netbsd-bugs: port-i386/35046: kernel panic when trying to dump packets on ipw0 in monitor mode

Subject: port-i386/35046: kernel panic when trying to dump packets on ipw0 in monitor mode
To: None <port-i386-maintainer@netbsd.org, gnats-admin@netbsd.org,>
From: None <1@ipex.ru>
List: netbsd-bugs
Date: 11/13/2006 11:00:01

>Number:         35046
>Category:       port-i386
>Synopsis:       kernel panic when trying to dump packets on ipw0 in monitor mode
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    port-i386-maintainer
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Nov 13 11:00:01 +0000 2006
>Originator:     veider
>Release:        NetBSD 4.99.3
>Organization:
Darkzone Labs
>Environment:
NetBSD darkzone-mobile 4.99.3 NetBSD 4.99.3 (DARKZONE_MOBILE) #0: Sun Nov 12 22:02:44 MSK 2006  root@darkzone-mobile:/usr/obj/sys/arch/i386/compile/DARKZONE_MOBILE i386
>Description:
When trying to dump packets in promisc mode (with tcpdump) with IEEE_802_11_RADIO link type on ipw interface kernel panics.

kernel: supervisor trap page fault, code = 0
Stopped at netbsd: ipw_int+0x6bb: movw 0(%eax), %ax

ipw_intr
Xintr_ioapic_level7
--interrupt--
cpu_switch
ltsleep
uvm_scheduler
main
>How-To-Repeat:
# ifconfig ipw0 mediaopt monitor
# tcpdump -y IEEE802_11_RADIO -vv -ni ipw0

panic..
>Fix: