Date: Tue, 28 Jan 2014 14:47:39 -0800 From: Adrian Chadd <adrian@freebsd.org> To: Pedro Flynn <pedro.flynn@gmail.com> Cc: "freebsd-wireless@freebsd.org" <freebsd-wireless@freebsd.org> Subject: Re: FreeBSD 10.0: hostapd crash with Ralink 3070 Message-ID: <CAJ-Vmo=kFcEjvmUQX87Q_RX4=aVKNyYDHqf-kZ%2Bp0OcgKdZQGA@mail.gmail.com> In-Reply-To: <CAN48zx=RwTJL=M=xLi30CDxVVFUAmOgo%2Bd9ONNxyeRwP=i2=aw@mail.gmail.com> References: <CAN48zxmMZHsjr55AAbFaeB591Ahd9S1-AkGksRiRtgNOJv6DYQ@mail.gmail.com> <CALCpEUHRsquBrE4o6WxfcLgi-O2BN1FtPa%2BrS2Cdk==0dUdPaA@mail.gmail.com> <CAN48zxkXiUFyGuysTSkEPiwdS9VvEZgeyvo1eTr_seFQ2yM-6A@mail.gmail.com> <CAN48zxn%2BeKDFCbFDHwBJOUfyqvjH3whttTH0whtTfgBQxFRrGA@mail.gmail.com> <CAJ-VmonPDSHOzuD8bqpjLC1FjYQqHrwz2-w8u5wCqUw-hspVfQ@mail.gmail.com> <CAN48zx=zhBYSnkm4Kszs4oe1MdGPrP01B_0eysyso7T5a_WWMA@mail.gmail.com> <CAN48zxmxL_h=9B32C1dC5uGAbV_ExEXQoumPS1Zwvwt2RAbPUQ@mail.gmail.com> <CAN48zx=QgdLpTUm3OK2V-TVUxxBpiGF4A1WzZbSL6thqB_C%2B%2Bg@mail.gmail.com> <CAJ-VmokDb3mUj7Xw6hQKvX5beCv_hXLmMm-nAfz_ZZ-EYq1gyQ@mail.gmail.com> <CAN48zxkcJu-nYWrqJmrpC2VQ_LO2RwV6c9r3sUdKA6uXpfjcVQ@mail.gmail.com> <CAJ-VmokH0O6RMRYyvSDcz%2BCNRha9auujxAnKWRxorG=UrG8J8w@mail.gmail.com> <CAN48zx=RwTJL=M=xLi30CDxVVFUAmOgo%2Bd9ONNxyeRwP=i2=aw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
ok, do 'bt', and see what's being passed into ieee80211_beacon_update. Use 'frame X' to switch to frame X, and 'print VARIABLE_NAME' to print out the contents of the given variable name. That mbuf looks like it's NULL, which is odd. Thanks! -a On 28 January 2014 14:45, Pedro Flynn <pedro.flynn@gmail.com> wrote: > OK! This is what I have: > > list * (0xffffffff809b1163) > Undefined command: "". Try "help". > (kgdb) list * (0xffffffff809b1163) > 0xffffffff809b1163 is in ieee80211_beacon_update > (/usr/src/sys/net80211/ieee80211_output.c:3099). > 3094 /* XXX do WME aggressive mode processing? */ > 3095 IEEE80211_UNLOCK(ic); > 3096 return 1; /* just assume length changed */ > 3097 } > 3098 > 3099 wh = mtod(m, struct ieee80211_frame *); > 3100 seqno = ni->ni_txseqs[IEEE80211_NONQOS_TID]++; > 3101 *(uint16_t *)&wh->i_seq[0] = > 3102 htole16(seqno << IEEE80211_SEQ_SEQ_SHIFT); > 3103 M_SEQNO_SET(m, seqno); > Current language: auto; currently minimal > (kgdb) > > > (by the way, I'm building a kernel with debug symbols) > > Thanks, > > pflynn > > > > On Tue, Jan 28, 2014 at 8:34 PM, Adrian Chadd <adrian@freebsd.org> wrote: >> >> Ok, fire up kgdb >> >> # kgdb /boot/kernel/kernel /var/crash/vmcore.0 >> >> then >> >> (gdb) list * (0xffffffff809b1163) >> >> (.. that's the "instruction pointer" at the time of the panic.) >> >> I bet it's iv_bss. >> >> >> >> -a > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJ-Vmo=kFcEjvmUQX87Q_RX4=aVKNyYDHqf-kZ%2Bp0OcgKdZQGA>