search

openwrt / openwrt

This repository is a mirror of https://git.openwrt.org/openwrt/openwrt.git It is for reference only and is not active for check-ins. We will continue to accept Pull Requests here. They will be merged via staging trees then into openwrt.git.
Other
19.54k stars 10.21k forks source link

FS#1382 - crash in __slab_free.isra from kfree #6310

Open openwrt-bot opened 6 years ago

openwrt-bot commented 6 years ago

andyburns:

Supply the following if possible:

BT homehub 5a

SNAPSHOT, r6182

kernel - 4.9.82-1-b3856355ef32057f204aaf8b7ab28ff3 kmod-usb-net-cdc-ncm - 4.9.82-1 kmod-usb-net-huawei-cdc-ncm - 4.9.82-1 kmod-usb-serial - 4.9.82-1 kmod-usb-serial-wwan - 4.9.82-1 usb-modeswitch - 2017-12-19-f40f84c2-1

Trying to get Huawei E3372 4G dongle running in NCM mode after usbmodes runs, the /etc/ncm-wdm0 is created, but does not communicate with modem on dongle

I have to run echo "12d1 1506 ff" > /sys/bus/usb-serial/drivers/generic/new_id

which gives

[ 1003.351417] usbserial_generic 1-1:1.0: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 1003.360515] usbserial_generic 1-1:1.0: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 1003.370345] usbserial_generic 1-1:1.0: generic converter detected [ 1003.377122] usb 1-1: generic converter now attached to ttyUSB0 [ 1003.382521] usbserial_generic 1-1:1.1: The "generic" usb-serial driver is only for testing and one-off prototypes. [ 1003.392654] usbserial_generic 1-1:1.1: Tell linux-usb@vger.kernel.org to add your device to a proper driver. [ 1003.402464] usbserial_generic 1-1:1.1: generic converter detected [ 1003.409607] usb 1-1: generic converter now attached to ttyUSB1

I realize that forcing the generic usb serial in this way is not "proper" but it seems necessary for the moment to get any communication with the modem

this does create /dev/ttyUSB0 and ttyUSB1 devices,

startimg the 4G interface with

ifup LTE

will then communicate with the modem, the chat script gets responses to the AT commands

unfortunately as soon as I run

ifdown LTE

I get a repeatable crash

root@hh5a:/# ifdown LTE root@hh5a:/# root@hh5a:/# [256467.571884] CPU 1 Unable to handle kernel paging request at virtual address 67901b30, epc == 800f33f8, ra == 800f3b94 [256467.581230] Oops[#1]: [256467.583518] CPU: 1 PID: 14 Comm: ksoftirqd/1 Not tainted 4.9.82 #0 [256467.589782] task: 87c3d080 task.stack: 87c7a000 [256467.594379] $ 0 : 00000000 806f0004 67901b30 00000001 [256467.599688] $ 4 : 87c02b00 810fb560 67901a00 67901a00 [256467.605003] $ 8 : 805993f8 04efd20a d208b27a 0000008c [256467.610310] $12 : 52016177 ffffffff 00000000 1a0004e4 [256467.615619] $16 : 810fb560 850d8008 000d001a 00000000 [256467.620930] $20 : 805990a0 00000000 87c02b00 00000000 [256467.626238] $24 : 00000000 875e36f8 [256467.631549] $28 : 87c7a000 87c7bcd8 00000018 800f3b94 [256467.636856] Hi : 00000000 [256467.639814] Lo : 0000c400 [256467.642811] epc : 800f33f8 slab_free.isra.13+0x64/0x334 [256467.648453] ra : 800f3b94 kfree+0x194/0x1a4 [256467.652963] Status: 1100c303 KERNEL EXL IE [256467.657223] Cause : 0080000c (ExcCode 03) [256467.661312] BadVA : 67901b30 [256467.664274] PrId : 00019556 (MIPS 34Kc) [256467.668270] Modules linked in: ltq_ptm_vr9 ath9k ath9k_common ath9k_hw ath10k_pci ath10k_core ath usb_wwan pppoe nf_nat_pptp nf_conntrack_pptp nf_conntrack_ipv6 mac80211 iptable_nat ipt_REJECT ipt_MASQUERADE huawei_cdc_ncm cfg80211 cdc_ncm xt_time xt_tcpudp xt_tcpmss xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt_length xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlimit xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_HL xt_DSCP xt_CT xt_CLASSIFY usbserial usbnet ts_fsm ts_bm pppox ppp_async owl_loader nf_reject_ipv4 nf_nat_tftp nf_nat_snmp_basic nf_nat_sip nf_nat_redirect nf_nat_proto_gre nf_nat_masquerade_ipv4 nf_nat_irc nf_conntrack_ipv4 nf_nat_ipv4 nf_nat_h323 nf_nat_amanda nf_nat nf_log_ipv4 nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrack_tftp nf_conntrack_snmp nf_conntrack_sip nf_conntrack_rtcache nf_conntrack_proto_gre nf_conntrack_irc nf_conntrack_h323 nf_conntrack_broadcast ts_kmp nf_conntrack_amanda ltq_deu_vr9 iptable_mangle iptable_filter ipt_ECN ip_tables crc_ccitt compat cdc_wdm sch_cake nf_conntrack act_skbedit act_mirred em_u32 cls_u32 cls_tcindex cls_flow cls_route cls_fw sch_tbf sch_htb sch_hfsc sch_ingress drv_dsl_cpe_api drv_mei_cpe ip6t_REJECT nf_reject_ipv6 nf_log_ipv6 nf_log_common ip6table_mangle ip6table_filter ip6_tables x_tables pppoatm ppp_generic slhc ifb br2684 atm mii drv_ifxos dwc2 gpio_button_hotplug Process ksoftirqd/1 (pid: 14, threadinfo=87c7a000, task=87c3d080, tls=00000000) [256467.798220] Stack : 00000000 00000001 00000000 00000000 67901a00 67901a00 00000001 805a0000 [256467.806661] 04f6d940 850d8008 00003fe0 00000002 67901a00 04efd20a d208b27a d20f920a [256467.815103] 52016177 ffffffff 00000000 1a0004e4 876a8d00 850d8008 87d7b800 00000000 [256467.823546] 876a8d00 850d8008 87d7b800 00000000 805990a0 00010000 00000002 00000000 [256467.831989] 00000018 800f3b94 00000018 875e36bc 1100c303 00000000 00000001 04f6d940 [256467.840432] ... [256467.842959] Call Trace: [256467.845511] [<800f33f8>] slab_free.isra.13+0x64/0x334 [256467.850826] [<800f3b94>] kfree+0x194/0x1a4 [256467.854986] Code: 8e12000c 00621021 8fa30018 00121402 00431023 3042ffff afb2002c 32570001 [256467.864804] [256467.866497] ---[ end trace e77f91eef6b40e80 ]---

root@h[256467.872551] Kernel panic - not syncing: Fatal exception in interrupt [256467.878975] Rebooting in 3 seconds..

openwrt-bot commented 6 years ago

andyburns:

I notice the Lantiq/xrx200/Homehub5a build has been switched from kernel 4.9.x to 4.14.x, so I tried this again in the hope it might have fixed the USB panic, unfortunately it did not.