Bootloop: Unable to handle kernel NULL pointer dereference at virtual address 000002d2

[Unknown78]

Background

Device: Samsung Galaxy Note 4 SM-N910H
Architecture: armeabi-v7a
OS Version: Android Nougat 7.1.1 (API 25)
System:

• REFINED_NOTE8_7.1_T2.zip
• Konup_RisingNote4_for_RefinedNote8_7.1.1_ver.2.3.zip
• Konup_HomeOneUI_RefinedNote8_7.1.1_ver.2.0_14.07.2022.zip
• Konup_SamsungCamera7_RefinedNote8_7.1.1_v.1.2.zip
• ModemServiceMode_RefinedNote8_7.1.1.zip

Boot:

• Helios_Kernel-V3.1-N910C.H-20200809.img
• Magisk debug 26403_1057cb3

Bootloader:

• Stock BL_N910HXXS2DQH5_CL7284779_QB14688583_REV00_user_low_ship.tar.md5

Modem:

• Stock CP_N910HXXU1DPD2_CL7284779_QB9293075_REV00_user_low_ship.tar.md5

Partition Table:

• Stock TRE3G_EUR_OPEN_SEA.pit
  Viewer PIT_Viewer_v1.04.7z

Recovery:

• twrp-3.7.0_9-0-treltexx.img.tar

Steps to reproduce

Just daily drive as usual, eventually you got this.
There'll be app optimizing in the beginning (sometime is not), then after complete, instant reboot.
Changing Magisk version has no effect.
Pure Helios Kernel without Magisk has no effect.

P.S. Sometimes when entering twrp recovery mode, it fails and then return to boot to system.
P.S. Sometimes when charging on power off, it fails to show the percentage, and the charging logo keeps rebooting.
P.S. Sometimes if wifi is enabled, it will disable itself later and it will stuck unable to toggle, eventually it will also bootloop. This one also happened on the stock rom and kernel.

Log

last_kmsg_2023-12-17T19.26.22.log
boot_logcat_2023-12-17T19.18.42.log
dmesg_2023-12-17T19.26.20.log
proc_mounts_2023-12-17T19.26.21.log
magisk_2023-12-25T07.34.00.log

Some highlights:

<4>[  357.144031] [c2] ****** dhd_host_recover_link ******
<1>[  357.144049] [c2] Unable to handle kernel NULL pointer dereference at virtual address 000002d2
<1>[  357.144058] [c2] pgd = c0004000
<1>[  357.144067] [c2] [000002d2] *pgd=00000000
<0>[  357.144080] [c2] Internal error: Oops: 805 [#1] PREEMPT SMP ARM
<4>[  357.144089] [c2] Modules linked in:
<4>[  357.144102] [c2] CPU: 2 PID: 8458 Comm: kworker/u16:1 Not tainted 3.10.108-Helios_Kernel-V3.1-N910C.H-20200809 #2
<4>[  357.144123] [c2] Workqueue: pcie_wq exynos_pcie_work
<4>[  357.144137] [c2] task: d38e8900 ti: c5636000 task.ti: c5636000
<4>[  357.144153] [c2] PC is at dhd_host_recover_link+0x34/0xa4
<4>[  357.144163] [c2] LR is at dhd_host_recover_link+0x9c/0xa4
<4>[  357.144173] [c2] pc : [<c03d74ac>]    lr : [<c03d7514>]    psr: 800f0113
<4>[  357.144173] sp : c5637ef0  ip : c5637ed0  fp : c5636008
<4>[  357.144185] [c2] r10: 00000000  r9 : c0ec9168  r8 : 00000000
<4>[  357.144194] [c2] r7 : e55f7e00  r6 : e4c0b708  r5 : e4c0b720  r4 : c11ce6f8
<4>[  357.144203] [c2] r3 : ffff8005  r2 : 000002d2  r1 : 00000001  r0 : 00000000
<4>[  357.144213] [c2] Flags: Nzcv  IRQs on  FIQs on  Mode SVC_32  ISA ARM  Segment kernel
<4>[  357.144222] [c2] Control: 10c5383d  Table: 25ae406a  DAC: 00000015
<4>[  357.144230] [c2] CPU 2 / CLUSTER 1
<4>[  357.144239] [c2] DFSR: 00000805, ADFSR: 00000000, IFSR: 00000007, AIFSR: 00000000
<4>[  357.144248] [c2] 

[Unknown78]

Hi @ananjaser1211, could you please take a look at this?

[ananjaser1211]

Please un-pin the other mentions you have as those people do not work on this platform nor this kernel, thank you for the excellent bug report however according to DMSG your WIFI CHIP is failing bringup via PCIE.

To me this screams hardware fault, however i suggest you try running stock ROM and see if the issue persists, if it does you have some fault in your WIFI Chip, possibly when it goes to sleep and disconnects from PCIE bus.

If however the issue is not present in stock MM ROM, please backup your existing ROM and try this lineageOS build, and see if the issues shows up there or not, it uses "stock" WiFi driver and blobs, i am not 100% sure as Refined nougat has been made almost 5 years ago, im not sure what wifi driver it uses in the ROM itself, but the kenrel uses a newer Wifi driver which recently (like 3 months ago) we found causes wifi issues on bring up, though never a kernel panic.

please try the above and let me know, i will see if i can get the source compiling again in case we need to change the driver, ROM wise for now i dont have any suggestions.

<0>[  357.044379] pci_unregister_driver: Enter

<4>[  357.045345] [c2] dhd_wifi_platform_load_pcie: pcie_register_driver failed

<4>[  357.045689] [c2] unregister wifi platform drivers

<4>[  357.045710] [c2] dhd_module_init: Failed to load the driver, try cnt 2

<4>[  357.046133] [c2] PCI_PROBE:  bus 1, slot 0,vendor 14E4, device 43E9(good PCI location)

<4>[  357.046151] [c2] dhdpcie_init: found adapter info 'DHD generic adapter'

<6>[  357.046185] [c2] pcieh 0000:01:00.0: [debug] pmcsr reg : ffff dev->current_state 3

<6>[  357.046204] [c2] pcieh 0000:01:00.0: [debug] pmcsr reg : 0, dev->current_state: 3 

<6>[  357.057588] [c2] pcieh 0000:01:00.0: [debug] pmcsr reg : ffff dev->current_state : 3

<6>[  357.057614] [c2] pcieh 0000:01:00.0: [debug] device_vendor_id reg : ffffffff

<6>[  357.057628] [c2] pcieh 0000:01:00.0: Refused to change power state, currently in D3

<4>[  357.058221] [c2] dhdpcie_dongle_attach : failed to read PCI configuration space!

<4>[  357.058236] [c2] dhdpcie_bus_attach: dhdpcie_probe_attach failed

<4>[  357.058248] [c2] dhdpcie_init:dhdpcie_bus_attach() failed

<4>[  357.058267] [c2] dhdpcie_pci_probe: PCIe Enumeration failed

<4>[  357.060125] [c2] dhdpcie_bus_register: dhdpcie initialize failed.

[ananjaser1211]

This is the Country issue i was referencing, more details can be found here universal5433/android_device_samsung_trelte-common#33 (comment)

However, this code / setter happens at a much later state than what your logs are reaching, i.e your phone is not able to bring up the PCIE device itself

[Unknown78]

I will try the stock N910H and then lineage-18.1-20230629-UNOFFICIAL-treltexx.zip with boot_bcmdhd4358.zip and open_gapps-arm-11.0-micro-20220215.zip.

While I do agree it may be the case, but independent of physical failure, there shouldn't be any null pointer dereference at all. The code should prevent it from happening. Why would you want to dereference a null pointer in the first place? At least the code should let me use everything on the phone except the Wi-Fi.

After flashing the Stock N910H with Odin, it is bootloop right after the Smising Galaxy Note 4 logo vanished. This could be a sign of a dead battery. I have to order a new one. I don't have dedicated benchtop power supply yet.

In the meantime, could you please fix this pointer issue? I've seen the drivers code has thousands of line, is it really way too costly to fix this one?

[ananjaser1211]

From what i see the NPE happens as BCM does not fully fail to initialize, it loads, and then half way through initialization it fails, it seems that samsung did not implement any safe guards regarding your particular case in the driver, between bcmdhd driver and exynos_pcie there are thousands of lines of code, your particular error is dhd_host_recover_link itself passes NPE, the bcm chip failed to initialize much earlier in a different set of code (dhd_wifi_platform_load_pcie)

i added a basic NPE check for dhd_host_recover_link but there is no guarantee it will work, to bcm either wifi PCIE configuration is loaded or not, not half way through

ive also switched to the "should be" more stable BCMDHD4358 driver, instead of 4358a3 driver, while its newer, it has been problematic in lineage OS, perhaps it causes issues too that went undiscovered till now.

Helios_Kernel-V3.2-N910C.H-20231227.zip

Unpack this zip and flash the image file through recovery (install > img file > select the kernel > BOOT partition)

regarding your device rebooting on samsung logo im not sure, its not really a good sign but hopefully its just a bad battery, the same can be said about BCM by the way, ive seen similar failures with MODEM not initializing due to weak batteries, but that did not result in an NPE just loss of signal at around 20% charge

i personally dont have any samsung documentation to fully understand how these drivers talk to each other, this is common with lousy samsung code,the NPE check is just a standard NPE > return, but i suspect other parts of the bcm/pcie stack will show errors, will see

[Unknown78]

@ananjaser1211 Okay the battery has arrived.
I couldn't try the LineageOS due to the boot-loop

I'd like to test the stability of the Wi-Fi, but there is kernel panic error with the new kernel on RefinedNougat that causes boot-loop again.

<3>[   38.004918] [c0] zswap: can't allocate compressor transform
<4>[   38.004933] [c0] _cpu_up: attempt to bring up CPU 1 failed
<0>[   38.004993] [c0] Kernel panic - not syncing: on_run: failed dynamic hotplug (exe_cmd 4)
<0>[   38.004993] 
<4>[   38.005010] [c0] CPU: 0 PID: 6678 Comm: thread_hotplug Not tainted 3.10.108-Helios_Kernel-V3.2-N910C.H-20231227 #1
<4>[   38.005040] [c0] [<c0014c18>] (unwind_backtrace+0x0/0xec) from [<c0011af0>] (show_stack+0x10/0x14)
<4>[   38.005056] [c0] [<c0011af0>] (show_stack+0x10/0x14) from [<c08416e4>] (panic+0xa0/0x200)
<4>[   38.005072] [c0] [<c08416e4>] (panic+0xa0/0x200) from [<c05c1a6c>] (on_run+0xe4/0x108)
<4>[   38.005087] [c0] [<c05c1a6c>] (on_run+0xe4/0x108) from [<c004ac98>] (kthread+0xb4/0xb8)
<4>[   38.005102] [c0] [<c004ac98>] (kthread+0xb4/0xb8) from [<c000e0a0>] (ret_from_fork+0x14/0x34)
<4>[   38.005116] [c0] Sched Debug Version: v0.10, 3.10.108-Helios_Kernel-V3.2-N910C.H-20231227 #1

last_kmsg_2024-01-07T20.01.44.log
boot_logcat_2024-01-07T20.00.31.log
dmesg_2024-01-07T20.01.46.log
proc_mounts_2024-01-07T20.01.43.log
su_magisk_2024-01-07T20.01.42.log

[ananjaser1211]

@ananjaser1211 Okay the battery has arrived. I couldn't try the LineageOS due to the boot-loop

I'd like to test the stability of the Wi-Fi, but there is kernel panic error with the new kernel on RefinedNougat that causes boot-loop again.

<3>[   38.004918] [c0] zswap: can't allocate compressor transform
<4>[   38.004933] [c0] _cpu_up: attempt to bring up CPU 1 failed
<0>[   38.004993] [c0] Kernel panic - not syncing: on_run: failed dynamic hotplug (exe_cmd 4)
<0>[   38.004993] 
<4>[   38.005010] [c0] CPU: 0 PID: 6678 Comm: thread_hotplug Not tainted 3.10.108-Helios_Kernel-V3.2-N910C.H-20231227 #1
<4>[   38.005040] [c0] [<c0014c18>] (unwind_backtrace+0x0/0xec) from [<c0011af0>] (show_stack+0x10/0x14)
<4>[   38.005056] [c0] [<c0011af0>] (show_stack+0x10/0x14) from [<c08416e4>] (panic+0xa0/0x200)
<4>[   38.005072] [c0] [<c08416e4>] (panic+0xa0/0x200) from [<c05c1a6c>] (on_run+0xe4/0x108)
<4>[   38.005087] [c0] [<c05c1a6c>] (on_run+0xe4/0x108) from [<c004ac98>] (kthread+0xb4/0xb8)
<4>[   38.005102] [c0] [<c004ac98>] (kthread+0xb4/0xb8) from [<c000e0a0>] (ret_from_fork+0x14/0x34)
<4>[   38.005116] [c0] Sched Debug Version: v0.10, 3.10.108-Helios_Kernel-V3.2-N910C.H-20231227 #1

last_kmsg_2024-01-07T20.01.44.log boot_logcat_2024-01-07T20.00.31.log dmesg_2024-01-07T20.01.46.log proc_mounts_2024-01-07T20.01.43.log su_magisk_2024-01-07T20.01.42.log

Odd that even the lineage build is looping hmm, the 3.2 kernel on refined, does it boot the system at all or instantly KPs on splash ? i dont remember seeing that hotplug crash, i see android services so i assume it boots, but then crashes

[Unknown78]

It did boot. I was able to see the home screen, then it reboot itself.

[ananjaser1211]

Thank you, im wiping my note 4 right now to install RN to see if it also crashes here, from the hotplug code its trying to bring up CPU and failing > and going to PANIC state

_cpu_up: attempt to bring up CPU 1 failed

Im hopeful this is some shenanigans due to my build system, as i have not compiled helios in years prior to 3.2, so it should also crash on my phone and i can directly try some stuff unless its some bizarre hardware problem.

ill be flashing 7.1.1 T2

[ananjaser1211]

@Unknown78 well bad news, the kernel is running fine, hotplug is fine, i tried to lock/unlock the display alot after finishing setup wizard and everything was in order, nonetheless, i have compiled a kernel with hotplug disabled, and some patches we made in lineage for hotplug (it disables HP after the device is booted)

i have tried both Helios_Kernel-V3.2-N910C.H-20231227 and Helios_Kernel-V3.2-N910C.H-20240107 and both are working as expected.

regarding WiFi i also connected just fine.

Helios_Kernel-V3.2-N910C.H-20240107.zip

I disabled "HOTPLUG_POWERSAVING" Mode which turns off all but one CPU core when the display is OFF, it might be that your board is too sensitive to that operation.

[Unknown78]

Thank you and sorry for the wait, finally I have more free time.

So in summary:

For the LineageOS, I've flashed:

• lineage-18.1-20230629-UNOFFICIAL-treltexx.zip
• open_gapps-arm-11.0-micro-20220215.zip
• boot_bcmdhd4358.img

And that results in bootloop right after Samsung Galaxy Note 4 logo.
That logo.jpg that you could extract from param.bin of the bootloader image.

logo.jpg (click to expand)

And also when I've turned off the phone, and then plug my charger, either it will stuck on the charging logo, or it will bootloop charge right after that.
That lpm.jpg that you could extract from param.bin of the bootloader image.

lpm.jpg (click to expand)

I'd like to log it, but adb doesn't available at those very early process.
How do I log the process right after power on or bootloader?

---

And for the RefinedNote8 with all of _konup_ mods with your Helios_Kernel-V3.2-N910C.H-20240107.zip, I was able to use the the phone again.

As for the WiFi, it stuck when I toggle the slider, it failed with dhd_wifi_platform_load_pcie: pcie_register_driver failed in the kernel log, also E WifiNative-HAL: Could not start hal and E WifiHW : Supplicant not running, cannot connect in the logcat.

last_kmsg_2024-01-07T22.40.19.log
boot_logcat_2024-01-07T22.38.53.log
dmesg_2024-01-07T22.40.20.log
proc_mounts_2024-01-07T22.40.18.log
su_magisk_2024-01-07T22.40.21.log

---

Now one of the bizzare thing is that this isn't apply only to system mode but also in recovery mode of TWRP. I wonder why sometimes I have bootloop when entering recovery mode, only after few times I got in.

These are the logs with twrp-3.7.0_9-0-treltexx.img.tar

twrp_last_kmsg_2024-01-08T19.10.35.log
twrp_dmesg_2024-01-08T19.15.18.log
twrp_proc_mounts_2024-01-08T19.19.48.log
twrp_printenv_2024-01-08T19.38.22.log
twrp_getprop_2024-01-08T19.38.11.log
twrp_cache_recovery_2024-01-08T19.47.51.zip

<4>[    3.690420] [c5] ****** dhd_host_recover_link ******
<1>[    3.690431] [c5] Unable to handle kernel NULL pointer dereference at virtual address 000002d2
<1>[    3.690435] [c5] pgd = c0004000
<1>[    3.690443] [c5] [000002d2] *pgd=00000000
<0>[    3.690451] [c5] Internal error: Oops: 817 [#1] PREEMPT SMP ARM
<4>[    3.690458] [c5] Modules linked in:
<4>[    3.690467] [c5] CPU: 5 PID: 1409 Comm: kworker/u16:3 Not tainted 3.10.9-universal5433-twrp-7.1-treltexx-20210728 #1
<4>[    3.690480] [c5] Workqueue: pcie_wq exynos_pcie_work
<4>[    3.690486] [c5] task: e5c4fb40 ti: e573a000 task.ti: e573a000
<4>[    3.690495] [c5] PC is at dhd_host_recover_link+0x3c/0xac
<4>[    3.690500] [c5] LR is at 0x0
<4>[    3.690507] [c5] pc : [<c0477ffc>]    lr : [<00000000>]    psr: 80000153
<4>[    3.690507] sp : e573bea8  ip : e573be78  fp : e573bebc
<4>[    3.690514] [c5] r10: c100e628  r9 : e5f5fd00  r8 : c10da754
<4>[    3.690519] [c5] r7 : e573a020  r6 : e4e3ad08  r5 : e4e3ad20  r4 : c12c6a84
<4>[    3.690524] [c5] r3 : ffff8005  r2 : 000002d2  r1 : 00000001  r0 : 00000000
<4>[    3.690531] [c5] Flags: Nzcv  IRQs on  FIQs off  Mode SVC_32  ISA ARM  Segment kernel
<4>[    3.690537] [c5] Control: 10c5383d  Table: 434f006a  DAC: 00000015
<4>[    3.690541] [c5] CPU 1 / CLUSTER 0
<4>[    3.690546] [c5] DFSR: 00000817, ADFSR: 00000000, IFSR: 00000000, AIFSR: 00000000
<4>[    3.690552] [c5] 

@ananjaser1211 It seems I also need recovery image with proper kernel for the recovery mode.
This is twrp recovery mode, there isn't any functionality to use any WiFi.
Why the kernel need to load it?

[ananjaser1211]

@Unknown78 Regarding Recovery, it uses the same kernel that is used by system, all hardware gets parsed and initialized, Wifi included, and it seems to be crashing just like the helios 3.1, so it needs the NPE patch too, but at the very least this confirms that what is going on is not a ROM or kernel specific issue but a hardware initialization failure as TWRP kernel is a kernel based on stock samsung source~ish.

once i have some time i will apply the patches and send you a TWRP build, but its clear that to boot any ROM, stock included, you need to patch the NPE in wifi as that code is the same for all kernels including stock. this ofcourse won't make WiFi work due to "dhdpcie_bus_attach" we just add a check that prevents kernel panic, and continue operation without WiFi when pcie is unable to connect to WiFi.

This is the patch i added 485d53e

The other bug was entering LOW_POWER_CMD mode when screen is locked, aka hotplugging, Which is disabled with this ramdisk entry 2472c78

These two patches are needed on any kernel you want to use on your phone, im still not sure how such a breakage happened, as its the first time i see a partial hardware failure, regardless, when i get more time i will build a twrp kernel with those patches applied, for RefinedNougat you can use the kernel sent above.

[Unknown78]

Hi @ananjaser1211, are you still busy?
I'd like to test out the TWRP build and reflash everything from start.
Forgive me if I disturb you and thank you for your patience.

[ananjaser1211]

Hi @ananjaser1211, are you still busy? I'd like to test out the TWRP build and reflash everything from start. Forgive me if I disturb you and thank you for your patience.

Apologies, @Unknown78 been an extremely busy month, unpack the zip, and flash the img in twrp or the .tar in odin as normal

• Ive added the same kernel stuff we did as mentioned in the commits earlier
• ive also attempted to disable hotplug in TWRP to mimic the same behavior we did in the earlier test images

TWRP-3.7.0_9-treltexx-20240127_Unknown78-img.zip

TWRP-3.7.0_9-treltexx-20240127_Unknown78-Tar.zip

[Unknown78]

@ananjaser1211
Thank you for the working TWRP build. I am honored to be named with it.
Sorry for not closing the issue yet as I need to test daily drive this for months first.

With the Helios_Kernel-V3.2-N910C.H-20240107.zip
There were no crash until today, the phone freeze and restart itself once.
We have a new exception:

<4>[617806.419516] [c2] ------------[ cut here ]------------

<4>[617806.419573] [c2] WARNING: at net/ipv4/tcp_output.c:2026 tcp_send_loss_probe+0x174/0x190()

<4>[617806.419597] [c2] Modules linked in:

<4>[617806.419638] [c2] CPU: 2 PID: 0 Comm: swapper/2 Tainted: G        W    3.10.108-Helios_Kernel-V3.2-N910C.H-20240107 #1

<4>[617806.419707] [c2] [<c0014c18>] (unwind_backtrace+0x0/0xec) from [<c0011af0>] (show_stack+0x10/0x14)

<4>[617806.419758] [c2] [<c0011af0>] (show_stack+0x10/0x14) from [<c002c258>] (warn_slowpath_common+0x54/0x6c)

<4>[617806.419805] [c2] [<c002c258>] (warn_slowpath_common+0x54/0x6c) from [<c002c30c>] (warn_slowpath_null+0x1c/0x24)

<4>[617806.419849] [c2] [<c002c30c>] (warn_slowpath_null+0x1c/0x24) from [<c07481f4>] (tcp_send_loss_probe+0x174/0x190)

<4>[617806.419896] [c2] [<c07481f4>] (tcp_send_loss_probe+0x174/0x190) from [<c074a350>] (tcp_write_timer_handler+0x94/0x1a0)

<4>[617806.419939] [c2] [<c074a350>] (tcp_write_timer_handler+0x94/0x1a0) from [<c074a488>] (tcp_write_timer+0x2c/0x94)

<4>[617806.419986] [c2] [<c074a488>] (tcp_write_timer+0x2c/0x94) from [<c0039258>] (call_timer_fn+0x38/0xd0)

<4>[617806.420033] [c2] [<c0039258>] (call_timer_fn+0x38/0xd0) from [<c0039d7c>] (run_timer_softirq+0x180/0x1fc)

<4>[617806.420078] [c2] [<c0039d7c>] (run_timer_softirq+0x180/0x1fc) from [<c0033e04>] (__do_softirq+0x128/0x290)

<4>[617806.420118] [c2] [<c0033e04>] (__do_softirq+0x128/0x290) from [<c0034034>] (do_softirq+0x50/0x58)

<4>[617806.420156] [c2] [<c0034034>] (do_softirq+0x50/0x58) from [<c00342f4>] (irq_exit+0xa0/0xd4)

<4>[617806.420198] [c2] [<c00342f4>] (irq_exit+0xa0/0xd4) from [<c000e8e4>] (handle_IRQ+0x44/0x90)

<4>[617806.420240] [c2] [<c000e8e4>] (handle_IRQ+0x44/0x90) from [<c000847c>] (gic_handle_irq+0x2c/0x5c)

<4>[617806.420280] [c2] [<c000847c>] (gic_handle_irq+0x2c/0x5c) from [<c000dbc0>] (__irq_svc+0x40/0x70)

<4>[617806.420307] [c2] Exception stack(0xe69eff58 to 0xe69effa0)

<4>[617806.420337] [c2] ff40:                                                       e69effa0 3b9aca00

<4>[617806.420373] [c2] ff60: 439caa86 000231e4 c3b603a8 c0e60f18 3fa7a848 000231e4 00000003 00000000

<4>[617806.420409] [c2] ff80: e69ee000 00000000 0000001a e69effa0 00000006 c05c1d44 00000153 ffffffff

<4>[617806.420455] [c2] [<c000dbc0>] (__irq_svc+0x40/0x70) from [<c05c1d44>] (cpuidle_enter_state+0x50/0xe4)

<4>[617806.420499] [c2] [<c05c1d44>] (cpuidle_enter_state+0x50/0xe4) from [<c05c1e98>] (cpuidle_idle_call+0xc0/0x16c)

<4>[617806.420541] [c2] [<c05c1e98>] (cpuidle_idle_call+0xc0/0x16c) from [<c000eff0>] (arch_cpu_idle+0x8/0x38)

<4>[617806.420588] [c2] [<c000eff0>] (arch_cpu_idle+0x8/0x38) from [<c006ee38>] (cpu_startup_entry+0x100/0x144)

<4>[617806.420631] [c2] [<c006ee38>] (cpu_startup_entry+0x100/0x144) from [<2083dc44>] (0x2083dc44)

<4>[617806.420659] [c2] ---[ end trace 47ae6a875dcc4d0a ]---

last_kmsg_2024-02-14T09.25.11.log

There's at least the same 42 exceptions in that log.
My uptime is 620k seconds, around 7 days, which means there may be hundreds of the same exception already.
I couldn't log others because the phone already reboot itself.

The issue seems to be related to TCP, so it is internet thing?
Just to remember that I was using 4G Lock Band 1 at that time, mobile data is turned on, it's active.

P.S. After the crash reboot my SIM card went invalid/undetected, then I reboot again, and it's fine.
P.S. It might be the rare crash that caused invalid SIM card since I use this ROM.

Might be related:
https://bugzilla.kernel.org/show_bug.cgi?id=204879
https://www.spinics.net/lists/netdev/msg495579.html
https://forums.developer.nvidia.com/t/iwlwifi-trace-log-and-kernel-panic/278249
https://patchwork.ozlabs.org/project/netdev/patch/20190223235151.168283-1-edumazet@google.com/
https://lists.openwall.net/linux-kernel/2018/12/14/793

[Unknown78]

It seems to be unwise to continue here since it clutters a lot, I'll create proper new issues.

@ananjaser1211
Forgive me to disturb your busy time.
I've got kernel crash today.
And I hope you can solve it too.
Thank you very much for helping me.

14th February, 2024: #2 Exception at net/ipv4/tcp_output.c:2026 tcp_send_loss_probe
28th April, 2024: #3 Kernel panic - not syncing: CP Crash (m74xx) cbd failed