Please note: This project is no longer active. The website is kept online for historic purposes only.
If you´re looking for a Linux driver for your Atheros WLAN device, you should continue here .

Ticket #1924 (new defect)

Opened 10 years ago

Last modified 9 years ago

kernel panic using minstrel

Reported by: Assigned to:
Priority: major Milestone:
Component: madwifi: other Version: v0.9.4
Keywords: minstrel Cc:
Patch is attached: 0 Pending:

Description (Last modified by mrenzmann)

Version: madwifi-0.9.4

I changed the rate from 6M to auto on a Ubiqiuti SR5 card The kernel panic happened when I did this. Please find attached the Module.symvers file to show versions etc.

------------[ cut here ]------------
kernel BUG at /var/usr/madwifi-0.9.4/ath_rate/minstrel/minstrel.c:413!
invalid opcode: 0000 [#1]
Modules linked in: wlan_scan_ap wlan_scan_sta ath_rate_minstrel ath_pci wlan ath
_hal iptable_nat ip_nat ip_conntrack nfnetlink iptable_filter ip_tables x_tables
 ipv6 dm_snapshot dm_mirror dm_mod loop softdog ext3 jbd ide_disk generic ohci_h
cd usbcore sc1200 ide_core natsemi processor
CPU:    0
EIP:    0060:[<c88f125f>]    Tainted: P      VLI
EFLAGS: 00210292   (2.6.18-5-486 #1)
EIP is at ath_rate_setupxtxdesc+0x78/0x157 [ath_rate_minstrel]
eax: 0000003b   ebx: c0a74adc   ecx: ffffffff   edx: 00004ed9
esi: 00000000   edi: 00000000   ebp: c0a74800   esp: c7a57ae4
ds: 007b   es: 007b   ss: 0068
Process ssh (pid: 5380, ti=c7a56000 task=c771bab0 task.ti=c7a56000)
Stack: c88f2539 c88f2987 00000000 00000000 c89d4ea0 00000014 c5f3ba20 c5f48280
       c89d4eec c5f48280 c5f496c4 c0a74800 c894c125 00000000 00000084 0000002f
       c1ea1b00 c225ad8c c77ddd10 c5f48000 c0220a00 c225ad8c 00000026 c021f6e1
Call Trace:
 [<c894c125>] ath_tx_start+0xaf2/0x1192 [ath_pci]
 [<c0220a00>] skb_copy+0x51/0xbf
 [<c021f6e1>] kfree_skbmem+0x8/0x61
 [<c898ead4>] zz00b7177d+0x0/0x140 [ath_hal]
 [<c89513f3>] ath_hardstart+0xc20/0xd0b [ath_pci]
 [<c0223abd>] dev_hard_start_xmit+0x149/0x19f
 [<c023051d>] __qdisc_run+0x9c/0x117
 [<c022506a>] dev_queue_xmit+0xfc/0x1c6
 [<c89b5fcb>] ieee80211_hardstart+0x2c6/0x2fc [wlan]
 [<c0223abd>] dev_hard_start_xmit+0x149/0x19f
 [<c02250a7>] dev_queue_xmit+0x139/0x1c6
 [<c022915a>] neigh_resolve_output+0x16d/0x193
 [<c023fffa>] ip_output+0x194/0x1ca
 [<c023f8e3>] ip_queue_xmit+0x373/0x3a9
 [<c897afdd>] zz067d0c47+0x15/0x5c [ath_hal]
 [<c898fe1f>] zz002daf00+0xcb/0x220 [ath_hal]
 [<c898fde4>] zz002daf00+0x90/0x220 [ath_hal]
 [<c0250fa8>] tcp_v4_send_check+0x76/0xbb
 [<c024c832>] tcp_transmit_skb+0x5eb/0x617
 [<c024e07c>] __tcp_push_pending_frames+0x67f/0x744
 [<c0244738>] tcp_sendmsg+0x2e0/0x97e
 [<c0244cee>] tcp_sendmsg+0x896/0x97e
 [<c025a88a>] inet_sendmsg+0x37/0x3d
 [<c021ac21>] do_sock_write+0xa3/0xaa
 [<c021b13a>] sock_aio_write+0x54/0x5d
 [<c01488dc>] do_sync_write+0xb6/0xf1
 [<c0122cc3>] autoremove_wake_function+0x0/0x2d
 [<c0149193>] vfs_write+0xb5/0x147
 [<c0149686>] sys_write+0x3e/0x65
 [<c0102a47>] syscall_call+0x7/0xb
Code: 00 00 85 f6 78 05 3b 73 04 7c 2b 8d 85 69 01 00 00 e8 0e fa 0c 00 50 ff 73
 04 56 ff 35 ac 24 8f c8 68 39 25 8f c8 e8 03 3e 82 f7 <0f> 0b 9d 01 56 25 8f c8
 83 c4 14 85 ff 78 05 3b 7b 04 7c 2b 8d
EIP: [<c88f125f>] ath_rate_setupxtxdesc+0x78/0x157 [ath_rate_minstrel] SS:ESP 00
 <0>Kernel panic - not syncing: Fatal exception in interrupt


Module.symvers (9.7 kB) - added by on 05/03/08 01:22:12.
Module symbols and versions

Change History

05/03/08 01:22:12 changed by

  • attachment Module.symvers added.

Module symbols and versions

05/03/08 01:32:45 changed by foodoc

ooh, there isn't much you can do here other than recompile, test & hope

The "invalid opcode" bug means that the CPU come across a instruction that it doesn't understand. So there are several reasons for this:

  • all kinds of memory/disk corruptions
  • module built for the wrong architecture
  • broken compilers/linker/tools

btw: Ubiqiuti has its own madwifi-like driver with special features, you should give it a try too: check out their homepage for more details.

05/05/08 06:25:03 changed by mrenzmann

  • description changed.

05/12/08 12:54:08 changed by proski

I believe that's an assert due to sn->num_rates being 0. The problem exists in the trunk as well, except that ath_rate_setupxtxdesc() was renamed to ath_rate_get_mrr().

ath_rate_ctl_reset() sets sn->num_rates to 0 briefly. I believe it should set a flag that would prevent using the rate control algorithm until the reset is complete. Perhaps mutexes would be needed too. Alternatively, the data in sn should be kept consistent at all times.

05/12/08 18:41:10 changed by

I had a similar panic with madwifi 0.9.4 panic and 2.6.24. I believe the system was in the middle of rebooting and wpa_supplicant was bringing the interface down.

Here is the panic from a Au1550 (MIPSLE) system:

ath_rate_minstrel: no rates for 00:02:6f:4a:c2:22?
ath_rate_minstrel: bad rc1 (0/0) for 00:02:6f:4a:c2:22?
Break instruction in kernel code[#1]:
Cpu 0
$ 0   : 00000000 1000fc00 0000003b 8038e4dc
$ 4   : 83954840 839ffee4 00000000 00000000
$ 8   : 8038e4d0 00000001 803d0000 803d0000
$12   : 803d0000 00000000 803c2840 00000000
$16   : 83b44ae8 00000000 00000000 83b44800
$20   : 00000000 838ca360 a38e4500 838d8000
$24   : 00000002 8023f4f4
$28   : 839bc000 839bdcb0 838d6280 8023949c
Hi    : 000000f5
Lo    : 3f7f9000
epc   : 8023949c ath_rate_setupxtxdesc+0x98/0x220     Not tainted
ra    : 8023949c ath_rate_setupxtxdesc+0x98/0x220
Status: 1000fc03    KERNEL EXL IE
Cause : 00800024
PrId  : 03030200 (Au1550)
Process wpa_supplicant (pid: 106, threadinfo=839bc000, task=83954420)
Stack : a38e4500 8037e268 00000000 00000000 803df154 838ca360 0000001c 838d8000
       a38e4500 00000000 8039d3ec 838ca360 00000000 00000000 0000001c 80240728
       0000000a 8037e268 803df154 00000000 00000018 00000060 000000e3 80390000
       ffffffff 00000000 00000001 00000000 00000000 00000000 00000000 00000003
       838ee360 80390000 838ca360 838ee360 00000000 ffffffff 00000018 00000000
Call Trace:
[<8023949c>] ath_rate_setupxtxdesc+0x98/0x220
[<80240728>] ath_tx_start+0x76c/0x1514
[<80241594>] ath_mgtstart+0xc4/0x394
[<802883f4>] ieee80211_send_nulldata+0x108/0x234
[<8028ee28>] ieee80211_sta_pwrsave+0xd4/0x28c
[<80290570>] scan_next+0x31c/0x53c
[<8013324c>] run_timer_softirq+0x118/0x238
[<8012e618>] __do_softirq+0x9c/0x148
[<8012e758>] do_softirq+0x94/0xc4
[<8012e974>] irq_exit+0x8c/0xac
[<80103084>] ret_from_irq+0x0/0x4

Code: 02203021  0c04a221  afa20010 <0200000d> 06400005  00000000  8e020004  0242
102a  1440000c
Kernel panic - not syncing: Fatal exception in interrupt

10/25/09 12:38:03 changed by Antonio

As far as I see in other posts I think that the "no rates for" message is issued when it's impossible to find a common rate set among two or more cards (at least in ahdemo or ad-hoc mode). That could explains why you do not experience errors using "fixed" rate vaule.