OpenWrt/LEDE Project

  • Status Assigned
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Base system
  • Assigned To No-one
  • Operating System All
  • Severity Low
  • Priority Medium
  • Reported Version Trunk
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by Alexander Couzens - 14.05.2019
Last edited by Petr Štetiar - 02.06.2019

FS#2283 - m76: crash when creating an additional monitor interface

OpenWrt: b65a270c851ee422f26a0af10c879ebb87cb8f76
mt76: 4.14.108+2019-03-27-a11b6734-1

While debugging an unicast wifi bug, I tried to create a mon0 interface
iw wlan0 interface add mon0 type monitor.

Modules:	mt7603e@830f0000+87a0	mt76@83128000+6060	mac80211@83080000+6a240	iptable_raw@83111000+2e0	iptable_nat@831c5000+340	iptable_mangle@83bd7000+400	iptable_filter@83135000+360	ipt_REJECT@831c3000+3a0	ipt_MASQUERADE@8311f000+280	ipt_ECN@83bca000+560	ip_tables@831c0000+2650	cfg80211@83000000+35fb0	xt_time@83bbd000+6c0	xt_tcpudp@83baa000+6e0	xt_tcpmss@831ac000+400	xt_statistic@8311d000+320	xt_state@83151000+2a0xt_recent@831ae000+1bf0	xt_nat@83bd0000+5e0	xt_multiport@83bd6000+4e0	xt_mark@83134000+280	xt_mac@83bd3000+240	xt_limit@8315f000+480	xt_length@83125000+2a0	xt_hl@83132000+300	xt_helper@83126000+340	xt_ecn@83127000+520	xt_dscp@8313c000+3c0	xt_conntrack@83ba8000+8e0	xt_connmark@8311c000+420	xt_connlimit@83136000+1110	xt_connbytes@83bcd000+620	xt_comment@83117000+1c0	xt_TCPMSS@83bd2000+800	xt_REDIRECT@83bce000+2a0	xt_LOG@83bcc000+280	xt_HL@83bc9000+520	xt_FLOWOFFLOAD@83bc7000+ab0	xt_DSCP@8313b000+5c0	xt_CT@8313d000+9e0	xt_CLASSIFY@83131000+220	x_tables@83bc0000+30f0	nf_reject_ipv4@83130000+780	nf_nat_redirect@8311e000+560	nf_nat_masquerade_ipv4@83bac000+590	nf_conntrack_ipv4@83bb8000+1100	nf_nat_ipv4@83bba000+c70	nf_nat@83120000+2250	nf_log_ipv4@83bad000+dc0	nf_log_common@83116000+980	nf_flow_table_hw@83bbe000+820	nf_flow_table@83ba4000+3310	nf_defrag_ipv4@83153000+3e0	nf_conntrack_rtcache@83112000+8a0	compat@83118000+1700	act_connmark@83113000+850	nf_conntrack@83100000+d2c0	sch_tbf@8314e000+1680	sch_ingress@8314a000+4a0	sch_htb@83ba0000+36d0	sch_hfsc@83158000+39e0	em_u32@831ba000+200	cls_u32@83154000+2330	cls_tcindex@8314c000+15c0	cls_route@831be000+1540	cls_matchall@831a3000+a20	cls_fw@83144000+1000	cls_flow@83148000+1780	cls_basic@831bb000+d00	act_skbedit@831b4000+9f0	act_mirred@831b5000+e50	ifb@831a0000+be0	l2tp_ip@8316e000+1410	l2tp_eth@831a4000+a00	l2tp_netlink@831a6000+1f90	l2tp_core@831a8000+3110	udp_tunnel@83b99000+920	leds_gpio@83b4f000+b20	gpio_button_hotplug@83b50000+1900
<6>[    0.191477] UDP hash table entries: 256 (order: 0, 4096 bytes)
<6>[    0.197077] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
<6>[    0.203431] NET: Registered protocol family 1
<7>[    0.207612] PCI: CLS 0 bytes, default 32
<4>[    0.210849] Crashlog allocated RAM at address 0x3f00000
<6>[    0.217463] workingset: timestamp_bits=30 max_order=14 bucket_order=0
<6>[    0.229138] squashfs: version 4.0 (2009/01/31) Phillip Lougher
<6>[    0.234765] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
<6>[    0.254072] io scheduler noop registered
<6>[    0.257804] io scheduler deadline registered (default)
<6>[    0.263580] Serial: 8250/16550 driver, 3 ports, IRQ sharing disabled
<6>[    0.270756] console [ttyS0] disabled
<6>[    0.274257] 10000c00.uartlite: ttyS0 at MMIO 0x10000c00 (irq = 28, base_baud = 2500000) is a 16550A
<6>[    0.282984] console [ttyS0] enabled
<6>[    0.289970] bootconsole [early0] disabled
<3>[    0.298544] cacheinfo: Failed to find cpu0 device node
<4>[    0.303799] cacheinfo: Unable to detect cache hierarchy for CPU 0
<6>[    0.310628] spi-mt7621 10000b00.spi: sys_freq: 193333333
<6>[    0.329261] m25p80 spi0.0: s25fl064k (8192 Kbytes)
<5>[    0.334207] 4 fixed-partitions partitions found on MTD device spi0.0
<5>[    0.340643] Creating 4 MTD partitions on "spi0.0":
<5>[    0.345526] 0x000000000000-0x000000020000 : "boot"
<5>[    0.351255] 0x000000020000-0x0000007c0000 : "firmware"
<5>[    0.359405] 2 tplink-fw partitions found on MTD device firmware
<5>[    0.365482] Creating 2 MTD partitions on "firmware":
<5>[    0.370527] 0x000000000000-0x00000014f3a3 : "kernel"
<5>[    0.376451] 0x00000014f3a4-0x0000007a0000 : "rootfs"
<5>[    0.382277] mtd: device 3 (rootfs) set to be root filesystem
<5>[    0.389534] 1 squashfs-split partitions found on MTD device rootfs
<5>[    0.395888] 0x000000390000-0x0000007a0000 : "rootfs_data"
<5>[    0.402220] 0x0000007c0000-0x0000007d0000 : "config"
<5>[    0.408051] 0x0000007d0000-0x000000800000 : "factory"
<6>[    0.414688] libphy: Fixed MDIO Bus: probed
<6>[    0.431000] rt3050-esw 10110000.esw: link changed 0x00
<6>[    0.437801] mtk_soc_eth 10100000.ethernet eth0: mediatek frame engine at 0xb0100000, irq 5
<6>[    0.447188] NET: Registered protocol family 17
<6>[    0.451831] 8021q: 802.1Q VLAN Support v1.8
<6>[    0.468953] VFS: Mounted root (squashfs filesystem) readonly on device 31:3.
<6>[    0.476929] Freeing unused kernel memory: 136K
<4>[    0.481474] This architecture does not have kernel memory protection.
<14>[    1.719920] init: Console is alive
<14>[    1.723707] init: - watchdog -
<5>[    2.267376] random: fast init done
<14>[    3.000227] kmodloader: loading kernel modules from /etc/modules-boot.d/*
<14>[    3.073195] kmodloader: done loading kernel modules from /etc/modules-boot.d/*
<14>[    3.091032] init: - preinit -
<6>[    4.256850] rt3050-esw 10110000.esw: link changed 0x00
<5>[    4.687762] random: procd: uninitialized urandom read (4 bytes read)
<13>[    4.780523] mount_root: jffs2 not ready yet, using temporary tmpfs overlay
<12>[    4.822673] urandom-seed: Seed file not found (/etc/urandom.seed)
<14>[    4.918017] procd: - early -
<14>[    4.921055] procd: - watchdog -
<14>[    5.550307] procd: - watchdog -
<14>[    5.553880] procd: - ubus -
<5>[    5.600493] random: ubusd: uninitialized urandom read (4 bytes read)
<5>[    5.667639] random: ubusd: uninitialized urandom read (4 bytes read)
<14>[    5.675598] procd: - init -
<14>[    6.002174] kmodloader: loading kernel modules from /etc/modules.d/*
<6>[    6.011883] l2tp_core: L2TP core driver, V2.0
<6>[    6.017941] l2tp_netlink: L2TP netlink interface
<6>[    6.024375] l2tp_eth: L2TP ethernet pseudowire support (L2TPv3)
<6>[    6.032295] l2tp_ip: L2TP IP encapsulation support (L2TPv3)
<6>[    6.044769] Mirror/redirect action on
<6>[    6.141161] u32 classifier
<6>[    6.143986]     input device check on
<6>[    6.147693]     Actions configured
<6>[    6.239795] nf_conntrack version 0.5.0 (1024 buckets, 4096 max)
<6>[    6.260517] Loading modules backported from Linux version v4.19.23-0-g67d52fae61c1
<6>[    6.268272] Backport generated by backports.git v4.19.23-1-0-g480a925a
<6>[    6.488990] xt_time: kernel timezone is -0000
<6>[    6.514755] ip_tables: (C) 2000-2006 Netfilter Core Team
<6>[    6.566528] mt76_wmac 10300000.wmac: ASIC revision: 76280001
<6>[    7.593554] mt76_wmac 10300000.wmac: Firmware Version: 20151201
<6>[    7.599575] mt76_wmac 10300000.wmac: Build Time: 20151201183641
<6>[    7.621350] mt76_wmac 10300000.wmac: firmware init done
<6>[    7.728549] rt3050-esw 10110000.esw: link changed 0x01
<7>[    7.792147] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<14>[    7.802137] kmodloader: done loading kernel modules from /etc/modules.d/*
<4>[    9.177342] urandom_read: 6 callbacks suppressed
<5>[    9.177353] random: jshn: uninitialized urandom read (4 bytes read)
<6>[   11.971477] rt3050-esw 10110000.esw: link changed 0x00
<6>[   15.521829] rt3050-esw 10110000.esw: link changed 0x01
<6>[   40.298153] rt3050-esw 10110000.esw: link changed 0x00
<6>[   43.783225] rt3050-esw 10110000.esw: link changed 0x01
<6>[   44.432507] device eth0 entered promiscuous mode
<6>[   50.910274] br-lan: port 1(eth0.1) entered blocking state
<6>[   50.915855] br-lan: port 1(eth0.1) entered disabled state
<6>[   50.921660] device eth0.1 entered promiscuous mode
<6>[   50.939619] br-lan: port 1(eth0.1) entered blocking state
<6>[   50.945176] br-lan: port 1(eth0.1) entered forwarding state
<6>[   51.073380] br-lan: port 1(eth0.1) entered disabled state
<6>[   51.080911] device eth0.1 left promiscuous mode
<6>[   51.085686] br-lan: port 1(eth0.1) entered disabled state
<6>[   51.170750] br-lan: port 1(eth0.1) entered blocking state
<6>[   51.176313] br-lan: port 1(eth0.1) entered disabled state
<6>[   51.182108] device eth0.1 entered promiscuous mode
<6>[   51.234695] br-lan: port 1(eth0.1) entered blocking state
<6>[   51.240185] br-lan: port 1(eth0.1) entered forwarding state
<6>[   54.284409] br-lan: port 2(wlan0) entered blocking state
<6>[   54.290155] br-lan: port 2(wlan0) entered disabled state
<6>[   54.295937] device wlan0 entered promiscuous mode
<6>[   55.227079] br-lan: port 2(wlan0) entered blocking state
<6>[   55.232548] br-lan: port 2(wlan0) entered forwarding state
<6>[   65.499313] device wlan0 left promiscuous mode
<6>[   65.504001] br-lan: port 2(wlan0) entered disabled state
<6>[   67.659749] br-lan: port 2(wlan0) entered blocking state
<6>[   67.665252] br-lan: port 2(wlan0) entered disabled state
<6>[   67.670929] device wlan0 entered promiscuous mode
<6>[   67.675848] br-lan: port 2(wlan0) entered blocking state
<6>[   67.681236] br-lan: port 2(wlan0) entered forwarding state
<6>[   67.687263] br-lan: port 2(wlan0) entered disabled state
<6>[   70.171904] br-lan: port 2(wlan0) entered blocking state
<6>[   70.177326] br-lan: port 2(wlan0) entered forwarding state
<4>[   74.063128] jffs2_scan_eraseblock(): End of filesystem marker found at 0x0
<4>[   74.076565] jffs2_build_filesystem(): unlocking the mtd device... 
<4>[   74.076626] done.
<4>[   74.084920] jffs2_build_filesystem(): erasing all blocks after the end marker... 
<5>[   75.341427] random: crng init done
<4>[   89.806667] done.
<5>[   89.808667] jffs2: notice: (2808) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
<4>[   90.097054] overlayfs: upper fs does not support tmpfile.
<6>[95491.758861] device wlan0 left promiscuous mode
<6>[95491.763556] br-lan: port 2(wlan0) entered disabled state
<6>[95496.123525] br-lan: port 2(wlan0) entered blocking state
<6>[95496.128998] br-lan: port 2(wlan0) entered disabled state
<6>[95496.134779] device wlan0 entered promiscuous mode
<6>[95496.139678] br-lan: port 2(wlan0) entered blocking state
<6>[95496.145064] br-lan: port 2(wlan0) entered forwarding state
<6>[95496.151480] br-lan: port 2(wlan0) entered disabled state
<6>[95497.434477] br-lan: port 2(wlan0) entered blocking state
<6>[95497.439926] br-lan: port 2(wlan0) entered forwarding state
<6>[181891.461089] device wlan0 left promiscuous mode
<6>[181891.465866] br-lan: port 2(wlan0) entered disabled state
<6>[181895.862824] br-lan: port 2(wlan0) entered blocking state
<6>[181895.868387] br-lan: port 2(wlan0) entered disabled state
<6>[181895.874262] device wlan0 entered promiscuous mode
<6>[181897.223872] br-lan: port 2(wlan0) entered blocking state
<6>[181897.229417] br-lan: port 2(wlan0) entered forwarding state
<6>[268291.119138] device wlan0 left promiscuous mode
<6>[268291.123910] br-lan: port 2(wlan0) entered disabled state
<6>[268296.605568] br-lan: port 2(wlan0) entered blocking state
<6>[268296.611162] br-lan: port 2(wlan0) entered disabled state
<6>[268296.616932] device wlan0 entered promiscuous mode
<6>[268298.034899] br-lan: port 2(wlan0) entered blocking state
<6>[268298.040440] br-lan: port 2(wlan0) entered forwarding state
<6>[354690.783285] device wlan0 left promiscuous mode
<6>[354690.788153] br-lan: port 2(wlan0) entered disabled state
<6>[354695.110340] br-lan: port 2(wlan0) entered blocking state
<6>[354695.115924] br-lan: port 2(wlan0) entered disabled state
<6>[354695.121790] device wlan0 entered promiscuous mode
<6>[354696.496658] br-lan: port 2(wlan0) entered blocking state
<6>[354696.502208] br-lan: port 2(wlan0) entered forwarding state
<6>[441090.473174] device wlan0 left promiscuous mode
<6>[441090.478041] br-lan: port 2(wlan0) entered disabled state
<6>[441094.831626] br-lan: port 2(wlan0) entered blocking state
<6>[441094.837188] br-lan: port 2(wlan0) entered disabled state
<6>[441094.843056] device wlan0 entered promiscuous mode
<6>[441094.848063] br-lan: port 2(wlan0) entered blocking state
<6>[441094.853538] br-lan: port 2(wlan0) entered forwarding state
<6>[441094.860044] br-lan: port 2(wlan0) entered disabled state
<6>[441096.143580] br-lan: port 2(wlan0) entered blocking state
<6>[441096.149126] br-lan: port 2(wlan0) entered forwarding state
<6>[527490.172730] device wlan0 left promiscuous mode
<6>[527490.177478] br-lan: port 2(wlan0) entered disabled state
<6>[527494.541946] br-lan: port 2(wlan0) entered blocking state
<6>[527494.547517] br-lan: port 2(wlan0) entered disabled state
<6>[527494.553391] device wlan0 entered promiscuous mode
<6>[527495.938895] br-lan: port 2(wlan0) entered blocking state
<6>[527495.944394] br-lan: port 2(wlan0) entered forwarding state
<1>[592589.839671] CPU 0 Unable to handle kernel paging request at virtual address 000002c8, epc == 830af554, ra == 83082384
<4>[592589.850591] Oops[#1]:
<4>[592589.852986] CPU: 0 PID: 0 Comm: swapper Not tainted 4.14.108 #0
<4>[592589.859074] task: 803cb430 task.stack: 803c6000
<4>[592589.863748] $ 0   : 00000000 80410000 00000000 00000000
<4>[592589.869140] $ 4   : 00000000 838cbd80 00000000 00000000
<4>[592589.874531] $ 8   : 838cb1c8 82f18516 00000010 43420000
<4>[592589.879922] $12   : 087f0000 00000000 000a9a0e 00000004
<4>[592589.885312] $16   : 838cbd80 00000000 830ecbc0 830ecbc0
<4>[592589.890703] $20   : 83b61bf0 830f73ac 00000001 00000000
<4>[592589.896093] $24   : 00000010 801bcbe0                  
<4>[592589.901484] $28   : 803c6000 83807e18 830ede88 83082384
<4>[592589.906876] Hi    : 005a1ac2
<4>[592589.909878] Lo    : ef14c145
<4>[592589.912889] epc   : 830af554 0x830af554 [mac80211@83080000+0x6a240]
<4>[592589.919330] ra    : 83082384 0x83082384 [mac80211@83080000+0x6a240]
<4>[592589.925764] Status: 1100e403	KERNEL EXL IE 
<4>[592589.930096] Cause : 00800008 (ExcCode 02)
<4>[592589.934243] BadVA : 000002c8
<4>[592589.937246] PrId  : 00019655 (MIPS 24KEc)
<4>[592589.941392] Modules linked in: mt7603e mt76 mac80211 iptable_raw iptable_nat iptable_mangle iptable_filter ipt_REJECT ipt_MASQUERADE ipt_ECN ip_tables cfg80211 xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_HL xt_FLOWOFFLOAD xt_DSCP xt_CT xt_CLASSIFY x_tables nf_reject_ipv4 nf_nat_redirect nf_nat_masquerade_ipv4 nf_conntrack_ipv4 nf_nat_ipv4 nf_nat nf_log_ipv4 nf_log_common nf_flow_table_hw nf_flow_table nf_defrag_ipv4 nf_conntrack_rtcache compat act_connmark nf_conntrack sch_tbf sch_ingress sch_htb sch_hfsc em_u32 cls_u32 cls_tcindex cls_route cls_matchall cls_fw cls_flow cls_basic act_skbedit act_mirred ifb
<4>[592590.013247]  l2tp_ip l2tp_eth l2tp_netlink l2tp_core udp_tunnel leds_gpio gpio_button_hotplug
<4>[592590.021995] Process swapper (pid: 0, threadinfo=803c6000, task=803cb430, tls=00000000)
<4>[592590.030101] Stack : 83807e7c 0000008a 00000000 838cbd80 838cbd80 83082384 00000050 830ecbc0
<4>[592590.038670]         83b61bf0 830f73ac 830ed4e0 00000000 838cb180 00000000 00000000 830ecbc0
<4>[592590.047239]         83b61bf0 830f73ac 830ed4e0 00000001 830ecbc0 830adb78 00000cfc 0000033f
<4>[592590.055808]         8381b800 00000080 00000000 00000000 00060036 00000000 830ed4e0 83b61bf0
<4>[592590.064376]         00000004 00000003 00000006 830f73f0 83807ee0 80058f30 803dfc40 00000003
<4>[592590.072945]         ...
<4>[592590.075510] Call Trace:
<4>[592590.075556] [<83082384>] 0x83082384 [mac80211@83080000+0x6a240]
<4>[592590.084214] [<830f73ac>] 0x830f73ac [mt7603e@830f0000+0x87a0]
<4>[592590.090146] [<830f73ac>] 0x830f73ac [mt7603e@830f0000+0x87a0]
<4>[592590.096068] [<830adb78>] 0x830adb78 [mac80211@83080000+0x6a240]
<4>[592590.102173] [<830f73f0>] 0x830f73f0 [mt7603e@830f0000+0x87a0]
<4>[592590.108088] [<80058f30>] 0x80058f30
<4>[592590.111724] [<830b4d80>] 0x830b4d80 [mac80211@83080000+0x6a240]
<4>[592590.117809] [<80009e70>] 0x80009e70
<4>[592590.121449] [<830f7548>] 0x830f7548 [mt7603e@830f0000+0x87a0]
<4>[592590.127377] [<8002d078>] 0x8002d078
<4>[592590.130998] [<80009e70>] 0x80009e70
<4>[592590.134619] [<80351a20>] 0x80351a20
<4>[592590.138240] [<8005d978>] 0x8005d978
<4>[592590.141866] [<80058f30>] 0x80058f30
<4>[592590.145491] [<80009e70>] 0x80009e70
<4>[592590.149109] 
<4>[592590.150701] Code: 27bdffe8  afbf0014  afb00010 <8c9002c8> 8caa00a4  1080001e  8e090438  8e030044  0123402a 
<4>[592590.160690] 
<4>[592590.162335] ---[ end trace 25bbd90279e222f9 ]---

===================================
Admin
Petr Štetiar commented on 03.06.2019 11:32

I'm afraid, that this kernel backtrace is useless. Can you please try latest master, apply following patch https://patchwork.ozlabs.org/patch/1109193/ and add CONFIG_COLLECT_KERNEL_DEBUG=y to your .config, then rebuild, reproduce the crash, post the hopefully more readable kernel backtrace with a downloadable link of your kernel-debug.tar.bz2, which should be created for you in your bin directory. Then it's more likely, that someone might be able to find a problematic place in the kernel and fix it.

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing