Belkin RT3200/Linksys E8450 WiFi AX discussion

Okay, that didn't work. I flashed both of the following files:
openwrt-22.03.1-mediatek-mt7622-mediatek_mt7622-rfb1-ubi-squashfs-sysupgrade.bin
openwrt-22.03.1-mediatek-mt7622-mediatek_mt7622-rfb1-ubi-squashfs-factory.bin
After each flash and reboot, it returns to the initramfs recovery image. I may have really broken this thing. Something to note is that I have to use the "Force" option each time I do this.

Could I be haunted by an incompatible config somewhere? I would think not, since I think it'd be overwritten on flash, but maybe not?

Do I need to completely start the process over again, and maybe try to re-convert to UBI? Is this possible? Would flashing "openwrt-mediatek-mt7622-linksys_e8450-ubi-initramfs-recovery-installer.itb" do it?

And why do some images use the itb file extension, and others use the .bin extenstion? There is a file extension page on the OpenWRT wiki, but it doesn't mention itb.

I had a similar issue with openwrt-22.03.0-mediatek-mt7622-linksys_e8450-ubi-initramfs-recovery.itb (I didn't try the most recent 22.03.1 initramfs-recovery.itb image).

I loaded that image for taking full backup of stock firmware of my RT3200. After taking the backups, when I power cycled the device (disconnect power adapter, wait 2 mins, connect back power adapter), the RT3200 still booted into the initramfs-recovery screen instead of the stock firmware. That seemed weird to me.

I think I did another power cycle which still did not work. I think I had to ssh into the RT3200 (running initramfs-recovery image) and reboot (maybe even 2 times, do not remember) and then I booted into stock firmware. At this point in time I hadn't yet run the UBI installer, so the only image stored in the flash memory was still the stock firmware.

I am still not sure how initramfs-recovery image survived a power cycle, since ideally that should have cleared the RAM completely.

EDIT: I had similar experience when I loaded iniramfs-recovery.itb image on running regular UBI image, to load back the stock firmware (using the full backup files). At that time also, the RT3200 booted back into initramfs-recovery after a power cycle, and may 2 power cycles and 2 reboot commands later it booted into the stock firmware.

1 Like

ITB files are UBI images. BIN files are non-UBI images.

1 Like

You had to start over again with the original firmware at some point? I think I'm screwed because I don't have the full backup files. I didn't think I'd ever go back to the factory firmware.

Ok, let's go over it one by one. The images you got on OpenWrt's download server, e.g. for the current/upcoming 22.03.1 release are:

filename hash size date
linksys_e8450-initramfs-kernel.bin f8602b7a... 7969.7 KB Mon Oct 10 02:05:10 2022
linksys_e8450-squashfs-sysupgrade.bin bdb30501... 8960.3 KB Mon Oct 10 02:05:12 2022
linksys_e8450-ubi-bl31-uboot.fip 5cc986fb... 920.5 KB Mon Oct 10 02:05:13 2022
linksys_e8450-ubi-initramfs-recovery.itb f082c6b8... 8064.0 KB Mon Oct 10 02:05:11 2022
linksys_e8450-ubi-preloader.bin 8546b969... 65.9 KB Mon Oct 10 02:05:13 2022
linksys_e8450-ubi-squashfs-sysupgrade.itb 44f7b2fb... 10028.3 KB Mon Oct 10 02:05:12 2022

So there are multiple files for both, use with the vendor loader and everything needed to run the OpenWrt-built replacement bootloader.

As explained also in the Wiki, you have the choice of either running OpenWrt on top of the vendor bootloader or you run the installer once to replace the bootloader with a modernized version built from source which brings support for UBI.

For running with the stock loader and original vendor-defined flash partition layout:

  • *linksys_e8450-initramfs-kernel.bin
    Kernel image with built-in minimal filesystem for recovery purpose

  • *linksys_e8450-squashfs-sysupgrade.bin
    Production firmware image compatible with the vendor firmware flash layout.

However, both don't work well due to incompatible error detection/correction data in the out-of-band areas of the NAND flash which causes read-errors when using the upstream/Linux hardware BCH ECC driver used also by OpenWrt.

Hence converting the device to UBI is the recommended way and once that's done, you will have to use the *linksys_e8450-ubi-squashfs-sysupgrade.itb file for sysupgrade. Do not use images intended for other boards or the non-UBI variant. If you see a warning which you can only skip by using the force option, that usually means you picked the wrong image and it will not work.

  • linksys_e8450-ubi-bl31-uboot.fip
    U-Boot bootloader. Usually you won't need to ever touch this once it has been written once by the installer.

  • linksys_e8450-ubi-initramfs-recovery.itb
    Kernel image with built-in minimal filesystem for recovery purpose

  • linksys_e8450-ubi-preloader.bin
    ARM Trusted Firmware bl2 loader. Usually you won't need to ever touch this once it has been written once by the installer.

  • linksys_e8450-ubi-squashfs-sysupgrade.itb
    Production firmware image using UBI.
    Use this file to upgrade your router when running the UBI firmware!

5 Likes

I didn't have to start over again. I flashed back the stock firmware since I had to return the device.

I actually bought the RT3200 for a relative. But due to it's short range and the complexity of OpenWrt (he is good with IT stuff but not with networking) he has decided to either go with Dynalink DL-WRX36 (AX3600 router (my recommendation, based on the advertised range and the fact that there might be a way to flash OpenWrt in the future Dynalink DL-WRX36 Askey RT5010W IPQ8072A technical discussion ) or a mesh wifi setup.

1 Like

Hah! It's working! I'm on OpenWrt 22.03.1! Thanks for your help! Now I need to configure PPOE and Wifi. I'm afraid to try my old backup config!

Edit:
I used my old config anyway, and it seems fine so far. I'm no longer tethered to my phone! Thanks again Daniel and @ka2107 !

Edit2:
Unfortunately, I'm not sure exactly what fixed the issue. No matter what I did, the recovery image kept showing up everytime I booted. The last steps I took were flashing "openwrt-22.03.1-mediatek-mt7622-linksys_e8450-ubi-squashfs-sysupgrade.itb", and when it booted up, it was still in recovery mode. Finally, I power cycled a couple of times like @ka2107 talked about, and suddenly I was in 22.03.1 (non-recovery).

1 Like

You likely had a few kernel crash error logs ("pstore files") in the debug file system in RAM (surviving a warm reboot).
If they are present, the router boots into recovery.
A hard power-off clears the files from RAM, and magically you are in the normal mode.

@daniel has placed that logic into uboot for debug reasons. But for my production routers (at my relatives) I have removed that setting from uboot command strings, as it is a too hard regimen for laymen.

2 Likes

This morning my wifi completely died and I found out my Belkin RT3200 went into recovery mode. The web interface looked like the dangowrt installer instead of the official openwrt image's interface. Does this mean my kernel crashed? I was running 22.03.1 btw.

Also I thought flashing official openwrt would replace the recovery, but it appears that it doesn't? dangowrt is clearly hanging around somewhere.

Yes, that's what happened. If there are crashlogs in pstore, the bootloader starts the recovery image. There you should check and view (and share!) files in /sys/fs/pstore/* so we can find out why you have experienced that crash.

As there is plenty of space there is a dual-boot mechanism in place with a recovery and a production image. Flashing new firmware updates the production image only. The recovery image is still there, and used as dual-boot option in case booting the production images fails or a kernel crash has happened.

If you want to replace or update the recovery image, this is possible by writing *linksys_e8450-ubi-initramfs-recovery.itb to the UBI volume recovery. Make sure the volume is large enough, you may have to delete rootfs_data and/or limit the size of rootfs_data using the rootfs_data_max U-Boot environment variable.

2 Likes

Thanks! Will share crash logs if it ever happens again.

I am interested in updating this but I have a few questions.

  1. How do I go about writing the recovery image? Do I do this via the Backup / Flash firmware UI or do I need to SSH in for this?
  2. If I write this recovery image, does it wipe the production image and I have to reflash that as well?
  3. How do I change the u-boot environment variable if I need to?

I tried to find a few guides on the wiki for this but my Google-fu wasn't strong enough. Any help appreciated.

For 3. Belkin RT3200/Linksys E8450 WiFi AX discussion - #1775 by hnyman

2 Likes

Is there any update on the 00-prefer-libwolfsslcpu-crypto plan? That sounds like a good workaround to this issue. Thanks!

@daniel
since you asked for it...

The dumps were collected on 09/23. I don't know whether they are still useful as they are 3 weeks old by now and I don't recall the exact git hash:
dmesg-ramoops-0

<6>[    8.278919] Backport generated by backports.git v5.15.58-1-0-g42a95ce7
<7>[    8.348438] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
<7>[    8.359648] mt7915e 0000:01:00.0: assign IRQ: got 150
<7>[    8.364811] pci 0000:00:00.0: enabling bus mastering
<6>[    8.369793] mt7915e 0000:01:00.0: enabling device (0000 -> 0002)
<7>[    8.375924] mt7915e 0000:01:00.0: enabling bus mastering
<6>[    8.402814] mt7622-wmac 18000000.wmac: HW/SW Version: 0x8a108a10, Build Time: 20190801210006a
<6>[    8.402814] 
<6>[    8.487977] mt7622-wmac 18000000.wmac: N9 Firmware Version: _reserved_, Build Time: 20220630094834
<6>[    8.568237] mt7915e 0000:01:00.0: HW/SW Version: 0x8a108a10, Build Time: 20211222184017a
<6>[    8.568237] 
<6>[    8.696599] mt7915e 0000:01:00.0: WM Firmware Version: ____000000, Build Time: 20211222184052
<6>[    8.753585] mt7915e 0000:01:00.0: WA Firmware Version: DEV_000000, Build Time: 20211222184111
<6>[    8.902108] PPP generic driver version 2.4.2
<6>[    8.909472] NET: Registered protocol family 24
<14>[    8.917925] kmodloader: done loading kernel modules from /etc/modules.d/*
<6>[   11.620624] mtk_soc_eth 1b100000.ethernet eth0: Link is Down
<6>[   11.631418] mtk_soc_eth 1b100000.ethernet eth0: configuring for fixed/2500base-x link mode
<6>[   11.640320] mtk_soc_eth 1b100000.ethernet eth0: Link is Up - 2.5Gbps/Full - flow control rx/tx
<6>[   11.649131] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
<6>[   11.657806] mt7530 mdio-bus:00 lan1: configuring for phy/gmii link mode
<6>[   11.665384] 8021q: adding VLAN 0 to HW filter on device lan1
<6>[   11.676097] br-lan: port 1(lan1) entered blocking state
<6>[   11.681336] br-lan: port 1(lan1) entered disabled state
<6>[   11.690194] device lan1 entered promiscuous mode
<6>[   11.694869] device eth0 entered promiscuous mode
<6>[   11.708840] mt7530 mdio-bus:00 lan2: configuring for phy/gmii link mode
<6>[   11.716172] 8021q: adding VLAN 0 to HW filter on device lan2
<6>[   11.720450] mt7530 mdio-bus:00 lan2: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   11.724208] br-lan: port 2(lan2) entered blocking state
<6>[   11.734648] br-lan: port 2(lan2) entered disabled state
<6>[   11.740660] device lan2 entered promiscuous mode
<6>[   11.754563] mt7530 mdio-bus:00 lan3: configuring for phy/gmii link mode
<6>[   11.761793] 8021q: adding VLAN 0 to HW filter on device lan3
<6>[   11.766455] mt7530 mdio-bus:00 lan3: Link is Up - 100Mbps/Full - flow control off
<6>[   11.769770] br-lan: port 3(lan3) entered blocking state
<6>[   11.780208] br-lan: port 3(lan3) entered disabled state
<6>[   11.786452] device lan3 entered promiscuous mode
<6>[   11.800006] mt7530 mdio-bus:00 lan4: configuring for phy/gmii link mode
<6>[   11.807236] 8021q: adding VLAN 0 to HW filter on device lan4
<6>[   11.815236] br-lan: port 4(lan4) entered blocking state
<6>[   11.820471] br-lan: port 4(lan4) entered disabled state
<6>[   11.826888] device lan4 entered promiscuous mode
<6>[   11.840568] mt7530 mdio-bus:00 wan: configuring for phy/gmii link mode
<6>[   11.847799] 8021q: adding VLAN 0 to HW filter on device wan
<6>[   11.857991] mt7530 mdio-bus:00 wan: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   11.867916] br-lan: port 5(wan) entered blocking state
<6>[   11.873129] br-lan: port 5(wan) entered disabled state
<6>[   11.879585] device wan entered promiscuous mode
<6>[   11.897090] br-lan: port 5(wan) entered blocking state
<6>[   11.902275] br-lan: port 5(wan) entered forwarding state
<6>[   11.907676] br-lan: port 3(lan3) entered blocking state
<6>[   11.912942] br-lan: port 3(lan3) entered forwarding state
<6>[   11.918442] br-lan: port 2(lan2) entered blocking state
<6>[   11.923712] br-lan: port 2(lan2) entered forwarding state
<6>[   14.158662] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[   14.377778] mt7530 mdio-bus:00 lan1: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   14.385424] br-lan: port 1(lan1) entered blocking state
<6>[   14.390657] br-lan: port 1(lan1) entered forwarding state
<6>[   14.582186] br-lan: port 6(wlan0) entered blocking state
<6>[   14.587514] br-lan: port 6(wlan0) entered disabled state
<6>[   14.593174] device wlan0 entered promiscuous mode
<6>[   14.598072] br-lan: port 6(wlan0) entered blocking state
<6>[   14.603447] br-lan: port 6(wlan0) entered forwarding state
<6>[   14.855515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[   15.367034] br-lan: port 7(wlan1) entered blocking state
<6>[   15.372491] br-lan: port 7(wlan1) entered disabled state
<6>[   15.378211] device wlan1 entered promiscuous mode
<6>[   15.383344] br-lan: port 7(wlan1) entered blocking state
<6>[   15.388672] br-lan: port 7(wlan1) entered forwarding state
<6>[   15.394785] br-lan: port 7(wlan1) entered disabled state
<6>[   16.200760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
<6>[   16.207425] br-lan: port 7(wlan1) entered blocking state
<6>[   16.212854] br-lan: port 7(wlan1) entered forwarding state
<6>[   16.256444] br-lan: port 8(wlan1-1) entered blocking state
<6>[   16.261999] br-lan: port 8(wlan1-1) entered disabled state
<6>[   16.267798] device wlan1-1 entered promiscuous mode
<6>[   16.277186] br-lan: port 8(wlan1-1) entered blocking state
<6>[   16.282724] br-lan: port 8(wlan1-1) entered forwarding state
<6>[   16.294173] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1-1: link becomes ready
<1>[78596.451785] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d8
<1>[78596.460656] Mem abort info:
<1>[78596.463461]   ESR = 0x96000005
<1>[78596.466569]   EC = 0x25: DABT (current EL), IL = 32 bits
<1>[78596.472013]   SET = 0, FnV = 0
<1>[78596.475067]   EA = 0, S1PTW = 0
<1>[78596.478271] Data abort info:
<1>[78596.481162]   ISV = 0, ISS = 0x00000005
<0>[78596.483803] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-512' (offset 116, size 131068)!
<1>[78596.484996]   CM = 0, WnR = 0
<1>[78596.485006] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000041401000
<1>[78596.485013] [00000000000000d8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000
<0>[78596.485036] Internal error: Oops: 96000005 [#1] SMP
<7>[78596.485041] Modules linked in: pppoe ppp_async nft_fib_inet nf_flow_table_ipv6 nf_flow_table_ipv4 nf_flow_table_inet pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_objref nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_counter nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7915e mt7615e mt7615_common mt76_connac_lib mt76 mac80211 cfg80211 slhc nfnetlink nf_reject_ipv6 nf_reject_ipv4
<7>[78596.496197] ------------[ cut here ]------------
<7>[78596.498958]  nf_log_ipv6
<2>[78596.505398] Kernel BUG at 0xffffffc0107f6380 [verbose debug info unavailable]
<7>[78596.514080]  nf_log_ipv4 nf_log_common nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c hwmon crc_ccitt compat seqiv leds_gpio xhci_plat_hcd gpio_button_hotplug
<7>[78596.592498] CPU: 1 PID: 1003 Comm: ubusd Tainted: G S                5.10.143 #0
<7>[78596.599890] Hardware name: Linksys E8450 (UBI) (DT)
<7>[78596.604772] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--)
<7>[78596.610777] pc : 0xffffffc01016ff34
<7>[78596.614265] lr : 0xffffffc01016fec0
<7>[78596.617750] sp : ffffffc0110bb960
<7>[78596.621062] x29: ffffffc0110bb960 x28: 0000000000400cc0 
<7>[78596.626382] x27: 0000000000000003 x26: 0000000000000000 
<7>[78596.631702] x25: ffffffc0110bbbac x24: ffffffc01006ccd0 
<7>[78596.637022] x23: 0000000000400cc0 x22: ffffffc0109f8000 
<7>[78596.642341] x21: 0000000000000000 x20: 0000000000400cc0 
<7>[78596.647660] x19: ffffff8000025a00 x18: 0000000000000000 
<7>[78596.652979] x17: 0000000000000000 x16: 0000000000000000 
<7>[78596.658298] x15: 0000005565b17140 x14: 0000000000000000 
<7>[78596.663616] x13: 0000000000000000 x12: 0000000000000000 
<7>[78596.668934] x11: 0000000000000000 x10: 000000007ffff000 
<7>[78596.674253] x9 : 0000000000000000 x8 : 0000007f8b400140 
<7>[78596.679572] x7 : 0000000000000060 x6 : ffffffc0110bbcc0 
<7>[78596.684890] x5 : 0000000000000003 x4 : fffffffeffe22040 
<7>[78596.690210] x3 : ffffffc0109ea4d0 x2 : 0000000000000070 
<7>[78596.695528] x1 : 0000000000000068 x0 : 000000000246b444 
<7>[78596.700846] Call trace:
<7>[78596.703294]  0xffffffc01016ff34
<7>[78596.706434]  0xffffffc01063800c
<7>[78596.709575]  0xffffffc01063f34c
<7>[78596.712714]  0xffffffc010633190
<7>[78596.715853]  0xffffffc01075ec6c
<7>[78596.718992]  0xffffffc01062cc10
<7>[78596.722132]  0xffffffc01062ff68
<7>[78596.725272]  0xffffffc010630034
<7>[78596.728411]  0xffffffc0106300a0
<7>[78596.731551]  0xffffffc010010f30
<7>[78596.734691]  0xffffffc010010ffc
<7>[78596.737831]  0xffffffc0107fcb74
<7>[78596.740970]  0xffffffc0107fcf90
<7>[78596.744110]  0xffffffc0100025c8
<0>[78596.747261] Code: f100009f fa401824 540009c0 b9402a62 (f8626822) 
<4>[78596.753355] ---[ end trace f316a9ee5e8304d0 ]---

and
dmesg-ramoops-1

<7>[    8.375924] mt7915e 0000:01:00.0: enabling bus mastering
<6>[    8.402814] mt7622-wmac 18000000.wmac: HW/SW Version: 0x8a108a10, Build Time: 20190801210006a
<6>[    8.402814] 
<6>[    8.487977] mt7622-wmac 18000000.wmac: N9 Firmware Version: _reserved_, Build Time: 20220630094834
<6>[    8.568237] mt7915e 0000:01:00.0: HW/SW Version: 0x8a108a10, Build Time: 20211222184017a
<6>[    8.568237] 
<6>[    8.696599] mt7915e 0000:01:00.0: WM Firmware Version: ____000000, Build Time: 20211222184052
<6>[    8.753585] mt7915e 0000:01:00.0: WA Firmware Version: DEV_000000, Build Time: 20211222184111
<6>[    8.902108] PPP generic driver version 2.4.2
<6>[    8.909472] NET: Registered protocol family 24
<14>[    8.917925] kmodloader: done loading kernel modules from /etc/modules.d/*
<6>[   11.620624] mtk_soc_eth 1b100000.ethernet eth0: Link is Down
<6>[   11.631418] mtk_soc_eth 1b100000.ethernet eth0: configuring for fixed/2500base-x link mode
<6>[   11.640320] mtk_soc_eth 1b100000.ethernet eth0: Link is Up - 2.5Gbps/Full - flow control rx/tx
<6>[   11.649131] IPv6: ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
<6>[   11.657806] mt7530 mdio-bus:00 lan1: configuring for phy/gmii link mode
<6>[   11.665384] 8021q: adding VLAN 0 to HW filter on device lan1
<6>[   11.676097] br-lan: port 1(lan1) entered blocking state
<6>[   11.681336] br-lan: port 1(lan1) entered disabled state
<6>[   11.690194] device lan1 entered promiscuous mode
<6>[   11.694869] device eth0 entered promiscuous mode
<6>[   11.708840] mt7530 mdio-bus:00 lan2: configuring for phy/gmii link mode
<6>[   11.716172] 8021q: adding VLAN 0 to HW filter on device lan2
<6>[   11.720450] mt7530 mdio-bus:00 lan2: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   11.724208] br-lan: port 2(lan2) entered blocking state
<6>[   11.734648] br-lan: port 2(lan2) entered disabled state
<6>[   11.740660] device lan2 entered promiscuous mode
<6>[   11.754563] mt7530 mdio-bus:00 lan3: configuring for phy/gmii link mode
<6>[   11.761793] 8021q: adding VLAN 0 to HW filter on device lan3
<6>[   11.766455] mt7530 mdio-bus:00 lan3: Link is Up - 100Mbps/Full - flow control off
<6>[   11.769770] br-lan: port 3(lan3) entered blocking state
<6>[   11.780208] br-lan: port 3(lan3) entered disabled state
<6>[   11.786452] device lan3 entered promiscuous mode
<6>[   11.800006] mt7530 mdio-bus:00 lan4: configuring for phy/gmii link mode
<6>[   11.807236] 8021q: adding VLAN 0 to HW filter on device lan4
<6>[   11.815236] br-lan: port 4(lan4) entered blocking state
<6>[   11.820471] br-lan: port 4(lan4) entered disabled state
<6>[   11.826888] device lan4 entered promiscuous mode
<6>[   11.840568] mt7530 mdio-bus:00 wan: configuring for phy/gmii link mode
<6>[   11.847799] 8021q: adding VLAN 0 to HW filter on device wan
<6>[   11.857991] mt7530 mdio-bus:00 wan: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   11.867916] br-lan: port 5(wan) entered blocking state
<6>[   11.873129] br-lan: port 5(wan) entered disabled state
<6>[   11.879585] device wan entered promiscuous mode
<6>[   11.897090] br-lan: port 5(wan) entered blocking state
<6>[   11.902275] br-lan: port 5(wan) entered forwarding state
<6>[   11.907676] br-lan: port 3(lan3) entered blocking state
<6>[   11.912942] br-lan: port 3(lan3) entered forwarding state
<6>[   11.918442] br-lan: port 2(lan2) entered blocking state
<6>[   11.923712] br-lan: port 2(lan2) entered forwarding state
<6>[   14.158662] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
<6>[   14.377778] mt7530 mdio-bus:00 lan1: Link is Up - 1Gbps/Full - flow control rx/tx
<6>[   14.385424] br-lan: port 1(lan1) entered blocking state
<6>[   14.390657] br-lan: port 1(lan1) entered forwarding state
<6>[   14.582186] br-lan: port 6(wlan0) entered blocking state
<6>[   14.587514] br-lan: port 6(wlan0) entered disabled state
<6>[   14.593174] device wlan0 entered promiscuous mode
<6>[   14.598072] br-lan: port 6(wlan0) entered blocking state
<6>[   14.603447] br-lan: port 6(wlan0) entered forwarding state
<6>[   14.855515] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
<6>[   15.367034] br-lan: port 7(wlan1) entered blocking state
<6>[   15.372491] br-lan: port 7(wlan1) entered disabled state
<6>[   15.378211] device wlan1 entered promiscuous mode
<6>[   15.383344] br-lan: port 7(wlan1) entered blocking state
<6>[   15.388672] br-lan: port 7(wlan1) entered forwarding state
<6>[   15.394785] br-lan: port 7(wlan1) entered disabled state
<6>[   16.200760] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
<6>[   16.207425] br-lan: port 7(wlan1) entered blocking state
<6>[   16.212854] br-lan: port 7(wlan1) entered forwarding state
<6>[   16.256444] br-lan: port 8(wlan1-1) entered blocking state
<6>[   16.261999] br-lan: port 8(wlan1-1) entered disabled state
<6>[   16.267798] device wlan1-1 entered promiscuous mode
<6>[   16.277186] br-lan: port 8(wlan1-1) entered blocking state
<6>[   16.282724] br-lan: port 8(wlan1-1) entered forwarding state
<6>[   16.294173] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1-1: link becomes ready
<1>[78596.451785] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d8
<1>[78596.460656] Mem abort info:
<1>[78596.463461]   ESR = 0x96000005
<1>[78596.466569]   EC = 0x25: DABT (current EL), IL = 32 bits
<1>[78596.472013]   SET = 0, FnV = 0
<1>[78596.475067]   EA = 0, S1PTW = 0
<1>[78596.478271] Data abort info:
<1>[78596.481162]   ISV = 0, ISS = 0x00000005
<0>[78596.483803] usercopy: Kernel memory exposure attempt detected from SLUB object 'kmalloc-512' (offset 116, size 131068)!
<1>[78596.484996]   CM = 0, WnR = 0
<1>[78596.485006] user pgtable: 4k pages, 39-bit VAs, pgdp=0000000041401000
<1>[78596.485013] [00000000000000d8] pgd=0000000000000000, p4d=0000000000000000, pud=0000000000000000
<0>[78596.485036] Internal error: Oops: 96000005 [#1] SMP
<7>[78596.485041] Modules linked in: pppoe ppp_async nft_fib_inet nf_flow_table_ipv6 nf_flow_table_ipv4 nf_flow_table_inet pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_objref nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_counter nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7915e mt7615e mt7615_common mt76_connac_lib mt76 mac80211 cfg80211 slhc nfnetlink nf_reject_ipv6 nf_reject_ipv4
<7>[78596.496197] ------------[ cut here ]------------
<7>[78596.498958]  nf_log_ipv6
<2>[78596.505398] Kernel BUG at 0xffffffc0107f6380 [verbose debug info unavailable]
<7>[78596.514080]  nf_log_ipv4 nf_log_common nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c hwmon crc_ccitt compat seqiv leds_gpio xhci_plat_hcd gpio_button_hotplug
<7>[78596.592498] CPU: 1 PID: 1003 Comm: ubusd Tainted: G S                5.10.143 #0
<7>[78596.599890] Hardware name: Linksys E8450 (UBI) (DT)
<7>[78596.604772] pstate: 20000005 (nzCv daif -PAN -UAO -TCO BTYPE=--)
<7>[78596.610777] pc : 0xffffffc01016ff34
<7>[78596.614265] lr : 0xffffffc01016fec0
<7>[78596.617750] sp : ffffffc0110bb960
<7>[78596.621062] x29: ffffffc0110bb960 x28: 0000000000400cc0 
<7>[78596.626382] x27: 0000000000000003 x26: 0000000000000000 
<7>[78596.631702] x25: ffffffc0110bbbac x24: ffffffc01006ccd0 
<7>[78596.637022] x23: 0000000000400cc0 x22: ffffffc0109f8000 
<7>[78596.642341] x21: 0000000000000000 x20: 0000000000400cc0 
<7>[78596.647660] x19: ffffff8000025a00 x18: 0000000000000000 
<7>[78596.652979] x17: 0000000000000000 x16: 0000000000000000 
<7>[78596.658298] x15: 0000005565b17140 x14: 0000000000000000 
<7>[78596.663616] x13: 0000000000000000 x12: 0000000000000000 
<7>[78596.668934] x11: 0000000000000000 x10: 000000007ffff000 
<7>[78596.674253] x9 : 0000000000000000 x8 : 0000007f8b400140 
<7>[78596.679572] x7 : 0000000000000060 x6 : ffffffc0110bbcc0 
<7>[78596.684890] x5 : 0000000000000003 x4 : fffffffeffe22040 
<7>[78596.690210] x3 : ffffffc0109ea4d0 x2 : 0000000000000070 
<7>[78596.695528] x1 : 0000000000000068 x0 : 000000000246b444 
<7>[78596.700846] Call trace:
<7>[78596.703294]  0xffffffc01016ff34
<7>[78596.706434]  0xffffffc01063800c
<7>[78596.709575]  0xffffffc01063f34c
<7>[78596.712714]  0xffffffc010633190
<7>[78596.715853]  0xffffffc01075ec6c
<7>[78596.718992]  0xffffffc01062cc10
<7>[78596.722132]  0xffffffc01062ff68
<7>[78596.725272]  0xffffffc010630034
<7>[78596.728411]  0xffffffc0106300a0
<7>[78596.731551]  0xffffffc010010f30
<7>[78596.734691]  0xffffffc010010ffc
<7>[78596.737831]  0xffffffc0107fcb74
<7>[78596.740970]  0xffffffc0107fcf90
<7>[78596.744110]  0xffffffc0100025c8
<0>[78596.747261] Code: f100009f fa401824 540009c0 b9402a62 (f8626822) 
<4>[78596.753355] ---[ end trace f316a9ee5e8304d0 ]---
<0>[78596.776887] Kernel panic - not syncing: Oops: Fatal exception
<2>[78596.782639] SMP: stopping secondary CPUs
<4>[78597.921225] SMP: failed to stop secondary CPUs 0-1
<0>[78597.926013] Kernel Offset: disabled
<0>[78597.929501] CPU features: 0x00000002,04002004
<0>[78597.933854] Memory Limit: none

diff between the two:

diff --git a/network/bug/dmesg-ramoops-0 b/network/bug/dmesg-ramoops-1
index a7c1e75..a366cc9 100644
--- a/network/bug/dmesg-ramoops-0
+++ b/network/bug/dmesg-ramoops-1
@@ -1,9 +1,4 @@
-Oops#1 Part1
-<6>[    8.278919] Backport generated by backports.git v5.15.58-1-0-g42a95ce7
-<7>[    8.348438] ieee80211 phy0: Selected rate control algorithm 'minstrel_ht'
-<7>[    8.359648] mt7915e 0000:01:00.0: assign IRQ: got 150
-<7>[    8.364811] pci 0000:00:00.0: enabling bus mastering
-<6>[    8.369793] mt7915e 0000:01:00.0: enabling device (0000 -> 0002)
+Panic#2 Part1
 <7>[    8.375924] mt7915e 0000:01:00.0: enabling bus mastering
 <6>[    8.402814] mt7622-wmac 18000000.wmac: HW/SW Version: 0x8a108a10, Build Time: 20190801210006a
 <6>[    8.402814] 
@@ -135,3 +130,9 @@ Oops#1 Part1
 <7>[78596.744110]  0xffffffc0100025c8
 <0>[78596.747261] Code: f100009f fa401824 540009c0 b9402a62 (f8626822) 
 <4>[78596.753355] ---[ end trace f316a9ee5e8304d0 ]---
+<0>[78596.776887] Kernel panic - not syncing: Oops: Fatal exception
+<2>[78596.782639] SMP: stopping secondary CPUs
+<4>[78597.921225] SMP: failed to stop secondary CPUs 0-1
+<0>[78597.926013] Kernel Offset: disabled
+<0>[78597.929501] CPU features: 0x00000002,04002004
+<0>[78597.933854] Memory Limit: none

Btw:
A big Thank You. I have replaced all my Archer C7 with the Belkin rt3200.
It is really great to see the active development and caring community which already yielded in a rock solid router/AP.
Here they are running just fine with DAWN, wireguard VPN, Adblock, SQM, VLANs.
Even the latest features work reasonably well: I enabled WED with bridger on the APs. Performance rocks allthough mobile devices end up with wifi connected but no internet sometimes until I reboot an AP

Thank you also to you @darksky for updating

2 Likes

First guess is some pointer error in the driver, where the main pointer variable is 0 (wrong), and just the data structure offset d8 gets added to the 0.

Is there an easy way to move from SNAPSHOT - r20813-3968529285 to 23.03.2 please?

Honestly, I am very confused. AUC is offering only 23.03.1 and looks like it would need to downgrade various componets if I took it (which would make sense). ASU is only offering further snapshots.

At the time of writing https://git.openwrt.org/?p=openwrt/openwrt.git;a=shortlog;h=refs/heads/openwrt-22.03 suggests that 22.03.2 is the very latest build (more recent than the latest snapshot -
SNAPSHOT (r20954-cb24be47ff) ) but I don't know if I can / should switch to it. I think it's time to move away from snapshots as major fixes get backported to the releases? Am I getting this all wrong?

I am still very confused about the various OpenWrt branches but I'd like to update my platform without reinstalling and reconfiguring packages from scratch.

By the way, this is still a test router so I don't mind some cutting edge / bleeding edge risk...

Well, you are now in the development master, and you seem to want to downgrade into the stable release branch 22.03 (mainly from 2002 March + bug fixes).

See this:

2 Likes

Thank you for your reply.

Well, you are now in the development master, and you seem to want to downgrade into the stable release branch 22.03 (mainly from 2002 March + bug fixes).

Oh, am I? I thought the development master - specifically I mean this https://git.openwrt.org/?p=openwrt/openwrt.git;a=shortlog;h=refs/heads/master , was something I could only compile/build myself? Now I'm even more confused!

No, the "snaphosts" are daily made from all active branches (master, 22.03 and 21.02). The SNAPSHOT by itself does not yet specify the branch.

Master snapshots are offered by the page (for the enthusiasts) while the release branch snapshots are somewhat hidden.

https://downloads.openwrt.org/

Ps.

22.03 snapshots:

1 Like

Thank you. I'm starting to understand this better. Perhaps I will start again running stable releases on the spare RT3200 I have (which is still running stock firmware).

I recently been using ASU to perform the upgrades, after first checking that the one I'm about to install is the latest snapshot listed here https://firmware-selector.openwrt.org/

Ps.

22.03 snapshots:

https://downloads.openwrt.org/releases/22.03-SNAPSHOT/

So am I right in thinking that if I switched from SNAPSHOT - r20813-3968529285 to these 22.03 snapshots somehow, files on my RT3200 may be newer than those included in the 22.03 snapshots?

If I understand correctly, thesee 22.03 snapshots are not the nightly snapshots I am currently running one of!