Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Raspberry Pi Kernel 5.15.76-v7+ crash #436

Open
becrux opened this issue Dec 12, 2022 · 2 comments
Open

Raspberry Pi Kernel 5.15.76-v7+ crash #436

becrux opened this issue Dec 12, 2022 · 2 comments

Comments

@becrux
Copy link

becrux commented Dec 12, 2022
edited
Loading

Hi,

on Raspberry Pi 3B, I've updated to the latest 5.15.76-v7+ kernel, and now I get a crash as soon as hostapd starts:

[  172.415288] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.415554] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.415808] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.416062] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.416343] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.416622] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.416896] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.417147] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.417401] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.417654] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.417906] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.418157] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.418410] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.418662] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.418915] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.419167] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.419420] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.419672] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.419926] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.420177] RTW: Invalid Channel 0 of Band 0 in phy_GetChannelIndexOfTxPowerLimit
[  172.703795] br0: port 2(wlan0) entered blocking state
[  172.703823] br0: port 2(wlan0) entered disabled state
[  172.704282] device wlan0 entered promiscuous mode
[  172.708554] 8<--- cut here ---
[  172.712156] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[  172.721227] pgd = ccd738c2
[  172.724435] [00000000] *pgd=0923a835, *pte=00000000, *ppte=00000000
[  172.731217] Internal error: Oops: 17 [#1] SMP ARM
[  172.736409] Modules linked in: tcp_diag binfmt_misc inet_diag bridge 8021q garp stp llc nft_counter xt_tcpudp nft_compat nf_tables nfnetlink 8188eu(O) sha256_generic cfg80211 rfkill raspberrypi_hwmon bcm2835_v4l2(C) bcm2835_codec(C) v4l2_mem2mem bcm2835_isp(C) videobuf2_vmalloc bcm2835_mmal_vchiq(C) videobuf2_dma_contig snd_bcm2835(C) videobuf2_memops videobuf2_v4l2 snd_pcm videobuf2_common vc_sm_cma(C) snd_timer videodev snd mc uio_pdrv_genirq uio fixed drm fuse drm_panel_orientation_quirks backlight ip_tables x_tables ipv6
[  172.786947] CPU: 3 PID: 597 Comm: hostapd Tainted: G         C O      5.15.76-v7+ #1597
[  172.796147] Hardware name: BCM2835
[  172.800135] PC is at memcmp+0x6c/0x80
[  172.804399] LR is at cfg80211_rtw_scan+0x340/0x804 [8188eu]
[  172.811077] pc : [<8069b580>]    lr : [<7f3c2920>]    psr: 20000013
[  172.817966] sp : 88c27838  ip : 88c27848  fp : 88c27844
[  172.823822] r10: 00000000  r9 : 00000000  r8 : 833ab800
[  172.829669] r7 : 817fc1c0  r6 : 00000000  r5 : be854000  r4 : 81d83f00
[  172.836814] r3 : 00000000  r2 : 00000007  r1 : 7f456a70  r0 : 00000000
[  172.843940] Flags: nzCv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment user
[  172.851699] Control: 10c5383d  Table: 084ac06a  DAC: 00000055
[  172.858070] Register r0 information: NULL pointer
[  172.863383] Register r1 information: 392-page vmalloc region starting at 0x7f34a000 allocated at load_module+0xbac/0x294c
[  172.875557] Register r2 information: non-paged memory
[  172.881195] Register r3 information: NULL pointer
[  172.886462] Register r4 information: slab kmalloc-192 start 81d83f00 pointer offset 0 size 192
[  172.896190] Register r5 information: 4-page vmalloc region starting at 0xbe854000 allocated at _rtw_zvmalloc+0x14/0x34 [8188eu]
[  172.909286] Register r6 information: NULL pointer
[  172.914542] Register r7 information: slab kmalloc-2k start 817fc000 pointer offset 448 size 2048
[  172.924473] Register r8 information: slab kmalloc-1k start 833ab800 pointer offset 0 size 1024
[  172.934286] Register r9 information: NULL pointer
[  172.939589] Register r10 information: NULL pointer
[  172.944974] Register r11 information: non-slab/vmalloc memory
[  172.951316] Register r12 information: non-slab/vmalloc memory
[  172.957644] Process hostapd (pid: 597, stack limit = 0x654110ee)
[  172.964228] Stack: (0x88c27838 to 0x88c28000)
[  172.969146] 7820:                                                       88c27b84 88c27848
[  172.978434] 7840: 7f3c2920 8069b520 88c2788c 88c27858 8015f1a8 8015d2f0 88c2788c 88c27868
[  172.987725] 7860: 8010bc64 8010cd94 81005008 00000000 b9c71c60 8031df10 00000801 00000003
[  172.997088] 7880: 88c278c4 88c27890 8010ce14 8010bc40 8010ce14 00000000 8031df10 88c27a84
[  173.006465] 78a0: 80f90c50 8031c0d0 b9c71c60 8031df10 00000801 00000003 88c278ec 80319300
[  173.015854] 78c0: 88c278ec 88c278d0 80319300 803191bc 80f96d54 00000801 b9c71c60 20000013
[  173.025284] 78e0: 88c27994 88c278f0 8031b8a4 80319280 00000801 00030e48 80154ba0 b6db6db7
[  173.034712] 7900: 811373d4 81005008 852abf00 0000011c 0000013c 00000134 00000009 3d627000
[  173.044188] 7920: 88c27954 88c27930 000d28c0 80178e34 ffffe000 be5b9fc0 00000001 00000000
[  173.053757] 7940: 88c279a4 88c27950 20000013 00000000 3d627000 81132c40 00000008 88c27a18
[  173.063388] 7960: 80b02700 69bba42a 00000000 00000000 000d28c0 00000001 00000003 000d28c0
[  173.073079] 7980: 00000003 810057fc 88c27a84 88c27998 8031df10 8031b624 85aac367 88c279a8
[  173.082791] 79a0: 00000000 00000018 00000000 00000001 00000400 0000007b 88c279f4 be5b9fc0
[  173.092503] 79c0: 82882000 00000000 00000028 81005008 be5b9f80 82882140 88c27a34 88c279e8
[  173.102215] 79e0: 88c27a14 88c279f0 88c27a1c 88c279f8 8010bc64 8010cd94 81005008 00000000
[  173.111927] 7a00: b9c71c60 8031df10 00000801 00000003 88c27a54 88c27a20 8010ce14 8010bc40
[  173.121639] 7a20: 8010ce14 00000000 8031df10 88c27c14 80f90c50 8031c0d0 b9c71c60 8031df10
[  173.131352] 7a40: 00000801 00000003 88c27a7c 80319300 88c27a7c 88c27a60 88c27a8c 88c27a68
[  173.141064] 7a60: 8010bc64 8010cd94 81005008 00000000 60000013 80334948 81d83f00 be5bcbd0
[  173.150776] 7a80: 88c27ac4 88c27a90 8010ce14 8010bc40 8010ce14 00000000 80334948 88c27bac
[  173.160488] 7aa0: 80f90c50 803334e8 60000013 80334948 81d83f00 be5bcbd0 88c27aec 88c27ac8
[  173.170200] 7ac0: 80230b50 80231f2c 60000013 00000000 60000013 b9b7866c 81d83f00 be5bcbd0
[  173.179912] 7ae0: 88c27b6c 88c27af0 803334e8 80230b04 8010e3e4 80195d84 88c27ca8 8067b600
[  173.189625] 7b00: 00000001 80d2ffcc 7f2c2614 00210d00 60000013 81401300 8010efc4 8010e3bc
[  173.199336] 7b20: 88c27b3c 88c27b30 8015737c 8010ef9c 80150015 88c27b40 00000160 80a50ba4
[  173.209048] 7b40: 81401300 81401300 81005830 00000000 00000000 69bba42a 00000000 0000000b
[  173.218762] 7b60: 81d83f00 817fc000 817fc1c0 833ab800 00000000 00000000 88c27bac 88c27b88
[  173.228476] 7b80: 7f29d15c 7f3c25ec 0000000b 81d83f00 817fc000 88c27c4c 833ab800 00000000
[  173.238189] 7ba0: 88c27bf4 88c27bb0 7f2c2ae4 7f29d05c 00000000 88c27bc0 00000000 00000000
[  173.247904] 7bc0: 88c27c4c 817fc1c0 7f2b5100 00000000 7f300128 81005008 88c84000 83d00600
[  173.257618] 7be0: 811d7c40 88c27ca8 88c27ca4 88c27bf8 80934a2c 7f2c2524 00000001 88c27c08
[  173.267332] 7c00: 803ab388 80156e40 81638e8c 00000001 88c27c54 88c27c20 801736fc 803ab378
[  173.277045] 7c20: 00000024 00000000 88c27ca4 81638e94 7f2c2518 00000000 00000000 00000000
[  173.286760] 7c40: 7f2f54a0 00000131 03101821 639797ce e3800255 83cd9000 83cd9010 83cd9014
[  173.296471] 7c60: 88c84000 811d7c40 817fc000 833ab800 88c27ca8 69bba42a 88c27cb4 83d00600
[  173.306186] 7c80: 81005008 8093486c 83cd9000 00000078 81005008 00000078 88c27cf4 88c27ca8
[  173.315898] 7ca0: 809337ac 80934878 00000000 00000000 00000000 00000000 00000000 00000000
[  173.325610] 7cc0: 00000000 00000000 00000000 69bba42a 88c27cf4 811223d0 83d00600 83d00600
[  173.335322] 7ce0: 833e658c 00000000 88c27d0c 88c27cf8 80934180 809336f0 815a8000 833e6400
[  173.345034] 7d00: 88c27d44 88c27d10 80932dec 80934158 7fffffff 69bba42a 001373d4 00000078
[  173.354745] 7d20: 88c27f38 81005008 83d00600 00000000 00000000 833e6400 88c27db4 88c27d48
[  173.364457] 7d40: 809330c4 80932c4c 00000001 80644370 88c27d84 88c27d60 8064a26c 00000008
[  173.374170] 7d60: 00000000 00000078 88c27e38 81fa0ec0 00000000 00000255 00000000 00000000
[  173.383882] 7d80: 00000000 69bba42a 00000078 88c27f38 822e9400 00000000 81005008 822e9400
[  173.393593] 7da0: 00000000 88c27ddc 88c27dcc 88c27db8 8089fc9c 80932eac 88c27f38 00000000
[  173.403304] 7dc0: 88c27e2c 88c27dd0 808a0054 8089fc64 00000000 81005008 88c27e2c 88c27de8
[  173.413016] 7de0: 808a1ad0 8064e110 88c27e38 88c27f40 88c27e34 00000000 7eb6797c 69bba42a
[  173.422727] 7e00: ffffffff 81005008 88c27f38 00000000 822e9400 00000000 00000000 00000128
[  173.432438] 7e20: 88c27f24 88c27e30 808a1b6c 8089fe78 00000000 00000000 00000000 00c746a0
[  173.442149] 7e40: 00000078 00000000 88c27ec4 803400d8 b9d270a0 88d4fd80 88c27e7c 802d2ae0
[  173.451860] 7e60: 88c27e84 80117424 893861d4 81005008 88c27e9c 88c27e80 80117424 00000010
[  173.461572] 7e80: 00000000 00000000 00000255 00000255 88c27f2c 88c27ea0 803042cc 801173d0
[  173.471283] 7ea0: 8010bc64 8010cd94 81005008 00000000 00000817 00000075 89386000 00000000
[  173.480993] 7ec0: b9d270a0 88d4fd80 88d4fd80 80373450 69bba42a 88c27f34 88c27f30 00000000
[  173.490704] 7ee0: 00000128 80100244 88c26000 00000128 88c27f0c 88c27f00 80373450 69bba42a
[  173.500416] 7f00: 81005008 7eb67930 00000000 822e9400 80100244 88c26000 88c27f94 88c27f28
[  173.510131] 7f20: 808a1f6c 808a1afc 00000000 00000000 00000000 fffffff7 88c27e7c 0000000c
[  173.519842] 7f40: 00010000 00000000 00000000 88c27e44 00000000 00000000 00000000 00000001
[  173.529554] 7f60: 00000000 00000000 00000000 69bba42a 8011458c 69bba42a 00000004 769e2200
[  173.539271] 7f80: 00c71eb8 00000128 88c27fa4 88c27f98 808a1fc4 808a1f18 00000000 88c27fa8
[  173.548985] 7fa0: 80100040 808a1fb4 00000004 769e2200 00000004 7eb67930 00000000 00000000
[  173.558698] 7fc0: 00000004 769e2200 00c71eb8 00000128 76f38000 00000001 00000004 00000000
[  173.568411] 7fe0: 76f380d0 7eb678e8 76aec134 76aec150 60000010 00000004 00000000 00000000
[  173.578121] Backtrace: 
[  173.581301] [<8069b514>] (memcmp) from [<7f3c2920>] (cfg80211_rtw_scan+0x340/0x804 [8188eu])
[  173.591679] [<7f3c25e0>] (cfg80211_rtw_scan [8188eu]) from [<7f29d15c>] (cfg80211_scan+0x10c/0x234 [cfg80211])
[  173.603866]  r10:00000000 r9:00000000 r8:833ab800 r7:817fc1c0 r6:817fc000 r5:81d83f00
[  173.613175]  r4:0000000b
[  173.616412] [<7f29d050>] (cfg80211_scan [cfg80211]) from [<7f2c2ae4>] (nl80211_trigger_scan+0x5cc/0x674 [cfg80211])
[  173.628688]  r9:00000000 r8:833ab800 r7:88c27c4c r6:817fc000 r5:81d83f00 r4:0000000b
[  173.637851] [<7f2c2518>] (nl80211_trigger_scan [cfg80211]) from [<80934a2c>] (genl_rcv_msg+0x1c0/0x370)
[  173.648879]  r10:88c27ca8 r9:811d7c40 r8:83d00600 r7:88c84000 r6:81005008 r5:7f300128
[  173.658127]  r4:00000000
[  173.661333] [<8093486c>] (genl_rcv_msg) from [<809337ac>] (netlink_rcv_skb+0xc8/0x120)
[  173.670623]  r10:00000078 r9:81005008 r8:00000078 r7:83cd9000 r6:8093486c r5:81005008
[  173.679836]  r4:83d00600
[  173.683043] [<809336e4>] (netlink_rcv_skb) from [<80934180>] (genl_rcv+0x34/0x44)
[  173.691896]  r8:00000000 r7:833e658c r6:83d00600 r5:83d00600 r4:811223d0
[  173.699288] [<8093414c>] (genl_rcv) from [<80932dec>] (netlink_unicast+0x1ac/0x260)
[  173.708303]  r5:833e6400 r4:815a8000
[  173.712554] [<80932c40>] (netlink_unicast) from [<809330c4>] (netlink_sendmsg+0x224/0x4c0)
[  173.722191]  r10:833e6400 r9:00000000 r8:00000000 r7:83d00600 r6:81005008 r5:88c27f38
[  173.731380]  r4:00000078
[  173.734560] [<80932ea0>] (netlink_sendmsg) from [<8089fc9c>] (sock_sendmsg+0x44/0x54)
[  173.743708]  r10:88c27ddc r9:00000000 r8:822e9400 r7:81005008 r6:00000000 r5:822e9400
[  173.752865]  r4:88c27f38
[  173.756041] [<8089fc58>] (sock_sendmsg) from [<808a0054>] (____sys_sendmsg+0x1e8/0x214)
[  173.765357]  r5:00000000 r4:88c27f38
[  173.769559] [<8089fe6c>] (____sys_sendmsg) from [<808a1b6c>] (___sys_sendmsg+0x7c/0xa8)
[  173.778884]  r10:00000128 r9:00000000 r8:00000000 r7:822e9400 r6:00000000 r5:88c27f38
[  173.788028]  r4:81005008
[  173.791189] [<808a1af0>] (___sys_sendmsg) from [<808a1f6c>] (__sys_sendmsg+0x60/0x9c)
[  173.800321]  r9:88c26000 r8:80100244 r7:822e9400 r6:00000000 r5:7eb67930 r4:81005008
[  173.809378] [<808a1f0c>] (__sys_sendmsg) from [<808a1fc4>] (sys_sendmsg+0x1c/0x20)
[  173.818271]  r7:00000128 r6:00c71eb8 r5:769e2200 r4:00000004
[  173.824609] [<808a1fa8>] (sys_sendmsg) from [<80100040>] (ret_fast_syscall+0x0/0x1c)
[  173.833708] Exception stack(0x88c27fa8 to 0x88c27ff0)
[  173.839429] 7fa0:                   00000004 769e2200 00000004 7eb67930 00000000 00000000
[  173.848944] 7fc0: 00000004 769e2200 00c71eb8 00000128 76f38000 00000001 00000004 00000000
[  173.858484] 7fe0: 76f380d0 7eb678e8 76aec134 76aec150
[  173.864230] Code: e2833004 e3520003 e2811004 9affffea (e593c000) 
[  173.871122] ---[ end trace 5dce392032f906aa ]---

Linux ap-down 5.15.76-v7+ #1597 SMP Fri Nov 4 12:13:17 GMT 2022 armv7l GNU/Linux

I'm building HEAD of branch v5.2.2.4, the only change I've applied is

--- a/Makefile
+++ b/Makefile
@@ -37,7 +37,7 @@ CONFIG_WAKEUP_GPIO_IDX = default
 ######### Notify SDIO Host Keep Power During Syspend ##########
 CONFIG_RTW_SDIO_PM_KEEP_POWER = y
 ###################### Platform Related #######################
-CONFIG_PLATFORM_I386_PC = y
+CONFIG_PLATFORM_I386_PC = n
 ###############################################################

 export TopDIR ?= $(CURDIR)
diff --git a/autoconf.h b/autoconf.h
index 85763e3..d139af8 100644
--- a/autoconf.h
+++ b/autoconf.h
@@ -146,7 +146,7 @@

 #define CONFIG_SKB_COPY        /* for amsdu */

-/* #define CONFIG_LED */
+#define CONFIG_LED
 #ifdef CONFIG_LED
        #define CONFIG_SW_LED
        #ifdef CONFIG_SW_LED
@becrux
Copy link
Author

becrux commented Dec 12, 2022
edited
Loading

I've protected the only memcmp that could have failed in cfg80211_rtw_scan, and now it seems working fine:

diff --git a/ioctl_cfg80211.c b/ioctl_cfg80211.c
index e2fee1d..d6e82d7 100644
--- a/ioctl_cfg80211.c
+++ b/ioctl_cfg80211.c
@@ -2283,7 +2283,7 @@ static int cfg80211_rtw_scan(struct wiphy *wiphy

 #ifdef CONFIG_P2P
        if (pwdinfo->driver_interface == DRIVER_CFG80211) {
-               if (!memcmp(ssids->ssid, "DIRECT-", 7) &&
+               if (ssids && ssids->ssid && !memcmp(ssids->ssid, "DIRECT-", 7) &&
                    rtw_get_p2p_ie((u8 *)request->ie, request->ie_len, NULL, NULL)) {
                        if (rtw_p2p_chk_state(pwdinfo, P2P_STATE_NONE))
                                rtw_p2p_enable(padapter, P2P_ROLE_DEVICE);

Did not push a PR, because I don't know if this is the right way to fix this. I'll leave hostapd running for the next days, to see if the module is stable, and I'll post an update.

@becrux
Copy link
Author

becrux commented Dec 14, 2022

Yep, the change seems working, hostapd is running for two days now, no issues detected.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@becrux