[Bug 221845] bridge0 causes kernel panic on BBB using usb wifi in hostap mode (RT3071)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Aug 27 06:46:27 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221845
Bug ID: 221845
Summary: bridge0 causes kernel panic on BBB using usb wifi in
hostap mode (RT3071)
Product: Base System
Version: CURRENT
Hardware: arm
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: russ.haley at gmail.com
Created attachment 185799
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185799&action=edit
Kernel panic caused by client request for web page.
Running BBB through ftdi cable.
Asus WiFi Adapter, RT3071 chipset
https://wikidevi.com/files/Ralink/RT307x%20product%20brief.pdf
root at bbb:~ # uname -a
FreeBSD bbb.highfell.local 12.0-CURRENT FreeBSD 12.0-CURRENT #7 r321601M: Thu
Aug 17 22:13:21 PDT 2017
russellh at prescott.highfell.local:/usr/home/russellh/FreeBSD/rh-armv6/obj/arm.armv6/usr/home/russellh/FreeBSD/rh-armv6/src/sys/BEAGLEBONE-MMCCAM
arm
root at bbb:~ # cat /boot/loader.conf
if_run0_load="YES"
wlan_mac_load="YES"
root at bbb:~ # cat /etc/rc.conf
hostname="bbb.highfell.local"
ifconfig_cpsw0="inet 192.168.2.101 netmask 255.255.255.0"
defaultrouter="192.168.2.1"
hostapd_enable="YES"
wlans_run0="wlan0"
create_args_wlan0="wlanmode hostap"
ifconfig_wlan0="up"
#gateway_enable="YES"
cloned_interfaces="bridge0"
ifconfig_bridge0="addm cpsw0 addm wlan0 up"
sshd_enable="YES"
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
growfs_enable="YES"
root at bbb:~ # cat /etc/hostapd.conf
interface=wlan0
debug=1
ctrl_interface=/var/run/hostapd
ctrl_interface_group=wheel
ssid=freebsd
wpa=2
wpa_passphrase=testing
wpa_key_mgmt=WPA-PSK
wpa_pairwise=CCMP
root at bbb:~ # cat /etc/resolv.conf
# Generated by resolvconf
nameserver 192.168.2.1
Hi!
So I'm only partially successful repeating your test so far, but I can cause a
kernel panic! The following are my observations:
1) Before the kernel loads, loader give the following errors:
can't find 'if_run'
can't find 'wlan_mac'
2) It seems the run0 usb wi-fi interface only comes up after the bridge0 is
already enabled. dmesg does NOT capture the output from the failed attempt to
add the non-existent wlan0 interface. However, I grabbed it from the boot
output in the serial console:
#From dmesg:
ugen1.2: <Ralink 802.11 n WLAN> at usbus1
random: unblocking device.
bridge0: Ethernet address: 02:94:dd:d7:a3:00
cpsw0: link state changed to DOWN
cpsw0: promiscuous mode enabled
bridge0: link state changed to DOWN
cpsw0: link state changed to UP
bridge0: link state changed to UP
run0 on uhub1
run0: <1.0> on usbus1
run0: MAC/BBP RT3572 (rev 0x0223), RF RT3052 (MIMO 2T2R), address
60:a4:4c:ec:c9:a5
ieee80211_load_module: load the wlan_amrr module by hand for now.
wlan0: Ethernet address: 60:a4:4c:ec:c9:a5
run0: firmware RT3071 ver. 0.33 loaded
#From console grab:
eeding entropy: .
ifconfig: SIOCIFCREATE2: Invalid argument
bridge0: Ethernet address: 02:94:dd:d7:a3:00
Created clone interfaces: bridge0.
cpsw0: link state changed to DOWN
cpsw0: promiscuous mode enabled
bridge0: link state changed to DOWN
ifconfig: BRDGADD wlan0: No such file or directory
cpsw0: link state changed to UP
bridge0: link state changed to UP
Starting Network: lo0 cpsw0 bridge0.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
cpsw0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8000b<RXCSUM,TXCSUM,VLAN_MTU,LINKSTATE>
ether a0:f6:fd:8a:c5:be
hwaddr a0:f6:fd:8a:c5:be
inet 192.168.2.101 netmask 0xffffff00 broadcast 192.168.2.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:94:dd:d7:a3:00
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: cpsw0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 55
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>
Starting devd.
run0 on uhub1
run0: <1.0> on usbus1
run0: MAC/BBP RT3572 (rev 0x0223), RF RT3052 (MIMO 2T2R), address
60:a4:4c:ec:c9:a5
ieee80211_load_module: load the wlan_amrr module by hand for now.
wlan0: Ethernet address: 60:a4:4c:ec:c9:a5
Created wlan(4) interfaces: wlan0.
run0: firmware RT3071 ver. 0.33 loaded
Starting Network: wlan0.
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 60:a4:4c:ec:c9:a5
hwaddr 60:a4:4c:ec:c9:a5
groups: wlan
ssid "" channel 11 (2462 MHz 11g)
regdomain FCC country US authmode OPEN privacy OFF txpower 30
scanvalid 60 protmode CTS wme dtimperiod 1 -dfs bintval 0
media: IEEE 802.11 Wireless Ethernet autoselect <hostap> (autoselect
<hostap>)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add net default: gateway 192.168.2.1
add host ::1: gateway lo0 fib 0: route already in table
*Something else to note about this setup output is that wlan0 did NOT get the
ssid or the security setup from /etc/hostapd.conf
After boot I manually add the wlan0 to the bridge and then set the ssid
root at bbb:~ # ifconfig bridge0 addm wlan0
root at bbb:~ # ifconfig wlan0 ssid freebsd
I brought the interface down and back up again which made the AP is available
to the clients. I open the ipod and get the system to associate with the ap and
enter the following information
static IP
address: 192.168.2.102
subnet: 255.255.255.0
router: 192.168.2.1
dns : 192.168.1
After numerous wrong attempts at configuring the client, I managed to get
exactly ONE request through. The freebsd.org page came up. I then tried to
search for the ookla page and my bbb kernel paniced! (yay!)
https://pastebin.com/zB9AnWTv
The next time I booted the entire board hung right after the usb wifi adapter
loaded (chop of hung board output, full output here
https://pastebin.com/M09C5NEP):
cpsw0: link state changed to UP
bridge0: link state changed to UP
Starting Network: lo0 cpsw0 bridge0.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=600003<RXCSUM,TXCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
cpsw0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu
1500
options=8000b<RXCSUM,TXCSUM,VLAN_MTU,LINKSTATE>
ether a0:f6:fd:8a:c5:be
hwaddr a0:f6:fd:8a:c5:be
inet 192.168.2.101 netmask 0xffffff00 broadcast 192.168.2.255
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 02:94:dd:d7:a3:00
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: cpsw0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 1 priority 128 path cost 55
groups: bridge
nd6 options=9<PERFORMNUD,IFDISABLED>
Starting devd.
run0 on uhub1
run0: <1.0> on usbus1
U-Boot SPL 2015.10-00001-g143c9ee (Nov 06 2015 - 15:27:19)
bad magic
I can cause the entire OS to hang it seems. Sometimes it boots, sometimes it
hangs. The lights on the cpsw0 interface still blink but the serial console is
dead. I'm trying to *avoid* triggering that so I don't know the sequence that's
causing it. However, I can cause the kernel to panic relatively quickly after a
handful of pages. No more than three full page requests so far. It seems there
is a bad memory happening in bridge_broadcast() at bridge_broadcast+0x1c4?
https://www.freebsd.org/cgi/man.cgi?apropos=0&sektion=9&query=m_dup
Anyway, that's all the time I have for this weekend.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list