Date: Tue, 23 Oct 2012 23:06:52 -0400 From: Justin Hibbits <chmeeedalf@gmail.com> To: freebsd-wireless@freebsd.org Subject: data storage interrupt with if_ath(4) on PowerPC Message-ID: <20121023230652.206fb4ea@narn.knownspace>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
With an Atheros 5416 card from Adrian Chadd in my PowerBook G4, I get a
Data Storage Interrupt after a few minutes. It's pretty reproducible:
* load if_ath/if_ath_pci
* ifconfig wlan0 create wlandev ath0
* ifconfig wlan0 up
* ifconfig wlan0 bgscan (fails with "Operation not supported")
* ifconfig wlan0 list scan
... wait ...
* ifconfig wland0 list scan (another just for good measure)
... wait ...
After a few minutes it kernel panics.
I've attached the dcons ddb session output. Quick synopsis: It
crashes in memcpy() crossing a page boundary. Backtrace:
fatal kernel trap:
exception = 0x300 (data storage interrupt)
virtual address = 0xd1b72000
srr0 = 0x5d44b4
srr1 = 0x9032
lr = 0xd1ab0fa4
curthread = 0x189fbc0
pid = 0, comm = ath0 net80211 taskq
Tracing pid 0 tid 100075 td 0x189fbc0
0xe21139f4: at m_pkthdr_init+0x5c
0xe2113a14: at ieee80211_send_probereq+0x14c
0xe2113a74: at ieee80211_probe_curchan+0x11c
0xe2113aa4: at scan_curchan+0x7c
0xe2113ac4: at scan_task+0x29c
0xe2113b14: at taskqueue_run_locked+0xd4
0xe2113b44: at taskqueue_thread_loop+0x6c
0xe2113b64: at fork_exit+0x88
0xe2113b84: at fork_trampoline+0xc
The m_pkthdr_init in the backtrace is misleading, I think.
I can provide any more data that's needed.
- Justin
[-- Attachment #2 --]
db> bt
Tracing pid 0 tid 100075 td 0x189fbc0
0xe21139f4: at m_pkthdr_init+0x5c
0xe2113a14: at ieee80211_send_probereq+0x14c
0xe2113a74: at ieee80211_probe_curchan+0x11c
0xe2113aa4: at scan_curchan+0x7c
0xe2113ac4: at scan_task+0x29c
0xe2113b14: at taskqueue_run_locked+0xd4
0xe2113b44: at taskqueue_thread_loop+0x6c
0xe2113b64: at fork_exit+0x88
0xe2113b84: at fork_trampoline+0xc
db> show modules
No such command
db> show
all allchains allpcpu allrman bio breaks
buffer cdev com conifhk cpusets domain
dpcpu_off ffs file files freepages geom
ifnet in_ifaddr inodedep inodedeps inpcb intr
intrcnt llentry lltable lock lockchain lockedbufs
lockedvnods locktree malloc map mkdirs mount
msgbuf multizone_matchesnetisr object page pageq
pciregs pcpu pgrpdump prison proc procvm
protosw registers rman rmans sin sleepchain
sleepq sleepqueue sockbuf socket sta statab
tcpcb thread threads tty turnstile uma
unpcb vap vmochk vmopag vnode vnodebufs
watches workhead worklist
db> p $lr
d1ab0fa4
db> p $r9
d1b72000
db> show registers
r0 0
r1 0xe21139e4
r2 0x189fbc0
r3 0x32012702
r4 0xd1ad619c __func__.11291+0x79c
r5 0x419dc87c
r6 0x1
r7 0x77a700 __pcpu
r8 0x419dc87c
r9 0xd1b72000
r10 0x32012702
r11 0x320ae566
r12 0xef imisssize+0x3f
r13 0
r14 0
r15 0
r16 0x2f1e44 _cv_wait
r17 0x19a4464
r18 0x740000 bssbuf+0x3204
r19 0x740000 bssbuf+0x3204
r20 0x32c7c8 _mtx_unlock_flags
r21 0xd1ab65cc ieee80211_get_ratetable
r22 0x662db4 etherbroadcastaddr
r23 0x24fe1d00
r24 0x24f372a4
r25 0x662db4 etherbroadcastaddr
r26 0xd1b1d000 _end+0x2028
r27 0xd1ad619c __func__.11291+0x79c
r28 0x32012702
r29 0x419dc87c
r30 0xa000000
r31 0xe21139e4
srr0 0x5d44b4 memcpy+0x60
srr1 0x9032 dsmisssize+0x8f42
lr 0xd1ab0fa4 ieee80211_add_ssid+0x44
ctr 0x41940a18
cr 0x44000088
xer 0x20000000
dar 0xd1b72000
dsisr 0x40000000
0x5d44b4: lbz r0, r9, 0x0
db> show symbol
No such command
db> show
all allchains allpcpu allrman bio breaks
buffer cdev com conifhk cpusets domain
dpcpu_off ffs file files freepages geom
ifnet in_ifaddr inodedep inodedeps inpcb intr
intrcnt llentry lltable lock lockchain lockedbufs
lockedvnods locktree malloc map mkdirs mount
msgbuf multizone_matchesnetisr object page pageq
pciregs pcpu pgrpdump prison proc procvm
protosw registers rman rmans sin sleepchain
sleepq sleepqueue sockbuf socket sta statab
tcpcb thread threads tty turnstile uma
unpcb vap vmochk vmopag vnode vnodebufs
watches workhead worklist
db> x/s $lr
ieee80211_add_ssid+0x44: \201a
db> x/i $lr
ieee80211_add_ssid+0x44: lwz r11, r1, 0x0
db> p $r9
d1b72000
db> x d1b71ffc
Symbol not found
db> x 0xd1b71ffc
0xd1b71ffc: illegal instruction 0
db> x/s 0xd1b71ffc
0xd1b71ffc:
db> x/s 0xd1b71ff0
0xd1b71ff0:
db> x/i 0xd1b71ff0
0xd1b71ff0: illegal instruction 0
db> x/d 0xd1b71ff0
0xd1b71ff0: 0
db> x/d 0xd1b71ff4
0xd1b71ff4: 0
db> x/d 0xd1b71ff9
0xd1b71ff9: 0
db> x/d 0xd1b71ff8
0xd1b71ff8: 0
db> up
No such command
db> bt
Tracing pid 0 tid 100075 td 0x189fbc0
0xe21139f4: at m_pkthdr_init+0x5c
0xe2113a14: at ieee80211_send_probereq+0x14c
0xe2113a74: at ieee80211_probe_curchan+0x11c
0xe2113aa4: at scan_curchan+0x7c
0xe2113ac4: at scan_task+0x29c
0xe2113b14: at taskqueue_run_locked+0xd4
0xe2113b44: at taskqueue_thread_loop+0x6c
0xe2113b64: at fork_exit+0x88
0xe2113b84: at fork_trampoline+0xc
db> p $lr
d1ab0fa4
db> x $lr
ieee80211_add_ssid+0x44: -2124349440
db> p $lr
d1ab0fa4
db> show ifnet
usage: show ifnet <struct ifnet *>
db> show all ifnets
gem0 ifp=0xd31800
lo0 ifp=0xd31400
ath0 ifp=0xd31000
wlan0 ifp=0xd32800
db> show ifnet 0xd31000
ath0:
if_dname = ath
if_dunit = 0
if_description = (null)
if_index = 3
if_refcount = 1
if_index_reserved = 0
if_softc = 0xd1b1b000
if_l2com = 0xd1b1d000
if_vnet = 0
if_home_vnet = 0
if_addr = 0xc47400
if_llsoftc = 0
if_label = 0
if_pcount = 0
if_flags = 0x00008803
if_drv_flags = 0x00000040
if_capabilities = 0x00000000
if_capenable = 0x00000000
if_snd.ifq_head = 0
if_snd.ifq_tail = 0
if_snd.ifq_len = 0
if_snd.ifq_maxlen = 50
if_snd.ifq_drops = 0
if_snd.ifq_drv_head = 0
if_snd.ifq_drv_tail = 0
if_snd.ifq_drv_len = 0
if_snd.ifq_drv_maxlen = 50
if_snd.altq_type = 0
if_snd.altq_flags = 1
if_fib = 0
db> show all registers
No such command
db> show all
chains ifnets lltables mesh pcpu procs
rman trace ttys vaps
db> p/20 $r11
Bad modifier
db> p $r28
32012702
db> p /x $r28
32012702
db>
32012702
db> show msgbuf
msgbufp = 0xd001cfc8
magic = 63062, size = 98248, r= 15969, w = 16242, ptr = 0xd0005000, cksum= 1265421
fatal kernel trap:
exception = 0x300 (data storage interrupt)
virtual address = 0xd1b72000
srr0 = 0x5d44b4
srr1 = 0x9032
lr = 0xd1ab0fa4
curthread = 0x189fbc0
pid = 0, comm = ath0 net80211 taskq
Copyright (c) 1992-2012 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 10.0-CURRENT #71 r241450M: Sun Oct 14 18:34:50 EDT 2012
chmeee@narn.knownspace:/home/chmeee/world/home/chmeee/freebsd/src/sys/NARN powerpc
cpu0: Motorola PowerPC 7455 revision 3.3, 666.84 MHz
cpu0: Features 9c000000<PPC32,ALTIVEC,FPU,MMU>
cpu0: HID0 8450c0bc<EMCP,TBEN,NAP,DPM,ICE,DCE,SGE,BTIC,LRSTK,FOLD,BHT>
real memory = 1060483072 (1011 MB)
avail memory = 1023229952 (975 MB)
kbd0 at kbdmux0
nexus0: <Open Firmware Nexus device>
cpulist0: <Open Firmware CPU Group> on nexus0
cpu0: <Open Firmware CPU> on cpulist0
powermac_nvram0: <Apple NVRAM> on nexus0
powermac_nvram0: bank0 generation 820, bank1 generation 821
unin0: <Apple UniNorth System Controller> on nexus0
unin0: Version 17
iichb0: <Keywest I2C controller> mem 0xf8001000-0xf8001fff irq 42 on unin0
iicbus0: <OFW I2C bus> on iichb0
iicbus0: <unknown card> at addr 0x188
iicbus0: <unknown card> at addr 0x1c0
pcib0: <Apple UniNorth Host-PCI bridge> on nexus0
pci0: <OFW PCI bus> on pcib0
agp0: <Apple UniNorth 1.5 AGP Bridge> on hostb0
vgapci0: <VGA-compatible display> port 0x400-0x4ff mem 0xb8000000-0xbfffffff,0xb0000000-0xb000ffff irq 48 at device 16.0 on pci0
backlight0: <PowerBook backlight for ATI graphics> on vgapci0
pcib1: <Apple UniNorth Host-PCI bridge> on nexus0
pci1: <OFW PCI bus> on pcib1
macio0: <KeyLargo I/O Controller> mem 0x80000000-0x8007ffff at device 23.0 on pci1
openpic0: <OpenPIC Interrupt Controller> mem 0x40000-0x7ffff on macio0
macgpio0: <MacIO GPIO Controller> mem 0x50-0x7f on macio0
pmuextint0: <Apple PMU99 External Interrupt> extint-gpio 1 irq 47 on macgpio0
scc0: <Zilog Z8530 dual channel SCC> mem 0x13000-0x13fff,0x8400-0x84ff,0x8500-0x85ff,0x8600-0x86ff,0x8700-0x87ff irq 22,5,6,23,7,8 on macio0
uart0: <z8530, channel A> on scc0
uart1: <z8530, channel B> on scc0
pcm0: <Apple I2S Audio Controller> mem 0x10000-0x10fff,0x8000-0x80ff,0x8100-0x81ff irq 30,1,2 on macio0
pmu0: <Apple PMU99 Controller> mem 0x16000-0x17fff irq 25 on macio0
adb0: <Apple Desktop Bus> on pmu0
iichb1: <Keywest I2C controller> mem 0x18000-0x18fff irq 26 on macio0
iicbus1: <OFW I2C bus> on iichb1
iicbus1: <unknown card> at addr 0x1c0
snapper0: <Texas Instruments TAS3004 Audio Codec> at addr 0x6a on iicbus1
ata0: <Apple MacIO Ultra ATA Controller> mem 0x1f000-0x1ffff,0x8a00-0x8aff irq 19,11 on macio0
ata1: <Apple MacIO ATA Controller> mem 0x20000-0x20fff,0x8b00-0x8bff irq 20,12 on macio0
ohci0: <Apple KeyLargo USB controller> mem 0xa0002000-0xa0002fff irq 27 at device 24.0 on pci1
usbus0 on ohci0
ohci1: <Apple KeyLargo USB controller> mem 0xa0001000-0xa0001fff irq 28 at device 25.0 on pci1
usbus1 on ohci1
pci1: <bridge, PCI-CardBus> at device 26.0 (no driver attached)
pcib2: <Apple UniNorth Host-PCI bridge> on nexus0
pci2: <OFW PCI bus> on pcib2
fwohci0: <Lucent FW322/323> mem 0xf5000000-0xf5000fff irq 40 at device 14.0 on pci2
fwohci0: OHCI version 1.0 (ROM=0)
fwohci0: No. of Isochronous channels is 8.
fwohci0: EUI64 00:0a:95:ff:fe:84:1f:44
fwohci0: Phy 1394a available S400, 1 ports.
fwohci0: Link S400, max_rec 2048 bytes.
firewire0: <IEEE1394(FireWire) bus> on fwohci0
dcons_crom0: <dcons configuration ROM> on firewire0
dcons_crom0: bus_addr 0x1d0c000
sbp0: <SBP-2/SCSI over FireWire> on firewire0
fwohci0: Initiate bus reset
fwohci0: fwohci_intr_core: BUS reset
fwohci0: fwohci_intr_core: node_id=0x00000000, SelfID Count=2, non CYCLEMASTER mode
gem0: <Apple UniNorth GMAC Ethernet> mem 0xf5200000-0xf53fffff irq 41 at device 15.0 on pci2
miibus0: <MII bus> on gem0
brgphy0: <BCM5421 1000BASE-T media interface> PHY 0 on miibus0
brgphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, auto, auto-flow
gem0: 10kB RX FIFO, 4kB TX FIFO
gem0: Ethernet address: 00:0a:95:84:1f:44
sc0: <System console> on nexus0
sc0: Unknown <16 virtual consoles, flags=0x300>
Timecounter "timebase" frequency 33331093 Hz quality 0
Event timer "decrementer" frequency 33331093 Hz quality 1000
Timecounters tick every 1.000 msec
firewire0: 2 nodes, maxhop <= 1 cable IRM irm(1)
fwohci0: too many cycles lost, no cycle master present?
usbus0: 12Mbps Full Speed USB v1.0
usbus1: 12Mbps Full Speed USB v1.0
ugen0.1: <Apple> at usbus0
uhub0: <Apple OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
ugen1.1: <Apple> at usbus1
uhub1: <Apple OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus1
uhub0: 2 ports with 2 removable, self powered
uhub1: 2 ports with 2 removable, self powered
akbd0: <PowerBook G3 Keyboard> at device 2 on adb0
kbd1 at akbd0
ams0: <ADB Mouse> at device 3 on adb0
ams0: ADB Mouse = 0xd (Extended Mode)
ams0: 2-button 400-dpi Touchpad
abtn0: <ADB Brightness/Volume/Eject Buttons> at device 7 on adb0
firewire0: split transaction timeout: tl=0x1 flag=0x04
send: dst=0x01 tl=0x01 rt=0 tcode=0x4 pri=0x0 src=0x000
firewire0: fw_explore_node: node1: explore_read_quads failure
firewire0: split transaction timeout: tl=0x2 flag=0x04
send: dst=0x01 tl=0x02 rt=0 tcode=0x4 pri=0x0 src=0x000
firewire0: fw_explore_node: node1: explore_read_quads failure
firewire0: split transaction timeout: tl=0x3 flag=0x04
send: dst=0x01 tl=0x03 rt=0 tcode=0x4 pri=0x0 src=0x000
firewire0: fw_explore_node: node1: explore_read_quads failure
ada0 at cd0 at ata1 bus 0 scbus1 target 0 lun 0
cd0: <MATSHITA DVD-R UJ-815A D101> Removable CD-ROM SCSI-0 device
cd0: 16.700MB/s transfers (WDMA2, ATAPI 12bytes, PIO 65534bytes)
cd0: cd present [255590 x 2048 byte records]
ata0 bus 0 scbus0 target 0 lun 0
ada0: <WDC WD2500BEVE-00WZT0 01.01A01> ATA-8 device
ada0: 66.700MB/s transfers (UDMA4, PIO 8192bytes)
ada0: 238475MB (488397168 512 byte sectors: 16H 63S/T 16383C)
ada0: Previously was known as ad0
Trying to mount root from cd9660:/dev/iso9660/FREEBSD_INSTALL [ro]...
cbb0: <TI1410 PCI-CardBus Bridge> mem 0xa0000000-0xa0000fff irq 58 at device 26.0 on pci1
cardbus0: <CardBus bus> on cbb0
cbb0: Power not on?
cardbus0: <network> at device 0.0 (no driver attached)
pccard0: <16-bit PCCard bus> on cbb0
cbb0: Power not on?
cardbus0: <network> at device 0.0 (no driver attached)
ath0: <Atheros 5416> mem 0x88000000-0x8800ffff irq 58 at device 0.0 on cardbus0
ath0: [HT] enabling HT modes
ath0: [HT] RTS aggregates limited to 8 KiB
ath0: [HT] 2 RX streams; 2 TX streams
ath0: AR5416 mac 13.10 RF2133 phy 8.1
ath0: 2GHz radio: 0x0000; 5GHz radio: 0x00d0
wlan0: Ethernet address: 00:03:7f:0b:43:27
db>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121023230652.206fb4ea>