Hello,

I'm using zd1211rw from wireless-dev branch of Daniel Drake's git tree, with 
WPA encryption.

zd1211rw 1-1:1.0: firmware version 4725
zd1211rw 1-1:1.0: zd1211b chip 079b:0062 v4810 full 00-60-b3 AL2230_RF pa0 g---

It used to work fine: it works reliably with 2.6.20-rc1-mm1 or 2.6.20-rc2-dirty 
(2.6.20-rc2 + "ieee80211softmac: Fix mutex_lock at exit of 
ieee80211_softmac_get_genie" from Ulrich Kunitz + "ieee80211softmac: Fix 
errors related to the work_struct changes" from Ulrich Kunitz)

But now, it oops with 2.6.20-rc2-mm1 (see BUG output below). The BUG at 
crypto/blkcipher.c:317 does not happen every time, but it always oops at 
arc4_crypt 
(seems to be line 67 "*out++ = *in ^ S[(a + b) & 0xff];", I guess "out" is 
invalid).

Any idea why this happens ?

I'm planning to start a bisection over the -mm series to find the offending 
patch. 


2.6.20-rc2-mm1
~~~~~~~~~~~~~~

BUG: at crypto/blkcipher.c:317 blkcipher_walk_first()
 [<c0104ddf>] show_trace_log_lvl+0x1a/0x2f
 [<c01054ab>] show_trace+0x12/0x14
 [<c010555d>] dump_stack+0x16/0x18
 [<e12a86b1>] blkcipher_walk_first+0x62/0x1a5 [blkcipher]
 [<e12a880e>] blkcipher_walk_virt+0xc/0xe [blkcipher]
 [<e124d03e>] crypto_ecb_crypt+0x23/0x75 [ecb]
 [<e124d0be>] crypto_ecb_decrypt+0x2e/0x34 [ecb]
 [<e12bdf1d>] ieee80211_tkip_decrypt+0x34c/0x526 [ieee80211_crypt_tkip]
 [<e12b075d>] ieee80211_rx+0x446/0xaac [ieee80211]
 [<e12c597f>] zd_mac_rx+0x344/0x390 [zd1211rw]
 [<e12c7c6a>] handle_rx_packet+0x6a/0x72 [zd1211rw]
 [<e12c8789>] rx_urb_complete+0x13f/0x156 [zd1211rw]
 [<e0bafc5d>] usb_hcd_giveback_urb+0x15/0x44 [usbcore]
 [<e087a741>] uhci_giveback_urb+0x115/0x13c [uhci_hcd]
 [<e087ad7b>] uhci_scan_schedule+0x509/0x77a [uhci_hcd]
 [<e087c896>] uhci_irq+0x128/0x13e [uhci_hcd]
 [<e0bb04e5>] usb_hcd_irq+0x24/0x51 [usbcore]
 [<c0138a11>] handle_IRQ_event+0x21/0x48
 [<c0139ce3>] handle_level_irq+0x8f/0xdc
 [<c010652c>] do_IRQ+0x85/0xa1
 [<c01048ab>] common_interrupt+0x23/0x28
 [<c01023a6>] cpu_idle+0x47/0x75
 [<c010112d>] rest_init+0x37/0x3a
 [<c0350af9>] start_kernel+0x308/0x30a
 [<00000000>] run_init_process+0x3feff000/0x19
 =======================
BUG: unable to handle kernel paging request at virtual address e12ac000
 printing eip:
e12ab048
*pde = 1d17b067
*pte = 00000000
Oops: 0000 [#1]
PREEMPT 
last sysfs file: /devices/pci0000:00/0000:00:04.4/i2c-0/0-002d/beep_mask
Modules linked in: michael_mic ieee80211_crypt_tkip aes ieee80211_crypt_ccmp 
arc4 ecb blkcipher ieee80211_crypt_wep ipv6 zd1211rw firmware_class 
ieee80211softmac ieee80211 ieee80211_crypt snd_seq_oss snd_seq_midi_event 
snd_seq snd_pcm_oss snd_mixer_oss af_packet snd_ens1371 gameport snd_rawmidi 
snd_seq_device snd_ac97_codec ac97_bus via686a snd_pcm snd_timer snd_page_alloc 
w83781d hwmon_vid snd soundcore i2c_isa i2c_viapro binfmt_misc loop 
nls_iso8859_15 nls_cp850 vfat fat reiser4 reiserfs via_agp agpgart lp 
parport_pc parport 8250 serial_core pcspkr rtc dm_mirror dm_mod sd_mod pata_via 
libata scsi_mod
CPU:    0
EIP:    0060:[<e12ab048>]    Not tainted VLI
EFLAGS: 00010097   (2.6.20-rc2-mm1 #61)
EIP is at arc4_crypt+0x48/0x6d [arc4]
eax: db3e9272   ebx: 00000090   ecx: e12ac000   edx: db3e936e
esi: db3e9396   edi: db3e9351   ebp: c034fc18   esp: c034fbfc
ds: 007b   es: 007b   fs: 00d8  gs: 0000  ss: 0068
Process swapper (pid: 0, ti=c034e000 task=c0326400 task.ti=c034e000)
Stack: c035079c 7a34fd04 db3e931c 6e353a88 db3e87b3 c035079c e12ac000 c034fc40 
       e124d060 db3e92e8 c034fc4c c034fd04 00000001 ffffffff db3e92e8 dc303a88 
       c034fcf4 c034fc88 e124d0be e12ab000 db3e92e8 e12ab4cc dc303a88 c034fc68 
Call Trace:
 [<c0104ddf>] show_trace_log_lvl+0x1a/0x2f
 [<c0104e8f>] show_stack_log_lvl+0x9b/0xa3
 [<c010506f>] show_registers+0x1d8/0x319
 [<c01052bc>] die+0x10c/0x221
 [<c0114787>] do_page_fault+0x435/0x506
 [<c02ac664>] error_code+0x74/0x7c
 [<e124d060>] crypto_ecb_crypt+0x45/0x75 [ecb]
 [<e124d0be>] crypto_ecb_decrypt+0x2e/0x34 [ecb]
 [<b54e2a8f>] 0xb54e2a8f
 =======================
Code: f2 8b 5d ec 01 d7 8a 17 88 55 f3 02 93 01 01 00 00 0f b6 f2 88 55 eb 01 
de 8a 1e 88 8a 
EIP: [<e12ab048>] arc4_crypt+0x48/0x6d [arc4] SS:ESP 0068:c034fbfc

2.6.20-rc2-mm1
~~~~~~~~~~~~~~

BUG: unable to handle kernel paging request at virtual address e14ab000
printing eip:
*pde = 1efac067
*pte = 00000000
Oops: 0000 [#1]
PREEMPT 
last sysfs file: /devices/pci0000:00/0000:00:04.4/i2c-0/0-002d/beep_mask
Modules linked in: michael_mic ieee80211_crypt_tkip aes ieee80211_crypt_ccmp 
arc4 ecb blkcipher ieee80211_crypt_wep ipv6 zd1211rw firmware_class 
ieee80211softmac ieee80211 ieee80211_crypt snd_seq_oss snd_seq_midi_event 
snd_seq snd_pcm_oss snd_mixer_oss af_packet snd_ens1371 via686a gameport 
snd_rawmidi snd_seq_device snd_ac97_codec ac97_bus snd_pcm snd_timer w83781d 
hwmon_vid snd_page_alloc i2c_isa snd soundcore i2c_viapro binfmt_misc loop 
nls_iso8859_15 nls_cp850 vfat fat reiser4 reiserfs via_agp agpgart lp 
parport_pc parport 8250 serial_core pcspkr rtc fw_ohci fw_core ohci1394 
ieee1394 uhci_hcd usbcore sr_mod cdrom dm_mirror dm_mod sd_mod pata_via libata 
scsi_mod
CPU:    0
EIP:    0060:[<e14aa048>]    Not tainted VLI
EFLAGS: 00010097   (2.6.20-rc2-mm1 #60)
EIP is at arc4_crypt+0x48/0x6d [arc4]
eax: dc57db67   ebx: 000000a5   ecx: e14ab000   edx: dc57db67
esi: dc57dc11   edi: dc57dba1   ebp: c034fc18   esp: c034fbfc
ds: 007b   es: 007b   fs: 00d8  gs: 0000  ss: 0068
Process swapper (pid: 0, ti=c034e000 task=c0326400 task.ti=c034e000)
Stack: c035079c a534fd04 dc57db6c 67350dcc dc57d003 c035079c e14ab000 c034fc40 
      e1412060 dc57db38 c034fc4c c034fd04 00000001 ffffffff dc57db38 df9b0dcc 
      c034fcf4 c034fc88 e14120be e14aa000 dc57db38 e14aa4cc df9b0dcc c034fc68 
Call Trace:
[<c0104ddf>] show_trace_log_lvl+0x1a/0x2f
[<c0104e8f>] show_stack_log_lvl+0x9b/0xa3
[<c010506f>] show_registers+0x1d8/0x319
[<c01052bc>] die+0x10c/0x221
[<c0114787>] do_page_fault+0x435/0x506
[<c02ac604>] error_code+0x74/0x7c
[<e1412060>] crypto_ecb_crypt+0x45/0x75 [ecb]
[<e14120be>] crypto_ecb_decrypt+0x2e/0x34 [ecb]
[<a8a61ea0>] 0xa8a61ea0
=======================
Code: f2 8b 5d ec 01 d7 8a 17 88 55 f3 02 93 01 01 00 00 0f b6 f2 88 55 eb 01 
de 8a 1e 88 1f 8a 55 f3 01 d3 88 16 0f b6 db 8a 44 18 34 <32> 01 8b 5d e4 88 03 
8a 45 f2 8b 75 ec 40 88 86 00 01 00 00 8a 
EIP: [<e14aa048>] arc4_crypt+0x48/0x6d [arc4] SS:ESP 0068:c034fbfc
<0>Kernel panic - not syncing: Fatal exception in interrupt


-- 
laurent



-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Zd1211-devs mailing list - http://zd1211.ath.cx/
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/zd1211-devs

Reply via email to