kern/109406: [ndis] Broadcom WLAN driver 4.100.15.5 doesn't work with Ndisgen

Adrian Punga adrian.punga at gmail.com
Sat Oct 13 03:00:06 PDT 2007 

The following reply was made to PR kern/109406; it has been noted by GNATS.

From: "Adrian Punga" <adrian.punga at gmail.com>
To: bug-followup at freebsd.org, darkvincentdude at yahoo.com
Cc:  
Subject: Re: kern/109406: [ndis] Broadcom WLAN driver 4.100.15.5 doesn't work with Ndisgen
Date: Sat, 13 Oct 2007 12:51:15 +0300

 OK kgdb gave me the following from the core dump:
 
 kgdb: kvm_nlist(_stopped_cpus):
 kgdb: kvm_nlist(_stoppcbs):
 [GDB will not be able to debug user-mode threads:
 /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
 GNU gdb 6.1.1 [FreeBSD]
 Copyright 2004 Free Software Foundation, Inc.
 GDB is free software, covered by the GNU General Public License, and you are
 welcome to change it and/or distribute copies of it under certain conditions.
 Type "show copying" to see the conditions.
 There is absolutely no warranty for GDB.  Type "show warranty" for details.
 This GDB was configured as "i386-marcel-freebsd".
 
 Unread portion of the kernel message buffer:
 ndis0: <Broadcom 802.11b/g WLAN> mem 0xf4000000-0xf4003fff irq 17 at
 device 0.0 on pci16
 ndis0: NDIS API version: 5.1
 
 
 Fatal trap 12: page fault while in kernel mode
 fault virtual address   = 0x0
 fault code              = supervisor read, page not present
 instruction pointer     = 0x20:0xc444712f
 stack pointer           = 0x28:0xd4038c64
 frame pointer           = 0x28:0xd4038c78
 code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
 processor eflags        = interrupt enabled, resume, IOPL = 0
 current process         = 11 (swi4: clock sio)
 trap number             = 12
 panic: page fault
 Uptime: 5m12s
 Dumping 503 MB (2 chunks)
   chunk 0: 1MB (159 pages) ... ok
   chunk 1: 503MB (128720 pages) 487 471 455 439 423 407 391 375 359
 343 327 311 295 279 263 247 231 215 199 183 167 151 135 119 103 87 71
 55 39 23 7
 
 #0  doadump () at pcpu.h:165
 165             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
 
 
 The last line belongs to __curthread which is aliased  by a define as
 curthread and used in a lot of places in the ndis and if_ndis modules:
 
 [root at pcbsd /usr/src]# grep -R -e "curthread" * | grep ndis
 sys/compat/ndis/kern_ndis.c:    tsleep(curthread->td_proc, PWAIT, "ndwait", hz);
 sys/compat/ndis/kern_windrv.c:  t = &my_tids[curthread->td_oncpu];
 sys/compat/ndis/kern_windrv.c:  t->tid_cpu = curthread->td_oncpu;
 sys/compat/ndis/kern_windrv.c:  if (t->tid_cpu != curthread->td_oncpu)
 sys/compat/ndis/kern_windrv.c:  t = curthread;
 sys/compat/ndis/kern_windrv.c:  t = curthread;
 sys/compat/ndis/subr_hal.c:     if (mtx_owned(&disp_lock[curthread->td_oncpu]))
 sys/compat/ndis/subr_hal.c:
 mtx_lock(&disp_lock[curthread->td_oncpu]);
 sys/compat/ndis/subr_hal.c:     mtx_unlock(&disp_lock[curthread->td_oncpu]);
 sys/compat/ndis/subr_ndis.c:    struct thread           *td = curthread;
 sys/compat/ndis/subr_ndis.c:    struct thread           *td = curthread;
 sys/compat/ndis/subr_ndis.c:    struct thread           *td = curthread;
 sys/compat/ndis/subr_ntoskrnl.c:        struct thread           *td = curthread;
 sys/compat/ndis/subr_ntoskrnl.c:
 ntoskrnl_satisfy_wait(obj, curthread);
 sys/compat/ndis/subr_ntoskrnl.c:        struct thread           *td = curthread;
 sys/compat/ndis/subr_ntoskrnl.c:        kq->kq_td = curthread;
 sys/compat/ndis/subr_ntoskrnl.c:        if (kmutex->km_ownerthread !=
 curthread) {
 sys/compat/ndis/subr_ntoskrnl.c:                if (nr->no_obj !=
 curthread->td_proc)
 sys/compat/ndis/subr_ntoskrnl.c:        kq->kq_td = curthread;
 sys/compat/ndis/subr_ntoskrnl.c:        sched_bind(curthread, kq->kq_cpu);
 sys/compat/ndis/subr_ntoskrnl.c:        sched_prio(curthread, PRI_MIN_KERN);
 sys/compat/ndis/subr_ntoskrnl.c:        curthread->td_base_pri = PRI_MIN_KERN;
 sys/compat/ndis/subr_ntoskrnl.c:                kq += curthread->td_oncpu;
 sys/compat/ndis/subr_ntoskrnl.c:        return((uint32_t)curthread->td_oncpu);
 sys/dev/if_ndis/if_ndis.c:              if ((error = suser(curthread)))
 sys/dev/if_ndis/if_ndis.c:              if ((error = suser(curthread)))
 sys/dev/if_ndis/if_ndis.c:              if ((error = suser(curthread)))
 sys/dev/if_ndis/if_ndis.c:      error = suser(curthread);
 sys/dev/if_ndis/if_ndis.c:              error = suser(curthread);
 
 I can't figure out where the call was made from as kgdb didn't gave me
 the full call stack.
 Anybody, any ideas?
 
 Adrian Punga

More information about the freebsd-net mailing list