wpa_supplicant segfault on Thinkpad 600X with bcm4318

I am experiencing a reproducible wpa_supplicant segfault crash whenever I try to bring up my laptop wireless interface while disconnected from the docking station. If the laptop is in the docking station (which also has a wired network card and extra hard drive), the wireless wlan0 device comes up and successfully makes a 54Mb connection with DHCP to my wireless access point.

The computer is an IBM ThinkPad 600X running openSUSE 11.1 kernel 2.6.27.19-3.2-default. The wireless card is a Linksys WPC54G ver. 3 (Broadcom 4318 chipset). I am using ifup/ifdown (manual control) to bring wlan0 up or down until this problem is resolved. The access point is a Linksys WRT54GS using WPA2 PSK authentication and IP addresses on a different subnet from my wired network.

Here is the dmesg information for the segfault:

input: b43-phy0 as /devices/virtual/input/input8
firmware: requesting b43/ucode5.fw
firmware: requesting b43/pcm5.fw
firmware: requesting b43/b0g0initvals5.fw
firmware: requesting b43/b0g0bsinitvals5.fw
b43-phy0: Loading firmware version 410.2160 (2007-05-26 15:32:10)
BUG: unable to handle kernel paging request at 008e0098
IP: <c0296c7d>] get_device_parent+0x90/0x10f
*pde = 00000000 
Oops: 0000 #1] SMP 
last sysfs file: /sys/devices/pci0000:00/0000:00:02.0/0000:02:00.0/ssb0:0/firmware/ssb0:0/loading
Modules linked in: rfkill_input xt_pkttype xt_TCPMSS xt_tcpudp ipt_LOG xt_limit nfsd exportfs autofs4 snd_pcm_oss snd_mixer_oss snd_seq_midi snd_seq_midi_event snd_seq rpcsec_gss_krb5 auth_rpcgss nfs lockd nfs_acl sunrpc xt_NOTRACK ipt_REJECT xt_state iptable_raw iptable_filter nf_conntrack_netbios_ns nf_conntrack_ipv4 nf_conntrack ip_tables ip6_tables x_tables fuse reiserfs loop dm_mod arc4 ecb crypto_blkcipher b43(N) mac80211 cfg80211 input_polldev ssb ppdev pcmcia rtc_cmos rtc_core rtc_lib i2c_piix4 pcspkr i2c_core battery ac parport_pc parport snd_cs46xx irda gameport crc_ccitt floppy video output snd_rawmidi snd_seq_device snd_ac97_codec sr_mod ac97_bus cdrom snd_pcm snd_timer button intel_agp shpchp snd yenta_socket soundcore agpgart pci_hotplug rsrc_nonstatic sg snd_page_alloc pcmcia_core usbhid hid ff_memless uhci_hcd usbcore sd_mod crc_t10dif thinkpad_acpi rfkill led_class nvram fan thermal processor thermal_sys hwmon edd ext3 mbcache jbd ide_pci_generic piix ide_core ata_generic ata_piix libata scsi_mod dock [last unloaded: speedstep_lib]
Supported: No

Pid: 5141, comm: wpa_supplicant Tainted: G          (2.6.27.19-3.2-default #1)
EIP: 0060:<c0296c7d>] EFLAGS: 00010213 CPU: 0
EIP is at get_device_parent+0x90/0x10f
EAX: e39245a4 EBX: 008e0098 ECX: 008e0094 EDX: e39612e4
ESI: e2c63000 EDI: e2c63000 EBP: e2952e78 ESP: e2b51cf0
 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process wpa_supplicant (pid: 5141, ti=e2b50000 task=e28c7280 task.ti=e2b50000)
Stack: 00000000 00000003 00000282 e397b800 e2c63000 e2c63000 e3924a20 00000000 
       c0297ab6 00000000 e341e000 e3769c94 e397b818 e2c6309c e2952e00 00000000 
       00000000 e2c63000 e2c63000 e2c63000 fffffff4 e3924a20 00000000 c0297e73 
Call Trace:
 <c0297ab6>] device_add+0xaa/0x3da
 <c0297e73>] device_create_vargs+0x7d/0x9e
 <c0297ebf>] device_create+0x2b/0x30
 <e4e0717e>] led_classdev_register+0x32/0x108 [led_class]
 <e510024d>] b43_register_led+0x7f/0xb0 [b43]
 <e5100326>] b43_map_led+0xa8/0x1c6 [b43]
 <e51004ed>] b43_leds_init+0xa9/0xb8 [b43]
 <e50f12af>] b43_wireless_core_init+0x555/0x58e [b43]
 <e50f1639>] b43_op_start+0xd2/0x120 [b43]
 <e50bc5f5>] ieee80211_open+0x23c/0x4eb [mac80211]
 <c02d6822>] dev_open+0x6f/0xa8
 <c02d637d>] dev_change_flags+0xa4/0x159
 <c03126ea>] devinet_ioctl+0x238/0x4da
 <c02ca13e>] sock_ioctl+0x1b5/0x1db
 <c018f5eb>] vfs_ioctl+0x1f/0x62
 <c018f87f>] do_vfs_ioctl+0x167/0x172
 <c018f8cf>] sys_ioctl+0x45/0x5e
 <c01039ad>] sysenter_do_call+0x12/0x21
 <ffffe430>] 0xffffe430
 =======================
Code: e3 3b 0a 00 8b 87 24 01 00 00 8b 50 2c 8b 42 44 83 c2 44 8d 48 fc eb 13 39 69 0c 75 0b 89 c8 e8 11 6e f8 ff 89 c6 eb 13 8d 4b fc <8b> 59 04 0f 18 03 90 8d 41 04 39 c2 75 df 31 f6 8b 87 24 01 00 
EIP: <c0296c7d>] get_device_parent+0x90/0x10f SS:ESP 0068:e2b51cf0
--- end trace 7c98b61dbff34993 ]---

And these are the extra processes running after ifup wlan0 fails:

root      5150  2144  0 18:02 ?        00:00:00 /usr/lib/hal/hald-addon-rfkill-killswitch
root      5156     2  0 18:02 ?        00:00:00 [ipolldevd]
root      5214     1  0 18:02 pts/4    00:00:00 /bin/bash /sbin/ifup-dhcp wlan0 wlan0
root      5215  5214  0 18:02 pts/4    00:00:00 ip link show wlan0

Here is dmesg for a successful ifup wlan0 in the docking station:

input: b43-phy0 as /devices/virtual/input/input7
firmware: requesting b43/ucode5.fw
firmware: requesting b43/pcm5.fw
firmware: requesting b43/b0g0initvals5.fw
firmware: requesting b43/b0g0bsinitvals5.fw
b43-phy0: Loading firmware version 410.2160 (2007-05-26 15:32:10)
Registered led device: b43-phy0::tx
Registered led device: b43-phy0::rx
Registered led device: b43-phy0::radio
wlan0: authenticate with AP 00:13:10:f8:58:ce
wlan0: authenticated
wlan0: associate with AP 00:13:10:f8:58:ce
wlan0: RX AssocResp from 00:13:10:f8:58:ce (capab=0x411 status=0 aid=1)
wlan0: associated

And these are the added processes after successfully connecting in the docking station:

root      6358  2305  0 20:43 ?        00:00:00 /usr/lib/hal/hald-addon-rfkill-killswitch
root      6364     2  0 20:43 ?        00:00:00 [ipolldevd]
root      6413     1  0 20:43 ?        00:00:00 wpa_supplicant -iwlan0 -c/var/run/wpa_supplicant-wlan0.conf -Dwext -P/var/run/wpa_supplicant/wlan0.pid -B
root      7177     1  0 20:44 ?        00:00:00 /sbin/dhcpcd --netconfig -L -E -G -c /etc/sysconfig/network/scripts/dhcpcd-hook -t 0 -h planchet wlan0

Any idea how to fix this?

Does the same thing happen when you remove the card prior to undock, then insert the card after undock?

Yes. I have tried many combinations of card insertion and removal, including booting up with or without the card. In the docking station, I can insert or remove the card and (with cable connection ifplugd rather than manual ifup/ifdown), the system will recognize the card. Outside of that particular configuration, it always fails.

I have what would appear to be a very similar crash using a Lenovo T410S with an Intel 6200 wifi chipset.

The issue started after the update from 12.1 to 12.2

Oct 31 00:23:49 lamda kernel: wlan0: Wrong control channel in association response: configured center-freq: 2437 hti-cfreq: 2462 hti->control_chan: 11 band: 0. Disabling HT.

Oct 31 00:23:52 lamda kernel: WARNING: at /home/abuild/rpmbuild/BUILD/kernel-desktop-3.4.11/linux-3.4/net/wireless/mlme.c:490 cfg80211_mlme_disassoc+0xe5/0xf0 cfg80211
Oct 31 00:23:52 lamda kernel: Hardware name: 29123RU
Oct 31 00:23:52 lamda kernel: WARNING: at /home/abuild/rpmbuild/BUILD/kernel-desktop-3.4.11/linux-3.4/net/wireless/mlme.c:490 cfg80211_mlme_disassoc+0xe5/0xf0 cfg80211
Oct 31 00:23:52 lamda kernel: Hardware name: 29123RU
Oct 31 00:23:52 lamda kernel: Modules linked in: nfnetlink_log nfnetlink fuse af_packet xt_LOG xt_tcpudp xt_limit xt_pkttype rfcomm bnep nf_conntrack_ipv6 nf_defrag_ipv6 ip6t_REJECT ipt_REJECT ip6table_raw xt_NOTRACK iptable_raw iptable_filter ip6table_mangle nf_conntrack_netbios_ns nf_conntrack_broadcast nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack ip6table_filter ip6_tables x_tables snd_hda_codec_hdmi snd_hda_codec_conexant arc4 snd_usb_audio snd_hda_intel snd_hda_codec snd_pcm_oss snd_pcm mxm_wmi thinkpad_acpi snd_seq mperf coretemp crc32c_intel aesni_intel cryptd aes_i586 uvcvideo videobuf2_core videodev videobuf2_vmalloc videobuf2_memops snd_timer snd_hwdep snd_usbmidi_lib snd_rawmidi snd_seq_device snd_mixer_oss pcspkr sr_mod cdrom sg snd iwlwifi iTCO_wdt joydev iTCO_vendor_support mac80211 intel_ips i2c_i801 cfg80211 snd_page_alloc btusb bluetooth rfkill e1000e mei(C) soundcore battery ac tpm_tis tpm tpm_bios wmi microcode autofs4 thermal i915 drm_kms_helper drm i2c_algo_bit video button processor thermal_sys scsi_dh_emc scsi_dh_alua scsi_dh_hp_sw scsi_dh_rdac scsi_dh [last unloaded: speedstep_lib]
Oct 31 00:23:52 lamda kernel: Pid: 1114, comm: wpa_supplicant Tainted: G

Oct 31 00:23:52 lamda kernel: Call Trace:
Oct 31 00:23:52 lamda kernel: <c02054b9>] try_stack_unwind+0x199/0x1b0
Oct 31 00:23:52 lamda kernel: <c02041d7>] dump_trace+0x47/0xf0
Oct 31 00:23:52 lamda kernel: <c020551b>] show_trace_log_lvl+0x4b/0x60
Oct 31 00:23:52 lamda kernel: <c0205548>] show_trace+0x18/0x20
Oct 31 00:23:52 lamda kernel: <c06f1abf>] dump_stack+0x6d/0x72
Oct 31 00:23:52 lamda kernel: <c02330f8>] warn_slowpath_common+0x78/0xb0
Oct 31 00:23:52 lamda kernel: <c023314b>] warn_slowpath_null+0x1b/0x20
Oct 31 00:23:52 lamda kernel: <f7bf7565>] cfg80211_mlme_disassoc+0xe5/0xf0 [cfg80211]
Oct 31 00:23:52 lamda kernel: <f7be9b2f>] nl80211_disassociate+0x9f/0xe0 [cfg80211]
Oct 31 00:23:52 lamda kernel: <c064275e>] genl_rcv_msg+0x22e/0x290
Oct 31 00:23:52 lamda kernel: <c0642166>] netlink_rcv_skb+0x86/0xa0
Oct 31 00:23:52 lamda kernel: <c0642524>] genl_rcv+0x14/0x20
Oct 31 00:23:52 lamda kernel: <c0641b5f>] netlink_unicast+0x16f/0x1c0
Oct 31 00:23:52 lamda kernel: <c0641dca>] netlink_sendmsg+0x21a/0x360
Oct 31 00:23:52 lamda kernel: <c060bfd0>] sock_sendmsg+0xd0/0x110
Oct 31 00:23:52 lamda kernel: <c060d46d>] __sys_sendmsg+0x25d/0x270
Oct 31 00:23:52 lamda kernel: <c060e3c9>] sys_sendmsg+0x39/0x60
Oct 31 00:23:52 lamda kernel: <c060ea47>] sys_socketcall+0x287/0x2e0
Oct 31 00:23:52 lamda kernel: <c0703298>] sysenter_do_call+0x12/0x28
Oct 31 00:23:52 lamda kernel: <b770c424>] 0xb770c423
Oct 31 00:23:52 lamda kernel: — end trace 68f3296e5a4c2349 ]—
Oct 31 00:25:12 lamda avahi-daemon[528]: Withdrawing address record for 192.168.17.210 on wlan0.

lamda:/bnet/lab # rpm -qa | grep wpa
wpa_supplicant-1.0-2.1.2.i586

lamda:/bnet/lab # lspci -nnk
00:00.0 Host bridge [0600]: Intel Corporation Core Processor DRAM Controller [8086:0044] (rev 02)
Subsystem: Lenovo Device [17aa:2193]
Kernel driver in use: agpgart-intel
00:02.0 VGA compatible controller [0300]: Intel Corporation Core Processor Integrated Graphics Controller [8086:0046] (rev 02)
Subsystem: Lenovo Device [17aa:21c1]
Kernel driver in use: i915
00:16.0 Communication controller [0780]: Intel Corporation 5 Series/3400 Series Chipset HECI Controller [8086:3b64] (rev 06)
Subsystem: Lenovo Device [17aa:215f]
Kernel driver in use: mei
00:19.0 Ethernet controller [0200]: Intel Corporation 82577LM Gigabit Network Connection [8086:10ea] (rev 06)
Subsystem: Lenovo Device [17aa:2153]
Kernel driver in use: e1000e
00:1a.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller [8086:3b3c] (rev 06)
Subsystem: Lenovo Device [17aa:2163]
Kernel driver in use: ehci_hcd
00:1b.0 Audio device [0403]: Intel Corporation 5 Series/3400 Series Chipset High Definition Audio [8086:3b57] (rev 06)
Subsystem: Lenovo Device [17aa:215e]
Kernel driver in use: snd_hda_intel
00:1c.0 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 1 [8086:3b42] (rev 06)
Kernel driver in use: pcieport
00:1c.1 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 2 [8086:3b44] (rev 06)
Kernel driver in use: pcieport
00:1c.3 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series Chipset PCI Express Root Port 4 [8086:3b48] (rev 06)
Kernel driver in use: pcieport
00:1d.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series Chipset USB2 Enhanced Host Controller [8086:3b34] (rev 06)
Subsystem: Lenovo Device [17aa:2163]
Kernel driver in use: ehci_hcd
00:1e.0 PCI bridge [0604]: Intel Corporation 82801 Mobile PCI Bridge [8086:2448] (rev a6)
00:1f.0 ISA bridge [0601]: Intel Corporation 5 Series/3400 Series Chipset LPC Interface Controller [8086:3b0f] (rev 06)
Subsystem: Lenovo Device [17aa:2166]
00:1f.2 SATA controller [0106]: Intel Corporation 5 Series/3400 Series Chipset 6 port SATA AHCI Controller [8086:3b2f] (rev 06)
Subsystem: Lenovo Device [17aa:2168]
Kernel driver in use: ahci
00:1f.3 SMBus [0c05]: Intel Corporation 5 Series/3400 Series Chipset SMBus Controller [8086:3b30] (rev 06)
Subsystem: Lenovo Device [17aa:2167]
Kernel driver in use: i801_smbus
00:1f.6 Signal processing controller [1180]: Intel Corporation 5 Series/3400 Series Chipset Thermal Subsystem [8086:3b32] (rev 06)
Subsystem: Lenovo Device [17aa:2190]
Kernel driver in use: intel ips
03:00.0 Network controller [0280]: Intel Corporation Centrino Advanced-N 6200 [8086:4239] (rev 35)
Subsystem: Intel Corporation Centrino Advanced-N 6200 2x2 AGN [8086:1311]
Kernel driver in use: iwlwifi
ff:00.0 Host bridge [0600]: Intel Corporation Core Processor QuickPath Architecture Generic Non-core Registers [8086:2c62] (rev 02)
Subsystem: Lenovo Device [17aa:2196]
ff:00.1 Host bridge [0600]: Intel Corporation Core Processor QuickPath Architecture System Address Decoder [8086:2d01] (rev 02)
Subsystem: Lenovo Device [17aa:2196]
ff:02.0 Host bridge [0600]: Intel Corporation Core Processor QPI Link 0 [8086:2d10] (rev 02)
Subsystem: Lenovo Device [17aa:2196]
ff:02.1 Host bridge [0600]: Intel Corporation Core Processor QPI Physical 0 [8086:2d11] (rev 02)
Subsystem: Lenovo Device [17aa:2196]
ff:02.2 Host bridge [0600]: Intel Corporation Core Processor Reserved [8086:2d12] (rev 02)
Subsystem: Lenovo Device [17aa:2196]
ff:02.3 Host bridge [0600]: Intel Corporation Core Processor Reserved [8086:2d13] (rev 02)
Subsystem: Lenovo Device [17aa:2196]

lamda:/bnet/lab # hwinfo --netcard
11: PCI 19.0: 0200 Ethernet controller
[Created at pci.319]
Unique ID: rBUF.14ynlNu_kNB
SysFS ID: /devices/pci0000:00/0000:00:19.0
SysFS BusID: 0000:00:19.0
Hardware Class: network
Model: “Intel 82577LM Gigabit Network Connection”
Vendor: pci 0x8086 “Intel Corporation”
Device: pci 0x10ea “82577LM Gigabit Network Connection”
SubVendor: pci 0x17aa “Lenovo”
SubDevice: pci 0x2153
Revision: 0x06
Driver: “e1000e”
Driver Modules: “e1000e”
Device File: eth0
Memory Range: 0xf2500000-0xf251ffff (rw,non-prefetchable)
Memory Range: 0xf2525000-0xf2525fff (rw,non-prefetchable)
I/O Ports: 0x1820-0x183f (rw)
IRQ: 43 (374209 events)
HW Address: 5c:ff:35:08:02:1b
Link detected: yes
Module Alias: “pci:v00008086d000010EAsv000017AAsd00002153bc02sc00i00”
Driver Info #0:
Driver Status: e1000e is active
Driver Activation Cmd: “modprobe e1000e”
Config Status: cfg=no, avail=yes, need=no, active=unknown

23: PCI 300.0: 0282 WLAN controller
[Created at pci.319]
Unique ID: y9sn.G7ywTgRV0c4
Parent ID: qTvu.t7KN6Conw98
SysFS ID: /devices/pci0000:00/0000:00:1c.1/0000:03:00.0
SysFS BusID: 0000:03:00.0
Hardware Class: network
Model: “Intel WLAN controller”
Vendor: pci 0x8086 “Intel Corporation”
Device: pci 0x4239
SubVendor: pci 0x8086 “Intel Corporation”
SubDevice: pci 0x1311
Revision: 0x35
Driver: “iwlwifi”
Driver Modules: “iwlwifi”
Device File: wlan0
Features: WLAN
Memory Range: 0xf2400000-0xf2401fff (rw,non-prefetchable)
IRQ: 44 (1581 events)
HW Address: 58:94:6b:57:31:cc
Link detected: no
WLAN channels: 1 2 3 4 5 6 7 8 9 10 11 12 13 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140
WLAN frequencies: 2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472 5.18 5.2 5.22 5.24 5.26 5.28 5.3 5.32 5.5 5.52 5.54 5.56 5.58 5.6 5.62 5.64 5.66 5.68 5.7
WLAN encryption modes: WEP40 WEP104 TKIP CCMP
WLAN authentication modes: open sharedkey wpa-psk wpa-eap
Module Alias: “pci:v00008086d00004239sv00008086sd00001311bc02sc80i00”
Driver Info #0:
Driver Status: iwlwifi is active
Driver Activation Cmd: “modprobe iwlwifi”
Config Status: cfg=no, avail=yes, need=no, active=unknown
Attached to: #15 (PCI bridge)

A second notebook with opensuse 12.2 does not exhibit this crash. this netbook uses Atheros AR9285 chipset.
lspci -nnv shows also "AzureWave AW-NE785/AWNE785H 802.11bgn Wireless full or half-size mini PCIe Card 1a3b:1089

and works fine with the same AP, same SSID, etc…

On 10/31/2012 07:36 AM, sadams64 wrote:
>
> I have what would appear to be a very similar crash using a Lenovo T410S
> with an Intel 6200 wifi chipset.
>
> The issue started after the update from 12.1 to 12.2
>
> Oct 31 00:23:49 lamda kernel: wlan0: Wrong control channel in
> association response: configured center-freq: 2437 hti-cfreq: 2462
> hti->control_chan: 11 band: 0. Disabling HT.
>
> Oct 31 00:23:52 lamda kernel: WARNING: at
> /home/abuild/rpmbuild/BUILD/kernel-desktop-3.4.11/linux-3.4/net/wireless/mlme.c:490
> cfg80211_mlme_disassoc+0xe5/0xf0 cfg80211
> Oct 31 00:23:52 lamda kernel: Hardware name: 29123RU
> Oct 31 00:23:52 lamda kernel: WARNING: at
> /home/abuild/rpmbuild/BUILD/kernel-desktop-3.4.11/linux-3.4/net/wireless/mlme.c:490
> cfg80211_mlme_disassoc+0xe5/0xf0 cfg80211
> Oct 31 00:23:52 lamda kernel: Hardware name: 29123RU
> Oct 31 00:23:52 lamda kernel: Modules linked in: nfnetlink_log
> nfnetlink fuse af_packet xt_LOG xt_tcpudp xt_limit xt_pkttype rfcomm
> bnep nf_conntrack_ipv6 nf_defrag_ipv6 ip6t_REJECT ipt_REJECT
> ip6table_raw xt_NOTRACK iptable_raw iptable_filter ip6table_mangle
> nf_conntrack_netbios_ns nf_conntrack_broadcast nf_conntrack_ipv4
> nf_defrag_ipv4 ip_tables xt_conntrack nf_conntrack ip6table_filter
> ip6_tables x_tables snd_hda_codec_hdmi snd_hda_codec_conexant arc4
> snd_usb_audio snd_hda_intel snd_hda_codec snd_pcm_oss snd_pcm mxm_wmi
> thinkpad_acpi snd_seq mperf coretemp crc32c_intel aesni_intel cryptd
> aes_i586 uvcvideo videobuf2_core videodev videobuf2_vmalloc
> videobuf2_memops snd_timer snd_hwdep snd_usbmidi_lib snd_rawmidi
> snd_seq_device snd_mixer_oss pcspkr sr_mod cdrom sg snd iwlwifi iTCO_wdt
> joydev iTCO_vendor_support mac80211 intel_ips i2c_i801 cfg80211
> snd_page_alloc btusb bluetooth rfkill e1000e mei(C) soundcore battery ac
> tpm_tis tpm tpm_bios wmi microcode autofs4 thermal i915 drm_kms_helper
> drm i2c_algo_bit video button processor thermal_sys scsi_dh_emc
> scsi_dh_alua scsi_dh_hp_sw scsi_dh_rdac scsi_dh [last unloaded:
> speedstep_lib]
> Oct 31 00:23:52 lamda kernel: Pid: 1114, comm: wpa_supplicant Tainted:
> G
>
>
> Oct 31 00:23:52 lamda kernel: Call Trace:
> Oct 31 00:23:52 lamda kernel: <c02054b9>]
> try_stack_unwind+0x199/0x1b0
> Oct 31 00:23:52 lamda kernel: <c02041d7>] dump_trace+0x47/0xf0
> Oct 31 00:23:52 lamda kernel: <c020551b>]
> show_trace_log_lvl+0x4b/0x60
> Oct 31 00:23:52 lamda kernel: <c0205548>] show_trace+0x18/0x20
> Oct 31 00:23:52 lamda kernel: <c06f1abf>] dump_stack+0x6d/0x72
> Oct 31 00:23:52 lamda kernel: <c02330f8>]
> warn_slowpath_common+0x78/0xb0
> Oct 31 00:23:52 lamda kernel: <c023314b>]
> warn_slowpath_null+0x1b/0x20
> Oct 31 00:23:52 lamda kernel: <f7bf7565>]
> cfg80211_mlme_disassoc+0xe5/0xf0 [cfg80211]
> Oct 31 00:23:52 lamda kernel: <f7be9b2f>]
> nl80211_disassociate+0x9f/0xe0 [cfg80211]
> Oct 31 00:23:52 lamda kernel: <c064275e>] genl_rcv_msg+0x22e/0x290
> Oct 31 00:23:52 lamda kernel: <c0642166>] netlink_rcv_skb+0x86/0xa0
> Oct 31 00:23:52 lamda kernel: <c0642524>] genl_rcv+0x14/0x20
> Oct 31 00:23:52 lamda kernel: <c0641b5f>] netlink_unicast+0x16f/0x1c0
> Oct 31 00:23:52 lamda kernel: <c0641dca>] netlink_sendmsg+0x21a/0x360
> Oct 31 00:23:52 lamda kernel: <c060bfd0>] sock_sendmsg+0xd0/0x110
> Oct 31 00:23:52 lamda kernel: <c060d46d>] __sys_sendmsg+0x25d/0x270
> Oct 31 00:23:52 lamda kernel: <c060e3c9>] sys_sendmsg+0x39/0x60
> Oct 31 00:23:52 lamda kernel: <c060ea47>] sys_socketcall+0x287/0x2e0
> Oct 31 00:23:52 lamda kernel: <c0703298>] sysenter_do_call+0x12/0x28
> Oct 31 00:23:52 lamda kernel: <b770c424>] 0xb770c423
> Oct 31 00:23:52 lamda kernel: — end trace 68f3296e5a4c2349 ]—
> Oct 31 00:25:12 lamda avahi-daemon[528]: Withdrawing address record for
> 192.168.17.210 on wlan0.
>
>
> lamda:/bnet/lab # rpm -qa | grep wpa
> wpa_supplicant-1.0-2.1.2.i586
>
> lamda:/bnet/lab # lspci -nnk
> 00:00.0 Host bridge [0600]: Intel Corporation Core Processor DRAM
> Controller [8086:0044] (rev 02)
> Subsystem: Lenovo Device [17aa:2193]
> Kernel driver in use: agpgart-intel
> 00:02.0 VGA compatible controller [0300]: Intel Corporation Core
> Processor Integrated Graphics Controller [8086:0046] (rev 02)
> Subsystem: Lenovo Device [17aa:21c1]
> Kernel driver in use: i915
> 00:16.0 Communication controller [0780]: Intel Corporation 5
> Series/3400 Series Chipset HECI Controller [8086:3b64] (rev 06)
> Subsystem: Lenovo Device [17aa:215f]
> Kernel driver in use: mei
> 00:19.0 Ethernet controller [0200]: Intel Corporation 82577LM Gigabit
> Network Connection [8086:10ea] (rev 06)
> Subsystem: Lenovo Device [17aa:2153]
> Kernel driver in use: e1000e
> 00:1a.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series
> Chipset USB2 Enhanced Host Controller [8086:3b3c] (rev 06)
> Subsystem: Lenovo Device [17aa:2163]
> Kernel driver in use: ehci_hcd
> 00:1b.0 Audio device [0403]: Intel Corporation 5 Series/3400 Series
> Chipset High Definition Audio [8086:3b57] (rev 06)
> Subsystem: Lenovo Device [17aa:215e]
> Kernel driver in use: snd_hda_intel
> 00:1c.0 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series
> Chipset PCI Express Root Port 1 [8086:3b42] (rev 06)
> Kernel driver in use: pcieport
> 00:1c.1 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series
> Chipset PCI Express Root Port 2 [8086:3b44] (rev 06)
> Kernel driver in use: pcieport
> 00:1c.3 PCI bridge [0604]: Intel Corporation 5 Series/3400 Series
> Chipset PCI Express Root Port 4 [8086:3b48] (rev 06)
> Kernel driver in use: pcieport
> 00:1d.0 USB controller [0c03]: Intel Corporation 5 Series/3400 Series
> Chipset USB2 Enhanced Host Controller [8086:3b34] (rev 06)
> Subsystem: Lenovo Device [17aa:2163]
> Kernel driver in use: ehci_hcd
> 00:1e.0 PCI bridge [0604]: Intel Corporation 82801 Mobile PCI Bridge
> [8086:2448] (rev a6)
> 00:1f.0 ISA bridge [0601]: Intel Corporation 5 Series/3400 Series
> Chipset LPC Interface Controller [8086:3b0f] (rev 06)
> Subsystem: Lenovo Device [17aa:2166]
> 00:1f.2 SATA controller [0106]: Intel Corporation 5 Series/3400 Series
> Chipset 6 port SATA AHCI Controller [8086:3b2f] (rev 06)
> Subsystem: Lenovo Device [17aa:2168]
> Kernel driver in use: ahci
> 00:1f.3 SMBus [0c05]: Intel Corporation 5 Series/3400 Series Chipset
> SMBus Controller [8086:3b30] (rev 06)
> Subsystem: Lenovo Device [17aa:2167]
> Kernel driver in use: i801_smbus
> 00:1f.6 Signal processing controller [1180]: Intel Corporation 5
> Series/3400 Series Chipset Thermal Subsystem [8086:3b32] (rev 06)
> Subsystem: Lenovo Device [17aa:2190]
> Kernel driver in use: intel ips
> 03:00.0 Network controller [0280]: Intel Corporation Centrino
> Advanced-N 6200 [8086:4239] (rev 35)
> Subsystem: Intel Corporation Centrino Advanced-N 6200 2x2 AGN
> [8086:1311]
> Kernel driver in use: iwlwifi
> ff:00.0 Host bridge [0600]: Intel Corporation Core Processor QuickPath
> Architecture Generic Non-core Registers [8086:2c62] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
> ff:00.1 Host bridge [0600]: Intel Corporation Core Processor QuickPath
> Architecture System Address Decoder [8086:2d01] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
> ff:02.0 Host bridge [0600]: Intel Corporation Core Processor QPI Link 0
> [8086:2d10] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
> ff:02.1 Host bridge [0600]: Intel Corporation Core Processor QPI
> Physical 0 [8086:2d11] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
> ff:02.2 Host bridge [0600]: Intel Corporation Core Processor Reserved
> [8086:2d12] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
> ff:02.3 Host bridge [0600]: Intel Corporation Core Processor Reserved
> [8086:2d13] (rev 02)
> Subsystem: Lenovo Device [17aa:2196]
>
> lamda:/bnet/lab # hwinfo --netcard
> 11: PCI 19.0: 0200 Ethernet controller
> [Created at pci.319]
> Unique ID: rBUF.14ynlNu_kNB
> SysFS ID: /devices/pci0000:00/0000:00:19.0
> SysFS BusID: 0000:00:19.0
> Hardware Class: network
> Model: “Intel 82577LM Gigabit Network Connection”
> Vendor: pci 0x8086 “Intel Corporation”
> Device: pci 0x10ea “82577LM Gigabit Network Connection”
> SubVendor: pci 0x17aa “Lenovo”
> SubDevice: pci 0x2153
> Revision: 0x06
> Driver: “e1000e”
> Driver Modules: “e1000e”
> Device File: eth0
> Memory Range: 0xf2500000-0xf251ffff (rw,non-prefetchable)
> Memory Range: 0xf2525000-0xf2525fff (rw,non-prefetchable)
> I/O Ports: 0x1820-0x183f (rw)
> IRQ: 43 (374209 events)
> HW Address: 5c:ff:35:08:02:1b
> Link detected: yes
> Module Alias: “pci:v00008086d000010EAsv000017AAsd00002153bc02sc00i00”
> Driver Info #0:
> Driver Status: e1000e is active
> Driver Activation Cmd: “modprobe e1000e”
> Config Status: cfg=no, avail=yes, need=no, active=unknown
>
> 23: PCI 300.0: 0282 WLAN controller
> [Created at pci.319]
> Unique ID: y9sn.G7ywTgRV0c4
> Parent ID: qTvu.t7KN6Conw98
> SysFS ID: /devices/pci0000:00/0000:00:1c.1/0000:03:00.0
> SysFS BusID: 0000:03:00.0
> Hardware Class: network
> Model: “Intel WLAN controller”
> Vendor: pci 0x8086 “Intel Corporation”
> Device: pci 0x4239
> SubVendor: pci 0x8086 “Intel Corporation”
> SubDevice: pci 0x1311
> Revision: 0x35
> Driver: “iwlwifi”
> Driver Modules: “iwlwifi”
> Device File: wlan0
> Features: WLAN
> Memory Range: 0xf2400000-0xf2401fff (rw,non-prefetchable)
> IRQ: 44 (1581 events)
> HW Address: 58:94:6b:57:31:cc
> Link detected: no
> WLAN channels: 1 2 3 4 5 6 7 8 9 10 11 12 13 36 40 44 48 52 56 60 64
> 100 104 108 112 116 120 124 128 132 136 140
> WLAN frequencies: 2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447
> 2.452 2.457 2.462 2.467 2.472 5.18 5.2 5.22 5.24 5.26 5.28 5.3 5.32 5.5
> 5.52 5.54 5.56 5.58 5.6 5.62 5.64 5.66 5.68 5.7
> WLAN encryption modes: WEP40 WEP104 TKIP CCMP
> WLAN authentication modes: open sharedkey wpa-psk wpa-eap
> Module Alias: “pci:v00008086d00004239sv00008086sd00001311bc02sc80i00”
> Driver Info #0:
> Driver Status: iwlwifi is active
> Driver Activation Cmd: “modprobe iwlwifi”
> Config Status: cfg=no, avail=yes, need=no, active=unknown
> Attached to: #15 (PCI bridge)
>
> A second notebook with opensuse 12.2 does not exhibit this crash. this
> netbook uses Atheros AR9285 chipset.
> lspci -nnv shows also "AzureWave AW-NE785/AWNE785H 802.11bgn Wireless
> full or half-size mini PCIe Card 1a3b:1089
>
> and works fine with the same AP, same SSID, etc…

Your problem is not a segfault in wpa-supplicant using BCM4318. You definitely
should have created a new thread. Ususally I ignore this kind of hijacking a
thread, but this is the last time I will do so.

What crash? A WARNING is NOT a CRASH. The warning you are getting is telling
you that your system tried to disassociate without being associated. My guess is
that there is a bug in this version of the iwlwifi driver. Try the
compat-wireless package. It should fix the problem. If not, then come back with
the new thread.