Johannes Berg <johannes@...> writes:
> Would you compile with CONFIG_MAC80211_NOINLINE (may need to enable
> CONFIG_MAC80211_DEBUG_MENU) and give me the stack trace then? But maybe
> I can reproduce it this way.
Hello Johannes,
thats the trace with the patch applied
and enabled CONFIG_MAC80211_NOINLINE / CONFIG_MAC80211_DEBUG_MENU
----------------------------------------
BUG: unable to handle kernel NULL pointer dereference at 00000193
IP: [<c1269d28>] ieee80211_tx_h_select_key+0x118/0x290
*pde = 00000000
Oops: 0000 [#1]
last sysfs file: /sys/devices/pci0000:00/0000:00:09.0/0000:02:00.0/
firmware/0000:02:00.0/loading
Modules linked in: rt61pci crc_itu_t rt2x00pci rt2x00lib eeprom_93cx6
Pid: 4413, comm: hostapd Not tainted 2.6.33-rc4-wl-47289-gd602bbd-dirty
#29 CN700-8237/
EIP: 0060:[<c1269d28>] EFLAGS: 00210246 CPU: 0
EIP is at ieee80211_tx_h_select_key+0x118/0x290
EAX: 00000040 EBX: f7b43c2c ECX: 00000000 EDX: 00000000
ESI: f7b50b40 EDI: 0000009d EBP: f7b43bf0 ESP: f7b43bd8
DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process hostapd (pid: 4413, ti=f7b42000 task=f7939500 task.ti=f7b42000)
Stack:
f6e2605e 000000c0 f7b50b60 f7b43c2c f7b50b40 00000000 f7b43c00 c126b43d
<0> f7b50b60 f78e81e0 f7b43c58 c126b6a3 c11cc278 f7b50b40 f6e27610 f7b43c38
<0> c11cc398 00e26000 f7b50b60 000000c0 f6e26000 f7b50b40 f78e81e0 f79fcac0
Call Trace:
[<c126b43d>] ? invoke_tx_handlers+0x5d/0x110
[<c126b6a3>] ? ieee80211_tx+0x53/0x180
[<c11cc278>] ? skb_release_data+0x68/0xa0
[<c11cc398>] ? pskb_expand_head+0xe8/0x170
[<c126b85c>] ? ieee80211_xmit+0x8c/0x180
[<c126ba34>] ? ieee80211_monitor_start_xmit+0x94/0xc0
[<c11d3c0d>] ? dev_hard_start_xmit+0x20d/0x2c0
[<c11cce89>] ? __alloc_skb+0x49/0x130
[<c11e297c>] ? sch_direct_xmit+0xec/0x140
[<c11c860a>] ? sock_alloc_send_pskb+0x17a/0x260
[<c11e2060>] ? pfifo_fast_enqueue+0x0/0x90
[<c11d3ebd>] ? dev_queue_xmit+0xdd/0x4a0
[<c12314c3>] ? packet_sendmsg+0x213/0x250
[<c11c565f>] ? sock_sendmsg+0xaf/0xe0
[<c11c5539>] ? sock_recvmsg+0xb9/0xe0
[<c11ce19c>] ? verify_iovec+0x2c/0xa0
[<c11c5b31>] ? sys_sendmsg+0x111/0x230
[<c1056c6f>] ? find_get_page+0x1f/0x70
[<c1057499>] ? filemap_fault+0x69/0x340
[<c1056f6d>] ? unlock_page+0x3d/0x40
[<c1066fe0>] ? __do_fault+0x2a0/0x380
[<c106804b>] ? handle_mm_fault+0x13b/0x850
[<c11c6f1c>] ? sys_socketcall+0xdc/0x290
[<c1078467>] ? filp_close+0x47/0x70
[<c1002990>] ? sysenter_do_call+0x12/0x26
Code: 08 74 28 83 e1 0c 8b 33 8b 53 0c 75 15 85 d2 74 11 9c 58 fa 8b 52 34 50
9d 80 e6 04 0f 85 d1 00 00 00 c7 43 10 00 00 00 00 31 d2 <f6> 82 93 01 00 00
10 0f 84 6c ff ff ff 8b 4d e8 0f b7 01 a8 0c
EIP: [<c1269d28>] ieee80211_tx_h_select_key+0x118/0x290 SS:ESP 0068:f7b43bd8
CR2: 0000000000000193
---[ end trace 39e7e2685e5534c9 ]---
Kernel panic - not syncing: Fatal exception in interrupt
Pid: 4413, comm: hostapd Tainted: G D 2.6.33-rc4-wl-47289-gd602bbd
-dirty #29
Call Trace:
[<c1277c35>] ? printk+0x18/0x1b
[<c1277b6e>] panic+0x43/0xf2
[<c10054ee>] oops_end+0x7e/0x90
[<c101a8ae>] no_context+0xbe/0x150
[<c101a98f>] __bad_area_nosemaphore+0x4f/0x180
[<c103a01a>] ? __remove_hrtimer+0x2a/0x90
[<c103a0f1>] ? hrtimer_cancel+0x11/0x20
[<c1278b3d>] ? schedule_hrtimeout_range+0xad/0x110
[<c1039f10>] ? hrtimer_wakeup+0x0/0x20
[<c108763f>] ? poll_freewait+0x3f/0xa0
[<c101aad2>] bad_area_nosemaphore+0x12/0x20
[<c101aeb4>] do_page_fault+0x254/0x2f0
[<c101ac60>] ? do_page_fault+0x0/0x2f0
[<c12798e6>] error_code+0x5e/0x64
[<c101ac60>] ? do_page_fault+0x0/0x2f0
[<c1269d28>] ? ieee80211_tx_h_select_key+0x118/0x290
[<c126b43d>] invoke_tx_handlers+0x5d/0x110
[<c126b6a3>] ieee80211_tx+0x53/0x180
[<c11cc278>] ? skb_release_data+0x68/0xa0
[<c11cc398>] ? pskb_expand_head+0xe8/0x170
[<c126b85c>] ieee80211_xmit+0x8c/0x180
[<c126ba34>] ieee80211_monitor_start_xmit+0x94/0xc0
[<c11d3c0d>] dev_hard_start_xmit+0x20d/0x2c0
[<c11cce89>] ? __alloc_skb+0x49/0x130
[<c11e297c>] sch_direct_xmit+0xec/0x140
[<c11c860a>] ? sock_alloc_send_pskb+0x17a/0x260
[<c11e2060>] ? pfifo_fast_enqueue+0x0/0x90
[<c11d3ebd>] dev_queue_xmit+0xdd/0x4a0
[<c12314c3>] packet_sendmsg+0x213/0x250
[<c11c565f>] sock_sendmsg+0xaf/0xe0
[<c11c5539>] ? sock_recvmsg+0xb9/0xe0
[<c11ce19c>] ? verify_iovec+0x2c/0xa0
[<c11c5b31>] sys_sendmsg+0x111/0x230
[<c1056c6f>] ? find_get_page+0x1f/0x70
[<c1057499>] ? filemap_fault+0x69/0x340
[<c1056f6d>] ? unlock_page+0x3d/0x40
[<c1066fe0>] ? __do_fault+0x2a0/0x380
[<c106804b>] ? handle_mm_fault+0x13b/0x850
[<c11c6f1c>] sys_socketcall+0xdc/0x290
[<c1078467>] ? filp_close+0x47/0x70
[<c1002990>] sysenter_do_call+0x12/0x26