OpenWrt/LEDE Project

  • Status Unconfirmed
  • Percent Complete
    0%
  • Task Type Bug Report
  • Category Kernel
  • Assigned To No-one
  • Operating System All
  • Severity High
  • Priority Very Low
  • Reported Version openwrt-21.02
  • Due in Version Undecided
  • Due Date Undecided
  • Private
Attached to Project: OpenWrt/LEDE Project
Opened by JuniorJPDJ - 22.06.2021

FS#3896 - Kernel panic when starting hcxdumptool on mt76x2e wlan interface

Device: Netgear R6220
Reproducible on: 21.02-SNAPSHOT; trunk SNAPSHOT
I’m getting kernel panic when I run hcxdumptool on 5GHz interface (mt76x2e driver).
It works on 2.4GHz interface.
When tried on 19.07 it didn’t panic.

Log when crashed on trunk:

$ ssh root@192.168.1.1 logread -f
Tue Jun 22 19:14:36 2021 authpriv.info dropbear[2778]: Exit (root) from <192.168.1.171:44972>: Disconnect received
Tue Jun 22 19:14:41 2021 authpriv.info dropbear[3123]: Child connection from 192.168.1.168:44252
Tue Jun 22 19:14:41 2021 authpriv.notice dropbear[3123]: Auth succeeded with blank password for 'root' from 192.168.1.168:44252
Tue Jun 22 19:14:47 2021 kern.info kernel: [   84.159302] device wlan1 entered promiscuous mode
Tue Jun 22 19:14:51 2021 kern.alert kernel: [   87.627062] CPU 1 Unable to handle kernel paging request at virtual address 00000010, epc == 86439038, ra == 86438dcc
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.648212] Oops[#1]:
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.652731] CPU: 1 PID: 3134 Comm: hcxdumptool Not tainted 5.4.124 #0
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.665533] $ 0   : 00000000 00000001 00000000 00000004
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.675923] $ 4   : 87d3a26c 00000004 ffffffff 00000000
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.686313] $ 8   : 86c6844e 00000000 00000002 0000001f
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.696702] $12   : 0000000a 8000001f 0000001e 0000001d
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.707092] $16   : 87d3a240 86471454 00000000 00000001
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.717481] $20   : 864981c0 00000002 00000000 00000000
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.727873] $24   : ffffffe0 00000001
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.738268] $28   : 867ea000 867ebbf0 00000000 86438dcc
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.748663] Hi    : 00000042
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.754380] Lo    : 00000002
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.760243] epc   : 86439038 ieee80211_parse_tx_radiotap+0x36c/0x538 [mac80211]
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.774810] ra    : 86438dcc ieee80211_parse_tx_radiotap+0x100/0x538 [mac80211]
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.789341] Status: 11007c03      KERNEL EXL IE
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.797653] Cause : 40800008 (ExcCode 02)
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.805615] BadVA : 00000010
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.811332] PrId  : 0001992f (MIPS 1004Kc)
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.819464] Modules linked in: pppoe ppp_async iptable_nat xt_state xt_nat xt_conntrack xt_REDIRECT xt_MASQUERADE xt_FLOWOFFLOAD xt_CT rndis_host pppox ppp_generic nf_nat nf_flow_table_hw nf_flow_table nf_conntrack mt76x2e mt76x2_common mt76x02_lib mt7603e mt76 mac80211 ipt_REJECT cfg80211 cdc_ether xt_time xt_tcpudp xt_multiport xt_mark xt_mac xt_limit xt_comment xt_TCPMSS xt_LOG usbnet slhc nf_reject_ipv4 nf_log_ipv4 nf_defrag_ipv6 nf_defrag_ipv4 iptable_mangle iptable_filter ip_tables crc_ccitt compat ledtrig_usbport nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 mii sha256_generic libsha256 seqiv jitterentropy_rng drbg hmac ghash_generic gf128mul gcm ctr cmac ccm leds_gpio xhci_plat_hcd xhci_pci xhci_mtk xhci_hcd gpio_button_hotplug usbcore nls_base usb_common
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.964288] Process hcxdumptool (pid: 3134, threadinfo=b724dc4d, task=5224ded9, tls=77e6aec8)
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.981236] Stack : 867ebe04 86fe67b0 87d5e000 00000000 81013d80 00000000 bfffffff 00000000
Tue Jun 22 19:14:51 2021 kern.warn kernel: [   87.997854]         86c68442 00000000 86fbe460 86c6844e 00000008 86c6844a 86c6844c 0000000f

Cmdline to reproduce:

hcxdumptool -i wlan1 -o wlan1.pcapng --filtermode=1 -c 36,40,44,48,52,56,60,64,100,104,108,112,116,120,124,128,132,136,140,149,153,157,161,165 -t 60 --filterlist_ap=filterlist.txt --enable_status=95 --active_beacon

Probably reproduce could be simplified but wanted to leave it as close to mine case as possible.

JuniorJPDJ commented on 22.06.2021 20:17

It looks like it's enough to run:

hcxdumptool -i wlan1 --do_rcascan

and wait few seconds to get kernel panic.
Again, wlan0 works as intended.

JuniorJPDJ commented on 23.06.2021 20:09

I managed to get full trace.

$ ssh root@192.168.1.1 logread -f
Tue Jun 22 21:36:16 2021 kern.info kernel: [  810.158217] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready                                                                                                   
Tue Jun 22 21:36:16 2021 kern.info kernel: [  810.200262] device wlan1 entered promiscuous mode                                                                                                                      
Tue Jun 22 21:36:25 2021 kern.alert kernel: [  818.548196] CPU 1 Unable to handle kernel paging request at virtual address 00000010, epc == 86439038, ra == 86438dcc                                                 
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.569345] Oops[#1]:                                                                                                                                                  
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.573859] CPU: 1 PID: 9090 Comm: hcxdumptool Not tainted 5.4.124 #0                                                                                                  
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.586660] $ 0   : 00000000 00000001 00000000 00000004
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.597050] $ 4   : 87d3b02c 00000004 ffffffff 00000000
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.607441] $ 8   : 8730344e 00000000 00000002 0000001f
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.617830] $12   : 0000000a 8000001f 0000001e 0000001d
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.628219] $16   : 87d3b000 86471454 00000000 00000001
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.638608] $20   : 864981c0 00000002 00000000 00000000
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.648997] $24   : ffffffe0 00000001
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.659389] $28   : 87306000 87307bf0 00000000 86438dcc
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.669781] Hi    : 00000042
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.675496] Lo    : 0000000a
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.681356] epc   : 86439038 ieee80211_parse_tx_radiotap+0x36c/0x538 [mac80211]
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.695923] ra    : 86438dcc ieee80211_parse_tx_radiotap+0x100/0x538 [mac80211]
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.710451] Status: 11007c03      KERNEL EXL IE
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.718763] Cause : 40800008 (ExcCode 02)
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.726724] BadVA : 00000010
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.732440] PrId  : 0001992f (MIPS 1004Kc)
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.740572] Modules linked in: pppoe ppp_async iptable_nat xt_state xt_nat xt_conntrack xt_REDIRECT xt_MASQUERADE xt_FLOWOFFLOAD xt_CT wireguard rndis_host pppox ppp_g
eneric nf_nat nf_flow_table_hw nf_flow_table nf_conntrack mt76x2e mt76x2_common mt76x02_lib mt7603e mt76 mac80211 libchacha20poly1305 libblake2s ipt_REJECT cfg80211 cdc_ether xt_time xt_tcpudp xt_multiport xt_mark
 xt_mac xt_limit xt_comment xt_TCPMSS xt_LOG usbnet slhc poly1305_mips nf_reject_ipv4 nf_log_ipv4 nf_defrag_ipv6 nf_defrag_ipv4 libcurve25519_generic libblake2s_generic iptable_mangle iptable_filter ip_tables crc_
ccitt compat chacha_mips ledtrig_usbport nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables ip6t_REJECT x_tables nf_reject_ipv6 ip6_udp_tunnel udp_tunnel sha256_generic libsha256 seqiv jitterentropy_rng drbg kpp hmac ghash_generic gf128mul gcm ctr cmac ccm leds_gpio xhci_plat_hcd xhci_pci xhci_mtk xhci_hcd gpio_button_hotplug usbcore nls_base usb_common mii
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.909263] Process hcxdumptool (pid: 9090, threadinfo=b5cea4b7, task=2661394a, tls=77ee4ec8)
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.926211] Stack : 87307e04 86b067b0 869d9c80 00000000 81013d80 00000000 bfffffff 00000000
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.942828]         87303442 00000000 86bbe460 8730344e 00000008 8730344a 8730344c 0000000f
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.959444]         00000002 00000001 0000000c 0000001f 00000000 00000000 87d3b000 00000000
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.976060]         864f2000 864f2000 864981c0 807823c4 807d761a 80780000 80782ce4 8643a248
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  818.992678]         864f2050 8071da40 87d3b000 00000000 87d3b000 00000000 864f2000 00000000
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.009296]         ...
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.014157] Call Trace:
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.019060] [<86439038>] ieee80211_parse_tx_radiotap+0x36c/0x538 [mac80211]
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.032967] [<8643a248>] ieee80211_monitor_start_xmit+0x68/0x2f8 [mac80211]
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.046859] [<80468c94>] dev_hard_start_xmit+0xbc/0x1ac
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.057248] [<80469744>] __dev_queue_xmit+0x8b4/0xb14
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.067298] [<805d67d0>] packet_sendmsg+0x10c0/0x1ac8
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.077363] [<8043fa58>] sock_write_iter+0xb4/0x120
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.087070] [<80179044>] __vfs_write+0x198/0x1f4
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.096254] [<8017b874>] vfs_write+0xb0/0x1cc
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.104916] [<8017bb34>] ksys_write+0x64/0x10c
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.113761] [<80014558>] syscall_common+0x34/0x58
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.123112] Code: 32420100  14400035  8fa2001c <8c440010> 1880006f  00151880  0075a821  8c420004  94430004
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.142502]
Tue Jun 22 21:36:25 2021 kern.warn kernel: [  819.145968] ---[ end trace d00727f8665d4cb7 ]---

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing