Date: Sun, 16 Nov 2008 17:12:40 GMT From: Jason Brand <kitambi@epicsol.org> To: freebsd-gnats-submit@FreeBSD.org Subject: i386/128917: if_wpi and wpa+tkip causing kernel panic Message-ID: <200811161712.mAGHCebw005916@www.freebsd.org> Resent-Message-ID: <200811161720.mAGHK1dC043186@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 128917
>Category: i386
>Synopsis: if_wpi and wpa+tkip causing kernel panic
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-i386
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Nov 16 17:20:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Jason Brand
>Release: FreeBSD 7.1-PRERELEASE i386
>Organization:
>Environment:
System: FreeBSD paladin 7.1-PRERELEASE FreeBSD 7.1-PRERELEASE #1: Fri Nov 14 10:
10:16 EST 2008 root@paladin:/usr/obj/usr/src/sys/PALADIN i386
>Description:
When using WPA+TKIP with if_wpi, the card will become dissociated from the AP. The LED on the laptop will not be turned off, as it usually will when the link is terminated, and wpa_supplicant does not seem to realize that the link was dropped. Wpa_supplicant "reassociate" command causes the following:
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xffff
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc0a12dfc
stack pointer = 0x28:0xe6db9be0
frame pointer = 0x28:0xe6db9c9c
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 35 (wpi0 taskq)
trap number = 12
panic: page fault
cpuid = 0
Uptime: 13m38s
Physical memory: 3054 MB
Dumping 170 MB: 155 139 123 107 91 75 59 43 27 11
(kgdb) bt
#0 doadump () at pcpu.h:196
#1 0xc058b157 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418
#2 0xc058b462 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:574
#3 0xc07e1fe3 in trap_fatal (frame=0xe6db9ba0, eva=65535)
at /usr/src/sys/i386/i386/trap.c:939
#4 0xc07e2240 in trap_pfault (frame=0xe6db9ba0, usermode=0, eva=65535)
at /usr/src/sys/i386/i386/trap.c:852
#5 0xc07e2c12 in trap (frame=0xe6db9ba0) at /usr/src/sys/i386/i386/trap.c:530
#6 0xc07c93fb in calltrap () at /usr/src/sys/i386/i386/exception.s:159
#7 0xc0a12dfc in wpi_ops (arg0=0xc68fd000, pending=1)
at /usr/src/sys/modules/wpi/../../dev/wpi/if_wpi.c:2411
#8 0xc05be5a5 in taskqueue_run (queue=0xc68f5a00)
at /usr/src/sys/kern/subr_taskqueue.c:282
#9 0xc05be7ab in taskqueue_thread_loop (arg=0xc68fe9b4)
at /usr/src/sys/kern/subr_taskqueue.c:401
#10 0xc05677a9 in fork_exit (callout=0xc05be6f0 <taskqueue_thread_loop>,
arg=0xc68fe9b4, frame=0xe6db9d38) at /usr/src/sys/kern/kern_fork.c:804
#11 0xc07c9470 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:264
>How-To-Repeat:
Connect to a WPA+TKIP network. The PR originator only has access to one network using this, therefore is unable to verify the reproducibility on other networks.
>Fix:
Workaround:
Do not use wpa_supplicant's "reassociate" command to re-establish the link. Instead, run /etc/rc.d/netif restart.
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200811161712.mAGHCebw005916>