DragonFly BSD
DragonFly bugs List (threaded) for 2010-06
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

Re: wlan_crypt_tkip panic

From: Joe Talbott <josepht@xxxxxxxxxx>
Date: Sun, 20 Jun 2010 12:28:32 -0400

On Sun, Jun 20, 2010 at 12:20:41PM -0400, Joe Talbott wrote:
> Hey guys,
> It seems I've either munged the iwn driver I'm working on or I'm
> genuinely hitting an edge case in the TKIP code.  I got the following
> panic.  I'm attaching a tarball of the source directory and can
> include patches from the unaltered FreeBSD source if needed.
> My main concerns regarding the wifi driver porting in general is my
> weak understanding of the mbuf handling code and the bus_dma* code.
> Any ideas are appreciated.
> Unread portion of the kernel message buffer:
> panic: not enough data, data_len 3 space 2

Here's the kgdb backtrace:

(kgdb) bt
#0  _get_mycpu (di=0xc06d6a00) at ./machine/thread.h:83
#1  md_dumpsys (di=0xc06d6a00) at
#2  0xc0319e29 in dumpsys () at
#3  0xc031a3a4 in boot (howto=260) at
#4  0xc031a4ca in panic (fmt=0xc0609324 "not enough data, data_len %zu
space %u\n") at
#5  0xc03a0369 in michael_mic (ctx=<value optimized out>, key=<value
optimized out>, m=0xdb20f500, off=26, data_len=3, mic=0xd801ca2c
#6  0xc03a12ba in tkip_enmic (k=0xd7d6b784, m=0xdb210000, force=0) at
#7  0xc03bb921 in ieee80211_crypto_enmic (vap=0xd7dbb9c0,
ni=0xd7d6b6b8, m=0xdb20bd00) at
#8  ieee80211_encap (vap=0xd7dbb9c0, ni=0xd7d6b6b8, m=0xdb20bd00) at
#9  0xc03be63d in ieee80211_start (ifp=0xc48d8198) at
#10 0xc038b149 in ifq_dispatch (ifp=0xc48d8198, m=0xdb20bd00,
pa=0xd801cb38) at /home/josepht/src/dragonfly/sys/net/if.c:2273
#11 0xc038c4ba in ether_output_frame (ifp=0xc48d8198, m=0xdb20bd00) at
#12 0xc038c767 in ether_output (ifp=0xc48d8198, m=0xdb20bd00,
dst=0xc4549570, rt=0xc46ef940) at
#13 0xc03bbf2a in ieee80211_output (ifp=0xc48d8198, m=0xdb20bd00,
dst=0xc4549570, rt=0xc46ef940) at
#14 0xc03d5e4f in ip_output (m0=0xdb20bd00, opt=0x0, ro=0xd7c20104,
flags=<value optimized out>, imo=0x0, inp=0xd7c200c8) at
#15 0xc03dd53f in tcp_output (tp=0xd7c20188) at
#16 0xc03e45c1 in tcp_usr_send (so=0xd7b616e0, flags=<value optimized
out>, m=0xc47b8700, nam=0x0, control=0x0, td=0xdb3f2c90) at
#17 0xc034fa19 in netmsg_pru_send (msg=0xdb41eb68) at
#18 0xc039598d in netmsg_service (msg=0x0, mpsafe_mode=1, mplocked=0)
at /home/josepht/src/dragonfly/sys/net/netisr.c:310
#19 0xc03def13 in tcpmsg_service_loop (dummy=0x0) at
#20 0xc0322537 in lwkt_deschedule_self (td=Cannot access memory at
address 0x8
) at /home/josepht/src/dragonfly/sys/kern/lwkt_thread.c:250
Backtrace stopped: previous frame inner to this frame (corrupt stack?)

[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]