[Bugme-new] [Bug 11326] New: iwl3945: Error: Response NULL in 'REPLY_ADD_STA', followed by fault

bugme-daemon at bugzilla.kernel.org bugme-daemon at bugzilla.kernel.org
Wed Aug 13 21:36:43 PDT 2008 

http://bugzilla.kernel.org/show_bug.cgi?id=11326

           Summary: iwl3945: Error: Response NULL in 'REPLY_ADD_STA',
                    followed by fault
           Product: Drivers
           Version: 2.5
     KernelVersion: 2.6.27-rc3
          Platform: All
        OS/Version: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: network-wireless
        AssignedTo: drivers_network-wireless at kernel-bugs.osdl.org
        ReportedBy: jim at jtan.com


I'm playing with aircrack-ng, trying to find a kernel version that works well
with airodump and my iwl3945 card.  On 2.6.27-rc3, it captures packets very
slowly (must miss a lot) and eventually while playing around with iwconfig
options and running airodump, I got this:

[19991.393753] iwl3945: Error: Response NULL in 'REPLY_ADD_STA'
[19991.393753] BUG: unable to handle kernel paging request at ffff8801ffff8801
[19991.393753] IP: [<ffffffff80293d8a>] unmap_vmas+0x7ea/0x990
[19991.393753] PGD 202063 PUD 0 
[19991.393753] Oops: 0000 [1] PREEMPT SMP 
[19991.393753] CPU 1 
[19991.393753] Modules linked in: iwl3945 i915 drm binfmt_misc rfcomm l2cap
kvm_intel kvm ppdev parport_pc lp parport ipv6 pci_slot sbs sbshc container
acpi_cpufreq cpufr
eq_stats cpufreq_powersave cpufreq_conservative cpufreq_ondemand freq_table
cpufreq_userspace fuse input_polldev loop firewire_sbp2 hci_usb pcmcia
bluetooth snd_hda_intel
 snd_pcm_oss snd_mixer_oss snd_pcm arc4 ecb snd_timer snd_page_alloc snd_hwdep
serio_raw sierra snd psmouse usbserial pcspkr mac80211 i2c_i801 yenta_socket
rsrc_nonstatic
 pcmcia_core i2c_core cfg80211 ac battery soundcore video output button
thinkpad_acpi intel_agp rfkill led_class nvram evdev ext3 jbd mbcache
sha256_generic aes_x86_64 ae
s_generic cbc dm_crypt crypto_blkcipher dm_mirror dm_log dm_snapshot dm_mod
pata_acpi ata_generic sd_mod crc_t10dif firewire_ohci ata_piix ahci
firewire_core crc_itu_t li
bata scsi_mod ehci_hcd e1000e uhci_hcd dock thermal processor fan thermal_sys
[last unloaded: iwl3945]
[19991.393753] Pid: 583, comm: airodump-ng Not tainted 2.6.27-rc3 #1
[19991.393753] RIP: 0010:[<ffffffff80293d8a>]  [<ffffffff80293d8a>]
unmap_vmas+0x7ea/0x990
[19991.393753] RSP: 0018:ffff880101f45ae8  EFLAGS: 00010246
[19991.393753] RAX: ffff8801ffff8801 RBX: ffff880028031440 RCX:
0000000000000000
[19991.393753] RDX: 0000000000000000 RSI: 0000000000000008 RDI:
0000000000000001
[19991.393753] RBP: ffff880101f45bd8 R08: 0000000000000000 R09:
0000000000000000
[19991.393753] R10: 0000000000000000 R11: 0000000000000246 R12:
ffffe20004515560
[19991.393753] R13: ffff88013959adb0 R14: 00007fec9a3b7000 R15:
ffffffffffffff97
[19991.393753] FS:  0000000000000000(0000) GS:ffff88013b892b40(0000)
knlGS:0000000000000000
[19991.393753] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[19991.393753] CR2: ffff8801ffff8801 CR3: 0000000000201000 CR4:
00000000000026a0
[19991.393753] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[19991.393753] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000400
[19991.393753] Process airodump-ng (pid: 583, threadinfo ffff880101f44000, task
ffff880101f52140)
[19991.393753] Stack:  ffff880101f45b58 00007fec9a3ecfff 0000000000000000
ffff880101f45be8
[19991.393753]  ffffffffffffffff 31dc588000000000 ffff8801ffff8801
ffff880101f45bf0
[19991.393753]  0000000100000082 0000000000000000 ffff880139521940
00007fec9a3ed000
[19991.393753] Call Trace:
[19991.393753]  [<ffffffff8029878e>] exit_mmap+0x9e/0x160
[19991.393753]  [<ffffffff8023c23d>] mmput+0x2d/0xd0
[19991.393753]  [<ffffffff80240598>] exit_mm+0x108/0x140
[19991.393753]  [<ffffffff804bbe61>] ? _spin_unlock_irq+0x11/0x40
[19991.393753]  [<ffffffff8024288a>] do_exit+0x80a/0x960
[19991.393753]  [<ffffffff804a7de2>] ? wireless_send_event+0x172/0x310
[19991.393753]  [<ffffffff80430900>] ? netdev_run_todo+0x1d0/0x270
[19991.393753]  [<ffffffff80242a1e>] do_group_exit+0x3e/0xb0
[19991.393753]  [<ffffffff8024de4d>] get_signal_to_deliver+0x27d/0x3c0
[19991.393753]  [<ffffffff8020b6b9>] do_notify_resume+0x99/0x9c0
[19991.393753]  [<ffffffff804bbea2>] ? _spin_unlock_irqrestore+0x12/0x40
[19991.393753]  [<ffffffff80259821>] ? hrtimer_start+0x101/0x200
[19991.393753]  [<ffffffff80259b09>] ? ktime_get_ts+0x59/0x60
[19991.393753]  [<ffffffff8022fc23>] ? hrtick_start_fair+0x183/0x1a0
[19991.393753]  [<ffffffff804bbe61>] ? _spin_unlock_irq+0x11/0x40
[19991.393753]  [<ffffffff804b974c>] ? thread_return+0xa3/0x717
[19991.393753]  [<ffffffff802bbae1>] ? vfs_ioctl+0x31/0xa0
[19991.393753]  [<ffffffff804ba7a7>] ? do_nanosleep+0x77/0xc0
[19991.393753]  [<ffffffff8020c62c>] ? sysret_signal+0x14/0x1f
[19991.393753]  [<ffffffff8020c8a7>] ptregscall_common+0x67/0xb0
[19991.393753] 
[19991.393753] 
[19991.393753] Code: 80 38 e0 ff ff 08 0f 84 e5 00 00 00 48 83 bd 58 ff ff ff
00 0f 85 00 01 00 00 e8 f2 60 22 00 48 8b 85 40 ff ff ff bf 01 00 00 00 <4c> 8b
20 e8 4e b5 22 00 48 8b 1d ef 29 3b 00 48 c7 c2 40 74 69 
[19991.393753] RIP  [<ffffffff80293d8a>] unmap_vmas+0x7ea/0x990
[19991.393753]  RSP <ffff880101f45ae8>
[19991.393753] CR2: ffff8801ffff8801
[19991.393753] ---[ end trace 10018cf841eb794c ]---
[19991.393753] Fixing recursive fault but reboot is needed!


-- 
Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Bugme-new mailing list