[bug] WiFi accesspoint/hostapd broken on Labrador 64 (works on 32)

ulno · Fevereiro 5, 2020, 4:25pm

As already mentioned in https://forum.caninosloucos.org.br/t/frq-no-firewall-on-labrador-64bit-possible-nftable-and-iptable-missing, the Labrador can at the moment not be used as accesspoint with hostapd. I am using the create_ap (https://github.com/oblique/create_ap) script that uses hostapd, iptables, and dnsmasq - I assume using network manager to create a wifi wpa share should show the same results as it also uses hostapd and dnsmasq.

Following error occurs (dmesg):

   55.214462] IPv6: ADDRCONF(NETDEV_UP): wlan0: link is not ready
[   55.562303] RTL8723BS: rtw_cmd_thread(wlan0) pcmd->sctx
[   55.562331] RTL8723BS: assoc success
[   55.562391] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   55.563529] RTL8723BS: set group key camid:1, addr:00:00:00:00:00:00, kid:1, type:TKIP
[   59.633874] RTL8723BS: ap recv deauth reason code(3) sta:80:7d:3a:3c:0f:a0
[   59.636257] ------------[ cut here ]------------
[   59.636263] kernel BUG at mm/slub.c:3904!
[   59.636269] Internal error: Oops - BUG: 0 [#1] SMP
[   59.636274] Modules linked in: xt_tcpudp nft_counter ipt_MASQUERADE nft_compat nft_chain_route_ipv4 nft_chain_nat_ipv4 nf_nat_ipv4 nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink ch341 usbserial bnep hci_uart bluetooth ecdh_generic realtek r8723bs(C) cfg80211 dwmac_caninos stmmac_platform stmmac of_mdio fixed_phy libphy aotg ip_tables x_tables
[   59.636339] Process RTW_CMD_THREAD (pid: 820, stack limit = 0x00000000d5c30618)
[   59.636347] CPU: 3 PID: 820 Comm: RTW_CMD_THREAD Tainted: G         C        4.19.37 #2
[   59.636349] Hardware name: Caninos Labrador 7 (DT)
[   59.636354] pstate: 40400005 (nZcv daif +PAN -UAO)
[   59.636366] pc : kfree+0x1a8/0x1b0
[   59.636498] lr : nl80211_send_station.isra.0+0x370/0xa58 [cfg80211]
[   59.636501] sp : ffffff800a4ebb80
[   59.636503] x29: ffffff800a4ebb80 x28: 00000000000005d8 
[   59.636509] x27: 0000000000000168 x26: ffffffc0795c1000 
[   59.636514] x25: 0000000000000030 x24: ffffff800a4ebcc8 
[   59.636519] x23: 0000000000000164 x22: 0000000000000000 
[   59.636524] x21: ffffff8008dc8688 x20: ffffff8000a2dfd8 
[   59.636529] x19: ffffff8009ca6344 x18: 0000000000000000 
[   59.636534] x17: 0000000000000000 x16: 0000000000000000 
[   59.636539] x15: 0000000000000400 x14: 0104ac0f00000102 
[   59.636545] x13: ac0f000001143060 x12: 30180c8482968b08 
[   59.636550] x11: 01657269706d6574 x10: 6f69090000640031 
[   59.636555] x9 : 6940d4567d9c6b14 x8 : 0104ac0f00000102 
[   59.636560] x7 : ac0f000001143060 x6 : ffffffbf00272980 
[   59.636565] x5 : 00000000000001d0 x4 : ffffff8008e84340 
[   59.636570] x3 : 0000000000000048 x2 : 000000000000002d 
[   59.636574] x1 : ffffffbf00272980 x0 : ffffffbf00272988 
[   59.636579] Call trace:
[   59.636586]  kfree+0x1a8/0x1b0
[   59.636665]  nl80211_send_station.isra.0+0x370/0xa58 [cfg80211]
[   59.636736]  cfg80211_new_sta+0x88/0x158 [cfg80211]
[   59.636820]  rtw_cfg80211_indicate_sta_assoc+0x70/0x90 [r8723bs]
[   59.636875]  rtw_stassoc_event_callback+0x280/0x2c8 [r8723bs]
[   59.636930]  mlme_evt_hdl+0x74/0xa0 [r8723bs]
[   59.636980]  rtw_cmd_thread+0x160/0x358 [r8723bs]
[   59.636987]  kthread+0x100/0x130
[   59.636993]  ret_from_fork+0x10/0x1c
[   59.637001] Code: 17ffffd0 f94004c0 3707fde0 f90013f5 (d4210000) 
[   59.637008] ---[ end trace 152bfd6882a11665 ]---
[   69.639249] RTL8723BS: ap recv disassoc reason code(8) sta:80:7d:3a:3c:0f:a0

Any idea how this could be fixed? It doesn’t look to me like a missing module, but maybe someone here can make a bit more sense of this dump.

igor.lima · Fevereiro 6, 2020, 12:29pm

@ulno, hi

With fast look at this problem, i believe that the kernel mapping memory context could be the problem, looking to the trace reported, i found at the file “…/linux-source-4.19/drivers/staging/rtl8723bs/os_dep/ioctl_cfg80211.c”, line 2429.

“cfg80211_new_sta(ndev, GetAddr2Ptr(pmgmt_frame), &sinfo, GFP_ATOMIC);”,

Could you try change the GFP_ATOMIC to GFP_KERNEL and see what happens?

It could crash in other moments after that, but if go ahead after that, so the problem is that for sure.

ulno · Fevereiro 6, 2020, 3:28pm

changed it, but result looks pretty similar:

[   50.085397] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   50.086552] RTL8723BS: set group key camid:1, addr:00:00:00:00:00:00, kid:1, type:TKIP
[   75.623759] ------------[ cut here ]------------
[   75.623772] kernel BUG at mm/slub.c:3904!
[   75.623778] Internal error: Oops - BUG: 0 [#1] SMP
[   75.623783] Modules linked in: xt_tcpudp nft_counter ipt_MASQUERADE nft_compat nft_chain_route_ipv4 nft_chain_nat_ipv4 nf_nat_ipv4 nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 nf_tables nfnetlink bnep hci_uart bluetooth ecdh_generic r8723bs(C) realtek cfg80211 dwmac_caninos stmmac_platform stmmac of_mdio fixed_phy libphy aotg ip_tables x_tables
[   75.623845] Process RTW_CMD_THREAD (pid: 806, stack limit = 0x0000000034d447e7)
[   75.623853] CPU: 0 PID: 806 Comm: RTW_CMD_THREAD Tainted: G         C        4.19.37 #2
[   75.623855] Hardware name: Caninos Labrador 7 (DT)
[   75.623860] pstate: 40400005 (nZcv daif +PAN -UAO)
[   75.623873] pc : kfree+0x1a8/0x1b0
[   75.624003] lr : nl80211_send_station.isra.0+0x370/0xa58 [cfg80211]
[   75.624006] sp : ffffff800a4c3b80
[   75.624008] x29: ffffff800a4c3b80 x28: 00000000000005d8 
[   75.624013] x27: 000000000000015c x26: ffffffc077caf000 
[   75.624019] x25: 0000000000000030 x24: ffffff800a4c3cc8 
[   75.624024] x23: 0000000000000158 x22: 0000000000000000 
[   75.624029] x21: ffffff8008dc8688 x20: ffffff8000a2dfd8 
[   75.624034] x19: ffffff8009cae344 x18: 0000000000000000 
[   75.624039] x17: 0000000000000000 x16: 0000000000000000 
[   75.624044] x15: 0000000000000400 x14: 02ac0f00000104ac 
[   75.624049] x13: 0f00000102ac0f00 x12: 0001143000000000 
[   75.624054] x11: 00080000087f0000 x10: 02007b0546140802 
[   75.624060] x9 : 216c604830043224 x8 : 18120c160b040208 
[   75.624065] x7 : 01657269706d6574 x6 : ffffffbf00272b80 
[   75.624070] x5 : 00000000000001e0 x4 : ffffff8008e84340 
[   75.624075] x3 : 0000000000000000 x2 : ffffffffffffffcb 
[   75.624080] x1 : ffffffbf00272b80 x0 : ffffffbf00272b88 
[   75.624085] Call trace:
[   75.624092]  kfree+0x1a8/0x1b0
[   75.624170]  nl80211_send_station.isra.0+0x370/0xa58 [cfg80211]
[   75.624242]  cfg80211_new_sta+0x88/0x158 [cfg80211]
[   75.624329]  rtw_cfg80211_indicate_sta_assoc+0x70/0x90 [r8723bs]
[   75.624384]  rtw_stassoc_event_callback+0x280/0x2c8 [r8723bs]
[   75.624439]  mlme_evt_hdl+0x74/0xa0 [r8723bs]
[   75.624490]  rtw_cmd_thread+0x160/0x358 [r8723bs]
[   75.624497]  kthread+0x100/0x130
[   75.624504]  ret_from_fork+0x10/0x1c
[   75.624511] Code: 17ffffd0 f94004c0 3707fde0 f90013f5 (d4210000) 
[   75.624519] ---[ end trace 6ee4aaced44ad6b7 ]---
[   85.649588] RTL8723BS: ap recv deauth reason code(3) sta:e4:8e:5d:c8:9a:ea

thalyson · Setembro 2, 2020, 9:28pm

Hello, @ulno.

You had problems with the 32 bits and the 64 bits Labrador when thing to use as access point, right? Did you solve this problem?

If not, what are your coreboard and baseboard numbers? Are u using the last version?