Modify

Opened 3 years ago

Closed 3 years ago

#18765 closed defect (fixed)

Kernel panic when trying to inject wifi packets

Reported by: user890104 Owned by: developers
Priority: normal Milestone:
Component: kernel Version: Trunk
Keywords: Cc:

Description

Hello, I am using OpenWRT trunk r43978 on a VoCore board (Ralink RT5350 SoC). I have compiled aircrack-ng trunk r2462. I am using the integrated wifi (modulee rt2800_wmac) to inject packets.
Kernel version:

Linux VoCore 3.14.28 #1 Fri Jan 16 13:04:26 EET 2015 mips GNU/Linux

As soon as the application tries to send a packet, the kernel crashes. Crash log follows:

[   72.450000] device wlan0mon entered promiscuous mode
[   88.080000] CPU 0 Unable to handle kernel paging request at virtual address 000000f0, epc == 80ea3158, ra == 80ea33f8
[   88.100000] Oops[#1]:
[   88.100000] CPU: 0 PID: 1124 Comm: easside-ng Not tainted 3.14.28 #1
[   88.100000] task: 818defd0 ti: 8168c000 task.ti: 8168c000
[   88.100000] $ 0   : 00000000 7fe290c0 00000008 8168dc34
[   88.100000] $ 4   : 00000002 8168dc34 8188b2dc 8188b2dc
[   88.100000] $ 8   : 80e6f05c 00000090 81b91f18 00000003
[   88.100000] $12   : ffffffff 81b91f20 ffffffff 00000020
[   88.100000] $16   : 8168dc34 81b91f00 8188aae0 00000000
[   88.100000] $20   : 00000000 00000000 8168dc34 00000000
[   88.100000] $24   : 0000001d 80e26070
[   88.100000] $28   : 8168c000 8168dbc8 00000028 80ea33f8
[   88.100000] Hi    : 00000009
[   88.100000] Lo    : 00000070
[   88.100000] epc   : 80ea3158 ieee80211_tx_prepare_skb+0x488/0x74c [mac80211]
[   88.100000]     Not tainted
[   88.100000] ra    : 80ea33f8 ieee80211_tx_prepare_skb+0x728/0x74c [mac80211]
[   88.100000] Status: 1100e403 KERNEL EXL IE
[   88.100000] Cause : 40800008
[   88.100000] BadVA : 000000f0
[   88.100000] PrId  : 0001964c (MIPS 24KEc)
[   88.100000] Modules linked in: rt2800soc rt2800mmio rt2800lib w1_therm w1_gpio rtl8187 rt2x00soc rt2x00mmio rt2x00lib pl2303 mmc_spi mac80211 cp210x cfg80211 asix wire usbserial usbnet usbmon usbhid spi_gpio spi_bitbang of_mmc_spi joydev hid_generic crc7 crc_itu_t crc_ccitt compat fuse hid evdev input_core i2c_ralink i2c_dev i2c_core tun vfat fat nls_iso8859_1 nls_cp437 eeprom_93cx6 arc4 crypto_blkcipher mmc_block usb_storage mmc_core leds_gpio ohci_platform ohci_hcd ehci_platform ehci_hcd sd_mod scsi_mod gpio_button_hotplug ext4 crc16 jbd2 mbcache usbcore nls_base usb_common mii crypto_hash
[   88.100000] Process easside-ng (pid: 1124, threadinfo=8168c000, task=818defd0, tls=778f7440)
[   88.100000] Stack : 00000fff 00000000 00000000 802b0000 00000001 80e6f05c 00000000 00000000
          00004d08 0000000c 81b91f00 8188aae0 00000028 80ff5402 00000000 00000000
          fffeffff 00000000 00000000 80ea33f8 802c6a60 00000007 802b96e0 00000000
          00000000 801d2fb8 00000000 8168dc34 8168dc34 00000000 8188aae0 80ff5400
          00000000 00000000 00000100 00000002 81b910c0 81b91f00 80ff5400 8188a120
          ...
[   88.100000] Call Trace:
[   88.100000] [<80ea3158>] ieee80211_tx_prepare_skb+0x488/0x74c [mac80211]
[   88.100000] [<80ea33f8>] ieee80211_tx_prepare_skb+0x728/0x74c [mac80211]
[   88.100000]
[   88.100000]
Code: 02a21021  083a8c57  8c540000 <8e7400f0> 1280003a  2662f8d8  92830009  246400da  00042880
[   88.530000] ---[ end trace 08d320a8b682f5e2 ]---
[   88.550000] Kernel panic - not syncing: Fatal exception in interrupt
[   88.550000] Rebooting in 3 seconds..

Issue was reported to aircrack-ng, but they think that it is a driver problem. Link to aircrack-ng bug tracker: http://trac.aircrack-ng.org/ticket/1554

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by nbd

  • Resolution set to fixed
  • Status changed from new to closed

fixed in current trunk

Add Comment

Modify Ticket

Action
as closed .
The resolution will be deleted. Next status will be 'reopened'.
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.