Bug 466264 - kernel BUG at net/mac80211/ieee80211_i.h:764
kernel BUG at net/mac80211/ieee80211_i.h:764
Status: CLOSED RAWHIDE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: John W. Linville
Fedora Extras Quality Assurance
:
Depends On:
Blocks: F10KernelBlocker
  Show dependency treegraph
 
Reported: 2008-10-09 10:07 EDT by Steve Grubb
Modified: 2008-10-16 14:08 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-10-16 14:08:49 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Steve Grubb 2008-10-09 10:07:21 EDT
Description of problem:
Trying to boot the 2.6.27-0.398.rc9.fc10.x86_64 kernel produces a bug output.

How reproducible:
Everytime.

Steps to Reproduce:
1. Boot
2. Wait for udev to start probing things

  
Actual results:
------------[ cut here ]------------
kernel BUG at net/mac80211/ieee80211_i.h:764!
invalid opcode: 0000 [1] SMP
CPU 0
Modules linked in: b43 rfkill input_polldev snd_atiixp_modem snd_atiixp snd_seq_dummy snd_ac97_codec ac97_bus snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss radeon snd_pcm drm snd_timer i2c_algo_bit video output snd tifm_7xx1 sdhci_pci sdhci tifm_core firewire_ohci battery ac yenta_socket mmc_core 8139cp rsrc_nonstatic shpchp soundcore wmi ssb 8139too firewire_core pcspkr i2c_piix4 mii crc_itu_t joydev i2c_core snd_page_alloc k8temp hwmon pata_atiixp pata_acpi ata_generic
Pid: 1378, comm: udevd Not tainted 2.6.27-0.398.rc9.fc10.x86_64 #1
RIP: 0010:[<ffffffff8134e874>]  [<ffffffff8134e874>] netdev_notify+0x43/0x94
RSP: 0018:ffff8800331b5c98  EFLAGS: 00010246
RAX: ffff880033210060 RBX: ffff8800354ea800 RCX: ffffffff81537f50
RDX: ffffffff81537f00 RSI: 000000000000000a RDI: ffffffff81537f50
RBP: ffff8800331b5cc8 R08: ffff8800331b5bc8 R09: 0000000000000292
R10: ffff8800331dc280 R11: 0000000300000000 R12: 00000000fffffffb
R13: ffffffff815382e0 R14: ffff8800354ea800 R15: 000000000000000a
FS:  00007f567e10b780(0000) GS:ffffffff81677700(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007fff8612ebc0 CR3: 0000000035968000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process udevd (pid: 1378, threadinfo ffff8800331b4000, task ffff880035f25d00)
Stack:  ffff8800331b5cc8 ffffffff812ca295 0000000000000000 00000000fffffffc
 0000000000000000 00000000fffffffb ffff8800331b5d08 ffffffff813708df
 ffff8800331b5cf8 ffff8800354ea800 0000000000000000 ffff8800354ea810
Call Trace:
 [<ffffffff812ca295>] ? fib_rules_event+0x1b/0xfe
 [<ffffffff813708df>] notifier_call_chain+0x38/0x60
 [<ffffffff8105c9c4>] raw_notifier_call_chain+0x14/0x16
 [<ffffffff812bdcbf>] dev_change_name+0x1a2/0x1ce
 [<ffffffff812bdf36>] dev_ifsioc+0x24b/0x308
 [<ffffffff8136c494>] ? mutex_lock+0x27/0x38
 [<ffffffff812be507>] dev_ioctl+0x514/0x626
 [<ffffffff810111c4>] ? mcount_call+0x5/0x31
 [<ffffffff813048c3>] ? udp_ioctl+0x12/0x8b
 [<ffffffff812af681>] sock_ioctl+0x202/0x211
 [<ffffffff810d4a2f>] vfs_ioctl+0x2f/0x7d
 [<ffffffff810d4ccf>] do_vfs_ioctl+0x252/0x26f
 [<ffffffff810d4d46>] sys_ioctl+0x5a/0x7c
 [<ffffffff810113aa>] system_call_fastpath+0x16/0x1b


Code: 70 48 8b 82 00 02 00 00 48 85 c0 74 64 48 8b 00 48 85 c0 74 5c 48 8b 15 9b 96 1e 00 48 39 50 08 75 4f 48 39 98 10 03 00 00 75 04 <0f> 0b eb fe 4c 8d 65 d0 48 89 da 48 c7 c6 7d 12 4c 81 31 c0 4c
RIP  [<ffffffff8134e874>] netdev_notify+0x43/0x94
 RSP <ffff8800331b5c98>
---[ end trace 789c1e6982921e6b ]---
Comment 1 John Poelstra 2008-10-09 18:17:03 EDT
This bug has been triaged
Comment 2 Chuck Ebbert 2008-10-10 04:05:33 EDT
static inline struct ieee80211_sub_if_data *
IEEE80211_DEV_TO_SUB_IF(struct net_device *dev)
{
        struct ieee80211_local *local = wdev_priv(dev->ieee80211_ptr);

        BUG_ON(!local || local->mdev == dev);

        return netdev_priv(dev);
}
Comment 3 Johannes Berg 2008-10-10 11:43:58 EDT
I think this is an issue that was inadvertedly fixed by "mac80211: make master iface not wireless"; the code in netdev_notify() should, in 2.6.27, check if it's the master interface and if not refuse to work. I'll check out the code for 2.6.27 and post a patch for -stable.
Comment 4 John W. Linville 2008-10-13 16:26:05 EDT
Johannes' patch has been checked-in to the rawhide kernels...
Comment 5 Steve Grubb 2008-10-16 14:08:49 EDT
Kernel -13 is the first 2.6.27 kernel to work for me. Thanks everyone. Closing.

Note You need to log in before you can comment on or make changes to this bug.