I believe there is a bug when building the probe request IEs for the HE capabilities. More info in the patch. While looking at this I noticed some other confusing code related to building the probe request. Looking at ieee80211_build_preq_ies. It is passed 'bands_used' which is a bitmask of bands. A probe request is only sent out on a single band so why would this contain multiple bands? We then loop over these bands and call ieee80211_build_preq_ies_band for each one. This, AFAICT, would append the same IEs multiple times if 'bands_used' contained more than one band. Internal to mac80211/util.c its only passed BIT(chan->band), but mac80211/scan.c seems to pass a list... Below is the warning I am seeing (many, many times). It says the warning is in build_preq_ies, but it really seems like this is not correct and its actually in ieee80211_get_he_6ghz_capa since I see no warning message as others _should_ have. [ 732.130000] ------------[ cut here ]------------ [ 732.130000] WARNING: CPU: 0 PID: 1352 at include/net/cfg80211.h:608 ieee80211_build_preq_ies+0x766/0x84d [ 732.130000] Modules linked in: [ 732.130000] CPU: 0 PID: 1352 Comm: kworker/u2:0 Tainted: G W 5.19.0 #1 [ 732.130000] Workqueue: rad6 ieee80211_scan_work [ 732.130000] Stack: [ 732.130000] 605d0943 60256c96 60035421 00000001 [ 732.130000] 6052cddd 60450efa 61f3d5d9 60454c00 [ 732.130000] 00000000 00000000 00000009 6003e77d [ 732.130000] Call Trace: [ 732.130000] [<60256c96>] ? dump_stack_print_info+0xe1/0xef [ 732.130000] [<60035421>] ? um_set_signals+0x0/0x3c [ 732.130000] [<60450efa>] ? _printk+0x0/0x9f [ 732.130000] [<60454c00>] ? dump_stack_lvl+0x47/0x52 [ 732.130000] [<6003e77d>] ? __warn+0xf2/0x123 [ 732.130000] [<60035449>] ? um_set_signals+0x28/0x3c [ 732.130000] [<604501bb>] ? warn_slowpath_fmt+0xd6/0xe2 [ 732.130000] [<6042830f>] ? ieee80211_prepare_and_rx_handle+0xbf4/0xc22 [ 732.130000] [<604500e5>] ? warn_slowpath_fmt+0x0/0xe2 [ 732.130000] [<603d3bc5>] ? ieee80211_ie_split_ric+0xe4/0xfe [ 732.130000] [<60035421>] ? um_set_signals+0x0/0x3c [ 732.130000] [<604341ac>] ? ieee80211_vif_type_p2p+0x0/0x26 [ 732.130000] [<6043aeb5>] ? ieee80211_build_preq_ies+0x766/0x84d [ 732.130000] [<60035377>] ? unblock_signals+0x36/0xe0 [ 732.130000] [<60429f6c>] ? skb_put_zero+0x2c/0x34 [ 732.130000] [<60429f40>] ? skb_put_zero+0x0/0x34 [ 732.130000] [<6043b095>] ? ieee80211_build_probe_req+0xf9/0x161 [ 732.130000] [<6040c2ed>] ? ieee80211_scan_state_send_probe+0xaf/0x14c [ 732.130000] [<60051181>] ? queue_delayed_work_on+0x67/0x72 [ 732.130000] [<6040d1b0>] ? ieee80211_scan_work+0x40b/0x503 [ 732.130000] [<6040cda5>] ? ieee80211_scan_work+0x0/0x503 [ 732.130000] [<600529de>] ? process_one_work+0x1b0/0x2b1 [ 732.130000] [<6004f829>] ? move_linked_works+0x0/0x57 [ 732.130000] [<60053086>] ? worker_thread+0x270/0x39b [ 732.130000] [<6004f909>] ? set_pf_worker+0x0/0x5f [ 732.130000] [<60057231>] ? arch_local_irq_save+0x0/0x26 [ 732.130000] [<60035449>] ? um_set_signals+0x28/0x3c [ 732.130000] [<60052e16>] ? worker_thread+0x0/0x39b [ 732.130000] [<600588ef>] ? kthread_exit+0x0/0x37 [ 732.130000] [<60052e16>] ? worker_thread+0x0/0x39b [ 732.130000] [<60058a6d>] ? kthread+0x11f/0x124 [ 732.130000] [<60035377>] ? unblock_signals+0x36/0xe0 [ 732.130000] [<60021f95>] ? new_thread_handler+0x86/0xbb [ 732.130000] ---[ end trace 0000000000000000 ]--- [ 732.210000] ------------[ cut here ]------------ James Prestwood (1): wifi: mac80211: fix probe req HE capabilities access net/mac80211/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.34.3
