Re: "panic: page fault" in iwn signal handler(?) at r367127
On Fri, 2020-10-30 at 05:37 -0700, David Wolfskill wrote:
> I've copied the dump and core.txt files to
> http://www.catwhisker.org/~david/FreeBSD/head/r367127/
>
> Here's a copy/paste of the stack trace (from the core.txt.3 file):
> p 12: page fault while in kernel mode
> cpuid = 4; apic id = 04
> fault virtual address = 0xf8084000
> fault code = supervisor read data, page not present
> instruction pointer = 0x20:0x80495f03
> stack pointer = 0x0:0x8241d748
> frame pointer = 0x0:0x8241d7a0
> code segment = base 0x0, limit 0xf, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 12 (irq36: iwn0)
> trap number = 12
> panic: page fault
> cpuid = 4
> time = 1604056852
> KDB: stack backtrace:
> db_trace_self_wrapper() at 0x804a69db =
> db_trace_self_wrapper+0x2b/frame 0x8241d3f0
> vpanic() at 0x80baf802 = vpanic+0x182/frame
> 0x8241d440
> panic() at 0x80baf5c3 = panic+0x43/frame 0x8241d4a0
> trap_fatal() at 0x8102c2f7 = trap_fatal+0x387/frame
> 0x8241d500
> trap_pfault() at 0x8102c397 = trap_pfault+0x97/frame
> 0x8241d560
> trap() at 0x8102b98b = trap+0x2ab/frame 0x8241d670
> calltrap() at 0x80fffa08 = calltrap+0x8/frame
> 0x8241d670
> --- trap 0xc, rip = 0x80495f03, rsp = 0x8241d748, rbp
> = 0x8241d7a0 ---
> rijndaelEncrypt() at 0x80495f03 = rijndaelEncrypt+0x233/frame
> 0x8241d7a0
> ccmp_decap() at 0x80d08bc1 = ccmp_decap+0x421/frame
> 0x8241d8b0
> ieee80211_crypto_decap() at 0x80d07955 =
> ieee80211_crypto_decap+0x125/frame 0x8241d900
> sta_input() at 0x80d41dec = sta_input+0x43c/frame
> 0x8241d9a0
> iwn_notif_intr() at 0x8069949c = iwn_notif_intr+0x137c/frame
> 0x8241dab0
> iwn_intr() at 0x8068f4f8 = iwn_intr+0x2b8/frame
> 0x8241db20
> ithread_loop() at 0x80b6dbb9 = ithread_loop+0x279/frame
> 0x8241dbb0
> fork_exit() at 0x80b6a690 = fork_exit+0x80/frame
> 0x8241dbf0
> fork_trampoline() at 0x81000a5e = fork_trampoline+0xe/frame
> 0x8241dbf0
> --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
> KDB: enter: panic
>
> __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
> 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu,
> (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:394
> #2 0x804a3cea in db_dump (dummy=,
> dummy2=, dummy3=,
> dummy4=)
> at /usr/src/sys/ddb/db_command.c:575
> #3 0x804a3ab0 in db_command (last_cmdp=,
> cmd_table=, dopager=1) at
> /usr/src/sys/ddb/db_command.c:482
> #4 0x804a380d in db_command_loop ()
> at /usr/src/sys/ddb/db_command.c:535
> #5 0x804a6b26 in db_trap (type=,
> code=)
> at /usr/src/sys/ddb/db_main.c:270
> #6 0x80bfb5c4 in kdb_trap (type=3, code=0, tf= out>)
> at /usr/src/sys/kern/subr_kdb.c:699
> #7 0x8102be9e in trap (frame=0x8241d320)
> at /usr/src/sys/amd64/amd64/trap.c:576
> #8
> #9 kdb_enter (why=0x8120d701 "panic", msg=)
> at /usr/src/sys/kern/subr_kdb.c:486
> #10 0x80baf81e in vpanic (fmt=, ap= out>)
> at /usr/src/sys/kern/kern_shutdown.c:901
> #11 0x80baf5c3 in panic (
> fmt=0x81c79aa8
> "\362\357\034\201\377\377\377\377")
> at /usr/src/sys/kern/kern_shutdown.c:838
> #12 0x8102c2f7 in trap_fatal (frame=0x8241d680,
> eva=18446735313050009600) at /usr/src/sys/amd64/amd64/trap.c:915
> #13 0x8102c397 in trap_pfault (frame=0x8241d680,
> usermode=, signo=, ucode= out>)
> at /usr/src/sys/amd64/amd64/trap.c:732
> #14 0x8102b98b in trap (frame=0x8241d680)
> at /usr/src/sys/amd64/amd64/trap.c:398
> #15
> #16 rijndaelEncrypt (rk=, Nr=,
> pt=,
> ct=0x8241d830
> "\277\243\ff\211\335\330\v5\234\035{\210\330\320\327Fe\235>\226\026\0
> 25c\266n\325\305\205]\251%\001\002\004\030\326!\"\037")
> at /usr/src/sys/crypto/rijndael/rijndael-alg-fst.c:1000
> #17 0x80d08bc1 in ccmp_decrypt (key=0xfe106978a160,
> pn=25627,
> m=0xf8010ffc9b00, hdrlen=)
> at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:623
> #18 ccmp_decap (k=, m=,
> hdrlen=)
> at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:284
> #19 0x80d07955 in ieee80211_crypto_decap (ni=,
> m=0xf8010ffc9b00, hdrlen=26, key=0x8241d920)
> at /usr/src/sys/net80211/ieee80211_crypto.c:684
> #20 0x80d41dec in sta_input (ni=,
> m=0xf8010ffc9b00, rxs=, rssi=,
> nf=) at /usr/src/sys/net80211/ieee80211_sta.c:773
> #21 0x8069949c in iwn_rx_done (sc=0xfe1033319000,
> desc=, data=)
> at
Re: "panic: page fault" in iwn signal handler(?) at r367127
On Fri, 2020-10-30 at 05:37 -0700, David Wolfskill wrote:
> I've copied the dump and core.txt files to
> http://www.catwhisker.org/~david/FreeBSD/head/r367127/
>
> Here's a copy/paste of the stack trace (from the core.txt.3 file):
> p 12: page fault while in kernel mode
> cpuid = 4; apic id = 04
> fault virtual address = 0xf8084000
> fault code = supervisor read data, page not present
> instruction pointer = 0x20:0x80495f03
> stack pointer = 0x0:0x8241d748
> frame pointer = 0x0:0x8241d7a0
> code segment = base 0x0, limit 0xf, type 0x1b
> = DPL 0, pres 1, long 1, def32 0, gran 1
> processor eflags = interrupt enabled, resume, IOPL = 0
> current process = 12 (irq36: iwn0)
> trap number = 12
> panic: page fault
> cpuid = 4
> time = 1604056852
> KDB: stack backtrace:
> db_trace_self_wrapper() at 0x804a69db =
> db_trace_self_wrapper+0x2b/frame 0x8241d3f0
> vpanic() at 0x80baf802 = vpanic+0x182/frame
> 0x8241d440
> panic() at 0x80baf5c3 = panic+0x43/frame 0x8241d4a0
> trap_fatal() at 0x8102c2f7 = trap_fatal+0x387/frame
> 0x8241d500
> trap_pfault() at 0x8102c397 = trap_pfault+0x97/frame
> 0x8241d560
> trap() at 0x8102b98b = trap+0x2ab/frame 0x8241d670
> calltrap() at 0x80fffa08 = calltrap+0x8/frame
> 0x8241d670
> --- trap 0xc, rip = 0x80495f03, rsp = 0x8241d748, rbp
> = 0x8241d7a0 ---
> rijndaelEncrypt() at 0x80495f03 = rijndaelEncrypt+0x233/frame
> 0x8241d7a0
> ccmp_decap() at 0x80d08bc1 = ccmp_decap+0x421/frame
> 0x8241d8b0
> ieee80211_crypto_decap() at 0x80d07955 =
> ieee80211_crypto_decap+0x125/frame 0x8241d900
> sta_input() at 0x80d41dec = sta_input+0x43c/frame
> 0x8241d9a0
> iwn_notif_intr() at 0x8069949c = iwn_notif_intr+0x137c/frame
> 0x8241dab0
> iwn_intr() at 0x8068f4f8 = iwn_intr+0x2b8/frame
> 0x8241db20
> ithread_loop() at 0x80b6dbb9 = ithread_loop+0x279/frame
> 0x8241dbb0
> fork_exit() at 0x80b6a690 = fork_exit+0x80/frame
> 0x8241dbf0
> fork_trampoline() at 0x81000a5e = fork_trampoline+0xe/frame
> 0x8241dbf0
> --- trap 0, rip = 0, rsp = 0, rbp = 0 ---
> KDB: enter: panic
>
> __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
> 55 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu,
> (kgdb) #0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:55
> #1 doadump (textdump=0) at /usr/src/sys/kern/kern_shutdown.c:394
> #2 0x804a3cea in db_dump (dummy=,
> dummy2=, dummy3=,
> dummy4=)
> at /usr/src/sys/ddb/db_command.c:575
> #3 0x804a3ab0 in db_command (last_cmdp=,
> cmd_table=, dopager=1) at
> /usr/src/sys/ddb/db_command.c:482
> #4 0x804a380d in db_command_loop ()
> at /usr/src/sys/ddb/db_command.c:535
> #5 0x804a6b26 in db_trap (type=,
> code=)
> at /usr/src/sys/ddb/db_main.c:270
> #6 0x80bfb5c4 in kdb_trap (type=3, code=0, tf= out>)
> at /usr/src/sys/kern/subr_kdb.c:699
> #7 0x8102be9e in trap (frame=0x8241d320)
> at /usr/src/sys/amd64/amd64/trap.c:576
> #8
> #9 kdb_enter (why=0x8120d701 "panic", msg=)
> at /usr/src/sys/kern/subr_kdb.c:486
> #10 0x80baf81e in vpanic (fmt=, ap= out>)
> at /usr/src/sys/kern/kern_shutdown.c:901
> #11 0x80baf5c3 in panic (
> fmt=0x81c79aa8
> "\362\357\034\201\377\377\377\377")
> at /usr/src/sys/kern/kern_shutdown.c:838
> #12 0x8102c2f7 in trap_fatal (frame=0x8241d680,
> eva=18446735313050009600) at /usr/src/sys/amd64/amd64/trap.c:915
> #13 0x8102c397 in trap_pfault (frame=0x8241d680,
> usermode=, signo=, ucode= out>)
> at /usr/src/sys/amd64/amd64/trap.c:732
> #14 0x8102b98b in trap (frame=0x8241d680)
> at /usr/src/sys/amd64/amd64/trap.c:398
> #15
> #16 rijndaelEncrypt (rk=, Nr=,
> pt=,
> ct=0x8241d830
> "\277\243\ff\211\335\330\v5\234\035{\210\330\320\327Fe\235>\226\026\0
> 25c\266n\325\305\205]\251%\001\002\004\030\326!\"\037")
> at /usr/src/sys/crypto/rijndael/rijndael-alg-fst.c:1000
> #17 0x80d08bc1 in ccmp_decrypt (key=0xfe106978a160,
> pn=25627,
> m=0xf8010ffc9b00, hdrlen=)
> at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:623
> #18 ccmp_decap (k=, m=,
> hdrlen=)
> at /usr/src/sys/net80211/ieee80211_crypto_ccmp.c:284
> #19 0x80d07955 in ieee80211_crypto_decap (ni=,
> m=0xf8010ffc9b00, hdrlen=26, key=0x8241d920)
> at /usr/src/sys/net80211/ieee80211_crypto.c:684
> #20 0x80d41dec in sta_input (ni=,
> m=0xf8010ffc9b00, rxs=, rssi=,
> nf=) at /usr/src/sys/net80211/ieee80211_sta.c:773
> #21 0x8069949c in iwn_rx_done (sc=0xfe1033319000,
> desc=, data=)
> at
