[Bug 271979] bsdinstall(8): iwlwifi(4): system crash when authenticating for Wi-Fi: panic: lkpi_sta_auth_to_scan: lsta 0x... state not NONE: 0, nstate 1 arg 1

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 08 Oct 2023 14:04:50 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271979

--- Comment #19 from Oleg <oleglelchuk@gmail.com> ---
And now I experienced this panic after compiling the latest 15-CURRENT kernel: 
panic: lkpi_sta_auth_to_scan: lsta 0xfffff800022bb000 state not NONE: 0, nstate
1 arg 1 . Before the latest wifi-related commits to the kernel, this bug was
always triggered if I typed "ifconfig wlan0 up" before executing the
wpa_supplicant command. But now it is only sometimes triggered:

__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
57              __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct
pcpu,
(kgdb) #0  __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57
#1  doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:405
#2  0xffffffff837ed323 in vt_kms_postswitch () from /boot/modules/drm.ko
#3  0xffffffff8099300e in vt_window_switch (vw=0xfffff800272252c0)
    at /usr/src/sys/dev/vt/vt_core.c:595
#4  0xffffffff80b4ed63 in kern_reboot (howto=4)
    at /usr/src/sys/kern/kern_shutdown.c:501
#5  0xffffffff80b4f53f in vpanic (fmt=0xffffffff8118fa9b "%s", 
    ap=ap@entry=0xfffffe0201c09430) at /usr/src/sys/kern/kern_shutdown.c:970
#6  0xffffffff80b4f2e3 in panic (fmt=<unavailable>)
    at /usr/src/sys/kern/kern_shutdown.c:894
#7  0xffffffff8104ecbc in trap_fatal (frame=0xfffffe0201c09530, 
    eva=18446744069414584320) at /usr/src/sys/amd64/amd64/trap.c:952
#8  0xffffffff8104ed6e in trap_pfault (frame=0xfffffe0201c09530, 
    usermode=false, signo=<optimized out>, ucode=<optimized out>)
    at /usr/src/sys/amd64/amd64/trap.c:760
#9  <signal handler called>
#10 0xffffffff836c65d0 in intel_atomic_get_global_obj_state ()
   from /boot/modules/i915kms.ko
#11 0xffffffff8367c35c in skl_compute_wm () from /boot/modules/i915kms.ko
#12 0xffffffff8364464f in intel_atomic_check () from /boot/modules/i915kms.ko
#13 0xffffffff837ad783 in drm_atomic_check_only () from /boot/modules/drm.ko
#14 0xffffffff837adbc3 in drm_atomic_commit () from /boot/modules/drm.ko
#15 0xffffffff837bd298 in drm_client_modeset_commit_atomic ()
   from /boot/modules/drm.ko
#16 0xffffffff837bd384 in drm_client_modeset_commit_locked ()
   from /boot/modules/drm.ko
#17 0xffffffff837bd511 in drm_client_modeset_commit ()
   from /boot/modules/drm.ko
#18 0xffffffff837fff13 in drm_fb_helper_restore_fbdev_mode_unlocked ()
   from /boot/modules/drm.ko
#19 0xffffffff837ed461 in vt_kms_postswitch () from /boot/modules/drm.ko
#20 0xffffffff80992ed1 in vt_window_switch (vw=0xfffffe01eaccc2b0, 
    vw@entry=0xffffffff816a9c98 <vt_conswindow>)
    at /usr/src/sys/dev/vt/vt_core.c:612
#21 0xffffffff8099422f in vtterm_cngrab (tm=<optimized out>)
    at /usr/src/sys/dev/vt/vt_core.c:1863
#22 0xffffffff80adf1f6 in cngrab () at /usr/src/sys/kern/kern_cons.c:385
#23 0xffffffff80b4f471 in vpanic (
    fmt=0xffffffff811e2547 "%s: lsta %p state not NONE: %#x, nstate %d arg
%d\n", ap=ap@entry=0xfffffe0201c09ce0) at /usr/src/sys/kern/kern_shutdown.c:942
#24 0xffffffff80b4f2e3 in panic (
    fmt=0xffffffff00000000 <error: Cannot access memory at address
0xffffffff00000000>) at /usr/src/sys/kern/kern_shutdown.c:894
#25 0xffffffff80dd1d37 in lkpi_sta_auth_to_scan (vap=0xfffffe0201449010, 
    nstate=IEEE80211_S_SCAN, arg=1)
    at /usr/src/sys/compat/linuxkpi/common/src/linux_80211.c:1167
#26 0xffffffff80dd9223 in lkpi_iv_newstate (vap=0xfffffe0201449010, 
    nstate=IEEE80211_S_SCAN, arg=1)
    at /usr/src/sys/compat/linuxkpi/common/src/linux_80211.c:2064
#27 0xffffffff80cfeb37 in ieee80211_newstate_cb (xvap=0xfffffe0201449010, 
    npending=<optimized out>) at /usr/src/sys/net80211/ieee80211_proto.c:2546
#28 0xffffffff80bb4b2b in taskqueue_run_locked (
    queue=queue@entry=0xfffff804663bd500)
    at /usr/src/sys/kern/subr_taskqueue.c:512
#29 0xffffffff80bb5be3 in taskqueue_thread_loop (
    arg=arg@entry=0xfffffe01fdb75110)
    at /usr/src/sys/kern/subr_taskqueue.c:824
#30 0xffffffff80b050b2 in fork_exit (
    callout=0xffffffff80bb5b10 <taskqueue_thread_loop>, 
    arg=0xfffffe01fdb75110, frame=0xfffffe0201c09f40)
    at /usr/src/sys/kern/kern_fork.c:1160
#31 <signal handler called>
(kgdb)

-- 
You are receiving this mail because:
You are on the CC list for the bug.