>Synopsis: panic in ieee80211_node_leave_11g: bogus long slot station
>count 0
>Category: kernel
>Environment:
System : OpenBSD 6.0
Details : OpenBSD 6.0-current (GENERIC.MP) #2463: Sat Sep 17
09:52:10 MDT 2016
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Architecture: OpenBSD.amd64
Machine : amd64
>Description:
I have had three panics with similar stacks with this kernel in my router
(Soekris net6501), a few days apart from each other (Sep23, 26 and 28). I see
that there have been further changes to sys/net80211, so I will try to reproduce
with a more recent snapshot, but since I don't have a good way to actually repro
this and the diffs don't seem to me to be directly related, I'm reporting this
now.
The stack traces are as follows:
panic: bogus long slot station count 0
Starting stack trace...
panic() at panic+0x10b
ieee80211_node_leave_11g() at ieee80211_node_leave_11g+0xc4
ieee80211_node_leave() at ieee80211_node_leave+0x159
ieee80211_send_group_msg1() at ieee80211_send_group_msg1+0x2d4
ieee80211_eapol_timeout() at ieee80211_eapol_timeout+0x57
softclock() at softclock+0x144
softintr_dispatch() at softintr_dispatch+0x8b
Xsoftclock() at Xsoftclock+0x1f
--- interrupt ---
end trace frame: 0x0, count: 249
0x8:
End of stack trace.
panic: bogus long slot station count 0
Starting stack trace...
panic() at panic+0x10b
ieee80211_node_leave_11g() at ieee80211_node_leave_11g+0xc4
ieee80211_node_leave() at ieee80211_node_leave+0x159
ieee80211_input() at ieee80211_input+0x411
ar5008_rx_intr() at ar5008_rx_intr+0x2de
ar5008_intr() at ar5008_intr+0x21d
intr_handler() at intr_handler+0x67
Xintr_ioapic_level11() at Xintr_ioapic_level11+0xcd
--- interrupt ---
cpu_idle_mwait_cycle() at cpu_idle_mwait_cycle+0x62
cpu_idle_cycle() at cpu_idle_cycle+0x10
end trace frame: 0x0, count: 247
End of stack trace.
panic: bogus long slot station count 0
Starting stack trace...
panic() at panic+0x10b
ieee80211_node_leave_11g() at ieee80211_node_leave_11g+0xc4
ieee80211_node_leave() at ieee80211_node_leave+0x159
ieee80211_send_group_msg1() at ieee80211_send_group_msg1+0x2d4
ieee80211_eapol_timeout() at ieee80211_eapol_timeout+0x57
softclock() at softclock+0x144
softintr_dispatch() at softintr_dispatch+0x8b
Xsoftclock() at Xsoftclock+0x1f
--- interrupt ---
end trace frame: 0x0, count: 249
0x8:
End of stack trace.
I have a core of the most recent panic, but I don't know what information is
relevant to extract from it; please ask if you have any ideas. ps(1) of that
core:
$ doas ps -A -N bsd.2 -M bsd.2.core
PID TT STAT TIME COMMAND
1 ?? Is 0:01.01 (init)
28160 ?? Is 0:00.00 (dhclient)
49080 ?? Rsp 0:00.06 (dhclient)
55657 ?? Rs 0:01.45 (dhcpcd)
70549 ?? Ip 0:00.92 (syslogd)
307 ?? Isp 0:00.01 (syslogd)
62594 ?? Is 0:00.01 (pflogd)
55152 ?? Rp 0:18.50 (pflogd)
19858 ?? Ss 3:02.54 (unbound)
2893 ?? I<s 0:00.03 (ntpd)
13837 ?? R<p 0:19.06 (ntpd)
11930 ?? Ip 0:00.03 (ntpd)
66212 ?? Is 0:00.02 (sshd)
37644 ?? Isp 0:00.86 (dhcpd)
4093 ?? Rsp 0:01.74 (rtadvd)
1412 ?? Isp 0:00.02 (smtpd)
70750 ?? Ip 0:00.05 (smtpd)
44606 ?? Ip 0:00.06 (smtpd)
35826 ?? Ip 0:00.14 (smtpd)
83559 ?? Ip 0:00.06 (smtpd)
37068 ?? Ip 0:00.05 (smtpd)
43648 ?? Ip 0:00.08 (smtpd)
88811 ?? Isp 0:00.00 (tftpd)
23035 ?? I<sp 0:00.00 (sndiod)
32030 ?? Isp 0:00.00 (sndiod)
82638 ?? S 0:10.27 (arpwatch)
56716 ?? Ss 8:18.97 (collectd)
71526 ?? Is 0:00.01 (apmd)
37627 ?? Isp 0:01.24 (cron)
18104 00 Is+p 0:00.01 (getty)
dmesg:
OpenBSD 6.0-current (GENERIC.MP) #2463: Sat Sep 17 09:52:10 MDT 2016
[email protected]:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 2130575360 (2031MB)
avail mem = 2061561856 (1966MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0
acpi at bios0 not configured
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Genuine Intel(R) CPU @ 1.60GHz, 1600.19 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF,SENSOR
cpu0: 512KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.2.0.2.0.3, IBE
cpu1 at mainbus0: apid 1 (application processor)
cpu1: Genuine Intel(R) CPU @ 1.60GHz, 1599.99 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE,NXE,LONG,LAHF,PERF,SENSOR
cpu1: 512KB 64b/line 8-way L2 cache
cpu1: smt 1, core 0, package 0
mpbios0: bus 0 is type PCI
mpbios0: bus 64 is type ISA
ioapic0 at mainbus0: apid 0 pa 0xfec00000, version 20, 24 pins
cpu0: unknown Enhanced SpeedStep CPU, msr 0x0610101706001017
cpu0: using only highest and lowest power states
cpu0: Enhanced SpeedStep 1600 MHz: speeds: 1600, 600 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel E600 Host" rev 0x05
pchb1 at pci0 dev 1 function 0 "Intel E600 Config" rev 0x00
ppb0 at pci0 dev 23 function 0 "Intel E600 PCIE" rev 0x00
pci1 at ppb0 bus 1
ppb1 at pci1 dev 0 function 0 "Intel EG20T PCIE" rev 0x01
pci2 at ppb1 bus 2
"Intel EG20T Packet Hub" rev 0x01 at pci2 dev 0 function 0 not configured
"Intel EG20T Ethernet" rev 0x02 at pci2 dev 0 function 1 not configured
"Intel EG20T GPIO" rev 0x01 at pci2 dev 0 function 2 not configured
ohci0 at pci2 dev 2 function 0 "Intel EG20T USB" rev 0x02: apic 0 int 19,
version 1.0
ohci1 at pci2 dev 2 function 1 "Intel EG20T USB" rev 0x02: apic 0 int 19,
version 1.0
ohci2 at pci2 dev 2 function 2 "Intel EG20T USB" rev 0x02: apic 0 int 19,
version 1.0
ehci0 at pci2 dev 2 function 3 "Intel EG20T USB" rev 0x02: apic 0 int 19
usb0 at ehci0: USB revision 2.0
uhub0 at usb0 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00
addr 1
"Intel EG20T USB Client" rev 0x02 at pci2 dev 2 function 4 not configured
sdhc0 at pci2 dev 4 function 0 "Intel EG20T SDIO" rev 0x01: apic 0 int 18
sdhc0: SDHC 1.0, 50 MHz base clock
sdmmc0 at sdhc0: 4-bit, sd high-speed, mmc high-speed
sdhc1 at pci2 dev 4 function 1 "Intel EG20T SDIO" rev 0x01: apic 0 int 18
sdhc1: SDHC 1.0, 50 MHz base clock
sdmmc1 at sdhc1: 4-bit, sd high-speed, mmc high-speed
ahci0 at pci2 dev 6 function 0 "Intel EG20T AHCI" rev 0x02: msi, AHCI 1.1
ahci0: port 0: 3.0Gb/s
scsibus1 at ahci0: 32 targets
sd0 at scsibus1 targ 0 lun 0: <ATA, KINGSTON SMS200S, 600A> SCSI3 0/direct
fixed naa.50026b7253081446
sd0: 28626MB, 512 bytes/sector, 58626288 sectors, thin
ohci3 at pci2 dev 8 function 0 "Intel EG20T USB" rev 0x02: apic 0 int 16,
version 1.0
ohci4 at pci2 dev 8 function 1 "Intel EG20T USB" rev 0x02: apic 0 int 16,
version 1.0
ohci5 at pci2 dev 8 function 2 "Intel EG20T USB" rev 0x02: apic 0 int 16,
version 1.0
ehci1 at pci2 dev 8 function 3 "Intel EG20T USB" rev 0x02: apic 0 int 16
usb1 at ehci1: USB revision 2.0
uhub1 at usb1 configuration 1 interface 0 "Intel EHCI root hub" rev 2.00/1.00
addr 1
"Intel EG20T DMA" rev 0x00 at pci2 dev 10 function 0 not configured
puc0 at pci2 dev 10 function 1 "Intel EG20T Serial" rev 0x01: ports: 1 com
com4 at puc0 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc1 at pci2 dev 10 function 2 "Intel EG20T Serial" rev 0x00: ports: 1 com
com5 at puc1 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc2 at pci2 dev 10 function 3 "Intel EG20T Serial" rev 0x00: ports: 1 com
com6 at puc2 port 0 apic 0 int 19: ti16750, 64 byte fifo
puc3 at pci2 dev 10 function 4 "Intel EG20T Serial" rev 0x00: ports: 1 com
com7 at puc3 port 0 apic 0 int 19: ti16750, 64 byte fifo
"Intel EG20T DMA" rev 0x00 at pci2 dev 12 function 0 not configured
"Intel EG20T SPI" rev 0x00 at pci2 dev 12 function 1 not configured
"Intel EG20T I2C" rev 0x00 at pci2 dev 12 function 2 not configured
"Intel EG20T CAN" rev 0x00 at pci2 dev 12 function 3 not configured
"Intel EG20T 1588" rev 0x01 at pci2 dev 12 function 4 not configured
usb2 at ohci0: USB revision 1.0
uhub2 at usb2 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
usb3 at ohci1: USB revision 1.0
uhub3 at usb3 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
usb4 at ohci2: USB revision 1.0
uhub4 at usb4 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
usb5 at ohci3: USB revision 1.0
uhub5 at usb5 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
usb6 at ohci4: USB revision 1.0
uhub6 at usb6 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
usb7 at ohci5: USB revision 1.0
uhub7 at usb7 configuration 1 interface 0 "Intel OHCI root hub" rev 1.00/1.00
addr 1
ppb2 at pci0 dev 24 function 0 "Intel E600 PCIE" rev 0x00
pci3 at ppb2 bus 3
ppb3 at pci3 dev 0 function 0 "IDT 89HPES4T4" rev 0x0e
pci4 at ppb3 bus 4
ppb4 at pci4 dev 2 function 0 "IDT 89HPES4T4" rev 0x0e
pci5 at ppb4 bus 5
em0 at pci5 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
00:00:24:d1:dc:ac
ppb5 at pci4 dev 3 function 0 "IDT 89HPES4T4" rev 0x0e
pci6 at ppb5 bus 6
em1 at pci6 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
00:00:24:d1:dc:ad
ppb6 at pci4 dev 4 function 0 "IDT 89HPES4T4" rev 0x0e
pci7 at ppb6 bus 7
athn0 at pci7 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 0 int 17
athn0: AR9280 rev 2 (2T2R), ROM rev 16, address 00:22:5f:34:e3:16
ppb7 at pci0 dev 25 function 0 "Intel E600 PCIE" rev 0x00
pci8 at ppb7 bus 8
ppb8 at pci8 dev 0 function 0 "IDT 89HPES4T4" rev 0x0e
pci9 at ppb8 bus 9
ppb9 at pci9 dev 2 function 0 "IDT 89HPES4T4" rev 0x0e
pci10 at ppb9 bus 10
em2 at pci10 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
00:00:24:d1:dc:ae
ppb10 at pci9 dev 3 function 0 "IDT 89HPES4T4" rev 0x0e
pci11 at ppb10 bus 11
em3 at pci11 dev 0 function 0 "Intel 82574L" rev 0x00: msi, address
00:00:24:d1:dc:af
ppb11 at pci9 dev 4 function 0 "IDT 89HPES4T4" rev 0x0e
pci12 at ppb11 bus 12
ppb12 at pci0 dev 26 function 0 "Intel E600 PCIE" rev 0x00
pci13 at ppb12 bus 13
tcpcib0 at pci0 dev 31 function 0 "Intel E600 LPC" rev 0x00: 14318179 Hz timer,
watchdog
isa0 at tcpcib0
isadma0 at isa0
com0 at isa0 port 0x3f8/8 irq 4: ti16750, 64 byte fifo
com0: console
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
skgpio0 at isa0 port 0x680/32
gpio0 at skgpio0: 16 pins
gpio1 at skgpio0: 2 pins
vscsi0 at root
scsibus2 at vscsi0: 256 targets
softraid0 at root
scsibus3 at softraid0: 256 targets
root on sd0a (7a62987b406ab160.a) swap on sd0b dump on sd0b
WARNING: / was not properly unmounted
usbdevs:
Controller /dev/usb0:
addr 1: high speed, self powered, config 1, EHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
port 2 powered
port 3 powered
Controller /dev/usb1:
addr 1: high speed, self powered, config 1, EHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
port 2 powered
port 3 powered
Controller /dev/usb2:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
Controller /dev/usb3:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
Controller /dev/usb4:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
Controller /dev/usb5:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
Controller /dev/usb6:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
Controller /dev/usb7:
addr 1: full speed, self powered, config 1, OHCI root hub(0x0000),
Intel(0x8086), rev 1.00
port 1 powered
