Re: "panic: page fault" in iwn signal handler(?) at r367127
On Fri, 2020-10-30 at 05:37 -0700, David Wolfskill wrote: > I've copied the dump and core.txt files to > http://www.catwhisker.org/~david/FreeBSD/head/r367127/ > > Here's a copy/paste of the stack trace (from the core.txt.3 file): > p 12: page fault while in kernel mode > cpuid = 4; apic id = 04 > fault virtual address = 0xf8084000 > fault code = supervisor read data, page not present > instruction pointer = 0x20:0x80495f03 > stack pointer = 0x0:0x8241d748 > frame pointer = 0x0:0x8241d7a0 > code segment = base 0x0, limit 0xf, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = 12 (irq36: iwn0) > trap number = 12 > panic: page fault > cpuid = 4 > time = 1604056852 > KDB: stack backtrace: > db_trace_self_wrapper() at 0x804a69db = > db_trace_self_wrapper+0x2b/frame 0x8241d3f0 > vpanic() at 0x80baf802 = vpanic+0x182/frame > 0x8241d440 > panic() at 0x80baf5c3 = panic+0x43/frame 0x8241d4a0 > trap_fatal() at 0x8102c2f7 = trap_fatal+0x387/frame > 0x8241d500 > trap_pfault() at 0x8102c397 = trap_pfault+0x97/frame > 0x8241d560 > trap() at 0x8102b98b = trap+0x2ab/frame 0x8241d670 > calltrap() at 0x80fffa08 = calltrap+0x8/frame > 0x8241d670 > --- trap 0xc, rip = 0x80495f03, rsp = 0x8241d748, rbp > = 0x8241d7a0 --- > rijndaelEncrypt() at 0x80495f03 = rijndaelEncrypt+0x233/frame > 0x8241d7a0 > ccmp_decap() at 0x80d08bc1 = ccmp_decap+0x421/frame > 0x8241d8b0 > ieee80211_crypto_decap() at 0x80d07955 = > ieee80211_crypto_decap+0x125/frame 0x8241d900 > sta_input() at 0x80d41dec = sta_input+0x43c/frame > 0x8241d9a0 > iwn_notif_intr() at 0x8069949c = iwn_notif_intr+0x137c/frame > 0x8241dab0 > iwn_intr() at 0x8068f4f8 = iwn_intr+0x2b8/frame > 0x8241db20 > ithread_loop() at 0x80b6dbb9 = ithread_loop+0x279/frame > 0x8241dbb0 > fork_exit() at 0x80b6a690 = fork_exit+0x80/frame > 0x8241dbf0 > fork_trampoline() at 0x81000a5e = fork_trampoline+0xe/frame > 0x8241dbf0 > --- trap 0, rip = 0, rsp = 0, rbp = 0 --- > KDB: enter: panic > > __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 > 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu, > (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 > #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:394 > #2 0x804a3cea in db_dump (dummy=, > dummy2=, dummy3=, > dummy4=) > at /usr/src/sys/ddb/db_command.c:575 > #3 0x804a3ab0 in db_command (last_cmdp=, > cmd_table=, dopager=1) at > /usr/src/sys/ddb/db_command.c:482 > #4 0x804a380d in db_command_loop () > at /usr/src/sys/ddb/db_command.c:535 > #5 0x804a6b26 in db_trap (type=, > code=) > at /usr/src/sys/ddb/db_main.c:270 > #6 0x80bfb5c4 in kdb_trap (type=3, code=0, tf= out>) > at /usr/src/sys/kern/subr_kdb.c:699 > #7 0x8102be9e in trap (frame=0x8241d320) > at /usr/src/sys/amd64/amd64/trap.c:576 > #8 > #9 kdb_enter (why=0x8120d701 "panic", msg=) > at /usr/src/sys/kern/subr_kdb.c:486 > #10 0x80baf81e in vpanic (fmt=, ap= out>) > at /usr/src/sys/kern/kern_shutdown.c:901 > #11 0x80baf5c3 in panic ( > fmt=0x81c79aa8 > "\362\357\034\201\377\377\377\377") > at /usr/src/sys/kern/kern_shutdown.c:838 > #12 0x8102c2f7 in trap_fatal (frame=0x8241d680, > eva=18446735313050009600) at /usr/src/sys/amd64/amd64/trap.c:915 > #13 0x8102c397 in trap_pfault (frame=0x8241d680, > usermode=, signo=, ucode= out>) > at /usr/src/sys/amd64/amd64/trap.c:732 > #14 0x8102b98b in trap (frame=0x8241d680) > at /usr/src/sys/amd64/amd64/trap.c:398 > #15 > #16 rijndaelEncrypt (rk=, Nr=, > pt=, > ct=0x8241d830 > "\277\243\ff\211\335\330\v5\234\035{\210\330\320\327Fe\235>\226\026\0 > 25c\266n\325\305\205]\251%\001\002\004\030\326!\"\037") > at /usr/src/sys/crypto/rijndael/rijndael-alg-fst.c:1000 > #17 0x80d08bc1 in ccmp_decrypt (key=0xfe106978a160, > pn=25627, > m=0xf8010ffc9b00, hdrlen=) > at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:623 > #18 ccmp_decap (k=, m=, > hdrlen=) > at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:284 > #19 0x80d07955 in ieee80211_crypto_decap (ni=, > m=0xf8010ffc9b00, hdrlen=26, key=0x8241d920) > at /usr/src/sys/net80211/ieee80211_crypto.c:684 > #20 0x80d41dec in sta_input (ni=, > m=0xf8010ffc9b00, rxs=, rssi=, > nf=) at /usr/src/sys/net80211/ieee80211_sta.c:773 > #21 0x8069949c in iwn_rx_done (sc=0xfe1033319000, > desc=, data=) > at /usr/src/sys/dev/iwn/if_iwn.c
Re: "panic: page fault" in iwn signal handler(?) at r367127
On Fri, 2020-10-30 at 05:37 -0700, David Wolfskill wrote: > I've copied the dump and core.txt files to > http://www.catwhisker.org/~david/FreeBSD/head/r367127/ > > Here's a copy/paste of the stack trace (from the core.txt.3 file): > p 12: page fault while in kernel mode > cpuid = 4; apic id = 04 > fault virtual address = 0xf8084000 > fault code = supervisor read data, page not present > instruction pointer = 0x20:0x80495f03 > stack pointer = 0x0:0x8241d748 > frame pointer = 0x0:0x8241d7a0 > code segment = base 0x0, limit 0xf, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 > processor eflags = interrupt enabled, resume, IOPL = 0 > current process = 12 (irq36: iwn0) > trap number = 12 > panic: page fault > cpuid = 4 > time = 1604056852 > KDB: stack backtrace: > db_trace_self_wrapper() at 0x804a69db = > db_trace_self_wrapper+0x2b/frame 0x8241d3f0 > vpanic() at 0x80baf802 = vpanic+0x182/frame > 0x8241d440 > panic() at 0x80baf5c3 = panic+0x43/frame 0x8241d4a0 > trap_fatal() at 0x8102c2f7 = trap_fatal+0x387/frame > 0x8241d500 > trap_pfault() at 0x8102c397 = trap_pfault+0x97/frame > 0x8241d560 > trap() at 0x8102b98b = trap+0x2ab/frame 0x8241d670 > calltrap() at 0x80fffa08 = calltrap+0x8/frame > 0x8241d670 > --- trap 0xc, rip = 0x80495f03, rsp = 0x8241d748, rbp > = 0x8241d7a0 --- > rijndaelEncrypt() at 0x80495f03 = rijndaelEncrypt+0x233/frame > 0x8241d7a0 > ccmp_decap() at 0x80d08bc1 = ccmp_decap+0x421/frame > 0x8241d8b0 > ieee80211_crypto_decap() at 0x80d07955 = > ieee80211_crypto_decap+0x125/frame 0x8241d900 > sta_input() at 0x80d41dec = sta_input+0x43c/frame > 0x8241d9a0 > iwn_notif_intr() at 0x8069949c = iwn_notif_intr+0x137c/frame > 0x8241dab0 > iwn_intr() at 0x8068f4f8 = iwn_intr+0x2b8/frame > 0x8241db20 > ithread_loop() at 0x80b6dbb9 = ithread_loop+0x279/frame > 0x8241dbb0 > fork_exit() at 0x80b6a690 = fork_exit+0x80/frame > 0x8241dbf0 > fork_trampoline() at 0x81000a5e = fork_trampoline+0xe/frame > 0x8241dbf0 > --- trap 0, rip = 0, rsp = 0, rbp = 0 --- > KDB: enter: panic > > __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 > 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu, > (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55 > #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:394 > #2 0x804a3cea in db_dump (dummy=, > dummy2=, dummy3=, > dummy4=) > at /usr/src/sys/ddb/db_command.c:575 > #3 0x804a3ab0 in db_command (last_cmdp=, > cmd_table=, dopager=1) at > /usr/src/sys/ddb/db_command.c:482 > #4 0x804a380d in db_command_loop () > at /usr/src/sys/ddb/db_command.c:535 > #5 0x804a6b26 in db_trap (type=, > code=) > at /usr/src/sys/ddb/db_main.c:270 > #6 0x80bfb5c4 in kdb_trap (type=3, code=0, tf= out>) > at /usr/src/sys/kern/subr_kdb.c:699 > #7 0x8102be9e in trap (frame=0x8241d320) > at /usr/src/sys/amd64/amd64/trap.c:576 > #8 > #9 kdb_enter (why=0x8120d701 "panic", msg=) > at /usr/src/sys/kern/subr_kdb.c:486 > #10 0x80baf81e in vpanic (fmt=, ap= out>) > at /usr/src/sys/kern/kern_shutdown.c:901 > #11 0x80baf5c3 in panic ( > fmt=0x81c79aa8 > "\362\357\034\201\377\377\377\377") > at /usr/src/sys/kern/kern_shutdown.c:838 > #12 0x8102c2f7 in trap_fatal (frame=0x8241d680, > eva=18446735313050009600) at /usr/src/sys/amd64/amd64/trap.c:915 > #13 0x8102c397 in trap_pfault (frame=0x8241d680, > usermode=, signo=, ucode= out>) > at /usr/src/sys/amd64/amd64/trap.c:732 > #14 0x8102b98b in trap (frame=0x8241d680) > at /usr/src/sys/amd64/amd64/trap.c:398 > #15 > #16 rijndaelEncrypt (rk=, Nr=, > pt=, > ct=0x8241d830 > "\277\243\ff\211\335\330\v5\234\035{\210\330\320\327Fe\235>\226\026\0 > 25c\266n\325\305\205]\251%\001\002\004\030\326!\"\037") > at /usr/src/sys/crypto/rijndael/rijndael-alg-fst.c:1000 > #17 0x80d08bc1 in ccmp_decrypt (key=0xfe106978a160, > pn=25627, > m=0xf8010ffc9b00, hdrlen=) > at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:623 > #18 ccmp_decap (k=, m=, > hdrlen=) > at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:284 > #19 0x80d07955 in ieee80211_crypto_decap (ni=, > m=0xf8010ffc9b00, hdrlen=26, key=0x8241d920) > at /usr/src/sys/net80211/ieee80211_crypto.c:684 > #20 0x80d41dec in sta_input (ni=, > m=0xf8010ffc9b00, rxs=, rssi=, > nf=) at /usr/src/sys/net80211/ieee80211_sta.c:773 > #21 0x8069949c in iwn_rx_done (sc=0xfe1033319000, > desc=, data=) > at /usr/src/sys/dev/iwn/if_iwn.c