffffa02a5431>] :iwlcore:iwl_send_cmd_sync+0x8b/0x24e
>>>> Jun 5 22:53:43 5720g
>>>> kernel: [<ffffffff80257f1d>] ? __lock_acquire+0xbee/0xd5a
>>>> Jun 5 22:53:43
>>>> 5720g kernel: [<ffffffffa02a5645>] :iwlcore:iwl_send_cmd+0x16/0x19
>>>> Jun 5
>>>> 22:53:43 5720g kernel: [<ffffffffa02a84b3>]
>>>> :iwlcore:iwl_send_static_wepkey_cmd+0xcb/0xd5
>>>> Jun 5 22:53:43 5720g kernel:
>>>> [<ffffffffa02a855f>] :iwlcore:iwl_set_default_wep_key+0xa2/0xbc
>>>> Jun 5 22:53:43 5720g
>>>> kernel: [<ffffffffa02b98ae>] :iwl4965:iwl4965_mac_set_key+0xed/0x136
>>>> Jun 5 22:53:43
>>>> 5720g kernel: [<ffffffffa01762da>]
>>>> :mac80211:__ieee80211_key_todo+0x109/0x203
>>>> Jun 5 22:53:43 5720g kernel:
>>>> [<ffffffffa017647a>] :mac80211:ieee80211_key_todo+0x17/0x25
>>>> Jun 5 22:53:43 5720g
>>>> kernel: [<ffffffffa0176491>] :mac80211:key_todo+0x9/0xb
>>>> Jun 5 22:53:43
>>>> 5720g kernel: [<ffffffff8024717c>] run_workqueue+0xfc/0x203
>>>> Jun 5
>>>> 22:53:43 5720g kernel: [<ffffffffa0176488>] ? :mac80211:key_todo+0x0/0xb
>>>>
>>>> Jun 5 22:53:43 5720g kernel: [<ffffffff80247363>] worker_thread+0xe0/0xf1
>>>>
>>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024ad24>] ?
>>>> autoremove_wake_function+0x0/0x38
>>>> Jun 5 22:53:43 5720g kernel:
>>>> [<ffffffff80247283>] ? worker_thread+0x0/0xf1
>>>> Jun 5 22:53:43 5720g
>>>> kernel: [<ffffffff8024a9f3>] kthread+0x49/0x76
>>>> Jun 5 22:53:43
>>>> 5720g kernel: [<ffffffff8020d238>] child_rip+0xa/0x12
>>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020c7cc>] ?
>>>> restore_args+0x0/0x30
>>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8024a9aa>] ? kthread+0x0/0x76
>>>> Jun 5 22:53:43 5720g kernel: [<ffffffff8020d22e>] ? child_rip+0x0/0x12
>>>> Jun 5 22:53:43 5720g kernel:
>>>> Jun 5 22:53:43 5720g kernel:
>>>> Jun 5 22:53:43 5720g kernel: Code: 69 c8 58 01 00 00 41 8a 06 4d 89 cc
>>>> 4d 03 a5 10 45 00 00 41 88 44 24 14 4c 89 e7 f3 a5 49 8d 7c 24 18 41 0f b7
>>>> 4e 02 49 8b 76 18 <f3> a4 41 c6 44 24 15 00 41 0f b6 95 e4 44 00 00 89 d0 80
>>>> cc 04
>>>> Jun 5 22:53:43 5720g kernel: RIP [<ffffffffa02a6dfc>]
>>>> :iwlcore:iwl_enqueue_hcmd+0x142/0x227
>>>> Jun 5 22:53:43 5720g kernel: RSP <ffff81013fb15b90>
>>>> Jun 5 22:53:43 5720g kernel: CR2: 0000000000000000
>>>> Jun 5 22:53:43 5720g kernel: ---[ end trace 58a672208ff93cb1 ]---
>>>
>>>
>>> And for reference I also tried 2.6.25.4 wich works as it should
>>>
>>
>> And I have now tested 2.6.26-rc1 wich also has the oops, so I guess it's
>> bisect time...
>>
>>> --
>>> Thomas
>>>
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-wireless"
>> in
>> the body of a message to [email protected]
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>>
>