Date: Wed, 01 Nov 2023 11:39:05 +0000 From: bugzilla-noreply@freebsd.org To: wireless@FreeBSD.org Subject: [Bug 271979] bsdinstall(8): iwlwifi(4): system crash when authenticating for Wi-Fi: panic: lkpi_sta_auth_to_scan: lsta 0x... state not NONE: 0, nstate 1 arg 1 Message-ID: <bug-271979-21060-HLJ2rPJ9nE@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-271979-21060@https.bugs.freebsd.org/bugzilla/> References: <bug-271979-21060@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D271979 --- Comment #27 from Jean-S=C3=A9bastien P=C3=A9dron <dumbbell@FreeBSD.org>= --- (In reply to Bjoern A. Zeeb from comment #25) Here are the steps I used to reproduce: (the if_iwlwifi module was already loaded) ifconfig wlan0 create wlandev iwlwifi0 country FR env wlans_iwlwifi0=3D"wlan0" create_args_wlan0=3D"country FR" ifconfig_wlan= 0=3D"WPA DHCP" ifconfig_wlan0_ipv6=3D"inet6 accept_rtadv" service netif restart wlan0 And here is the output with your patch: =3D=3D The last lines of /var/log/messages =3D=3D Nov 1 11:07:20 iss kernel: iwlwifi0: WRT: Invalid buffer destination Nov 1 11:07:21 iss kernel: iwlwifi0: WFPM_UMAC_PD_NOTIFICATION: 0x20 Nov 1 11:07:21 iss kernel: iwlwifi0: WFPM_LMAC2_PD_NOTIFICATION: 0x1f Nov 1 11:07:21 iss kernel: iwlwifi0: WFPM_AUTH_KEY_0: 0x90 Nov 1 11:07:21 iss kernel: iwlwifi0: CNVI_SCU_SEQ_DATA_DW9: 0x0 Nov 1 11:07:21 iss kernel: wlan0: Ethernet address: 04:cf:4b:1d:fe:fc Nov 1 11:07:38 iss wpa_supplicant[1534]: Successfully initialized wpa_supplicant Nov 1 11:07:38 iss wpa_supplicant[1534]: ioctl[SIOCS80211, op=3D20, val=3D= 0, arg_len=3D7]: Invalid argument Nov 1 11:07:38 iss syslogd: last message repeated 1 times Nov 1 11:07:38 iss wpa_supplicant[1535]: ioctl[SIOCS80211, op=3D103, val= =3D0, arg_len=3D128]: Operation now in progress Nov 1 11:07:38 iss wpa_supplicant[1535]: wlan0: CTRL-EVENT-SCAN-FAILED ret= =3D-1 retry=3D1 Nov 1 11:07:39 iss wpa_supplicant[1535]: ioctl[SIOCS80211, op=3D103, val= =3D0, arg_len=3D128]: Operation now in progress Nov 1 11:07:39 iss wpa_supplicant[1535]: wlan0: CTRL-EVENT-SCAN-FAILED ret= =3D-1 retry=3D1 =3D=3D kgdb =3D=3D (...) Reading symbols from /boot/kernel.drm/kernel... Reading symbols from /usr/lib/debug//boot/kernel.drm/kernel.debug... Unread portion of the kernel message buffer: <6>wlan0: ieee80211_new_state_locked:2718: pending SCAN -> AUTH transition = lost <4>Invalid TXQ id iwl_mvm_tx_mpdu:1204: fc 0x00b0 tid 8 txq_id 65535 mvm 0xfffffe01762c6408 s= kb 0 xfffff802d41a6800 { len 30 } info 0xfffffe0038f6bce8 sta 0xfffff80114044880= (if you see this please report to PR 274382) panic: lkpi_sta_auth_to_scan: lsta 0xfffff80114c1e800 state not NONE: 0, ns= tate 1 arg 1 cpuid =3D 15 time =3D 1698833262 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe0175ce8= b70 vpanic() at vpanic+0x171/frame 0xfffffe0175ce8ca0 panic() at panic+0x43/frame 0xfffffe0175ce8d00 lkpi_sta_auth_to_scan() at lkpi_sta_auth_to_scan+0x2c8/frame 0xfffffe0175ce= 8d80 lkpi_iv_newstate() at lkpi_iv_newstate+0x253/frame 0xfffffe0175ce8df0 ieee80211_newstate_cb() at ieee80211_newstate_cb+0x1e7/frame 0xfffffe0175ce= 8e40 taskqueue_run_locked() at taskqueue_run_locked+0xab/frame 0xfffffe0175ce8ec0 taskqueue_thread_loop() at taskqueue_thread_loop+0xd3/frame 0xfffffe0175ce8= ef0 fork_exit() at fork_exit+0x82/frame 0xfffffe0175ce8f30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe0175ce8f30 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- Uptime: 5m22s Dumping 1320 out of 32422 MB:..2%..11%..21%..31%..42%..51%..61%..71%..82%..= 91% (kgdb) bt #0 __curthread () at /home/dumbbell/Documents/freebsd/src/sys/amd64/include/pcpu_aux.h:57 #1 doadump (textdump=3Dtextdump@entry=3D1) at /home/dumbbell/Documents/freebsd/src/sys/kern/kern_shutdown.c:406 #2 0xffffffff80b4ffd0 in kern_reboot (howto=3D260) at /home/dumbbell/Documents/freebsd/src/sys/kern/kern_shutdown.c:527 #3 0xffffffff80b5050e in vpanic ( fmt=3D0xffffffff811e7898 "%s: lsta %p state not NONE: %#x, nstate %d ar= g %d\n ", ap=3Dap@entry=3D0xfffffe0175ce8ce0) at /home/dumbbell/Documents/freebsd/src/sys/kern/kern_shutdown.c:976 #4 0xffffffff80b50273 in panic (fmt=3D<unavailable>) at /home/dumbbell/Documents/freebsd/src/sys/kern/kern_shutdown.c:895 #5 0xffffffff80dd3ab8 in lkpi_sta_auth_to_scan (vap=3D0xfffffe017908f010, nstate=3DIEEE80211_S_SCAN, arg=3D1) at /home/dumbbell/Documents/freebsd/src/sys/compat/linuxkpi/common/src/= linu x_80211.c:1175 #6 0xffffffff80ddb1e3 in lkpi_iv_newstate (vap=3D0xfffffe017908f010, nstate=3DIEEE80211_S_SCAN, arg=3D1) at /home/dumbbell/Documents/freebsd/src/sys/compat/linuxkpi/common/src/= linu x_80211.c:2113 #7 0xffffffff80cfff87 in ieee80211_newstate_cb (xvap=3D0xfffffe017908f010, npending=3D<optimized out>) at /home/dumbbell/Documents/freebsd/src/sys/net80211/ieee80211_proto.c:= 2546 #8 0xffffffff80bb5d2b in taskqueue_run_locked ( queue=3Dqueue@entry=3D0xfffff80002a93100) at /home/dumbbell/Documents/freebsd/src/sys/kern/subr_taskqueue.c:512 #9 0xffffffff80bb6de3 in taskqueue_thread_loop ( arg=3Darg@entry=3D0xfffffe01762ca110) at /home/dumbbell/Documents/freebsd/src/sys/kern/subr_taskqueue.c:824 #10 0xffffffff80b05eb2 in fork_exit ( callout=3D0xffffffff80bb6d10 <taskqueue_thread_loop>, arg=3D0xfffffe01762ca110, frame=3D0xfffffe0175ce8f40) at /home/dumbbell/Documents/freebsd/src/sys/kern/kern_fork.c:1160 #11 <signal handler called> --=20 You are receiving this mail because: You are on the CC list for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-271979-21060-HLJ2rPJ9nE>