Date: Tue, 18 Jan 2011 13:26:58 +0300 From: Alexander Zagrebin <alex@zagrebin.ru> To: freebsd-net@freebsd.org Subject: if_run and wlan_amrr: kernel panics on 8.2-PRERELEASE amd64 Message-ID: <20110118102658.GA3211@gw.zagrebin.ru>
next in thread | raw e-mail | index | archive | help
Hi!
I'm trying to use the RT2872-based USB adapter in the hostap mode
on the latest RELENG_8 (8.2-PRERELEASE) for amd64.
The kernel hasn't wlan support compiled in, so I've added
if_run_load="YES"
runfw_load="YES"
wlan_amrr_load="YES"
into the /boot/loader.conf
With this changes the kernel panics with the "Fatal trap 12" during device
probing stage:
Copyright (c) 1992-2011 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 8.2-PRERELEASE #1: Mon Jan 17 09:31:37 MSK 2011
root@gw.zhn.local:/usr/src/sys/amd64/compile/KERNEL amd64
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Atom(TM) CPU 330 @ 1.60GHz (1599.20-MHz K8-class CPU)
Origin = "GenuineIntel" Id = 0x106c2 Family = 6 Model = 1c Stepping = 2
Features=0xbfe9fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,CL
Features2=0x40e31d<SSE3,DTES64,MON,DS_CPL,TM2,SSSE3,CX16,xTPR,PDCM,MOVBE>
AMD Features=0x20100800<SYSCALL,NX,LM>
AMD Features2=0x1<LAHF>
TSC: P-state invariant
real memory = 2147483648 (2048 MB)
avail memory = 2047647744 (1952 MB)
ACPI APIC Table: <INTEL D945GLF2>
FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 HTT threads
cpu0 (BSP): APIC ID: 0
cpu1 (AP/HT): APIC ID: 1
cpu2 (AP): APIC ID: 2
cpu3 (AP/HT): APIC ID: 3
ioapic0: Changing APIC ID to 2
ioapic0 <Version 2.0> irqs 0-23 on motherboard
kernel trap 12 with interrupts disabled
Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0x308
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff8030157a
stack pointer = 0x28:0xffffffff80b86c30
frame pointer = 0x28:0xffffffff80b86c60
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = resume, IOPL = 0
current process = 0 (swapper)
trap number = 12
panic: page fault
cpuid = 0
Uptime: 1s
Automatic reboot in 15 seconds - press a key on the console to abort
--> Press a key on the console to reboot,
--> or switch off the system now.
After trying to disable some modules, I've found that a panic occurs only
when both runfw.ko and wlan_amrr.ko are loaded.
If either runfw.ko or wlan_amrr.ko disabled, then kernel boots successfully.
I've decided to boot without wlan_amrr.ko. :)
The adapter was found, the wlan interface was created and the access point
mostly works (there is an issue with the devices with the 'power save mode'
enabled), but transmission rate is limited with 1 Mbit/s.
I've tried to load wlan_amrr:
# kldload wlan_amrr.ko
# ifconfig wlan0 destroy
# /etc/rc.d/netif start wlan0
The wlan0 was successfully recreated. The devices can connect, but after 1..2 sec
after connection was established the kernel panics.
Before the panic `ifconfig wlan0 list sta` shows
ADDR AID CHAN RATE RSSI IDLE TXSEQ RXSEQ CAPS FLAG
18:86:ac:10:4b:88 1 1 36M 23.5 0 4 448 EPS AQE RSN WME
So it seems that the transmission rate was raised.
Information from kernel core:
# kgdb kernel.debug /var/crash/vmcore.0
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd"...
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
cpuid = 3; apic id = 03
fault virtual address = 0x10
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80c5204b
stack pointer = 0x28:0xffffff807811da50
frame pointer = 0x28:0xffffff807811da60
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 0 (run0 taskq)
trap number = 12
panic: page fault
cpuid = 3
Uptime: 5m31s
Physical memory: 2027 MB
Dumping 481 MB: 466 450 434 418 402 386 370 354 338 322 306 290 274 258 242 226 210 194 178 162 146 130 114 98 82 66 50 34 18 2
Reading symbols from /boot/kernel/zfs.ko...Reading symbols from /boot/kernel/zfs.ko.symbols...done.
... (skipped) ...
Loaded symbols for /boot/kernel/wlan_amrr.ko
#0 doadump () at pcpu.h:224
224 __asm("movq %%gs:0,%0" : "=r" (td));
(kgdb) bt
#0 doadump () at pcpu.h:224
#1 0xffffffff80302b4e in boot (howto=260) at ../../../kern/kern_shutdown.c:419
#2 0xffffffff80302f63 in panic (fmt=0x0) at ../../../kern/kern_shutdown.c:592
#3 0xffffffff804cb9ad in trap_fatal (frame=0xffffffff80727ec0, eva=Variable "eva" is not available.
)
at ../../../amd64/amd64/trap.c:783
#4 0xffffffff804cbd6f in trap_pfault (frame=0xffffff807811d9a0, usermode=0)
at ../../../amd64/amd64/trap.c:699
#5 0xffffffff804cc16f in trap (frame=0xffffff807811d9a0)
at ../../../amd64/amd64/trap.c:449
#6 0xffffffff804b43c4 in calltrap () at ../../../amd64/amd64/exception.S:224
#7 0xffffffff80c5204b in amrr_rate (ni=0xffffff800dcfc000, arg=0x0, iarg=0)
at /usr/src/sys/modules/wlan_amrr/../../net80211/ieee80211_amrr.c:231
#8 0xffffffff80ab81bb in run_iter_func (arg=0xffffff8000baf000, ni=0xffffff800dcfc000)
at ieee80211_ratectl.h:92
#9 0xffffffff80ad77e4 in ieee80211_iterate_nodes (nt=0xffffff8000bbb7b0,
f=0xffffffff80ab8160 <run_iter_func>, arg=0xffffff8000baf000)
at /usr/src/sys/modules/wlan/../../net80211/ieee80211_node.c:2147
#10 0xffffffff80abadaf in run_ratectl_cb (arg=Variable "arg" is not available.
)
at /usr/src/sys/modules/usb/run/../../../dev/usb/wlan/if_run.c:2212
#11 0xffffffff8033f035 in taskqueue_run_locked (queue=0xffffff0001a2d800)
at ../../../kern/subr_taskqueue.c:250
#12 0xffffffff8033f1ce in taskqueue_thread_loop (arg=Variable "arg" is not available.
)
at ../../../kern/subr_taskqueue.c:387
#13 0xffffffff802da6e8 in fork_exit (callout=0xffffffff8033f180 <taskqueue_thread_loop>,
arg=0xffffff8000bba0b8, frame=0xffffff807811dc40) at ../../../kern/kern_fork.c:845
#14 0xffffffff804b488e in fork_trampoline () at ../../../amd64/amd64/exception.S:565
#15 0x0000000000000000 in ?? ()
#16 0x0000000000000000 in ?? ()
#17 0x0000000000000000 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0x0000000000000000 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x0000000000000000 in ?? ()
#26 0x0000000000000000 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000000 in ?? ()
#29 0x0000000000000000 in ?? ()
#30 0x0000000000000000 in ?? ()
#31 0x0000000000000000 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x0000000000000000 in ?? ()
#34 0x0000000000000000 in ?? ()
#35 0x0000000000000000 in ?? ()
#36 0x0000000000000000 in ?? ()
#37 0x0000000000000000 in ?? ()
#38 0x0000000000000000 in ?? ()
#39 0xffffffff80732980 in affinity ()
#40 0x0000000000000000 in ?? ()
#41 0x0000000000000000 in ?? ()
#42 0xffffff000198d000 in ?? ()
#43 0xffffff807811d600 in ?? ()
#44 0xffffff807811d5a8 in ?? ()
#45 0xffffff00014d0460 in ?? ()
#46 0xffffffff80328009 in sched_switch (td=0xffffffff8033f180, newtd=0xffffff8000bba0b8,
flags=Variable "flags" is not available.
) at ../../../kern/sched_ule.c:1852
Previous frame inner to this frame (corrupt stack?)
(kgdb)
Any help is appreciated.
--
Alexander Zagrebin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20110118102658.GA3211>