I'm not subscribed to the list, so include me in any replies.
Now the report...
I'm reporting a kernel panic with a 6.0-STABLE machine using RELENG_6
source from 2006-11-09.
It was triggered when I ran the command "ifconfig ath0 pureg" as an
attempt to switch the D-Link G520 running in hostAP mode, into "g
only" mode. I did this because I've been experiencing slow rates with
Airport Express clients (PowerBook) where no matter what the settings
on the AP are, it refuses to go above 1 Mbit/s.
Here's the pertinent debug info:
from /etc/rc.conf
# ath0 to be bridged with fxp0. See /etc/sysctl.conf
ifconfig_ath0="inet up ssid FOO mode 11g mediaopt hostap -wme wepmode
on wepkey 1:hexkeyhere authmode shared deftxkey 1 pureg"
Notice the "pureg" directive in there.. I added that after doing the
interactive test mentioned above, which crashed the system. It seems
to be ok if it's enabled at boot time.
Also, I'm using bridge(4), so here's the relevant sysctl(8) oid:
net.link.ether.bridge.config: fxp0,ath0
Titan> sudo kgdb /usr/obj/usr/src/sys/TITAN/kernel.debug vmcore.15
Password:
[GDB will not be able to debug user-mode threads: /usr/lib/
libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and
you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i386-marcel-freebsd".
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x10002
fault code = supervisor read, page not present
instruction pointer = 0x20:0xc059d5aa
stack pointer = 0x28:0xd43f6ba4
frame pointer = 0x28:0xd43f6ba8
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 39 (swi6: task queue)
trap number = 12
panic: page fault
Uptime: 4d23h24m31s
Dumping 510 MB (2 chunks)
chunk 0: 1MB (160 pages) ... ok
chunk 1: 510MB (130416 pages) 494 478 462 446 430 414 398 382 366
350 334 318 302 286 270 254 238 222 206 190 174 158 142 126 110 94 78
62 46 30 14
#0 doadump () at pcpu.h:165
165 pcpu.h: No such file or directory.
in pcpu.h
(kgdb) bt
#0 doadump () at pcpu.h:165
#1 0xc0505706 in boot (howto=260) at /usr/src/sys/kern/
kern_shutdown.c:399
#2 0xc0505a10 in panic (fmt=0xc0714375 "%s")
at /usr/src/sys/kern/kern_shutdown.c:555
#3 0xc06ecea0 in trap_fatal (frame=0xd43f6b64, eva=0)
at /usr/src/sys/i386/i386/trap.c:831
#4 0xc06ecbc5 in trap_pfault (frame=0xd43f6b64, usermode=0, eva=65538)
at /usr/src/sys/i386/i386/trap.c:742
#5 0xc06ec7af in trap (frame {tf_fs = -1045430264, tf_es = -734068696,
tf_ds = -1068564440,
tf_edi = -1045884500, tf_esi = -1045427200, tf_ebp = -734041176,
tf_isp = -734041200, tf_ebx = -1045884500, tf_edx = -1064610944,
tf_ecx = 65535, tf_eax = 65535, tf_trapno = 12, tf_err = 0, tf_eip =
-1067854422, tf_cs = 32, tf_eflags = 590338, tf_esp = -1009879030,
tf_ss = -734041136}) at /usr/src/sys/i386/i386/trap.c:432
#6 0xc06db2ca in calltrap () at /usr/src/sys/i386/i386/exception.s:139
#7 0xc059d5aa in ieee80211_chan2mode (ic=0xc1a911ac, chan=0xffff)
at /usr/src/sys/net80211/ieee80211.c:892
#8 0xc05a9e5e in ieee80211_tmp_node (ic=0xc1a911ac,
macaddr=0xc3ce780a "")
at /usr/src/sys/net80211/ieee80211_node.c:225
#9 0xc05a007b in ieee80211_send_error (ic=0xc1a911ac, ni=0xc1b01000,
mac=0xffff <Address 0xffff out of bounds>, subtype=65535,
arg=65535)
at /usr/src/sys/net80211/ieee80211_input.c:957
#10 0xc059f15d in ieee80211_input (ic=0xc1a911ac, m=0xc1aab100,
ni=0xc1b01000,
---Type <return> to continue, or q <return> to quit---
rssi=19, rstamp=23891) at /usr/src/sys/net80211/
ieee80211_input.c:341
#11 0xc0889aa4 in ?? ()
#12 0xc1a911ac in ?? ()
#13 0xc1aab100 in ?? ()
#14 0xc1b01000 in ?? ()
#15 0x00000013 in ?? ()
#16 0x00005d53 in ?? ()
#17 0xc1989a80 in ?? ()
#18 0xc1aab100 in ?? ()
#19 0xc1a3ab44 in ?? ()
#20 0xc1a93000 in ?? ()
#21 0xc1a82000 in ?? ()
#22 0xc1a911ac in ?? ()
#23 0xc1a920a8 in ?? ()
#24 0xc1a43480 in ?? ()
#25 0x00000004 in ?? ()
#26 0xd43f6cc0 in ?? ()
#27 0xc0528ffa in taskqueue_run (queue=0xc1a9689c)
at /usr/src/sys/kern/subr_taskqueue.c:217
Previous frame identical to this frame (corrupt stack?)
(kgdb) Titan> uname -a
FreeBSD Titan 6.0-STABLE FreeBSD 6.0-STABLE #0: Wed Nov 9 22:03:41
MST 2005 root@Titan:/usr/obj/usr/src/sys/TITAN i386
Titan> kldstat
Id Refs Address Size Name
1 12 0xc0400000 442f64 kernel
2 1 0xc0843000 9150 bridge.ko
3 1 0xc084d000 32e28 ipl.ko
4 1 0xc0880000 11dc0 if_ath.ko
5 2 0xc0892000 26b60 ath_hal.ko
6 2 0xc08b9000 2da8 ath_rate.ko
7 1 0xc08bc000 2d30 wlan_wep.ko
8 1 0xc08bf000 60d30 acpi.ko
Titan> cat /var/run/dmesg.boot
Copyright (c) 1992-2005 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights
reserved.
FreeBSD 6.0-STABLE #0: Wed Nov 9 22:03:41 MST 2005
root@Titan:/usr/obj/usr/src/sys/TITAN
WARNING: debug.mpsafenet forced to 0 as ipsec requires Giant
WARNING: MPSAFE network stack disabled, expect reduced performance.
ACPI APIC Table: <DELL 3000 >
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2793.01-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0xf41 Stepping = 1
Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE
,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Features2=0x441d<SSE3,RSVD2,MON,DS_CPL,CNTX-ID,<b14>>
real memory = 535232512 (510 MB)
avail memory = 514437120 (490 MB)
ioapic0: Changing APIC ID to 1
ioapic0 <Version 2.0> irqs 0-23 on motherboard
ath_hal: 0.9.14.9 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413)
npx0: [FAST]
npx0: <math processor> on motherboard
npx0: INT 16 interface
acpi0: <DELL 3000 > on motherboard
acpi0: Power Button (fixed)
pci_link0: <ACPI PCI Link LNKA> irq 11 on acpi0
pci_link1: <ACPI PCI Link LNKB> irq 3 on acpi0
pci_link2: <ACPI PCI Link LNKC> irq 5 on acpi0
pci_link3: <ACPI PCI Link LNKD> irq 10 on acpi0
pci_link4: <ACPI PCI Link LNKE> irq 5 on acpi0
pci_link5: <ACPI PCI Link LNKF> irq 10 on acpi0
pci_link6: <ACPI PCI Link LNKG> irq 9 on acpi0
pci_link7: <ACPI PCI Link LNKH> irq 9 on acpi0
Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
cpu0: <ACPI CPU> on acpi0
acpi_button0: <Power Button> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
agp0: <Intel 82865G (865G GMCH) SVGA controller> port 0xed98-0xed9f
mem 0xe8000000-0xefffffff,0xfeb80000-0xfebfffff irq 16 at device 2.0
on pci0
agp0: detected 892k stolen memory
agp0: aperture size is 128M
uhci0: <Intel 82801EB (ICH5) USB controller USB-A> port 0xff80-0xff9f
irq 16 at device 29.0 on pci0
uhci0: [GIANT-LOCKED]
usb0: <Intel 82801EB (ICH5) USB controller USB-A> on uhci0
usb0: USB revision 1.0
uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub0: 2 ports with 2 removable, self powered
uhci1: <Intel 82801EB (ICH5) USB controller USB-B> port 0xff60-0xff7f
irq 19 at device 29.1 on pci0
uhci1: [GIANT-LOCKED]
usb1: <Intel 82801EB (ICH5) USB controller USB-B> on uhci1
usb1: USB revision 1.0
uhub1: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub1: 2 ports with 2 removable, self powered
uhci2: <Intel 82801EB (ICH5) USB controller USB-D> port 0xff20-0xff3f
irq 16 at device 29.3 on pci0
uhci2: [GIANT-LOCKED]
usb2: <Intel 82801EB (ICH5) USB controller USB-D> on uhci2
usb2: USB revision 1.0
uhub2: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1
uhub2: 2 ports with 2 removable, self powered
pci0: <serial bus, USB> at device 29.7 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> at device 30.0 on pci0
pci1: <ACPI PCI bus> on pcib1
ath0: <Atheros 5212> mem 0xfeaf0000-0xfeafffff irq 21 at device 0.0
on pci1
ath0: [GIANT-LOCKED]
ath0: Ethernet address: 00:0f:3d:ac:03:af
ath0: mac 5.9 phy 4.3 radio 4.6
rl0: <D-Link DFE-530TX+ 10/100BaseTX> port 0xdd00-0xddff mem
0xfeaeee00-0xfeaeeeff irq 22 at device 1.0 on pci1
miibus0: <MII bus> on rl0
rlphy0: <RealTek internal media interface> on miibus0
rlphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl0: Ethernet address: 00:11:95:1d:2e:a8
rl0: [GIANT-LOCKED]
rl1: <D-Link DFE-530TX+ 10/100BaseTX> port 0xde00-0xdeff mem
0xfeaeef00-0xfeaeefff irq 17 at device 2.0 on pci1
miibus1: <MII bus> on rl1
rlphy1: <RealTek internal media interface> on miibus1
rlphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl1: Ethernet address: 00:11:95:1d:2e:b1
rl1: [GIANT-LOCKED]
fxp0: <Intel 82801BA (D865) Pro/100 VE Ethernet> port 0xdcc0-0xdcff
mem 0xfeaef000-0xfeaeffff irq 20 at device 8.0 on pci1
miibus2: <MII bus> on fxp0
inphy0: <i82562ET 10/100 media interface> on miibus2
inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
fxp0: Ethernet address: 00:11:11:c6:0f:0b
fxp0: [GIANT-LOCKED]
isab0: <PCI-ISA bridge> at device 31.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel ICH5 UDMA100 controller> port
0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xffa0-0xffaf mem
0xfeb7fc00-0xfeb7ffff irq 18 at device 31.1 on pci0
ata0: <ATA channel 0> on atapci0
ata1: <ATA channel 1> on atapci0
pci0: <serial bus, SMBus> at device 31.3 (no driver attached)
pci0: <multimedia, audio> at device 31.5 (no driver attached)
fdc0: <floppy drive controller> port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on
acpi0
fdc0: [FAST]
sio0: <16550A-compatible COM port> port 0x3f8-0x3ff irq 4 flags 0x10
on acpi0
sio0: type 16550A
pmtimer0 on isa0
orm0: <ISA Option ROMs> at iomem 0xc0000-0xca7ff,0xca800-0xcbfff on isa0
atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on
isa0
Timecounter "TSC" frequency 2793014899 Hz quality 800
Timecounters tick every 1.000 msec
IPsec: Initialized Security Association Processing.
IP Filter: v4.1.8 initialized. Default = pass all, Logging = enabled
ad0: 76293MB <SAMSUNG SP0802N TK100-28> at ata0-master UDMA100
acd0: CDROM <SAMSUNG CD-ROM SC-148A/B403> at ata1-master UDMA33
Trying to mount root from ufs:/dev/ad0s2a
WARNING: / was not properly dismounted
WARNING: /tmp was not properly dismounted
WARNING: /usr was not properly dismounted
WARNING: /var was not properly dismounted
rl1: link state changed to UP
arplookup 169.254.95.73 failed: host is not on local network
Titan> grep -v ^# /sys/i386/conf/TITAN
machine i386
cpu I686_CPU
ident TITAN_6_RELEASE
makeoptions DEBUG=-g # Build kernel with gdb(1)
debug symbols
options SCHED_4BSD # 4BSD scheduler
options PREEMPTION # Enable kernel thread
preemption
options INET # InterNETworking
options INET6 # IPv6 communications protocols
options FFS # Berkeley Fast Filesystem
options SOFTUPDATES # Enable FFS soft updates
support
options UFS_ACL # Support for access control
lists
options UFS_DIRHASH # Improve performance on big
directories
options MD_ROOT # MD is a potential root device
options NFSCLIENT # Network Filesystem Client
options NFSSERVER # Network Filesystem Server
options NFS_ROOT # NFS usable as /, requires
NFSCLIENT
options MSDOSFS # MSDOS Filesystem
options CD9660 # ISO 9660 Filesystem
options PROCFS # Process filesystem
(requires PSEUDOFS)
options PSEUDOFS # Pseudo-filesystem framework
options GEOM_GPT # GUID Partition Tables.
options COMPAT_43 # Compatible with BSD 4.3
[KEEP THIS!]
options SCSI_DELAY=15000 # Delay (in ms) before
probing SCSI
options KTRACE # ktrace(1) support
options SYSVSHM # SYSV-style shared memory
options SYSVMSG # SYSV-style message queues
options SYSVSEM # SYSV-style semaphores
options _KPOSIX_PRIORITY_SCHEDULING # POSIX P1003_1B real-
time extensions
options KBD_INSTALL_CDEV # install a CDEV entry in /dev
options AHC_REG_PRETTY_PRINT # Print register bitfields in
debug
# output. Adds ~128k to
driver.
options AHD_REG_PRETTY_PRINT # Print register bitfields in
debug
# output. Adds ~215k to
driver.
options ADAPTIVE_GIANT # Giant mutex is adaptive.
device apic # I/O APIC
options IPSEC
options IPSEC_ESP
device pci
device fdc
device ata
device atadisk # ATA disk drives
device ataraid # ATA RAID drives
device atapicd # ATAPI CDROM drives
device atapifd # ATAPI floppy drives
device atapist # ATAPI tape drives
options ATA_STATIC_ID # Static device numbering
device scbus # SCSI bus (required for SCSI)
device da # Direct Access (disks)
device atkbdc # AT keyboard controller
device atkbd # AT keyboard
device psm # PS/2 mouse
device vga # VGA video card driver
device splash # Splash screen and screen saver support
device sc
device agp # support several AGP chipsets
device pmtimer
device sio # 8250, 16[45]50 based serial ports
device miibus # MII bus support
device dc # DEC/Intel 21143 and various workalikes
device fxp # Intel EtherExpress PRO/100B (82557,
82558)
device rl # RealTek 8129/8139
device wlan # 802.11 support
device loop # Network loopback
device random # Entropy device
device ether # Ethernet support
device ppp # Kernel PPP
device tun # Packet tunnel.
device pty # Pseudo-ttys (telnet etc)
device md # Memory "disks"
device gif # IPv6 and IPv4 tunneling
device faith # IPv6-to-IPv4 relaying (translation)
device bpf # Berkeley packet filter
device uhci # UHCI PCI->USB interface
device ohci # OHCI PCI->USB interface
device usb # USB Bus (required)
device ugen # Generic
device uhid # "Human Interface Devices"
device ukbd # Keyboard
device ulpt # Printer
device umass # Disks/Mass storage - Requires scbus
and da
device ums # Mouse
device ural # Ralink Technology RT2500USB
wireless NICs
device urio # Diamond Rio 500 MP3 player
device uscanner # Scanners