On Sat, Sep 25, 2021 at 02:03:40AM +0000, Mikolaj Kucharski wrote: > I've added more info, probably mainly for myself. I'm not sure where to > go with this information yet.
We need to figure out what makes this code use a group key which has been cleared. Please add printfs for lines of code which modify ic->ic_def_txkey. There's one in ieee80211_setkeysdone() which might be particularly relevant. It is called from the group key renewal timeout which triggers once per hour. Can you reproduce the issue more quickly if you change the 3600s timeout in ieee80211_gtk_rekey_timeout() to a smaller amount of time, say every 60s?
