Steve Kargl wrote: > By increasing the kernel message buffer, I was able to > get the previous "Unread portion" im my last email. > > Unread portion of the kernel message buffer: > lock order reversal: (sleepable after non-sleepable) > 1st 0xc34caec0 ath0 (ath0) @ /usr/src/sys/dev/ath/if_ath.c:5210 > 2nd 0xc32cbe24 user map (user map) @ /usr/src/sys/vm/vm_map.c:3074 > KDB: stack backtrace: > kdb_backtrace(0,ffffffff,c07c3e08,c07c5500,c078596c,...) at kdb_backtrace+0x29 > witness_checkorder(c32cbe24,9,c075587c,c02) at witness_checkorder+0x578 > _sx_xlock(c32cbe24,c075587c,c02) at _sx_xlock+0x50 > _vm_map_lock_read(c32cbde0,c075587c,c02,2000246,c3722068,...) at > _vm_map_lock_read+0x37 > vm_map_lookup(d9753a6c,805e000,2,d9753a70,d9753a60,d9753a64,d9753a47,d9753a48) > at vm_map_lookup+0x28 > vm_fault(c32cbde0,805e000,2,8,c34ee180,...) at vm_fault+0x65 > trap_pfault(d9753b34,0,805e000) at trap_pfault+0xce > trap(c07b0008,28,c0730028,805e000,c334f400,...) at trap+0x319 > calltrap() at calltrap+0x5 > --- trap 0xc, eip = 0xc06e8056, esp = 0xd9753b74, ebp = 0xd9753bac --- > generic_copyout(c34c8c00,c3726400,c34cab30,c0286938,0,...) at > generic_copyout+0x36 > ieee80211_ioctl(c34ca230,c0286938,c3726400) at ieee80211_ioctl+0xc1 > ath_ioctl(c34c8c00,c0286938,c3726400) at ath_ioctl+0x190 > ifhwioctl(c0286938,c34c8c00,c3726400,c34ee180) at ifhwioctl+0xa40 > ifioctl(c355e000,c0286938,c3726400,c34ee180,0,...) at ifioctl+0xc3 > soo_ioctl(c3516ab0,c0286938,c3726400,c3748480,c34ee180) at soo_ioctl+0x2db > ioctl(c34ee180,d9753d04) at ioctl+0x396 > syscall(3b,3b,3b,805d028,0,...) at syscall+0x22f > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (54, FreeBSD ELF32, ioctl), eip = 0x28149787, esp = 0xbfbfe2fc, > ebp = 0xbfbfe328 --- > KDB: enter: witness_checkorder > panic: from debugger > KDB: stack backtrace: > Uptime: 1m1s > Dumping 511 MB (2 chunks) > chunk 0: 1MB (159 pages) ... ok > chunk 1: 511MB (130786 pages) 495 479 463 447 431 415 399 383 367 351 335 > 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 > > #0 doadump () at pcpu.h:165 > 165 pcpu.h: No such file or directory. > in pcpu.h > (kgdb) quit > mobile:root[157] exit > exit > > Script done on Thu Apr 26 16:38:51 2007
Age old issue: the driver calls into the net80211 layer holding it's softc lock but net80211 calls copyout and if that faults copying data to user mode then you'll blow up. I've proposed a solution but noone's responded so it remains. Sam _______________________________________________ freebsd-stable@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"