Re: Crash in stock Fedora 4.17 kernel in ieee80211_set_wmm_default
On 08/17/2018 03:49 PM, Ben Greear wrote:
I have been running some tests on un-modified Fedora 27, with a stock QCA
firmware-2.bin.
I realized a bit later than NetworkManager (or wpa_supplicant service?) was
already doing something with this
interface. When I disabled wpa_supplicant service, the crashes stopped.
Still a bug, but maybe that will help someone understand why and/or reproduce.
Thanks,
Ben
[root@lf0350-0a0e ~]# uname -a
Linux lf0350-0a0e 4.17.14-102.fc27.x86_64 #1 SMP Wed Aug 15 12:26:40 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
[root@lf0350-0a0e network-scripts]# ethtool -i wlp5s0
driver: ath10k_pci
version: 4.17.14-102.fc27.x86_64
firmware-version: 10.1.467.3-1
expansion-rom-version:
bus-info: :05:00.0
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
[root@lf0350-0a0e network-scripts]# cat /root/run_sup.sh
#!/bin/bash
WLAN=wlp5s0
CONF=/root/bagel.conf
wpa_supplicant -g /var/run/wpa_supplicant_if_wiphy1 -B -P
/tmp/wpa_supplicant-wiphy1.pid -t -f /tmp/wpa_supplicant_log_wiphy1.txt -dd -K
-Dnl80211 -i $WLAN -c
$CONF
# cat /root/bagel.conf
ctrl_interface=/var/run/wpa_supplicant
fast_reauth=1
p2p_disabled=1
bss_max_count=2000
network={
ssid="HOME-C9EC-2.4"
proto=RSN
key_mgmt=WPA-PSK WPA-PSK-SHA256
psk="XXX"
#psk=xxx
pairwise=TKIP CCMP
group=TKIP CCMP
proactive_key_caching=0
}
The kernel reliably crashes when I start up supplicant with the script above.
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: authenticate with ec:aa:a0:f6:e3:98
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: send auth to ec:aa:a0:f6:e3:98 (try
1/3)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: authenticated
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: associate with ec:aa:a0:f6:e3:98
(try 1/3)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: RX AssocResp from ec:aa:a0:f6:e3:98
(capab=0x431 status=0 aid=1)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: associated
Aug 17 15:37:28 lf0350-0a0e wpa_supplicant[974]: wlp5s0: No network
configuration found for the current AP
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: deauthenticating from
ec:aa:a0:f6:e3:98 by local choice (Reason: 3=DEAUTH_LEAVING)
Aug 17 15:37:28 lf0350-0a0e kernel: general protection fault: [#1] SMP
NOPTI
Aug 17 15:37:28 lf0350-0a0e kernel: Modules linked in: ip6t_rpfilter
ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat
ebtable_broute bridge
stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6
ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4
nf_defrag_ipv4
nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_raw
iptable_security ebtable_filter ebtables ip6table_filter ip6_tables arc4 sunrpc
ath10k_pci
ath10k_core mac80211 amd64_edac_mod edac_mce_amd kvm_amd kvm ath irqbypass
crct10dif_pclmul crc32_pclmul sdhci_pci cfg80211 leds_apu ghash_clmulni_intel
cqhci
sdhci igb fam15h_power sp5100_tco mmc_core i2c_piix4 k10temp rfkill
i2c_algo_bit dca ccp shpchp pcc_cpufreq acpi_cpufreq crc32c_intel
Aug 17 15:37:28 lf0350-0a0e kernel: CPU: 3 PID: 974 Comm: wpa_supplicant Not
tainted 4.17.14-102.fc27.x86_64 #1
Aug 17 15:37:28 lf0350-0a0e kernel: Hardware name: PC Engines APU2/APU2, BIOS
4.0.7 02/28/2017
Aug 17 15:37:28 lf0350-0a0e kernel: RIP:
0010:ieee80211_regulatory_limit_wmm_params.part.19+0x63/0xe0 [mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: RSP: 0018:9d7fc1177940 EFLAGS: 00010297
Aug 17 15:37:28 lf0350-0a0e kernel: RAX: 2c5ff8c7f2828f00 RBX: 8bf9983ee8c0
RCX: 2c5ff8c7f2828f00
Aug 17 15:37:28 lf0350-0a0e kernel: RDX: 0025b840 RSI: 00259130
RDI: 8bf997fa5020
Aug 17 15:37:28 lf0350-0a0e kernel: RBP: R08:
R09:
Aug 17 15:37:28 lf0350-0a0e kernel: R10: 001f R11: 03ff
R12: 9d7fc117797e
Aug 17 15:37:28 lf0350-0a0e kernel: R13: 8bf9983ee8c0 R14:
R15: 8bf996a50760
Aug 17 15:37:28 lf0350-0a0e kernel: FS: 7f8bc46f8300()
GS:8bf99ed8() knlGS:
Aug 17 15:37:28 lf0350-0a0e kernel: CS: 0010 DS: ES: CR0:
80050033
Aug 17 15:37:28 lf0350-0a0e kernel: CR2: 55efb3ce6728 CR3: 000102666000
CR4: 000406e0
Aug 17 15:37:28 lf0350-0a0e kernel: Call Trace:
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_set_wmm_default+0x2f7/0x3a0
[mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_set_disassoc+0x21b/0x5b0
[mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ? avtab_search_node+0xb1/0x100
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_mgd_deauth+0x113/0x230 [mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: cfg80211_mlme_deauth+0xaf/0x1c0 [cfg80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ? startup_64+0x3/0x30
Aug 17 15:37:28 lf0350-0a0e kernel: nl80211_deauthenticate+0x11f/0x160
[cfg80211]
Aug 17 15:37:28 lf0350-0a0e
Crash in stock Fedora 4.17 kernel in ieee80211_set_wmm_default
I have been running some tests on un-modified Fedora 27, with a stock QCA
firmware-2.bin.
[root@lf0350-0a0e ~]# uname -a
Linux lf0350-0a0e 4.17.14-102.fc27.x86_64 #1 SMP Wed Aug 15 12:26:40 UTC 2018
x86_64 x86_64 x86_64 GNU/Linux
[root@lf0350-0a0e network-scripts]# ethtool -i wlp5s0
driver: ath10k_pci
version: 4.17.14-102.fc27.x86_64
firmware-version: 10.1.467.3-1
expansion-rom-version:
bus-info: :05:00.0
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
[root@lf0350-0a0e network-scripts]# cat /root/run_sup.sh
#!/bin/bash
WLAN=wlp5s0
CONF=/root/bagel.conf
wpa_supplicant -g /var/run/wpa_supplicant_if_wiphy1 -B -P
/tmp/wpa_supplicant-wiphy1.pid -t -f /tmp/wpa_supplicant_log_wiphy1.txt -dd -K
-Dnl80211 -i $WLAN -c $CONF
# cat /root/bagel.conf
ctrl_interface=/var/run/wpa_supplicant
fast_reauth=1
p2p_disabled=1
bss_max_count=2000
network={
ssid="HOME-C9EC-2.4"
proto=RSN
key_mgmt=WPA-PSK WPA-PSK-SHA256
psk="XXX"
#psk=xxx
pairwise=TKIP CCMP
group=TKIP CCMP
proactive_key_caching=0
}
The kernel reliably crashes when I start up supplicant with the script above.
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: authenticate with ec:aa:a0:f6:e3:98
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: send auth to ec:aa:a0:f6:e3:98 (try
1/3)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: authenticated
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: associate with ec:aa:a0:f6:e3:98
(try 1/3)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: RX AssocResp from ec:aa:a0:f6:e3:98
(capab=0x431 status=0 aid=1)
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: associated
Aug 17 15:37:28 lf0350-0a0e wpa_supplicant[974]: wlp5s0: No network
configuration found for the current AP
Aug 17 15:37:28 lf0350-0a0e kernel: wlp5s0: deauthenticating from
ec:aa:a0:f6:e3:98 by local choice (Reason: 3=DEAUTH_LEAVING)
Aug 17 15:37:28 lf0350-0a0e kernel: general protection fault: [#1] SMP
NOPTI
Aug 17 15:37:28 lf0350-0a0e kernel: Modules linked in: ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bridge
stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4
nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_raw iptable_security ebtable_filter ebtables ip6table_filter ip6_tables arc4 sunrpc ath10k_pci
ath10k_core mac80211 amd64_edac_mod edac_mce_amd kvm_amd kvm ath irqbypass crct10dif_pclmul crc32_pclmul sdhci_pci cfg80211 leds_apu ghash_clmulni_intel cqhci
sdhci igb fam15h_power sp5100_tco mmc_core i2c_piix4 k10temp rfkill i2c_algo_bit dca ccp shpchp pcc_cpufreq acpi_cpufreq crc32c_intel
Aug 17 15:37:28 lf0350-0a0e kernel: CPU: 3 PID: 974 Comm: wpa_supplicant Not
tainted 4.17.14-102.fc27.x86_64 #1
Aug 17 15:37:28 lf0350-0a0e kernel: Hardware name: PC Engines APU2/APU2, BIOS
4.0.7 02/28/2017
Aug 17 15:37:28 lf0350-0a0e kernel: RIP:
0010:ieee80211_regulatory_limit_wmm_params.part.19+0x63/0xe0 [mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: RSP: 0018:9d7fc1177940 EFLAGS: 00010297
Aug 17 15:37:28 lf0350-0a0e kernel: RAX: 2c5ff8c7f2828f00 RBX: 8bf9983ee8c0
RCX: 2c5ff8c7f2828f00
Aug 17 15:37:28 lf0350-0a0e kernel: RDX: 0025b840 RSI: 00259130
RDI: 8bf997fa5020
Aug 17 15:37:28 lf0350-0a0e kernel: RBP: R08:
R09:
Aug 17 15:37:28 lf0350-0a0e kernel: R10: 001f R11: 03ff
R12: 9d7fc117797e
Aug 17 15:37:28 lf0350-0a0e kernel: R13: 8bf9983ee8c0 R14:
R15: 8bf996a50760
Aug 17 15:37:28 lf0350-0a0e kernel: FS: 7f8bc46f8300()
GS:8bf99ed8() knlGS:
Aug 17 15:37:28 lf0350-0a0e kernel: CS: 0010 DS: ES: CR0:
80050033
Aug 17 15:37:28 lf0350-0a0e kernel: CR2: 55efb3ce6728 CR3: 000102666000
CR4: 000406e0
Aug 17 15:37:28 lf0350-0a0e kernel: Call Trace:
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_set_wmm_default+0x2f7/0x3a0
[mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_set_disassoc+0x21b/0x5b0
[mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ? avtab_search_node+0xb1/0x100
Aug 17 15:37:28 lf0350-0a0e kernel: ieee80211_mgd_deauth+0x113/0x230 [mac80211]
Aug 17 15:37:28 lf0350-0a0e kernel: cfg80211_mlme_deauth+0xaf/0x1c0 [cfg80211]
Aug 17 15:37:28 lf0350-0a0e kernel: ? startup_64+0x3/0x30
Aug 17 15:37:28 lf0350-0a0e kernel: nl80211_deauthenticate+0x11f/0x160
[cfg80211]
Aug 17 15:37:28 lf0350-0a0e kernel: genl_family_rcv_msg+0x1e4/0x390
Aug 17 15:37:28 lf0350-0a0e kernel: ? __switch_to_asm+0x34/0x70
Aug 17 15:37:28 lf0350-0a0e kernel: ? __switch_to_asm+0x40/0x70
Aug 17 15:37:28 lf0350-0a0e kernel: ? __switch_to_asm+0x34/0x70
Aug 17 15:37:28 lf0350-0a0e kernel: ? __switch_to_asm+0x40/0x70
Aug 17 15:37:28 lf0350-0a0e
