[Bug 268565] panic after "killall wpa_supplicant" followed by "/etc/rc.d/netif start" with rtw880

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 29 Dec 2022 06:44:28 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268565

--- Comment #3 from Mikhail Pchelin <misha@freebsd.org> ---
(In reply to Bjoern A. Zeeb from comment #2)

My initial report must have contained more details, fixing it:

I'm connected to WPA2 SSID, ping is working, then I do "killall wpa_supplicant"
followed by "/etc/rc.d/netif start" and get the panic.

needed part of rc.conf:

wlans_rtw880="wlan0"
ifconfig_wlan0="WPA DHCP"

wpa_supplicant.conf:

network={
  ssid="<SSID>"
  psk="<PSK>"
}

When I issue "killall wpa_supplicant" following series of actions happens:

ieee80211_newstate_cb
lkpi_iv_newstate (nstate=IEEE80211_S_INIT)
lkpi_sta_run_to_init
lkpi_lsta_remove (this is where we ni->ni_drv_data being set to NULL)

According to comments near "sta_state_fsm[]" transition from IEEE80211_S_RUN to
IEEE80211_S_INIT is done when DISASSOC frame is sent.

When I do "/etc/rc.d/netif start" I get the backtrace from original message:
80211 stack is trying to issue active scan and send probe request, but
ni_drv_data is NULL and therefor I get the panic.

Currently I'm not sure how to fix this except checking lsta in raw_xmit and
manually allocating it if fails. If the patch looks fishy, can you point the
direction where to dig this further?

-- 
You are receiving this mail because:
You are the assignee for the bug.