kern/140245: Kernel panic during network activity on device ath in 7.2-RELEASE-p4

Sergey Maltsev sergio at nexcom.ru
Tue Nov 3 11:20:02 UTC 2009


>Number:         140245
>Category:       kern
>Synopsis:       Kernel panic during network activity on device ath in 7.2-RELEASE-p4
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 03 11:20:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Sergey Maltsev
>Release:        FreeBSD 7.2-RELEASE-p4 i386
>Organization:
>Environment:
FreeBSD sergio.planet-a.ru 7.2-RELEASE-p4 FreeBSD 7.2-RELEASE-p4 #0: Mon Nov  2 22:35:57 YEKT 2009     root at sergio.planet-a.ru:/usr/obj/usr/src/sys/SERGIO  i386
>Description:
I am using a wireless card D-link DWL-G520 with Atheros chipset. 
Usually more heavy network activity (with P2P-client running) causes kernel panic. 
I have a core dump. Here is a backtrace from kgdb:
Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0xc
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0640262
stack pointer           = 0x28:0xe627db60
frame pointer           = 0x28:0xe627db7c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 44 (ath0 taskq)
trap number             = 12
panic: page fault
cpuid = 1
Uptime: 9h5m24s
Physical memory: 2026 MB
Dumping 282 MB:

Fatal trap 12: page fault while in kernel mode
cpuid = 1; apic id = 01
fault virtual address   = 0xc
fault code              = supervisor read, page not present
instruction pointer     = 0x20:0xc0640262
stack pointer           = 0x28:0xc5bfd94c
frame pointer           = 0x28:0xc5bfd968
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 13 (swi4: clock)
trap number             = 12
panic: page fault
cpuid = 1
 267 251 235 219 203 187 171 155 139 123 107 91 75 59 43 27 11

Reading symbols from /boot/kernel/snd_hda.ko...Reading symbols from /boot/kernel/snd_hda.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/snd_hda.ko
Reading symbols from /boot/modules/nvidia.ko...done.
Loaded symbols for /boot/modules/nvidia.ko
Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/linux.ko
Reading symbols from /boot/kernel/sem.ko...Reading symbols from /boot/kernel/sem.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/sem.ko
Reading symbols from /boot/kernel/acpi.ko...Reading symbols from /boot/kernel/acpi.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/acpi.ko
Reading symbols from /boot/kernel/linprocfs.ko...Reading symbols from /boot/kernel/linprocfs.ko.symbols...done.
done.
Loaded symbols for /boot/kernel/linprocfs.ko
Reading symbols from /usr/local/modules/fuse.ko...done.
Loaded symbols for /usr/local/modules/fuse.ko
#0  doadump () at pcpu.h:196
196             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) backtrace
#0  doadump () at pcpu.h:196
#1  0xc05ef60c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418
#2  0xc05ef8b9 in panic (fmt=Variable "fmt" is not available.
) at /usr/src/sys/kern/kern_shutdown.c:574
#3  0xc080698c in trap_fatal (frame=0xe627db20, eva=12) at /usr/src/sys/i386/i386/trap.c:939
#4  0xc0806bf0 in trap_pfault (frame=0xe627db20, usermode=0, eva=12) at /usr/src/sys/i386/i386/trap.c:852
#5  0xc0807572 in trap (frame=0xe627db20) at /usr/src/sys/i386/i386/trap.c:530
#6  0xc07ece9b in calltrap () at /usr/src/sys/i386/i386/exception.s:159
#7  0xc0640262 in m_copydata (m=0x0, off=2240, len=2314, cp=0xc939a6f4 "") at /usr/src/sys/kern/uipc_mbuf.c:808
#8  0xc06c599f in ieee80211_encap (ic=0xc5edb22c, m=0xc7c5f900, ni=0xc6709000)
    at /usr/src/sys/net80211/ieee80211_output.c:1057
#9  0xc049125c in ath_start (ifp=0xc5ebc800) at /usr/src/sys/dev/ath/if_ath.c:1656
#10 0xc0493eee in ath_tx_proc_q0123 (arg=0xc5edb000, npending=2) at /usr/src/sys/dev/ath/if_ath.c:4653
#11 0xc06246b5 in taskqueue_run (queue=0xc5ea1e80) at /usr/src/sys/kern/subr_taskqueue.c:282
#12 0xc06248c8 in taskqueue_thread_loop (arg=0xc5edc674) at /usr/src/sys/kern/subr_taskqueue.c:401
#13 0xc05c94f9 in fork_exit (callout=0xc0624800 <taskqueue_thread_loop>, arg=0xc5edc674, frame=0xe627dd38)
    at /usr/src/sys/kern/kern_fork.c:810
#14 0xc07ecf10 in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:264

>How-To-Repeat:
Use the network - e.g. rtorrent (p2p-client).
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:


More information about the freebsd-bugs mailing list