Date: Mon, 11 Dec 2023 23:13:46 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 275710] iwlwifi: linuxkpi_ieee80211_tx_dequeue() page fault while in kernel mode Message-ID: <bug-275710-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275710 Bug ID: 275710 Summary: iwlwifi: linuxkpi_ieee80211_tx_dequeue() page fault while in kernel mode Product: Base System Version: 15.0-CURRENT Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: cc@FreeBSD.org Crashed while doing UDP test via iperf3: root@n1_iwl_vm:~ # iperf3 -B 192.168.0.190 -c 192.168.0.169 -V -t 10 -i 1 -= -udp --length 16 --bitrate 5m iperf 3.15 FreeBSD n1_iwl_vm 15.0-CURRENT FreeBSD 15.0-CURRENT #21 main-7df526eb10: Mon Dec 11 14:39:56 EST 2023=20=20=20=20 root@n1_iwl_vm:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 Control connection MSS 1460 Time: Mon, 11 Dec 2023 23:04:02 UTC Connecting to host 192.168.0.169, port 5201 Cookie: mjfz4h377cfl7oddwdzwz6dbbxysqaidl2rq Target Bitrate: 5000000 [ 5] local 192.168.0.190 port 22727 connected to 192.168.0.169 port 5201 Starting Test: protocol: UDP, 1 streams, 16 byte blocks, omitting 0 seconds= , 10 second test, tos 0 [ ID] Interval Transfer Bitrate Total Datagrams [ 5] 0.00-1.00 sec 610 KBytes 5.00 Mbits/sec 39038=20=20 Fatal trap 12: page fault while in kernel mode cpuid =3D 1; apic id =3D 01 fault virtual address =3D 0x8 fault code =3D supervisor write data, page not present instruction pointer =3D 0x20:0xffffffff80dd9e11 stack pointer =3D 0x0:0xfffffe007ebeea70 frame pointer =3D 0x0:0xfffffe007ebeea70 code segment =3D base 0x0, limit 0xfffff, type 0x1b =3D DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags =3D interrupt enabled, resume, IOPL =3D 0 current process =3D 0 (ndev napi taskq) rdi: fffffe00805f9380 rsi: fffff800057b7400 rdx: fffff800057b7418 rcx: fffff8017b795000 r8: ffffffff8268a3ab r9: 0000000000000460 rax: 0000000000000000 rbx: fffff800057b7480 rbp: fffffe007ebeea70 r10: 0000000000000000 r11: 0000000000000062 r12: fffff8017b796000 r13: fffffe00805f9440 r14: fffffe00805f9380 r15: fffffe00805f9448 trap number =3D 12 panic: page fault cpuid =3D 1 time =3D 1702335843 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe007ebee= 740 vpanic() at vpanic+0x132/frame 0xfffffe007ebee870 panic() at panic+0x43/frame 0xfffffe007ebee8d0 trap_fatal() at trap_fatal+0x40c/frame 0xfffffe007ebee930 trap_pfault() at trap_pfault+0xae/frame 0xfffffe007ebee9a0 calltrap() at calltrap+0x8/frame 0xfffffe007ebee9a0 --- trap 0xc, rip =3D 0xffffffff80dd9e11, rsp =3D 0xfffffe007ebeea70, rbp = =3D 0xfffffe007ebeea70 --- linuxkpi_ieee80211_tx_dequeue() at linuxkpi_ieee80211_tx_dequeue+0x51/frame 0xfffffe007ebeea70 iwl_mvm_mac_itxq_xmit() at iwl_mvm_mac_itxq_xmit+0xc2/frame 0xfffffe007ebee= ac0 iwl_mvm_queue_state_change() at iwl_mvm_queue_state_change+0x1ef/frame 0xfffffe007ebeeb10 iwl_txq_reclaim() at iwl_txq_reclaim+0x7ef/frame 0xfffffe007ebeebd0 iwl_mvm_rx_tx_cmd() at iwl_mvm_rx_tx_cmd+0x14e/frame 0xfffffe007ebeeca0 iwl_mvm_rx_common() at iwl_mvm_rx_common+0x1dc/frame 0xfffffe007ebeece0 iwl_pcie_rx_handle() at iwl_pcie_rx_handle+0x47f/frame 0xfffffe007ebeede0 iwl_pcie_napi_poll_msix() at iwl_pcie_napi_poll_msix+0x2d/frame 0xfffffe007ebeee20 lkpi_napi_task() at lkpi_napi_task+0x1f/frame 0xfffffe007ebeee40 taskqueue_run_locked() at taskqueue_run_locked+0xab/frame 0xfffffe007ebeeec0 taskqueue_thread_loop() at taskqueue_thread_loop+0xd3/frame 0xfffffe007ebee= ef0 fork_exit() at fork_exit+0x82/frame 0xfffffe007ebeef30 fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe007ebeef30 --- trap 0, rip =3D 0, rsp =3D 0, rbp =3D 0 --- KDB: enter: panic [ thread pid 0 tid 100190 ] Stopped at kdb_enter+0x32: movq $0,0xe3c023(%rip) db> dump Dumping 516 out of 6111 MB:..4%..13%..22%..31%..41%..53%..62%..72%..81%..93% Dump complete db> --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-275710-227>