On Sat, 30 Sep 2023, Bjoern A. Zeeb wrote:
Hi,
I just pushed
URL:
https://cgit.FreeBSD.org/src/commit/?id=16e688b2a403a3dbc05de3b9f8a3132838613790
LinuxKPI: 802.11: fix problem removing sta
into main. Anyone on main, can you please test that the annoying
firmware crash is gone (or rather things at least improved).
I've been running a service netif restart wlan0 / service wpa_supplicant
restart wlan0 in a loop over the morning and not hit the fw crash myself
anymore.
There is at least one more bug lingering (likely currently mitigated by
other code; I have a local assert which got triggered once in the above
testing loop)) which I'll try to sort out the next 48 hours but any testing
now will be highly appreciated also for the upcoming 14.0-R.
If I can get any positive feedback I'll feel more at ease merging it all
to stable/14 and stable/13.
Feedback best here or on your open PR or the current "tracking" PR [1].
[1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274003
In case you wonder about the other problem; seems to be related to
removing the node from net80211 (node_reclaim -> node_free).
I'll let you know when that is fixed.
Fatal trap 9: general protection fault while in kernel mode
cpuid = 0; apic id = 00
instruction pointer = 0x20:0xffffffff80cf17a1
stack pointer = 0x28:0xfffffe009076e9b0
frame pointer = 0x28:0xfffffe009076e9c0
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 6700 (wpa_supplicant)
rdi: fffffe00ac7c9000 rsi: fffff80001059050 rdx: 0000000000000002
rcx: fffffe008ca59c80 r8: fffff801433af948 r9: 0000000021268000
rax: deadc0dedeadc0de rbx: fffffe00ac7c9000 rbp: fffffe009076e9c0
r10: 0000000000000000 r11: 0000000000010000 r12: fffffe00ac7c9000
r13: fffffe00ac5c3638 r14: deadc0dedeadc0de r15: fffffe00ac5bd000
trap number = 9
panic: general protection fault
cpuid = 0
time = 1696062479
KDB: stack backtrace:
db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe009076e6f0
vpanic() at vpanic+0x132/frame 0xfffffe009076e820
panic() at panic+0x43/frame 0xfffffe009076e880
trap_fatal() at trap_fatal+0x40c/frame 0xfffffe009076e8e0
calltrap() at calltrap+0x8/frame 0xfffffe009076e8e0
--- trap 0x9, rip = 0xffffffff80cf17a1, rsp = 0xfffffe009076e9b0, rbp = 0xfffffe009076e9c0 ---
node_free() at node_free+0x11/frame 0xfffffe009076e9c0
ieee80211_sta_join1() at ieee80211_sta_join1+0xbf/frame 0xfffffe009076ea10
ieee80211_sta_join() at ieee80211_sta_join+0x427/frame 0xfffffe009076ea60
ieee80211_ioctl_setmlme() at ieee80211_ioctl_setmlme+0x104/frame
0xfffffe009076eb00
ieee80211_ioctl_set80211() at ieee80211_ioctl_set80211+0x5ce/frame
0xfffffe009076eb70
ieee80211_ioctl() at ieee80211_ioctl+0x327/frame 0xfffffe009076ebe0
ifioctl() at ifioctl+0x940/frame 0xfffffe009076ecd0
kern_ioctl() at kern_ioctl+0x286/frame 0xfffffe009076ed30
sys_ioctl() at sys_ioctl+0x152/frame 0xfffffe009076ee00
amd64_syscall() at amd64_syscall+0x14f/frame 0xfffffe009076ef30
fast_syscall_common() at fast_syscall_common+0xf8/frame 0xfffffe009076ef30
--- syscall (54, FreeBSD ELF64, ioctl), rip = 0xf5284d980fa, rsp =
0xf5282168fd8, rbp = 0xf5282169030 ---
KDB: enter: panic
[ thread pid 6700 tid 100110 ]
Stopped at kdb_enter+0x32: movq $0,0xe2a6a3(%rip)
--
Bjoern A. Zeeb r15:7
