Firmware crash

Michal Kazior michal.kazior at tieto.com
Thu Jun 26 04:47:06 PDT 2014


On 26 June 2014 13:10, Sven Schnelle <svens at stackframe.org> wrote:
> Hi List,
>
> i've seen a strange firmware crash:
>
> Athos/Xt BSP version Oct 19 2012-16:00:59
> Baud rate host set is 115200.
> Mac address is : 00:03:07:12:34:56
> alloc rem: 197524
> **WMI Service Ready **
> NUM_DEV=16
> TGT_VER: 4100016C
> RegDomain: 0, CfgCtl: 224 - 224
> ar_wal_peer_attach: num_peer_entries 145, num_tid_entries 443
> allocated 64 tids at 0x439a08 (each 96 bytes)
> allocated 379 tids in IRAM at 0x9baeb4 (each 96 bytes)
> allocated 64 stateless tids at 0x43b230 (each 40 bytes)
> ### turn on Tx completion index tracking ###
> **WMI Ready **
> TGT_VER: 4100016C
> RegDomain: 3A, CfgCtl: 16 - 16
> peer create command for ****0:3:7:12:34:56****
> _wlan_vdev_set_param: unimplemented command 0x2
> _wlan_vdev_set_param: unimplemented command 0x7
> _wlan_vdev_set_param: unimplemented command 0x8
> TODO: Add DBGLOG for WMM Params
> TODO: Add DBGLOG for WMM Params
> TODO: Add DBGLOG for WMM Params
> TODO: Add DBGLOG for WMM Params
> TSF id: 1, free_tsf_id_map: 1
> assertion failed? pc=0x9a0e15, line=0, dump area=0x401930
> Target ID: 0x4100016c (1090519404)
> Debug Info:
> 0x4100016c 0x00000000 0x009a0e15 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x009a0e15
> 0x00000000 0x00401930 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000
> 0x00000000 0x00000000 0x00000000 0x00000000

Apparently firmware crashes while processing a beacon frame with a
NULL dereference.


> This happened on two APs at the same time, which were running before without
> problems. As both APs are in short distance (about 10m) i guess it was
> caused
> by some packet on the Air.
>
> I see a 'assertion failed' above, can anyone tell what that assertion is?
>
> Firmware Version is:
>
> [   27.120000] ath10k: hardware name qca988x hw2.0 version 0x4100016c
> [   27.130000] ath10k: firmware version: 10.1.467.2-1

Did you happen to have the ath10k interface in a bridge? If so monitor
vdev is most likely the culprit here. A very similar issue was
reported for 4addr station bridging and also involves monitor vdev.


Michał



More information about the ath10k mailing list