From owner-freebsd-current@FreeBSD.ORG Fri Apr 29 15:18:34 2005 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4559816A4CE for ; Fri, 29 Apr 2005 15:18:34 +0000 (GMT) Received: from orb.pobox.com (orb.pobox.com [207.8.226.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id C77A843D49 for ; Fri, 29 Apr 2005 15:18:33 +0000 (GMT) (envelope-from discussion-lists@linnet.org) Received: from orb (localhost [127.0.0.1]) by orb.pobox.com (Postfix) with ESMTP id 30D097D7; Fri, 29 Apr 2005 11:18:30 -0400 (EDT) Received: from thinkdog.local.linnet.org (host217-40-157-153.in-addr.btopenworld.com [217.40.157.153]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by orb.sasl.smtp.pobox.com (Postfix) with ESMTP id C72938B; Fri, 29 Apr 2005 11:18:28 -0400 (EDT) Received: from lists by thinkdog.local.linnet.org with local (Exim 4.43 (FreeBSD)) id 1DRXFs-000OOo-2H; Fri, 29 Apr 2005 16:18:12 +0100 Date: Fri, 29 Apr 2005 16:18:12 +0100 From: Brian Candler To: Sam Leffler Message-ID: <20050429151811.GB93707@uk.tiscali.com> References: <20050428121447.GA90430@uk.tiscali.com> <42715889.7070202@errno.com> <20050428222831.GB1308@uk.tiscali.com> <42716C48.9070206@errno.com> <20050429121129.GA92888@uk.tiscali.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050429121129.GA92888@uk.tiscali.com> User-Agent: Mutt/1.4.2.1i cc: freebsd-current@freebsd.org Subject: Re: wpa_supplicant causes panic in ieee80211_newstate X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Apr 2005 15:18:34 -0000 On Fri, Apr 29, 2005 at 01:11:29PM +0100, Brian Candler wrote: > Short of messing with Windoze NDIS drivers, it seems like I have bought > myself an expensive blanking plate :-( I have given the NDIS driver a try, but haven't been able to make it work. Firstly, following steps at http://dannyman.toldme.com/2005/01/05/freebsd-howto-ndisulate-windows-drivers/ - copied the XP .inf and .sys files into /usr/src/sys/modules/if_ndis - ran ndiscvt to generate ndis_driver_data.h - make && make install - kldload if_ndis Nothing new in ifconfig, nothing shown in kernel messages. Unloaded modules, tried again using the Win2K drivers. Same. This time also copied *.bin and *.BIN to /compat/ndis/ in case these are firmware files, but this didn't help. The filenames are FW1130.BIN FwRad16.bin FwRad17.bin I can see FwRad{16,17}.bin referenced from the .inf file, but not FW1130.BIN Next tried ndisgen on the Win2K drivers. The module that this produced manages to detect the card but immediately panic the kernel: # kldload ./netwg311_2K_sys.ko ndis0: mem 0xfaffc000-0xfaffdfff,0xfafc0000-0xfafdffff irq 11 at device 11.0 on pci2 ndis0: [GIANT-LOCKED] ndis0: NDIS API version: 5.0 Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x4 fault code = supervisor write, page not present instruction pointer = 0x20:0xc07fe94c stack pointer = 0x28:0xcbffec9c frame pointer = 0x28:0xcbffecb0 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resum, IOPL = 0 current process = 22 (irq11: ifpi0 xl0++) [thread pid 22 tid 100014 ] Stopped at atomic_cmpset_int+0xc: lock cmpxchgl %ecx,0(%edx) db> trace Tracing pid 22 tid 100014 td 0xc1521d80 atomic_cmpset_int(4,2,c18f1000,cbffece4,c19009c9) at atomic_cmpset_int+0xc KfAcquireSpinLock(4,0,0,c1925c40,c1544c00) at KfAcquireSpinLock+0x21 ndis_intr(c18f1000) at ndis_intr+0x3d ithread_loop(c1544c00,cbffed38,c1544c00,c064610c,0) at ithread_loop+0x120 fork_exit(c064610c,c1544c00,cbffed38) at fork_exit+0xa0 fork_trampoline() at fork_trampoline+0x8 --- trap 0x1, eip = 0, esp = 0xcbffed6c, ebp = 0 --- db > (this was the second attempt; a background fsck was going on at the time, I don't know if this affects things). Interestingly, pid 22 was the same IRQ process which caused a panic when I was messing with my if_wi card. However that card was removed when I put the netgear in. Finally I tried rebuilding the whole kernel, this time with device ndis options NDISAPI (device wlan was already present), remembering that the Win2K ndis_driver_data.h is still in /usr/src/sys/modules/if_ndis This doesn't detect or report anything ndis-related at bootup, and ifconfig shows nothing. However I'm at a loss to work out how it is supposed to function in the first place; I've grepped across the whole of /usr/src/sys for "ndis_driver_data" and don't find it anywhere. However, the ndis(4) manpage insists that "ndis_driver_data.h" is what this file needs to be called. Any clues? Final note: with my new ndis-integrated kernel running, I tried again # kldload ./netwg311_2K_sys.ko and got a different panic: ndis0: mem 0xfaffc000-0xfaffdfff,0xfafc0000-0xfafdffff irq 11 at device 11.0 on pci2 ndis0: [GIANT-LOCKED] ndis0: NDIS API version: 5.0 Slab at 0xc2108cb8, freei 89 = 0 panic: Duplicate free of item 0xc2108590 from zone 0xc10522c0(16) cpuid = 0 KDB: enter: panic [thread pid 538 tid 100064 ] Stopped at kbd_enter+0x2b: nop db> pid 538 is the "kldload" process. There is a very long backtrace which I'd prefer not to type in full, but omitting the hex arguments and most of the offsets you get: kdb_enter(...) at kdb_enter+0x2b panic(...) at panic+0x127 uma_dbg_free(...) uma_zfree_arg(...) free(...) ExFreePool(...) NdisCloseFile(...) _end(...) at 0xc15b5761 netwg311_2K_sys_drv_data_start(...) at 0xc20fadb1 x86_stdcall_call(...) ndis_attach(...) ndis_attach_pci(...) device_attach(...) device_probe_and_attach(...) pci_driver_added(...) devclass_add_driver(...) driver_module_handler(...) module_register_init(...) linker_file_sysinit(...) linker_load_file(...) linker_load_module(...) kldload(...) syscall(...) Xint0x80_syscall() at Xint0x80_syscall+0x1f --- syscall (304, FreeBSD ELF32, kldload), eip = 0x280b61af, esp=0xbfbfec7c, ebp = 0xbfbfecbc --- db > Hope that's of some use to someone. Regards, Brian. P.S. the ndis(4) manpage has a reference to ndisapi(9), but that page doesn't seem to exist.