Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Jun 2020 19:55:55 +0000
From:      bugzilla-noreply@freebsd.org
To:        wireless@FreeBSD.org
Subject:   [Bug 230785] Page fault when if_ath module is unloaded
Message-ID:  <bug-230785-21060-OKMVVnBVFt@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-230785-21060@https.bugs.freebsd.org/bugzilla/>
References:  <bug-230785-21060@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230785

--- Comment #1 from Ali Abdallah <ali.abdallah@suse.com> ---
I had a closer look into the issue I'm having. The detaching order of the
various if_ath* and ath* modules is broken.

#0  __curthread () at /usr/src/sys/amd64/include/pcpu.h:234
#1  doadump (textdump=3D0) at /usr/src/sys/kern/kern_shutdown.c:371
#2  0xffffffff802f5a4b in db_dump (dummy=3D<optimized out>, dummy2=3D<optim=
ized
out>, dummy3=3D<unavailable>, dummy4=3D<unavailable>) at
/usr/src/sys/ddb/db_command.c:574
#3  0xffffffff802f5819 in db_command (last_cmdp=3D<optimized out>,
cmd_table=3D<optimized out>, dopager=3D1) at /usr/src/sys/ddb/db_command.c:=
481
#4  0xffffffff802f5594 in db_command_loop () at
/usr/src/sys/ddb/db_command.c:534
#5  0xffffffff802f87ef in db_trap (type=3D<optimized out>, code=3D<optimize=
d out>)
at /usr/src/sys/ddb/db_main.c:252
#6  0xffffffff80431e2a in kdb_trap (type=3D3, code=3D0, tf=3D0xfffffe003d98=
5100) at
/usr/src/sys/kern/subr_kdb.c:693
#7  0xffffffff806d59dc in trap (frame=3D0xfffffe003d985100) at
/usr/src/sys/amd64/amd64/trap.c:621
#8  <signal handler called>
#9  kdb_enter (why=3D0xffffffff8079127e "panic", msg=3D<optimized out>) at
/usr/src/sys/kern/subr_kdb.c:479
#10 0xffffffff803e586a in vpanic (fmt=3D<optimized out>, ap=3D<optimized ou=
t>) at
/usr/src/sys/kern/kern_shutdown.c:866
#11 0xffffffff803e56a3 in panic (fmt=3D0xffffffff80865248 <vt_conswindow+16>
"m\201y\200\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:804
#12 0xffffffff8067fae7 in vm_fault_hold (map=3D0xfffff80002001000,
vaddr=3D<optimized out>, fault_type=3D4 '\004', fault_flags=3D<optimized ou=
t>,
m_hold=3D0x0)
    at /usr/src/sys/vm/vm_fault.c:614
#13 0xffffffff8067d4b0 in vm_fault (map=3D0xfffff80002001000, vaddr=3D<opti=
mized
out>, fault_type=3D4 '\004', fault_flags=3D0) at /usr/src/sys/vm/vm_fault.c=
:562
#14 0xffffffff806d5ff4 in trap_pfault (frame=3D0xfffffe003d985590, usermode=
=3D0) at
/usr/src/sys/amd64/amd64/trap.c:846
#15 0xffffffff806d54cf in trap (frame=3D0xfffffe003d985590) at
/usr/src/sys/amd64/amd64/trap.c:443
#16 <signal handler called>
#17 0xffffffff811bf0c0 in ?? ()
#18 0xffffffff810b157a in ath_intr (arg=3D0xfffffe00003e4000) at
/usr/src/sys/dev/ath/if_ath.c:2106
#19 0xffffffff803af284 in intr_event_execute_handlers (p=3D<optimized out>,
ie=3D<optimized out>) at /usr/src/sys/kern/kern_intr.c:1129
#20 ithread_execute_handlers (p=3D<optimized out>, ie=3D<optimized out>) at
/usr/src/sys/kern/kern_intr.c:1142
#21 ithread_loop (arg=3D<optimized out>) at /usr/src/sys/kern/kern_intr.c:1=
222
#22 0xffffffff803abdc3 in fork_exit (callout=3D0xffffffff803af0b0 <ithread_=
loop>,
arg=3D0xfffff800027e94c0, frame=3D0xfffffe003d985ac0) at
/usr/src/sys/kern/kern_fork.c:1065
#23 <signal handler called>

(kgdb) frame 18
#18 0xffffffff810b157a in ath_intr (arg=3D0xfffffe00003e4000) at
/usr/src/sys/dev/ath/if_ath.c:2106
l
2106            if (!ath_hal_intrpend(ah)) {            /* shared irq, not =
for
us */

(kgdb) print ah->ah_isInterruptPending
$1 =3D (HAL_BOOL (*)(struct ath_hal *)) 0xffffffff811bf0c0

# kldstat=20
Id Refs Address                Size Name
 1   79 0xffffffff80200000   e81700 kernel
 4   11 0xffffffff81089000    1c890 ath_hal.ko
 5    3 0xffffffff810a6000    60c40 ath_main.ko
 6    3 0xffffffff81107000     1c20 ath_dfs.ko
 7    9 0xffffffff81109000    aea68 wlan.ko
 8    3 0xffffffff811b8000     6688 ath_rate.ko
 9    2 0xffffffff811bf000    8ad98 ath_hal_ar9300.ko
10    2 0xffffffff8124a000    52058 ath_hal_ar5416.ko
11    3 0xffffffff8129d000    39578 ath_hal_ar5212.ko
12    2 0xffffffff812d7000    15d38 ath_hal_ar5211.ko
13    2 0xffffffff812ed000    10938 ath_hal_ar5210.ko

The 0xffffffff811bf0c0 (ar9300_is_interrupt_pending) belongs to the module
(ath_hal_ar9300) that has been just unloaded.

--=20
You are receiving this mail because:
You are the assignee for the bug.=

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230785-21060-OKMVVnBVFt>