hcxdumptool: Intel AX201 driver errors due to broken driver

Hi,

I think when I bought the new Lenovo Thinkpad X1 Yoga (Gen 6) I was able to use hcxdumptool without any issues. Now, after a few months using the laptop, when I tried again, I got many driver errors and it seems like injection is not working as good as before. Of course, in the meantime there have been BIOS updates, kernel updates, firmware updates… so it’s hard for me to debug this.

Maybe here someone can help me to debug and try to find the real issue here, and open a bug in the proper project upstream (Lenovo support, linux kernel, iwlwifi…).

This laptop has an Intel AX201 chipset. Please let me know what logs or information would be useful to share here and I will try to share as soon as possible. For the moment I copy-paste what I see in dmesg error messages when I call hcxdumptool.

[ 1566.917386] RIP: 0033:0x7f6620e3b59b
[ 1566.917392] Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a5 a8 0c 00 f7 d8 64 89 01 48
[ 1566.917395] RSP: 002b:00007ffc67e86bb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1566.917401] RAX: ffffffffffffffda RBX: 00000000000000a9 RCX: 00007f6620e3b59b
[ 1566.917404] RDX: 0000564320407da0 RSI: 0000000000008b04 RDI: 0000000000000003
[ 1566.917406] RBP: 0000000000000025 R08: 0000000000000002 R09: 006e6f6d33663032
[ 1566.917408] R10: 000000000000001a R11: 0000000000000246 R12: 0000564320407da0
[ 1566.917410] R13: 0000000000000003 R14: 00005643203f4040 R15: 00007ffc67e87de7
[ 1566.917417] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1566.917420] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1566.917447] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1566.917450] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1566.917456] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1566.917458] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1566.917464] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1566.917466] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.321266] iwlwifi 0000:00:14.3: Microcode SW error detected. Restarting 0x0.
[ 1574.322399] iwlwifi 0000:00:14.3: Start IWL Error Log Dump:
[ 1574.322401] iwlwifi 0000:00:14.3: Status: 0x00000040, count: 6
[ 1574.322404] iwlwifi 0000:00:14.3: Loaded firmware version: 62.49eeb572.0 QuZ-a0-hr-b0-62.ucode
[ 1574.322407] iwlwifi 0000:00:14.3: 0x0000125F | ADVANCED_SYSASSERT
[ 1574.322411] iwlwifi 0000:00:14.3: 0x0080A210 | trm_hw_status0
[ 1574.322413] iwlwifi 0000:00:14.3: 0x00000000 | trm_hw_status1
[ 1574.322415] iwlwifi 0000:00:14.3: 0x004CAEFE | branchlink2
[ 1574.322417] iwlwifi 0000:00:14.3: 0x000015E2 | interruptlink1
[ 1574.322418] iwlwifi 0000:00:14.3: 0x000015E2 | interruptlink2
[ 1574.322420] iwlwifi 0000:00:14.3: 0x00000001 | data1
[ 1574.322422] iwlwifi 0000:00:14.3: 0xDEADBEEF | data2
[ 1574.322424] iwlwifi 0000:00:14.3: 0xDEADBEEF | data3
[ 1574.322426] iwlwifi 0000:00:14.3: 0x00000000 | beacon time
[ 1574.322428] iwlwifi 0000:00:14.3: 0x002095BC | tsf low
[ 1574.322429] iwlwifi 0000:00:14.3: 0x00000000 | tsf hi
[ 1574.322431] iwlwifi 0000:00:14.3: 0x00000000 | time gp1
[ 1574.322433] iwlwifi 0000:00:14.3: 0x0020FC23 | time gp2
[ 1574.322435] iwlwifi 0000:00:14.3: 0x00000001 | uCode revision type
[ 1574.322436] iwlwifi 0000:00:14.3: 0x0000003E | uCode version major
[ 1574.322438] iwlwifi 0000:00:14.3: 0x49EEB572 | uCode version minor
[ 1574.322440] iwlwifi 0000:00:14.3: 0x00000351 | hw version
[ 1574.322442] iwlwifi 0000:00:14.3: 0x00489004 | board version
[ 1574.322444] iwlwifi 0000:00:14.3: 0x801DFC27 | hcmd
[ 1574.322446] iwlwifi 0000:00:14.3: 0x24020000 | isr0
[ 1574.322447] iwlwifi 0000:00:14.3: 0x01000000 | isr1
[ 1574.322449] iwlwifi 0000:00:14.3: 0x00B00002 | isr2
[ 1574.322451] iwlwifi 0000:00:14.3: 0x00C0000D | isr3
[ 1574.322452] iwlwifi 0000:00:14.3: 0x00000000 | isr4
[ 1574.322454] iwlwifi 0000:00:14.3: 0x0106001C | last cmd Id
[ 1574.322456] iwlwifi 0000:00:14.3: 0x0000AD62 | wait_event
[ 1574.322458] iwlwifi 0000:00:14.3: 0x00000080 | l2p_control
[ 1574.322459] iwlwifi 0000:00:14.3: 0x00010034 | l2p_duration
[ 1574.322461] iwlwifi 0000:00:14.3: 0x0000003F | l2p_mhvalid
[ 1574.322463] iwlwifi 0000:00:14.3: 0x00008000 | l2p_addr_match
[ 1574.322465] iwlwifi 0000:00:14.3: 0x0000000B | lmpm_pmg_sel
[ 1574.322467] iwlwifi 0000:00:14.3: 0x00000000 | timestamp
[ 1574.322469] iwlwifi 0000:00:14.3: 0x00D0D020 | flow_handler
[ 1574.322586] iwlwifi 0000:00:14.3: Start IWL Error Log Dump:
[ 1574.322588] iwlwifi 0000:00:14.3: Status: 0x00000040, count: 7
[ 1574.322590] iwlwifi 0000:00:14.3: 0x20000070 | NMI_INTERRUPT_LMAC_FATAL
[ 1574.322592] iwlwifi 0000:00:14.3: 0x00000000 | umac branchlink1
[ 1574.322594] iwlwifi 0000:00:14.3: 0x80454C8A | umac branchlink2
[ 1574.322595] iwlwifi 0000:00:14.3: 0x80473A88 | umac interruptlink1
[ 1574.322597] iwlwifi 0000:00:14.3: 0x80466C8A | umac interruptlink2
[ 1574.322599] iwlwifi 0000:00:14.3: 0x00000400 | umac data1
[ 1574.322601] iwlwifi 0000:00:14.3: 0x80466C8A | umac data2
[ 1574.322602] iwlwifi 0000:00:14.3: 0x00000000 | umac data3
[ 1574.322604] iwlwifi 0000:00:14.3: 0x0000003E | umac major
[ 1574.322606] iwlwifi 0000:00:14.3: 0x49EEB572 | umac minor
[ 1574.322607] iwlwifi 0000:00:14.3: 0x0020FC51 | frame pointer
[ 1574.322609] iwlwifi 0000:00:14.3: 0xC0887EF4 | stack pointer
[ 1574.322611] iwlwifi 0000:00:14.3: 0x00080119 | last host cmd
[ 1574.322612] iwlwifi 0000:00:14.3: 0x00200040 | isr status reg
[ 1574.322779] iwlwifi 0000:00:14.3: IML/ROM dump:
[ 1574.322780] iwlwifi 0000:00:14.3: 0x00000003 | IML/ROM error/state
[ 1574.322867] iwlwifi 0000:00:14.3: 0x00006082 | IML/ROM data1
[ 1574.322906] iwlwifi 0000:00:14.3: 0x00000080 | IML/ROM WFPM_AUTH_KEY_0
[ 1574.322952] iwlwifi 0000:00:14.3: Fseq Registers:
[ 1574.322983] iwlwifi 0000:00:14.3: 0x20000000 | FSEQ_ERROR_CODE
[ 1574.323008] iwlwifi 0000:00:14.3: 0x80290033 | FSEQ_TOP_INIT_VERSION
[ 1574.323035] iwlwifi 0000:00:14.3: 0x00090006 | FSEQ_CNVIO_INIT_VERSION
[ 1574.323061] iwlwifi 0000:00:14.3: 0x0000A482 | FSEQ_OTP_VERSION
[ 1574.323088] iwlwifi 0000:00:14.3: 0x00000003 | FSEQ_TOP_CONTENT_VERSION
[ 1574.323114] iwlwifi 0000:00:14.3: 0x4552414E | FSEQ_ALIVE_TOKEN
[ 1574.323139] iwlwifi 0000:00:14.3: 0x20000302 | FSEQ_CNVI_ID
[ 1574.323164] iwlwifi 0000:00:14.3: 0x01300504 | FSEQ_CNVR_ID
[ 1574.323190] iwlwifi 0000:00:14.3: 0x20000302 | CNVI_AUX_MISC_CHIP
[ 1574.323218] iwlwifi 0000:00:14.3: 0x01300504 | CNVR_AUX_MISC_CHIP
[ 1574.323247] iwlwifi 0000:00:14.3: 0x05B0905B | CNVR_SCU_SD_REGS_SD_REG_DIG_DCDC_VTRIM
[ 1574.323283] iwlwifi 0000:00:14.3: 0x0000025B | CNVR_SCU_SD_REGS_SD_REG_ACTIVE_VDIG_MIRROR
[ 1574.324934] iwlwifi 0000:00:14.3: WRT: Collecting data: ini trigger 4 fired (delay=0ms).
[ 1574.324942] ieee80211 phy0: Hardware restart was requested
[ 1574.325047] iwlwifi 0000:00:14.3: FW error in SYNC CMD REMOVE_STA
[ 1574.325054] CPU: 2 PID: 3505 Comm: hcxdumptool Not tainted 5.13.13-arch1-1 #1
[ 1574.325059] Hardware name: LENOVO 20XYCTO1WW/20XYCTO1WW, BIOS N32ET68W (1.44 ) 07/16/2021
[ 1574.325062] Call Trace:
[ 1574.325069]  dump_stack+0x76/0x94
[ 1574.325081]  iwl_trans_txq_send_hcmd+0x47f/0x490 [iwlwifi]
[ 1574.325114]  ? do_wait_intr_irq+0xc0/0xc0
[ 1574.325121]  iwl_trans_send_cmd+0x84/0xe0 [iwlwifi]
[ 1574.325147]  iwl_mvm_send_cmd_pdu+0x5c/0xa0 [iwlmvm]
[ 1574.325172]  iwl_mvm_rm_sta_common+0x58/0xc0 [iwlmvm]
[ 1574.325194]  iwl_mvm_rm_snif_sta+0x3b/0x70 [iwlmvm]
[ 1574.325212]  __iwl_mvm_unassign_vif_chanctx.constprop.0+0xc1/0x160 [iwlmvm]
[ 1574.325228]  iwl_mvm_unassign_vif_chanctx+0x2e/0x40 [iwlmvm]
[ 1574.325244]  ieee80211_assign_vif_chanctx+0x88/0x480 [mac80211]
[ 1574.325318]  __ieee80211_vif_release_channel+0x4f/0x130 [mac80211]
[ 1574.325371]  ieee80211_vif_release_channel+0x3a/0x50 [mac80211]
[ 1574.325420]  ieee80211_set_monitor_channel+0x5d/0x140 [mac80211]
[ 1574.325475]  cfg80211_set_monitor_channel+0x56/0x120 [cfg80211]
[ 1574.325538]  __cfg80211_wext_siwfreq+0x176/0x1b0 [cfg80211]
[ 1574.325599]  ioctl_standard_call+0x4a/0x100
[ 1574.325605]  wext_handle_ioctl+0x15e/0x1a0
[ 1574.325610]  sock_ioctl+0x244/0x360
[ 1574.325617]  __x64_sys_ioctl+0x7f/0xb0
[ 1574.325625]  do_syscall_64+0x5e/0x80
[ 1574.325630]  ? do_syscall_64+0x6e/0x80
[ 1574.325633]  ? syscall_exit_to_user_mode+0x23/0x50
[ 1574.325638]  ? do_syscall_64+0x6e/0x80
[ 1574.325641]  ? do_syscall_64+0x6e/0x80
[ 1574.325644]  ? syscall_exit_to_user_mode+0x23/0x50
[ 1574.325648]  ? do_syscall_64+0x6e/0x80
[ 1574.325651]  ? do_syscall_64+0x6e/0x80
[ 1574.325654]  ? do_syscall_64+0x6e/0x80
[ 1574.325656]  ? do_syscall_64+0x6e/0x80
[ 1574.325660]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1574.325667] RIP: 0033:0x7f6620e3b59b
[ 1574.325673] Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a5 a8 0c 00 f7 d8 64 89 01 48
[ 1574.325676] RSP: 002b:00007ffc67e86ba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1574.325682] RAX: ffffffffffffffda RBX: 000056432046f8c0 RCX: 00007f6620e3b59b
[ 1574.325684] RDX: 0000564320407de0 RSI: 0000000000008b04 RDI: 0000000000000003
[ 1574.325687] RBP: 0000564320407060 R08: 0000000000000002 R09: 006e6f6d33663032
[ 1574.325689] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000003
[ 1574.325691] R13: 00005643203f4040 R14: 0000564320407de0 R15: 0000564320407300
[ 1574.325713] iwlwifi 0000:00:14.3: Failed to remove station. Id=1
[ 1574.325717] iwlwifi 0000:00:14.3: Failed sending remove station
[ 1574.325721] iwlwifi 0000:00:14.3: Failed to send binding (action:3): -5
[ 1574.325735] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325744] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325746] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325772] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325773] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325778] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325780] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325784] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325786] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325790] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325792] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325797] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325798] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1574.325803] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1574.325805] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.581586] iwlwifi 0000:00:14.3: Microcode SW error detected. Restarting 0x0.
[ 1580.581698] iwlwifi 0000:00:14.3: Start IWL Error Log Dump:
[ 1580.581700] iwlwifi 0000:00:14.3: Status: 0x00000040, count: 6
[ 1580.581703] iwlwifi 0000:00:14.3: Loaded firmware version: 62.49eeb572.0 QuZ-a0-hr-b0-62.ucode
[ 1580.581706] iwlwifi 0000:00:14.3: 0x00000034 | NMI_INTERRUPT_WDG
[ 1580.581710] iwlwifi 0000:00:14.3: 0x000022F3 | trm_hw_status0
[ 1580.581712] iwlwifi 0000:00:14.3: 0x00000000 | trm_hw_status1
[ 1580.581714] iwlwifi 0000:00:14.3: 0x004CAEFE | branchlink2
[ 1580.581716] iwlwifi 0000:00:14.3: 0x000143CC | interruptlink1
[ 1580.581718] iwlwifi 0000:00:14.3: 0x000143CC | interruptlink2
[ 1580.581720] iwlwifi 0000:00:14.3: 0x004C9C06 | data1
[ 1580.581722] iwlwifi 0000:00:14.3: 0x00000000 | data2
[ 1580.581724] iwlwifi 0000:00:14.3: 0x00000000 | data3
[ 1580.581726] iwlwifi 0000:00:14.3: 0x00000000 | beacon time
[ 1580.581728] iwlwifi 0000:00:14.3: 0x00000000 | tsf low
[ 1580.581729] iwlwifi 0000:00:14.3: 0x00000000 | tsf hi
[ 1580.581731] iwlwifi 0000:00:14.3: 0x00000000 | time gp1
[ 1580.581733] iwlwifi 0000:00:14.3: 0x00065B71 | time gp2
[ 1580.581735] iwlwifi 0000:00:14.3: 0x00000001 | uCode revision type
[ 1580.581737] iwlwifi 0000:00:14.3: 0x0000003E | uCode version major
[ 1580.581739] iwlwifi 0000:00:14.3: 0x49EEB572 | uCode version minor
[ 1580.581741] iwlwifi 0000:00:14.3: 0x00000351 | hw version
[ 1580.581743] iwlwifi 0000:00:14.3: 0x00489004 | board version
[ 1580.581745] iwlwifi 0000:00:14.3: 0x8053FC12 | hcmd
[ 1580.581747] iwlwifi 0000:00:14.3: 0x62EA8400 | isr0
[ 1580.581749] iwlwifi 0000:00:14.3: 0x40000000 | isr1
[ 1580.581750] iwlwifi 0000:00:14.3: 0x08F80002 | isr2
[ 1580.581752] iwlwifi 0000:00:14.3: 0x04C37FDC | isr3
[ 1580.581754] iwlwifi 0000:00:14.3: 0x00000000 | isr4
[ 1580.581756] iwlwifi 0000:00:14.3: 0x00120148 | last cmd Id
[ 1580.581758] iwlwifi 0000:00:14.3: 0x004C9C06 | wait_event
[ 1580.581760] iwlwifi 0000:00:14.3: 0x00000000 | l2p_control
[ 1580.581762] iwlwifi 0000:00:14.3: 0x00001C20 | l2p_duration
[ 1580.581764] iwlwifi 0000:00:14.3: 0x00000000 | l2p_mhvalid
[ 1580.581765] iwlwifi 0000:00:14.3: 0x00000000 | l2p_addr_match
[ 1580.581767] iwlwifi 0000:00:14.3: 0x00000009 | lmpm_pmg_sel
[ 1580.581769] iwlwifi 0000:00:14.3: 0x00000000 | timestamp
[ 1580.581771] iwlwifi 0000:00:14.3: 0x00001854 | flow_handler
[ 1580.581827] iwlwifi 0000:00:14.3: Start IWL Error Log Dump:
[ 1580.581829] iwlwifi 0000:00:14.3: Status: 0x00000040, count: 7
[ 1580.581832] iwlwifi 0000:00:14.3: 0x20000070 | NMI_INTERRUPT_LMAC_FATAL
[ 1580.581834] iwlwifi 0000:00:14.3: 0x00000000 | umac branchlink1
[ 1580.581836] iwlwifi 0000:00:14.3: 0x80454C8A | umac branchlink2
[ 1580.581838] iwlwifi 0000:00:14.3: 0x80473A88 | umac interruptlink1
[ 1580.581840] iwlwifi 0000:00:14.3: 0x80473A88 | umac interruptlink2
[ 1580.581842] iwlwifi 0000:00:14.3: 0x00000400 | umac data1
[ 1580.581843] iwlwifi 0000:00:14.3: 0x80473A88 | umac data2
[ 1580.581845] iwlwifi 0000:00:14.3: 0x00000000 | umac data3
[ 1580.581847] iwlwifi 0000:00:14.3: 0x0000003E | umac major
[ 1580.581849] iwlwifi 0000:00:14.3: 0x49EEB572 | umac minor
[ 1580.581851] iwlwifi 0000:00:14.3: 0x00065BC8 | frame pointer
[ 1580.581853] iwlwifi 0000:00:14.3: 0xC0886270 | stack pointer
[ 1580.581854] iwlwifi 0000:00:14.3: 0x001B0119 | last host cmd
[ 1580.581856] iwlwifi 0000:00:14.3: 0x00000000 | isr status reg
[ 1580.581891] iwlwifi 0000:00:14.3: IML/ROM dump:
[ 1580.581892] iwlwifi 0000:00:14.3: 0x00000003 | IML/ROM error/state
[ 1580.581908] iwlwifi 0000:00:14.3: 0x00006071 | IML/ROM data1
[ 1580.581919] iwlwifi 0000:00:14.3: 0x00000080 | IML/ROM WFPM_AUTH_KEY_0
[ 1580.581973] iwlwifi 0000:00:14.3: Fseq Registers:
[ 1580.581979] iwlwifi 0000:00:14.3: 0x20000000 | FSEQ_ERROR_CODE
[ 1580.581986] iwlwifi 0000:00:14.3: 0x80290033 | FSEQ_TOP_INIT_VERSION
[ 1580.582004] iwlwifi 0000:00:14.3: 0x00090006 | FSEQ_CNVIO_INIT_VERSION
[ 1580.582010] iwlwifi 0000:00:14.3: 0x0000A482 | FSEQ_OTP_VERSION
[ 1580.582016] iwlwifi 0000:00:14.3: 0x00000003 | FSEQ_TOP_CONTENT_VERSION
[ 1580.582022] iwlwifi 0000:00:14.3: 0x4552414E | FSEQ_ALIVE_TOKEN
[ 1580.582028] iwlwifi 0000:00:14.3: 0x20000302 | FSEQ_CNVI_ID
[ 1580.582035] iwlwifi 0000:00:14.3: 0x01300504 | FSEQ_CNVR_ID
[ 1580.582041] iwlwifi 0000:00:14.3: 0x20000302 | CNVI_AUX_MISC_CHIP
[ 1580.582051] iwlwifi 0000:00:14.3: 0x01300504 | CNVR_AUX_MISC_CHIP
[ 1580.582062] iwlwifi 0000:00:14.3: 0x05B0905B | CNVR_SCU_SD_REGS_SD_REG_DIG_DCDC_VTRIM
[ 1580.582083] iwlwifi 0000:00:14.3: 0x0000025B | CNVR_SCU_SD_REGS_SD_REG_ACTIVE_VDIG_MIRROR
[ 1580.582266] iwlwifi 0000:00:14.3: WRT: Collecting data: ini trigger 4 fired (delay=0ms).
[ 1580.582274] ieee80211 phy0: Hardware restart was requested
[ 1580.582377] iwlwifi 0000:00:14.3: FW error in SYNC CMD REMOVE_STA
[ 1580.582383] CPU: 2 PID: 3505 Comm: hcxdumptool Not tainted 5.13.13-arch1-1 #1
[ 1580.582388] Hardware name: LENOVO 20XYCTO1WW/20XYCTO1WW, BIOS N32ET68W (1.44 ) 07/16/2021
[ 1580.582391] Call Trace:
[ 1580.582395]  dump_stack+0x76/0x94
[ 1580.582406]  iwl_trans_txq_send_hcmd+0x47f/0x490 [iwlwifi]
[ 1580.582447]  ? do_wait_intr_irq+0xc0/0xc0
[ 1580.582453]  iwl_trans_send_cmd+0x84/0xe0 [iwlwifi]
[ 1580.582481]  iwl_mvm_send_cmd_pdu+0x5c/0xa0 [iwlmvm]
[ 1580.582505]  iwl_mvm_rm_sta_common+0x58/0xc0 [iwlmvm]
[ 1580.582528]  iwl_mvm_rm_snif_sta+0x3b/0x70 [iwlmvm]
[ 1580.582548]  __iwl_mvm_unassign_vif_chanctx.constprop.0+0xc1/0x160 [iwlmvm]
[ 1580.582567]  iwl_mvm_unassign_vif_chanctx+0x2e/0x40 [iwlmvm]
[ 1580.582585]  ieee80211_assign_vif_chanctx+0x88/0x480 [mac80211]
[ 1580.582661]  __ieee80211_vif_release_channel+0x4f/0x130 [mac80211]
[ 1580.582718]  ieee80211_vif_release_channel+0x3a/0x50 [mac80211]
[ 1580.582771]  ieee80211_set_monitor_channel+0x5d/0x140 [mac80211]
[ 1580.582829]  cfg80211_set_monitor_channel+0x56/0x120 [cfg80211]
[ 1580.582895]  __cfg80211_wext_siwfreq+0x176/0x1b0 [cfg80211]
[ 1580.582961]  ioctl_standard_call+0x4a/0x100
[ 1580.582968]  wext_handle_ioctl+0x15e/0x1a0
[ 1580.582973]  sock_ioctl+0x244/0x360
[ 1580.582980]  __x64_sys_ioctl+0x7f/0xb0
[ 1580.582988]  do_syscall_64+0x5e/0x80
[ 1580.582993]  ? syscall_exit_to_user_mode+0x23/0x50
[ 1580.582998]  ? do_syscall_64+0x6e/0x80
[ 1580.583002]  ? do_syscall_64+0x6e/0x80
[ 1580.583005]  ? do_syscall_64+0x6e/0x80
[ 1580.583008]  ? do_syscall_64+0x6e/0x80
[ 1580.583011]  entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 1580.583018] RIP: 0033:0x7f6620e3b59b
[ 1580.583024] Code: ff ff ff 85 c0 79 9b 49 c7 c4 ff ff ff ff 5b 5d 4c 89 e0 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a5 a8 0c 00 f7 d8 64 89 01 48
[ 1580.583029] RSP: 002b:00007ffc67e86ba8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1580.583034] RAX: ffffffffffffffda RBX: 000056432046f8c0 RCX: 00007f6620e3b59b
[ 1580.583037] RDX: 0000564320407de0 RSI: 0000000000008b04 RDI: 0000000000000003
[ 1580.583040] RBP: 0000564320407060 R08: 0000000000000002 R09: 006e6f6d33663032
[ 1580.583042] R10: 000000000000001a R11: 0000000000000246 R12: 0000000000000003
[ 1580.583044] R13: 00005643203f4040 R14: 0000564320407de0 R15: 0000564320407300
[ 1580.583054] iwlwifi 0000:00:14.3: Failed to remove station. Id=1
[ 1580.583058] iwlwifi 0000:00:14.3: Failed sending remove station
[ 1580.583062] iwlwifi 0000:00:14.3: Failed to send binding (action:3): -5
[ 1580.583076] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583085] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583087] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583116] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583118] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583123] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583125] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583130] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583132] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583138] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583140] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583145] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583147] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.583152] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.583154] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1580.959388] iwlwifi 0000:00:14.3: PHY ctxt cmd error. ret=-5
[ 1580.959390] iwlwifi 0000:00:14.3: Failed to add PHY context
[ 1585.691559] device wlp0s20f3mon left promiscuous mode

By the way, I am running Arch Linux, and I tried with official pacakges linux (5.13.13) and linux-lts (5.10.61), as well as compiled linux-mainline (5.14.0). With all I get similar error messages.

I also realized that initialization phase takes too long and it puts one core to work 100% for a few seconds. I don’t think that was the case in the past, and using airmon-ng to enable monitor mode seems to work better for me now.

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 34 (21 by maintainers)

Commits related to this issue

Most upvoted comments

SInce v6.3.0 WEXT is completely removed and replaced by RTNETLINK and NL80211 (as suggested by the iwlwifi driver maintainer). According to this https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi packet injection is not mentioned (only sniffer mode).

or this https://wireless.wiki.kernel.org/en/users/drivers/iwlwifi#about_the_monitorsniffer_mode "This will put lots of pressure on the memory subsystem, but it will allow you to hear 12K long packets. You may see firmware crashes in case you didn’t set that module parameter. "

and this https://www.intel.com/content/www/us/en/support/articles/000058933/wireless/intel-wireless-ac-products.html

it looks like this chipset/driver is not the best choice to be used as a penetration testing device.

BTW: There are a lot of problems with this chipset: https://duckduckgo.com/?q=ax201+crash&t=ffab&ia=web

I think it is the best to do the conversion on bugzilla, because there is nothing I can do. MediaTek, Ralink, Realtek and Atheros drivers are working fine, so I still suspect an iwlwifi driver issue.

+1
ZerBea on Jul 1, 2023

hcxdumptool is a dinosaur (due to WIRLESS EXTENSION dependency) and it is acting like a toothless tiger (too many features that slow it down). hcxlabtool will be the successor due to full NETLINK/RTNETLINK support. With hcxlabtool I’m going back to the roots and set focus on ultra fast and effective layer 2 attack vectors.

The maintainer of iwlwifi told that WIRELESS EXTENSION are no longer supported.

Simply run $ sudo hcxlabtool and see what will happen.

+1
ZerBea on Feb 26, 2023

Great, thanks. Now hcxlabtool should work on this driver.

BTW: This “5905 [181] disabled” is related to your wireless regulatory domain settings. https://github.com/aircrack-ng/aircrack-ng/discussions/2430#discussioncomment-5023204

+1
ZerBea on Feb 26, 2023

I think, we can close this issue, because it is related to the broken driver.

+1
ZerBea on Sep 1, 2021

hcxdumptool/hcxlabtool is running high performance attacks. To control the device, fast system calls are mandatory.

Here is a good explanation: https://www.quora.com/What-are-the-differences-between-netlink-sockets-and-ioctl-calls?share=1

+1
ZerBea on Aug 31, 2021

As you noticed correctly this a firmware or driver issue. It is either caused by firmware (I assume this) “Microcode SW error detected.” “FW error in SYNC CMD REMOVE_STA”

or by driver “PHY ctxt cmd error.”

but not by hcxdumptool “hcxdumptool Not tainted 5.13.13-arch1-1 #1

There is nothing I can do, except to suggest to report this issue on https://bugzilla.kernel.org/

There have been several several problems running Intel chipsets in the past. So I decided to print a warning in README.md Adapter section https://github.com/ZerBea/hcxdumptool#readme

Not recommended WiFi chipsets:
    Intel PRO/Wireless
    Broadcom
    Realtek RTL8811AU, RTL8812AU, RTL 8814AU (due to NETLINK dependency)
+1
ZerBea on Aug 30, 2021
Read more comments on GitHub
← hcxdumptool: hcxdumptool freezes everything after few seconds
hcxdumptool: PMKID not found on TP-Link / D-Link router →