FreeBSD Bugzilla – Attachment 247417 Details for
Bug 276083
iwlwifi development in private build: 802.11n crash in iwl_mvm_sta_fw_id_mask()
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
info for a crash of 11na in an iwlwifi private development build
802.11n_crash.log (text/plain), 19.61 KB, created by
Cheng Cui
on 2024-01-02 19:33:26 UTC
(
hide
)
Description:
info for a crash of 11na in an iwlwifi private development build
Filename:
MIME Type:
Creator:
Cheng Cui
Created:
2024-01-02 19:33:26 UTC
Size:
19.61 KB
patch
obsolete
>root@n1_iwl_vm:~ # ifconfig >vtnet0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500 > options=80028<VLAN_MTU,JUMBO_MTU,LINKSTATE> > ether 58:9c:fc:0a:c9:c4 > inet 192.168.0.144 netmask 0xffffff00 broadcast 192.168.0.255 > media: Ethernet autoselect (10Gbase-T <full-duplex>) > status: active > nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL> >lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 16384 > options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> > inet 127.0.0.1 netmask 0xff000000 > inet6 ::1 prefixlen 128 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2 > groups: lo > nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> >root@n1_iwl_vm:~ # ifconfig wlan0 create wlandev iwlwifi0 regdomain fcc country US ssid TP-LINK_5G mode 11na channel 48 >root@n1_iwl_vm:~ # ifconfig wlan0 up >root@n1_iwl_vm:~ # wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf >Successfully initialized wpa_supplicant >ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument >ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument >root@n1_iwl_vm:~ # iwlwifi0: Error sending UNKNOWN: time out after 2000ms. >iwlwifi0: Current CMD queue read_ptr 24 write_ptr 25 >iwlwifi0: Start IWL Error Log Dump: >iwlwifi0: Transport status: 0x0000004A, valid: 6 >iwlwifi0: Loaded firmware version: 77.2df8986f.0 cc-a0-77.ucode >iwlwifi0: 0x00000084 | NMI_INTERRUPT_UNKNOWN >iwlwifi0: 0x000022F0 | trm_hw_status0 >iwlwifi0: 0x00000000 | trm_hw_status1 >iwlwifi0: 0x004F8B7A | branchlink2 >iwlwifi0: 0x004EEC2A | interruptlink1 >iwlwifi0: 0x004EEC2A | interruptlink2 >iwlwifi0: 0x00005E04 | data1 >iwlwifi0: 0x01000000 | data2 >iwlwifi0: 0x00000000 | data3 >iwlwifi0: 0x05C01CF5 | beacon time >iwlwifi0: 0x0D6EF37A | tsf low >iwlwifi0: 0x00000000 | tsf hi >iwlwifi0: 0x00000000 | time gp1 >iwlwifi0: 0x00D5EC81 | time gp2 >iwlwifi0: 0x00000001 | uCode revision type >iwlwifi0: 0x0000004D | uCode version major >iwlwifi0: 0x2DF8986F | uCode version minor >iwlwifi0: 0x00000340 | hw version >iwlwifi0: 0x00C89000 | board version >iwlwifi0: 0x8014F400 | hcmd >iwlwifi0: 0x00020000 | isr0 >iwlwifi0: 0x00000000 | isr1 >iwlwifi0: 0x08F00002 | isr2 >iwlwifi0: 0x00C3409D | isr3 >iwlwifi0: 0x00000000 | isr4 >iwlwifi0: 0x0101001C | last cmd Id >iwlwifi0: 0x00005E04 | wait_event >iwlwifi0: 0x000000C4 | l2p_control >iwlwifi0: 0x00000020 | l2p_duration >iwlwifi0: 0x00000007 | l2p_mhvalid >iwlwifi0: 0x00000000 | l2p_addr_match >iwlwifi0: 0x00000009 | lmpm_pmg_sel >iwlwifi0: 0x00000000 | timestamp >iwlwifi0: 0x0000E06C | flow_handler >iwlwifi0: Start IWL Error Log Dump: >iwlwifi0: Transport status: 0x0000004A, valid: 7 >iwlwifi0: 0x20000066 | NMI_INTERRUPT_HOST >iwlwifi0: 0x00000000 | umac branchlink1 >iwlwifi0: 0x80455D1E | umac branchlink2 >iwlwifi0: 0x80472C2E | umac interruptlink1 >iwlwifi0: 0x80472C2E | umac interruptlink2 >iwlwifi0: 0x01000000 | umac data1 >iwlwifi0: 0x80472C2E | umac data2 >iwlwifi0: 0x00000000 | umac data3 >iwlwifi0: 0x0000004D | umac major >iwlwifi0: 0x2DF8986F | umac minor >iwlwifi0: 0x00D5EC7F | frame pointer >iwlwifi0: 0xC0886260 | stack pointer >iwlwifi0: 0x00180516 | last host cmd >iwlwifi0: 0x00000000 | isr status reg >iwlwifi0: IML/ROM dump: >iwlwifi0: 0x00000003 | IML/ROM error/state >iwlwifi0: 0x000057BA | IML/ROM data1 >iwlwifi0: 0x00000080 | IML/ROM WFPM_AUTH_KEY_0 >iwlwifi0: Fseq Registers: >iwlwifi0: 0x60000000 | FSEQ_ERROR_CODE >iwlwifi0: 0x80290021 | FSEQ_TOP_INIT_VERSION >iwlwifi0: 0x00050008 | FSEQ_CNVIO_INIT_VERSION >iwlwifi0: 0x0000A503 | FSEQ_OTP_VERSION >iwlwifi0: 0x80000003 | FSEQ_TOP_CONTENT_VERSION >iwlwifi0: 0x4552414E | FSEQ_ALIVE_TOKEN >iwlwifi0: 0x00100530 | FSEQ_CNVI_ID >iwlwifi0: 0x00000532 | FSEQ_CNVR_ID >iwlwifi0: 0x00100530 | CNVI_AUX_MISC_CHIP >iwlwifi0: 0x00000532 | CNVR_AUX_MISC_CHIP >iwlwifi0: 0x05B0905B | CNVR_SCU_SD_REGS_SD_REG_DIG_DCDC_VTRIM >iwlwifi0: 0x0000025B | CNVR_SCU_SD_REGS_SD_REG_ACTIVE_VDIG_MIRROR >iwlwifi0: 0x00050008 | FSEQ_PREV_CNVIO_INIT_VERSION >iwlwifi0: 0x00290021 | FSEQ_WIFI_FSEQ_VERSION >iwlwifi0: 0xEA44A6D9 | FSEQ_BT_FSEQ_VERSION >iwlwifi0: 0x00000104 | FSEQ_CLASS_TP_VERSION >iwlwifi0: UMAC CURRENT PC: 0x80472744 >iwlwifi0: LMAC1 CURRENT PC: 0xd0 >iwlwifi0: WRT: Collecting data: ini trigger 4 fired (delay=0ms). >iwlwifi0: lkpi_ic_ampdu_rx_start: mo_ampdu_action returned -60. ni 0xfffffe00bdfbb000 rap 0xfffffe00bdfbbd58 >iwlwifi0: HCMD_ACTIVE already clear for command UNKNOWN >iwlwifi0: No beacon heard and the session protection is over already... >iwlwifi0: linuxkpi_ieee80211_connection_loss: vif 0xfffffe00bdf1fc80 vap 0xfffffe00bdf1f010 state RUN >iwlwifi0: Failed to send flush command (-5) >iwlwifi0: flush request fail >iwlwifi0: Couldn't send the SESSION_PROTECTION_CMD >WARNING trans->state != IWL_TRANS_FW_ALIVE failed at /usr/src/sys/contrib/dev/iwlwifi/iwl-trans.h:1446 >iwlwifi0: iwl_trans_wait_txq_empty bad state = 0 >iwlwifi0: Failed to trigger RX queues sync (-5) >iwlwifi0: Failed to synchronize multicast groups update >iwlwifi0: Failed to send MAC_CONFIG_CMD (action:2): -5 >iwlwifi0: failed to update MAC 0xfffffe00bdf1fc9eM >iwlwifi0: Failed to send flush command (-5) >iwlwifi0: Failed to send MAC_CONFIG_CMD (action:2): -5 >iwlwifi0: failed to update MAC 0xfffffe00bdf1fc9eM >iwlwifi0: Failed to send LINK_CONFIG_CMD (action:2): -5 >iwlwifi0: PHY ctxt cmd error. ret=-5 > > >Fatal trap 9: general protection fault while in kernel mode >cpuid = 1; apic id = 01 >instruction pointer = 0x20:0xffffffff82663fdf >stack pointer = 0x28:0xfffffe007eb6c760 >frame pointer = 0x28:0xfffffe007eb6c760 >code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, long 1, def32 0, gran 1 >processor eflags = interrupt enabled, resume, IOPL = 0 >current process = 0 (ndev napi taskq) >rdi: 00000000ffffffff rsi: fffff8012b608880 rdx: 00000000ffffffff >rcx: deadc0dedeadc0de r8: 0000000000000000 r9: fffffe00be47a000 >rax: 0000000000000000 rbx: fffffe00bde08448 rbp: fffffe007eb6c760 >r10: 0000000000000000 r11: 00000000000000d0 r12: 0000000000000001 >r13: 0000000000000000 r14: 00000000ffffffff r15: fffffe00be47a000 >trap number = 9 >panic: general protection fault >cpuid = 1 >time = 1703090134 >KDB: stack backtrace: >db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe007eb6c4a0 >vpanic() at vpanic+0x132/frame 0xfffffe007eb6c5d0 >panic() at panic+0x43/frame 0xfffffe007eb6c630 >trap_fatal() at trap_fatal+0x40c/frame 0xfffffe007eb6c690 >calltrap() at calltrap+0x8/frame 0xfffffe007eb6c690 >--- trap 0x9, rip = 0xffffffff82663fdf, rsp = 0xfffffe007eb6c760, rbp = 0xfffffe007eb6c760 --- >iwl_mvm_sta_fw_id_mask() at iwl_mvm_sta_fw_id_mask+0x3f/frame 0xfffffe007eb6c760 >iwl_mvm_sta_rx_agg() at iwl_mvm_sta_rx_agg+0x206/frame 0xfffffe007eb6c820 >iwl_mvm_mac_ampdu_action() at iwl_mvm_mac_ampdu_action+0x1cd/frame 0xfffffe007eb6c8b0 >lkpi_ic_ampdu_rx_start() at lkpi_ic_ampdu_rx_start+0xd1/frame 0xfffffe007eb6c920 >ht_recv_action_ba_addba_request() at ht_recv_action_ba_addba_request+0x143/frame 0xfffffe007eb6c980 >sta_input() at sta_input+0xc23/frame 0xfffffe007eb6ca30 >ieee80211_input_mimo() at ieee80211_input_mimo+0x226/frame 0xfffffe007eb6cae0 >linuxkpi_ieee80211_rx() at linuxkpi_ieee80211_rx+0x4b9/frame 0xfffffe007eb6cbe0 >iwl_mvm_rx_mpdu_mq() at iwl_mvm_rx_mpdu_mq+0x1207/frame 0xfffffe007eb6cce0 >iwl_pcie_rx_handle() at iwl_pcie_rx_handle+0x47f/frame 0xfffffe007eb6cde0 >iwl_pcie_napi_poll_msix() at iwl_pcie_napi_poll_msix+0x2d/frame 0xfffffe007eb6ce20 >lkpi_napi_task() at lkpi_napi_task+0x1f/frame 0xfffffe007eb6ce40 >taskqueue_run_locked() at taskqueue_run_locked+0xab/frame 0xfffffe007eb6cec0 >taskqueue_thread_loop() at taskqueue_thread_loop+0xd3/frame 0xfffffe007eb6cef0 >fork_exit() at fork_exit+0x82/frame 0xfffffe007eb6cf30 >fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe007eb6cf30 >--- trap 0, rip = 0, rsp = 0, rbp = 0 --- >KDB: enter: panic >[ thread pid 0 tid 100188 ] >Stopped at kdb_enter+0x32: movq $0,0xe3bc03(%rip) >db> dump >Dumping 382 out of 6111 MB:..5%..13%..21%..34%..42%..51%..63%..72%..84%..93% >Dump complete >db> > >root@n1_iwl_vm:~ # uname -a >FreeBSD n1_iwl_vm 15.0-CURRENT FreeBSD 15.0-CURRENT #25 main-2134b35e0f-dirty: Tue Dec 19 16:46:14 EST 2023 root@n1_iwl_vm:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64 >root@n1_iwl_vm:~ # cd /usr/src/ >root@n1_iwl_vm:/usr/src # git diff >diff --git a/sys/compat/linuxkpi/common/src/linux_80211.c b/sys/compat/linuxkpi/common/src/linux_80211.c >index aa90100a32..c94ce2db37 100644 >--- a/sys/compat/linuxkpi/common/src/linux_80211.c >+++ b/sys/compat/linuxkpi/common/src/linux_80211.c >@@ -72,7 +72,7 @@ > #define LKPI_80211_WME > /* #define LKPI_80211_HW_CRYPTO */ > /* #define LKPI_80211_VHT */ >-/* #define LKPI_80211_HT */ >+#define LKPI_80211_HT 1 > #if defined(LKPI_80211_VHT) && !defined(LKPI_80211_HT) > #define LKPI_80211_HT > #endif >root@n1_iwl_vm:/usr/src # sysctl compat.linuxkpi.iwlwifi_11n_disable >compat.linuxkpi.iwlwifi_11n_disable: 0 > > >root@n1_iwl_vm:/var/crash # kgdb -n last >GNU gdb (GDB) 13.2 [GDB v13.2 for FreeBSD] >Copyright (C) 2023 Free Software Foundation, Inc. >License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> >This is free software: you are free to change and redistribute it. >There is NO WARRANTY, to the extent permitted by law. >Type "show copying" and "show warranty" for details. >This GDB was configured as "x86_64-portbld-freebsd15.0". >Type "show configuration" for configuration details. >For bug reporting instructions, please see: ><https://www.gnu.org/software/gdb/bugs/>. >Find the GDB manual and other documentation resources online at: > <http://www.gnu.org/software/gdb/documentation/>. > >For help, type "help". >Type "apropos word" to search for commands related to "word"... >Reading symbols from /usr/obj/usr/src/amd64.amd64/sys/GENERIC/kernel.full... > >Unread portion of the kernel message buffer: >[844.215642] iwlwifi0: Failed to send flush command (-5) >[844.215974] iwlwifi0: flush request fail >[844.216185] iwlwifi0: Couldn't send the SESSION_PROTECTION_CMD >[844.216634] WARNING trans->state != IWL_TRANS_FW_ALIVE failed at /usr/src/sys/contrib/dev/iwlwifi/iwl-trans.h:1446 ><6>[844.216664] wlan0: link state changed to DOWN >[844.217370] iwlwifi0: iwl_trans_wait_txq_empty bad state = 0 >[844.217721] iwlwifi0: Failed to trigger RX queues sync (-5) >[844.218067] iwlwifi0: Failed to synchronize multicast groups update >[844.218465] iwlwifi0: Failed to send MAC_CONFIG_CMD (action:2): -5 >[844.218856] iwlwifi0: failed to update MAC 0xfffffe00bdf1fc9eM >[844.219218] iwlwifi0: Failed to send flush command (-5) >[844.219532] iwlwifi0: Failed to send MAC_CONFIG_CMD (action:2): -5 >[844.219922] iwlwifi0: failed to update MAC 0xfffffe00bdf1fc9eM >[844.220289] iwlwifi0: Failed to send LINK_CONFIG_CMD (action:2): -5 >[844.220687] iwlwifi0: PHY ctxt cmd error. ret=-5 >[844.228156] >[844.228174] >[844.228190] Fatal trap 9: general protection fault while in kernel mode >[844.228600] cpuid = 1; apic id = 01 >[844.228769] instruction pointer = 0x20:0xffffffff82663fdf >[844.229085] stack pointer = 0x28:0xfffffe007eb6c760 >[844.229413] frame pointer = 0x28:0xfffffe007eb6c760 >[844.229741] code segment = base 0x0, limit 0xfffff, type 0x1b >[844.230090] = DPL 0, pres 1, long 1, def32 0, gran 1 >[844.230391] processor eflags = interrupt enabled, resume, IOPL = 0 >[844.230767] current process = 0 (ndev napi taskq) >[844.231034] rdi: 00000000ffffffff rsi: fffff8012b608880 rdx: 00000000ffffffff >[844.231481] rcx: deadc0dedeadc0de r8: 0000000000000000 r9: fffffe00be47a000 >[844.231938] rax: 0000000000000000 rbx: fffffe00bde08448 rbp: fffffe007eb6c760 >[844.232385] r10: 0000000000000000 r11: 00000000000000d0 r12: 0000000000000001 >[844.232832] r13: 0000000000000000 r14: 00000000ffffffff r15: fffffe00be47a000 >[844.233290] trap number = 9 >[844.233488] panic: general protection fault >[844.233716] cpuid = 1 >[844.233793] time = 1703090134 >[844.233925] KDB: stack backtrace: >[844.234319] db_trace_self_wrapper() at db_trace_self_wrapper+0x2b/frame 0xfffffe007eb6c4a0 >[844.235412] vpanic() at vpanic+0x132/frame 0xfffffe007eb6c5d0 >[844.236344] panic() at panic+0x43/frame 0xfffffe007eb6c630 >[844.237393] trap_fatal() at trap_fatal+0x40c/frame 0xfffffe007eb6c690 >[844.238317] calltrap() at calltrap+0x8/frame 0xfffffe007eb6c690 >[844.238943] --- trap 0x9, rip = 0xffffffff82663fdf, rsp = 0xfffffe007eb6c760, rbp = 0xfffffe007eb6c760 --- >[844.239790] iwl_mvm_sta_fw_id_mask() at iwl_mvm_sta_fw_id_mask+0x3f/frame 0xfffffe007eb6c760 >[844.240864] iwl_mvm_sta_rx_agg() at iwl_mvm_sta_rx_agg+0x206/frame 0xfffffe007eb6c820 >[844.241877] iwl_mvm_mac_ampdu_action() at iwl_mvm_mac_ampdu_action+0x1cd/frame 0xfffffe007eb6c8b0 >[844.243137] lkpi_ic_ampdu_rx_start() at lkpi_ic_ampdu_rx_start+0xd1/frame 0xfffffe007eb6c920 >[844.244388] ht_recv_action_ba_addba_request() at ht_recv_action_ba_addba_request+0x143/frame 0xfffffe007eb6c980 >[844.245754] sta_input() at sta_input+0xc23/frame 0xfffffe007eb6ca30 >[844.246808] ieee80211_input_mimo() at ieee80211_input_mimo+0x226/frame 0xfffffe007eb6cae0 >[844.248043] linuxkpi_ieee80211_rx() at linuxkpi_ieee80211_rx+0x4b9/frame 0xfffffe007eb6cbe0 >[844.249177] iwl_mvm_rx_mpdu_mq() at iwl_mvm_rx_mpdu_mq+0x1207/frame 0xfffffe007eb6cce0 >[844.250201] iwl_pcie_rx_handle() at iwl_pcie_rx_handle+0x47f/frame 0xfffffe007eb6cde0 >[844.251217] iwl_pcie_napi_poll_msix() at iwl_pcie_napi_poll_msix+0x2d/frame 0xfffffe007eb6ce20 >[844.252441] lkpi_napi_task() at lkpi_napi_task+0x1f/frame 0xfffffe007eb6ce40 >[844.253548] taskqueue_run_locked() at taskqueue_run_locked+0xab/frame 0xfffffe007eb6cec0 >[844.254704] taskqueue_thread_loop() at taskqueue_thread_loop+0xd3/frame 0xfffffe007eb6cef0 >[844.255848] fork_exit() at fork_exit+0x82/frame 0xfffffe007eb6cf30 >[844.256694] fork_trampoline() at fork_trampoline+0xe/frame 0xfffffe007eb6cf30 >[844.257429] --- trap 0, rip = 0, rsp = 0, rbp = 0 --- >[844.257737] KDB: enter: panic > >__curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57 >57 __asm("movq %%gs:%P1,%0" : "=r" (td) : "n" (offsetof(struct pcpu, >(kgdb) bt >#0 __curthread () at /usr/src/sys/amd64/include/pcpu_aux.h:57 >#1 doadump (textdump=textdump@entry=0) at /usr/src/sys/kern/kern_shutdown.c:403 >#2 0xffffffff804a4c1a in db_dump (dummy=<optimized out>, dummy2=<optimized out>, dummy3=<optimized out>, dummy4=<optimized out>) > at /usr/src/sys/ddb/db_command.c:590 >#3 0xffffffff804a4a1d in db_command (last_cmdp=<optimized out>, cmd_table=<optimized out>, dopager=true) at /usr/src/sys/ddb/db_command.c:503 >#4 0xffffffff804a46dd in db_command_loop () at /usr/src/sys/ddb/db_command.c:550 >#5 0xffffffff804a7db6 in db_trap (type=<optimized out>, code=<optimized out>) at /usr/src/sys/ddb/db_main.c:267 >#6 0xffffffff80ba0a63 in kdb_trap (type=type@entry=3, code=code@entry=0, tf=tf@entry=0xfffffe007eb6c3e0) at /usr/src/sys/kern/subr_kdb.c:790 >#7 0xffffffff81056839 in trap (frame=0xfffffe007eb6c3e0) at /usr/src/sys/amd64/amd64/trap.c:606 >#8 <signal handler called> >#9 kdb_enter (why=<optimized out>, msg=<optimized out>) at /usr/src/sys/kern/subr_kdb.c:556 >#10 0xffffffff80b51623 in vpanic (fmt=0xffffffff811982fc "%s", ap=ap@entry=0xfffffe007eb6c610) at /usr/src/sys/kern/kern_shutdown.c:953 >#11 0xffffffff80b51403 in panic (fmt=0xffffffff81980420 <cnputs_mtx> "\3705\025\201\377\377\377\377") at /usr/src/sys/kern/kern_shutdown.c:889 >#12 0xffffffff81056ccc in trap_fatal (frame=0xfffffe007eb6c6a0, eva=0) at /usr/src/sys/amd64/amd64/trap.c:950 >#13 <signal handler called> >#14 iwl_mvm_sta_fw_id_mask (mvm=mvm@entry=0xfffffe00bde08448, sta=sta@entry=0xfffff8012b608880, filter_link_id=filter_link_id@entry=-1) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/mld-sta.c:39 >#15 0xffffffff82650a06 in iwl_mvm_fw_baid_op_cmd (mvm=0xfffffe00bde08448, sta=0xfffff8012b608880, start=true, tid=0, ssn=2, buf_size=64, baid=-1) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/sta.c:2833 >#16 iwl_mvm_fw_baid_op (mvm=0xfffffe00bde08448, sta=0xfffff8012b608880, start=true, tid=0, ssn=2, buf_size=64, baid=-1) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/sta.c:2872 >#17 iwl_mvm_sta_rx_agg (mvm=mvm@entry=0xfffffe00bde08448, sta=sta@entry=0xfffff8012b608880, tid=0, ssn=2, start=true, buf_size=64, timeout=0) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/sta.c:2945 >#18 0xffffffff8262e5cd in iwl_mvm_mac_ampdu_action (hw=<optimized out>, vif=0xfffffe00bdf1fc80, params=<optimized out>) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/mac80211.c:983 >#19 0xffffffff80dd9991 in lkpi_ic_ampdu_rx_start (ni=0xfffffe00bdfbb000, rap=0xfffffe00bdfbbd58, baparamset=4099, batimeout=0, baseqctl=32) > at /usr/src/sys/compat/linuxkpi/common/src/linux_80211.c:3788 >#20 0xffffffff80ce1033 in ht_recv_action_ba_addba_request (ni=0xfffffe00bdfbb000, wh=<optimized out>, frm=<optimized out>, efrm=<optimized out>) > at /usr/src/sys/net80211/ieee80211_ht.c:2441 >#21 0xffffffff80d0b5d3 in sta_input (ni=0xfffffe00bdfbb000, m=0xfffff800078a6900, rxs=0xfffffe007eb6ca48, rssi=-110, nf=<optimized out>) > at /usr/src/sys/net80211/ieee80211_sta.c:973 >#22 0xffffffff80ce5816 in ieee80211_input_mimo (ni=ni@entry=0xfffffe00bdfbb000, m=m@entry=0xfffff800078a6900) > at /usr/src/sys/net80211/ieee80211_input.c:100 >#23 0xffffffff80dda529 in linuxkpi_ieee80211_rx (hw=0xfffffe00bde08380, skb=0xfffff8004a309800, sta=sta@entry=0xfffff8012b608880, > napi=<optimized out>, list=list@entry=0x0) at /usr/src/sys/compat/linuxkpi/common/src/linux_80211.c:4845 >#24 0xffffffff826434e7 in ieee80211_rx_napi (hw=0xffffffff, sta=0xfffff8012b608880, skb=0xfffff8004a309800, napi=0xfffffe00bde14098) > at /usr/src/sys/compat/linuxkpi/common/include/net/mac80211.h:1618 >#25 iwl_mvm_pass_packet_to_mac80211 (mvm=0xfffffe00bde08448, napi=0xfffffe00bde14098, skb=0xfffff8004a309800, queue=0, sta=0xfffff8012b608880, > link_sta=0xfffff8012b608938) at /usr/src/sys/contrib/dev/iwlwifi/mvm/rxmq.c:257 >#26 iwl_mvm_rx_mpdu_mq (mvm=0xfffffe00bde08448, napi=0xfffffe00bde14098, rxb=<optimized out>, queue=0) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/rxmq.c:2645 >#27 0xffffffff8266dbbf in iwl_op_mode_rx (op_mode=0xffffffff, napi=0xfffffe00bde14098, rxb=0xfffffe007eb6cd50) > at /usr/src/sys/contrib/dev/iwlwifi/iwl-op-mode.h:139 >#28 iwl_pcie_rx_handle_rb (rxq=0xfffffe00bde14000, i=<optimized out>, trans=<optimized out>, rxb=<optimized out>, emergency=<optimized out>) > at /usr/src/sys/contrib/dev/iwlwifi/pcie/rx.c:1381 >#29 iwl_pcie_rx_handle (trans=trans@entry=0xfffffe00803af040, queue=<optimized out>, budget=budget@entry=64) > at /usr/src/sys/contrib/dev/iwlwifi/pcie/rx.c:1568 >#30 0xffffffff8266d65d in iwl_pcie_napi_poll_msix (napi=0xfffffe00bde14098, budget=64) at /usr/src/sys/contrib/dev/iwlwifi/pcie/rx.c:1044 >--Type <RET> for more, q to quit, c to continue without paging--c >#31 0xffffffff80de96df in lkpi_napi_task (ctx=0xfffffe00bde14098, pending=<optimized out>) > at /usr/src/sys/compat/linuxkpi/common/src/linux_netdev.c:302 >#32 0xffffffff80bb743b in taskqueue_run_locked (queue=queue@entry=0xfffff8000716c500) at /usr/src/sys/kern/subr_taskqueue.c:511 >#33 0xffffffff80bb84f3 in taskqueue_thread_loop (arg=arg@entry=0xfffffe00803b1120) at /usr/src/sys/kern/subr_taskqueue.c:823 >#34 0xffffffff80b06ec2 in fork_exit (callout=0xffffffff80bb8420 <taskqueue_thread_loop>, arg=0xfffffe00803b1120, frame=0xfffffe007eb6cf40) > at /usr/src/sys/kern/kern_fork.c:1157 >#35 <signal handler called> >(kgdb) f 14 >#14 iwl_mvm_sta_fw_id_mask (mvm=mvm@entry=0xfffffe00bde08448, sta=sta@entry=0xfffff8012b608880, filter_link_id=filter_link_id@entry=-1) > at /usr/src/sys/contrib/dev/iwlwifi/mvm/mld-sta.c:39 >39 result |= BIT(link_sta->sta_id); >(kgdb) l >34 rcu_dereference_check(mvmsta->link[link_id], >35 lockdep_is_held(&mvm->mutex)); >36 if (!link_sta) >37 continue; >38 >39 result |= BIT(link_sta->sta_id); >40 } >41 >42 return result; >43 } >(kgdb) p link_sta >$1 = (struct iwl_mvm_link_sta *) 0xdeadc0dedeadc0de >(kgdb) >(kgdb) p link_sta->sta_id >Cannot access memory at address 0xdeadc0dedeadc0ee > > > >lkpi_ic_ampdu_rx_start > iwl_mvm_mac_ampdu_action > iwl_mvm_sta_rx_agg > iwl_mvm_fw_baid_op > iwl_mvm_fw_baid_op_cmd > iwl_mvm_sta_fw_id_mask
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=247417">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 276083
: 247417 |
247579