Hi, I've been trying to use bleeding edge wireless-testing on a stable 2.6.33 with a ath9k card. The kernel is x86 (AMD Geode LX) and all wireless modules are build as .ko-files as far as possible. Hostapd also starts fine and offers connectivity, though some simple commands such is iwconfig a causing OOPSses and some more sophisticated things like wireless vlan separation just does not work (packages show up in the wrong vlan). Debugging the OOPs with kgdb turned out that the struct wiphy has been changed in cfg80211.h since 2.6.33 has been released. The newly build cfg80211 correctly uses the new definition, though some core functionality of the kernel still uses the old wiphy struct and therefore fails to dereference the wext pointer in the wiphy struct. Please find extracts of .config and kgdb output attached, more information can be provided upon request. I'm currently stuck on how to build a 2.6.33 kernel compatible to wireless-testing drivers. If possible, I'd like to avoid replacing the entire kernel with an unstable build. Thanks a lot in advance, Michael -- ... >> .config >> CONFIG_WIRELESS=y CONFIG_WIRELESS_EXT=y CONFIG_WEXT_CORE=y CONFIG_WEXT_PROC=y CONFIG_WEXT_SPY=y CONFIG_WEXT_PRIV=y CONFIG_CFG80211=m CONFIG_NL80211_TESTMODE=y # CONFIG_CFG80211_DEVELOPER_WARNINGS is not set CONFIG_CFG80211_REG_DEBUG=y CONFIG_CFG80211_DEFAULT_PS=y CONFIG_CFG80211_DEBUGFS=y # CONFIG_WIRELESS_OLD_REGULATORY is not set CONFIG_CFG80211_WEXT=y CONFIG_WIRELESS_EXT_SYSFS=y CONFIG_LIB80211=m CONFIG_LIB80211_CRYPT_WEP=m CONFIG_LIB80211_CRYPT_CCMP=m CONFIG_LIB80211_CRYPT_TKIP=m # CONFIG_LIB80211_DEBUG is not set CONFIG_MAC80211=m CONFIG_MAC80211_RC_PID=y CONFIG_MAC80211_RC_MINSTREL=y # CONFIG_MAC80211_RC_DEFAULT_PID is not set CONFIG_MAC80211_RC_DEFAULT_MINSTREL=y CONFIG_MAC80211_RC_DEFAULT="minstrel" CONFIG_MAC80211_MESH=y CONFIG_MAC80211_LEDS=y # CONFIG_MAC80211_DEBUGFS is not set # CONFIG_MAC80211_DEBUG_MENU is not set # CONFIG_WIMAX is not set CONFIG_RFKILL=m CONFIG_RFKILL_LEDS=y # CONFIG_RFKILL_INPUT is not set # CONFIG_NET_9P is not set ... CONFIG_WLAN=y # CONFIG_PCMCIA_RAYCS is not set # CONFIG_LIBERTAS_THINFIRM is not set # CONFIG_AIRO is not set # CONFIG_ATMEL is not set # CONFIG_AT76C50X_USB is not set # CONFIG_AIRO_CS is not set # CONFIG_PCMCIA_WL3501 is not set # CONFIG_PRISM54 is not set # CONFIG_USB_ZD1201 is not set # CONFIG_USB_NET_RNDIS_WLAN is not set # CONFIG_RTL8180 is not set # CONFIG_RTL8187 is not set # CONFIG_ADM8211 is not set # CONFIG_MAC80211_HWSIM is not set # CONFIG_MWL8K is not set CONFIG_ATH_COMMON=m CONFIG_ATH_DEBUG=y CONFIG_ATH5K=m CONFIG_ATH5K_DEBUG=y CONFIG_ATH9K_HW=m CONFIG_ATH9K_COMMON=m CONFIG_ATH9K=m CONFIG_ATH9K_DEBUGFS=y CONFIG_AR9170_USB=m CONFIG_AR9170_LEDS=y # CONFIG_B43 is not set # CONFIG_B43LEGACY is not set CONFIG_HOSTAP=m CONFIG_HOSTAP_FIRMWARE=y CONFIG_HOSTAP_FIRMWARE_NVRAM=y # CONFIG_HOSTAP_PLX is not set # CONFIG_HOSTAP_PCI is not set # CONFIG_HOSTAP_CS is not set # CONFIG_IPW2100 is not set # CONFIG_IPW2200 is not set # CONFIG_IWLWIFI is not set # CONFIG_LIBERTAS is not set # CONFIG_HERMES is not set # CONFIG_P54_COMMON is not set # CONFIG_RT2X00 is not set # CONFIG_WL12XX is not set # CONFIG_ZD1211RW is not set ... >> kgdb >> [ 192.125780] BUG: unable to handle kernel NULL pointer dereference at 00000005 [ 192.126320] IP: [<c03d81bb>] wext_handle_ioctl+0xfb/0x1e7 [ 192.126320] *pde = 00000000 [ 192.126320] Oops: 0000 [#1] PREEMPT [ 192.126320] last sysfs file: /sys/class/net/lo/operstate [ 192.126320] KGDB: Waiting for remote debugger Remote debugging using /dev/ttyS0 get_handler (net=<value optimized out>, ifr=0xcfa77eb8, cmd=35585, arg=0xbfc59490) at net/wireless/wext-core.c:666 666 if (index < handlers->num_standard) (gdb) bt full #0 get_handler (net=<value optimized out>, ifr=0xcfa77eb8, cmd=35585, arg=0xbfc59490) at net/wireless/wext-core.c:666 index = 1 handlers = 0x1 #1 wireless_process_ioctl (net=<value optimized out>, ifr=0xcfa77eb8, cmd=35585, arg=0xbfc59490) at net/wireless/wext-core.c:896 iwr = 0xcfa77eb8 dev = 0xcfd01820 handler = <value optimized out> #2 wext_ioctl_dispatch (net=<value optimized out>, ifr=0xcfa77eb8, cmd=35585, arg=0xbfc59490) at net/wireless/wext-core.c:936 No locals. #3 wext_handle_ioctl (net=<value optimized out>, ifr=0xcfa77eb8, cmd=35585, arg=0xbfc59490) at net/wireless/wext-core.c:992 info = {cmd = 35585, flags = 0} ret = 1 #4 0xc035ac2d in dev_ioctl (net=0xc0588e80, cmd=35585, arg=<value optimized out>) at net/core/dev.c:4739 ifr = {ifr_ifrn = { ifrn_name = "wlan0\000ſ\000\000\000\000\000\000\000"}, ifr_ifru = {ifru_addr = {sa_family = 0, sa_data = '\000' <repeats 13 times>}, ifru_dstaddr = { sa_family = 0, sa_data = '\000' <repeats 13 times>}, ---Type <return> to continue, or q <return> to quit--- ifru_broadaddr = {sa_family = 0, sa_data = '\000' <repeats 13 times>}, ifru_netmask = { sa_family = 0, sa_data = '\000' <repeats 13 times>}, ifru_hwaddr = {sa_family = 0, sa_data = '\000' <repeats 13 times>}, ifru_flags = 0, ifru_ivalue = 0, ifru_mtu = 0, ifru_map = {mem_start = 0, mem_end = 0, base_addr = 0, irq = 0 '\000', dma = 0 '\000', port = 0 '\000'}, ifru_slave = '\000' <repeats 15 times>, ifru_newname = '\000' <repeats 15 times>, ifru_data = 0x0, ifru_settings = {type = 0, size = 0, ifs_ifsu = {raw_hdlc = 0x0, cisco = 0x0, fr = 0x0, fr_pvc = 0x0, fr_pvc_info = 0x0, sync = 0x0, te1 = 0x0}}}} ret = <value optimized out> colon = 0x0 #5 0xc03498dc in sock_ioctl (file=<value optimized out>, cmd=35585, arg=1) at net/socket.c:941 sock = 0xcfedd000 argp = 0xbfc59490 err = <value optimized out> #6 0xc0185b09 in vfs_ioctl (filp=0xcfef1740, cmd=35585, arg=3217396880) at fs/ioctl.c:46 error = <value optimized out> __func__ = "vfs_ioctl" ---Type <return> to continue, or q <return> to quit--- #7 0xc0186179 in do_vfs_ioctl (filp=0xcfef1740, fd=<value optimized out>, cmd=3483860664, arg=3217396880) at fs/ioctl.c:604 error = <value optimized out> argp = 0xbfc59490 #8 0xc01861e5 in sys_ioctl (fd=5, cmd=35585, arg=3217396880) at fs/ioctl.c:624 filp = 0xcfef1740 error = -9 fput_needed = 0 #9 0xc03e0971 in ?? () at arch/x86/kernel/entry_32.S:541 No locals. Backtrace stopped: previous frame inner to this frame (corrupt stack?) (gdb) print *dev $8 = {name = "wlan0\000\000\000\000\000\000\000\000\000\000", name_hlist = { next = 0x0, pprev = 0xcf81ecc4}, ifalias = 0x0, mem_end = 0, mem_start = 0, base_addr = 0, irq = 0, if_port = 0 '\000', dma = 0 '\000', state = 3, dev_list = {next = 0xcf8b0554, prev = 0xcfcb8ad4}, napi_list = { next = 0xcfd0185c, prev = 0xcfd0185c}, unreg_list = {next = 0xcfd01864, prev = 0xcfd01864}, features = 8192, ifindex = 8, iflink = 8, stats = { rx_packets = 0, tx_packets = 74, rx_bytes = 0, tx_bytes = 5068, rx_errors = 0, tx_errors = 0, rx_dropped = 0, tx_dropped = 0, multicast = 0, collisions = 0, rx_length_errors = 0, rx_over_errors = 0, rx_crc_errors = 0, rx_frame_errors = 0, rx_fifo_errors = 0, rx_missed_errors = 0, tx_aborted_errors = 0, tx_carrier_errors = 0, tx_fifo_errors = 0, tx_heartbeat_errors = 0, tx_window_errors = 0, rx_compressed = 0, tx_compressed = 0}, wireless_handlers = 0x0, wireless_data = 0x0, netdev_ops = 0xd1690c60, ethtool_ops = 0xd0db5140, header_ops = 0xc0412b00, flags = 4355, gflags = 0, priv_flags = 1024, padded = 24, operstate = 0 '\000', link_mode = 0 '\000', mtu = 1500, type = 1, hard_header_len = 14, needed_headroom = 53, needed_tailroom = 18, master = 0x0, perm_addr = "\000\016\216\031\356v", '\000' <repeats 25 times>, addr_len = 6 '\006', dev_id = 0, uc = {list = {next = 0xcfd01928, prev = 0xcfd01928}, count = 0}, uc_promisc = 0, addr_list_lock = {{ rlock = {raw_lock = {<No data fields>}}}}, mc_list = 0xcfa4f60c, mc_count = 3, promiscuity = 1, allmulti = 0, atalk_ptr = 0x0, ---Type <return> to continue, or q <return> to quit--- ip_ptr = 0xcf9910a0, dn_ptr = 0x0, ip6_ptr = 0xcf9904e8, ec_ptr = 0x0, ax25_ptr = 0x0, ieee80211_ptr = 0xcfd01ae8, last_rx = 0, dev_addr = 0xcf999404 "", dev_addrs = {list = {next = 0xcf9993fc, prev = 0xcf9993fc}, count = 1}, broadcast = "\377\377\377\377\377\377", '\000' <repeats 25 times>, rx_queue = {dev = 0xcfd01820, qdisc = 0xc04f5620, state = 0, qdisc_sleeping = 0xc04f5620, _xmit_lock = {{rlock = { raw_lock = {<No data fields>}}}}, xmit_lock_owner = -1, trans_start = 0, tx_bytes = 0, tx_packets = 0, tx_dropped = 0}, _tx = 0xcf999368, num_tx_queues = 4, real_num_tx_queues = 4, qdisc = 0xcf91d040, tx_queue_len = 1000, tx_global_lock = {{rlock = { raw_lock = {<No data fields>}}}}, trans_start = 4294828304, watchdog_timeo = 0, watchdog_timer = {entry = {next = 0x0, prev = 0x0}, expires = 0, function = 0xc036631a <dev_watchdog>, data = 3486521376, base = 0xc056e400}, refcnt = {counter = 13}, todo_list = {next = 0x0, prev = 0x0}, index_hlist = {next = 0x0, pprev = 0xcf844024}, link_watch_list = {next = 0xcfd01a04, prev = 0xcfd01a04}, reg_state = NETREG_REGISTERED, destructor = 0xc0356fef <free_netdev>, ml_priv = 0x0, br_port = 0xcfa06e78, macvlan_port = 0x0, garp_port = 0x0, dev = {parent = 0xcf845374, p = 0xcf99949c, kobj = { name = 0xcf999130 "wlan0", entry = {next = 0xcf9fbdd8, prev = 0xcf905478}, parent = 0xcf843ed4, kset = 0xcf808b04, ktype = 0xc04f0cac, sd = 0xcf9991cc, kref = {refcount = {counter = 4}}, ---Type <return> to continue, or q <return> to quit--- state_initialized = 1, state_in_sysfs = 1, state_add_uevent_sent = 1, state_remove_uevent_sent = 0, uevent_suppress = 0}, init_name = 0x0, type = 0xd0db787c, sem = {lock = {{rlock = { raw_lock = {<No data fields>}}}}, count = 1, wait_list = { next = 0xcfd01a5c, prev = 0xcfd01a5c}}, bus = 0x0, driver = 0x0, platform_data = 0xcfd01820, power = {power_state = {event = 0}, can_wakeup = 0, should_wakeup = 0, status = DPM_INVALID}, dma_mask = 0x0, coherent_dma_mask = 0, dma_parms = 0x0, dma_pools = { next = 0xcfd01a8c, prev = 0xcfd01a8c}, dma_mem = 0x0, archdata = { acpi_handle = 0x0}, devt = 0, devres_lock = {{rlock = { raw_lock = {<No data fields>}}}}, devres_head = {next = 0xcfd01aa0, prev = 0xcfd01aa0}, knode_class = {n_klist = 0xcf843efc, n_node = { next = 0xcf8b07ac, prev = 0xcfcb8d2c}, n_ref = {refcount = { counter = 1}}}, class = 0xc04f50e0, groups = 0xcfd01ac4, release = 0}, sysfs_groups = {0xc04f5114, 0xc04f5120, 0x0, 0x0}, rtnl_link_ops = 0x0, vlan_features = 0, gso_max_size = 65536} (gdb) print *dev->ieee80211_ptr $10 = {wiphy = 0xcf0440c0, iftype = NL80211_IFTYPE_AP, list = { next = 0xcf044050, prev = 0xcfc36a70}, netdev = 0xcfd01820, mtx = { count = {counter = -811498776}, wait_lock = {{rlock = { raw_lock = {<No data fields>}}}}, wait_list = {next = 0xcfa182e8, prev = 0x1}}, cleanup_work = {data = {counter = -808445176}, entry = { next = 0xcfd01b08, prev = 0x0}, func = 0xcfd01b14}, use_4addr = 20, ssid = "\033\320Ͼ\344\331\320", '\000' <repeats 24 times>, ssid_len = 0 '\000', sme_state = CFG80211_SME_IDLE, conn = 0x0, connect_keys = 0x0, event_list = {next = 0x0, prev = 0x0}, event_lock = {{ rlock = {raw_lock = {<No data fields>}}}}, authtry_bsses = {0xcfd01b50, 0xcfd01b50, 0x0, 0x0}, auth_bsses = {0x0, 0x0, 0x0, 0x0}, current_bss = 0x0, wext = {ibss = {ssid = 0x0, bssid = 0x0, channel = 0x0, ie = 0x64 <Address 0x64 out of bounds>, ssid_len = 0 '\000', ie_len = 0 '\000', beacon_interval = 0, channel_fixed = false, privacy = false}, connect = {channel = 0x0, bssid = 0x0, ssid = 0x0, ssid_len = 0, auth_type = NL80211_AUTHTYPE_OPEN_SYSTEM, ie = 0x0, ie_len = 0, privacy = false, crypto = {wpa_versions = 4, cipher_group = 0, n_ciphers_pairwise = 0, ciphers_pairwise = {0, 0, 0, 0, 0}, n_akm_suites = 0, akm_suites = {0, 0}, control_port = false}, key = 0x0, key_len = 0 '\000', key_idx = 0 '\000'}, keys = 0x0, ie = 0x0, ie_len = 0, bssid = "\000\000\000\000\000", prev_bssid = "\000\000\000\000\000", ssid = '\000' <repeats 31 times>, default_key = 0 '\000', default_mgmt_key = 0 '\000', ps = false, ---Type <return> to continue, or q <return> to quit--- prev_bssid_valid = false, ps_timeout = 0}} (gdb) print *dev->ieee80211_ptr->wiphy $12 = {perm_addr = "\000\016\216\031\356v", interface_modes = 0, flags = 0, signal_type = CFG80211_SIGNAL_TYPE_NONE, bss_priv_size = 0, max_scan_ssids = 222 '\336', max_scan_ie_len = 0, n_cipher_suites = 106, cipher_suites = 0x1, retry_short = 96 '`', retry_long = 0 '\000', frag_threshold = 148111364, rts_threshold = 5, fw_version = "@\vi\321\a\004\000\000\377\377\377\377\377\377\377\377", '\000' <repeats 15 times>, hw_version = 0, max_num_pmkids = 0 '\000', privid = 0x0, bands = {0x0, 0x0}, reg_notifier = 0, regd = 0x0, dev = { parent = 0xd1693734, p = 0xcf044cd8, kobj = {name = 0xcf044d04 "", entry = {next = 0xd18dc5a5, prev = 0xcf9f3508}, parent = 0xcf845374, kset = 0xcf9976b0, ktype = 0xcf8ee8cc, sd = 0xcf905478, kref = { refcount = {counter = -812108172}}, state_initialized = 0, state_in_sysfs = 0, state_add_uevent_sent = 1, state_remove_uevent_sent = 0, uevent_suppress = 1}, init_name = 0xcf808b04 "\f\016O\300\200\032\301\316t\201\200\317\020\213\200\317\020\213\200", <incomplete sequence \317>, type = 0xc04f0cac, sem = { lock = {{rlock = {raw_lock = {<No data fields>}}}}, count = 3482941176, wait_list = {next = 0x4, prev = 0x7}}, bus = 0x0, driver = 0x0, platform_data = 0x1, power = {power_state = {event = -821804684}, can_wakeup = 0, should_wakeup = 0, status = DPM_INVALID}, dma_mask = 0x0, coherent_dma_mask = 3473162240, dma_parms = 0x0, dma_pools = {next = 0x0, prev = 0x0}, dma_mem = 0x0, archdata = { acpi_handle = 0x0}, devt = 0, devres_lock = {{rlock = { ---Type <return> to continue, or q <return> to quit--- raw_lock = {<No data fields>}}}}, devres_head = {next = 0xcf0441a4, prev = 0xcf0441a4}, knode_class = {n_klist = 0x0, n_node = {next = 0x0, prev = 0x0}, n_ref = {refcount = {counter = -821804616}}}, class = 0xcf0441b8, groups = 0xcf98ac3c, release = 0xcf98ac3c}, debugfsdir = 0xcf98ac3c, wext = 0x1, priv = 0xcf0441e0 "\350T\333", <incomplete sequence \320>} Please not the missing addr_mask field in wiphy.
Attachment:
signature.asc
Description: OpenPGP digital signature