Bug#405932: madwifi-source: Null Pointer BUG() Oops in procfs cleanup on modprobe -r ath-pci

Kel Modderman kel at otaku42.de
Tue Jan 23 01:22:29 CET 2007


On Tuesday 23 January 2007 10:18, thomas schorpp wrote:
> Kel Modderman wrote:
> > Hi,
> >
> > On Sunday 07 January 2007 23:03, tom schorpp wrote:
> >>Package: madwifi-source
> >>Version: 1:0.9.2+r1842.20061207-2
> >>Severity: important
> >>
> >>Jan  7 11:35:17 tom3 kernel: BUG: unable to handle kernel NULL pointer
> >>dereference at virtual address 00000005
> >>Jan  7 11:35:17 tom3 kernel:  printing eip:
> >>Jan  7 11:35:17 tom3 kernel: c018604f
> >>Jan  7 11:35:17 tom3 kernel: *pde = 00000000
> >>Jan  7 11:35:17 tom3 kernel: Oops: 0000 [#1]
> >>Jan  7 11:35:17 tom3 kernel: SMP
> >>Jan  7 11:35:17 tom3 kernel: Modules linked in: wlan_scan_ap
> >> wlan_scan_sta ath_pci ath_rate_sample wlan ath_hal bnep rfcomm l2cap
> >> bluetooth snd_mixer_oss ip6table_filter ip6_tables ipv6 ipt_MASQUERADE
> >> iptable_nat ip_nat ipt_TCPMSS xt_state ip_conntrack nfnetlink xt_limit
> >> xt_tcpudp iptable_filter ip_tables x_tables parport_pc parport pcspkr
> >> ehci_hcd 8139too 8139cp mii snd_ens1371 snd_rawmidi snd_seq_device
> >> snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd snd_page_alloc es1371
> >> gameport soundcore ac97_codec i2c_piix4 i2c_core usblp uhci_hcd usbcore
> >> shpchp pci_hotplug intel_agp agpgart sd_mod scsi_mod ide_cd cdrom rtc
> >> ext3 jbd mbcache ide_disk generic piix ide_core evdev Jan  7 11:35:17
> >> tom3 kernel: CPU:    0 Jan  7 11:35:17 tom3 kernel: EIP:   
> >> 0060:[remove_proc_entry+46/395] Tainted: PF     VLI Jan  7 11:35:17 tom3
> >> kernel: EFLAGS: 00010286 (2.6.18-3-686 #1)
> >>Jan  7 11:35:17 tom3 kernel: EIP is at remove_proc_entry+0x2e/0x18b
> >>Jan  7 11:35:17 tom3 kernel: eax: 00000000   ebx: 00000000   ecx:
> >> ffffffff edx: c29f7f80 Jan  7 11:35:17 tom3 kernel: esi: c53aa2c0   edi:
> >> 00000005 ebp: c53aa000   esp: c5941e8c Jan  7 11:35:17 tom3 kernel: ds:
> >> 007b   es: 007b   ss: 0068
> >>Jan  7 11:35:17 tom3 kernel: Process modprobe (pid: 1030, ti=c5940000
> >>task=c94c2550 task.ti=c5940000)
> >>Jan  7 11:35:17 tom3 kernel: Stack: c29f7f80 00000005 00000000 c53aa2c0
> >>c3c882c4 c53aa000 ccb16d79 c53aa2c0
> >>Jan  7 11:35:17 tom3 kernel:        c3c882c0 ccb00fab c3c882c0 c3c882c0
> >>c61f8000 c53aa2c0 ccabb34c c3c88000
> >>Jan  7 11:35:17 tom3 kernel:        c61f8000 c3c882c0 c3c88000 c61f8000
> >>00000080 ccb0100c c3c882c0 ccab7c77
> >>Jan  7 11:35:17 tom3 kernel: Call Trace:
> >>Jan  7 11:35:17 tom3 kernel:  [pg0+209247609/1070027776]
> >>ieee80211_sysctl_vdetach+0x63/0xc7 [wlan]
> >>Jan  7 11:35:17 tom3 kernel:  [pg0+209158059/1070027776]
> >>ieee80211_vap_detach+0x83/0xd4 [wlan]
> >>Jan  7 11:35:17 tom3 kernel:  [pg0+208872268/1070027776]
> >>ath_vap_delete+0x135/0x290 [ath_pci]
> >>Jan  7 11:35:17 tom3 kernel:  [pg0+209158156/1070027776]
> >>ieee80211_ifdetach+0x10/0x75 [wlan]
> >>Jan  7 11:35:17 tom3 kernel:  [pg0+208858231/1070027776]
> >>ath_detach+0x69/0xd5 [ath_pci] Jan  7 11:35:17 tom3 kernel:
> >>[pg0+208890371/1070027776] ath_pci_remove+0x11/0x61 [ath_pci] Jan  7
> >>11:35:17 tom3 kernel:  [pci_device_remove+22/40]
> >>pci_device_remove+0x16/0x28 Jan  7 11:35:17 tom3 kernel:
> >>[__device_release_driver+90/114]
> >>__device_release_driver+0x5a/0x72
> >>Jan  7 11:35:17 tom3 kernel:  [driver_detach+96/141]
> >>driver_detach+0x60/0x8d Jan  7 11:35:17 tom3 kernel:
> >>[bus_remove_driver+87/117] bus_remove_driver+0x57/0x75 Jan  7 11:35:17
> >> tom3 kernel:  [driver_unregister+8/19] driver_unregister+0x8/0x13 Jan  7
> >> 11:35:17 tom3 kernel:  [pci_unregister_driver+12/88]
> >>pci_unregister_driver+0xc/0x58 Jan  7 11:35:17 tom3 kernel:
> >>[pg0+208891277/1070027776] exit_ath_pci+0xf/0x22 [ath_pci] Jan  7
> >> 11:35:17 tom3 kernel:  [sys_delete_module+429/468]
> >> sys_delete_module+0x1ad/0x1d4 Jan 7 11:35:17 tom3 kernel: 
> >> [remove_vma+49/54] remove_vma+0x31/0x36 Jan  7 11:35:17 tom3 kernel: 
> >> [do_munmap+385/411] do_munmap+0x181/0x19b Jan  7 11:35:17 tom3 kernel: 
> >> [sysenter_past_esp+86/121]
> >>sysenter_past_esp+0x56/0x79 Jan  7 11:35:17 tom3 kernel: Code: 53 83 ec
> >> 08 85 d2 89 14 24 89 44 24 04 75 13 8d 4c 24 04 89 e2 e8 4f ff ff ff 85
> >> c0 0f 85 5f 01 00 00 8b 7c 24 04 31 c0 83 c9 ff <f2> ae f7 d1 49 b8 00
> >> 00 2d c0 89 cd e8 59 af 0f 00 8b 3c 24 8b
> >>Jan  7 11:35:17 tom3 kernel: EIP: [remove_proc_entry+46/395]
> >>remove_proc_entry+0x2e/0x18b SS:ESP 0068:c5941e8c
> >>
> >>steps to reproduce:
> >>create the usual 3 sta,mon,ap vaps with bssid option from wifi0
> >>change mac of sta vap with ifconfig
> >>ifup inet static x.x.3.1 ip ap vap
> >>iwconfig sta vap to associate some remote ap
> >>ifconfig x.x.1.y ip and route sta vap, ping remote ap with > 20% packet
> >>loss maybe use airodump-ng with mon vap or dont
> >>ifdown ap vap, sta vap, mon vap, wifi0
> >>modprobe -r ath-pci
> >>...
> >>should BUG() with reboot necessary
> >
> > I think VAP technology is still just too unstable to be usable. This
> > trace looks very similar to that of #407270, and I swear I've seen it on
> > the madwifi.org bug tracker numerous times. Will look into it.
> >
> > Thanks, Kel.
>
> hi,
>
> well, n.p., has been reported just for this debian package, cause urgent
> and critical.
>
> fixed in later SVN revs, recommended from my last madwifi try should be
> rev. 1886 for confirmed stable hostapd (with 3 vap, 1 sta, 1 mon, 1 ap) and
> wpa_supplicant (no vap) (official hostap project stable releases) operation
> at this time.

Cool. Good to know.

>
> FYI
> with svn 1968 I've got stuck beacons, hal state 3 errors on D-Link DWL-G650
> C3, forgotten GTK handshakes in RSN mode w EAP-TLS due to heavy development
> ;)

Yeah, gotta keep a close eye on those developer types ;-) Would be interesting 
to know what change(s) brought about the errors you describe above.

Thanks, Kel.




More information about the Pkg-madwifi-maintainers mailing list