Re: ieee80211 panic on athn reconfig
On May 03 19:21:17, s...@stsp.name wrote: > On Fri, Apr 17, 2020 at 12:08:39PM +0200, Jan Stary wrote: > > This is current/i386 on an ALIX (dmesg below) with > > > > athn0 at pci0 dev 12 function 0 "Atheros AR9280" rev 0x01: irq 9 > > athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:01:d6:86 > > > > # cat hostname.athn0 > > inet 192.168.33.1 255.255.255.0 NONE > > media autoselect mode 11g mediaopt hostap chan 2 > > nwid stare.cz wpakey hovnoPrdel123 > > > > After changing the password, or the channel, or the mode, and doing > > > > # sh /etc/netstart athn0 > > > > the machine reproducibly panics (cereal script below). > > > > I have no idea why it panics in ieee80211_encrypt(). > > It happens both with clients associated and not. > > > > Is this known with athn(4)? > > How can I help debug this? > > > > Jan > > > > > > ddb> show panic > > ieee80211_encrypt: key unset for sw crypto: 0 > > > > ddb> trace > > db_enter() at db_enter+0x4 > > panic(d0b83788) at panic+0xcc > > ieee80211_encrypt(d194e030,d195bc00,d194eb00) at ieee80211_encrypt+0x70 > > ar5008_tx(d194e000,d195bc00,d19a,2) at ar5008_tx+0x9a > > ar5008_swba_intr(d194e000) at ar5008_swba_intr+0x238 > > ar5008_intr(d194e000) at ar5008_intr+0x12f > > intr_handler(f3b1d67c,d1945480) at intr_handler+0x18 > > Xintr_legacy9_untramp() at Xintr_legacy9_untramp+0xf7 > > end of kernel Sorry for being so late; apparently, the fix is already in. I can confirm that none of the above happens any more: changing the password, the mode, or the channel does not result in a panic, with and without clients connected. > Are you using clients which use powersave mode, such as phones? yes, androids. Jan
Re: ieee80211 panic on athn reconfig
On Fri, Apr 17, 2020 at 12:08:39PM +0200, Jan Stary wrote: > This is current/i386 on an ALIX (dmesg below) with > > athn0 at pci0 dev 12 function 0 "Atheros AR9280" rev 0x01: irq 9 > athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:01:d6:86 > > # cat hostname.athn0 > inet 192.168.33.1 255.255.255.0 NONE > media autoselect mode 11g mediaopt hostap chan 2 > nwid stare.cz wpakey hovnoPrdel123 > > After changing the password, or the channel, or the mode, and doing > > # sh /etc/netstart athn0 > > the machine reproducibly panics (cereal script below). > > I have no idea why it panics in ieee80211_encrypt(). > It happens both with clients associated and not. > > Is this known with athn(4)? > How can I help debug this? > > Jan > > > ddb> show panic > ieee80211_encrypt: key unset for sw crypto: 0 > > ddb> trace > db_enter() at db_enter+0x4 > panic(d0b83788) at panic+0xcc > ieee80211_encrypt(d194e030,d195bc00,d194eb00) at ieee80211_encrypt+0x70 > ar5008_tx(d194e000,d195bc00,d19a,2) at ar5008_tx+0x9a > ar5008_swba_intr(d194e000) at ar5008_swba_intr+0x238 > ar5008_intr(d194e000) at ar5008_intr+0x12f > intr_handler(f3b1d67c,d1945480) at intr_handler+0x18 > Xintr_legacy9_untramp() at Xintr_legacy9_untramp+0xf7 > end of kernel Are you using clients which use powersave mode, such as phones? This trace goes through ar5008_swba_intr(). The only way to get into ar5008_tx() from there is when group-addressed frames are queued on the powersave queue of the AP (ic_bss->ni_savedq). I cannot see this queue being purged anywhere when the interface goes down. So it seems what happened is that a stale frame was sitting on this queue and a fatal transmit attempt occurred when the interface came back up after being re-configured. Can you please try this diff? The same panic and trace has also been reported to me by Ted Patterson. diff ffca677e9e7ca9efd316fa2f2b6572b193c50cf8 /usr/src blob - f6349c70279687b18ce89f670b732a62f3696271 file + sys/net80211/ieee80211_node.c --- sys/net80211/ieee80211_node.c +++ sys/net80211/ieee80211_node.c @@ -1595,6 +1595,10 @@ ieee80211_node_cleanup(struct ieee80211com *ic, struct free(ni->ni_unref_arg, M_DEVBUF, ni->ni_unref_arg_size); ni->ni_unref_arg = NULL; ni->ni_unref_arg_size = 0; + +#ifndef IEEE80211_STA_ONLY + mq_purge(>ni_savedq); +#endif } void @@ -2047,7 +2051,7 @@ ieee80211_free_allnodes(struct ieee80211com *ic, int c splx(s); if (clear_ic_bss && ic->ic_bss != NULL) - ieee80211_node_cleanup(ic, ic->ic_bss); /* for station mode */ + ieee80211_node_cleanup(ic, ic->ic_bss); } void
Re: ieee80211 panic on athn reconfig
On Fri, Apr 17, 2020 at 12:08:39PM +0200, Jan Stary wrote: > This is current/i386 on an ALIX (dmesg below) with > > athn0 at pci0 dev 12 function 0 "Atheros AR9280" rev 0x01: irq 9 > athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:01:d6:86 > > # cat hostname.athn0 > inet 192.168.33.1 255.255.255.0 NONE > media autoselect mode 11g mediaopt hostap chan 2 > nwid stare.cz wpakey hovnoPrdel123 > > After changing the password, or the channel, or the mode, and doing > > # sh /etc/netstart athn0 > > the machine reproducibly panics (cereal script below). > > I have no idea why it panics in ieee80211_encrypt(). > It happens both with clients associated and not. > > Is this known with athn(4)? No, but it is definitely a bug. > How can I help debug this? Could you try to find a short sequence of 'ifconfig athn0' commands that will trigger it, instead of /etc/netstart? That would help me already.
