From flz@FreeBSD.org  Fri Aug 14 17:33:55 2009
Return-Path: <flz@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 1B98B106568E
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 Aug 2009 17:33:55 +0000 (UTC)
	(envelope-from flz@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id 0ACE58FC41
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 Aug 2009 17:33:55 +0000 (UTC)
Received: from freefall.freebsd.org (flz@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n7EHXs9M031761
	for <FreeBSD-gnats-submit@freebsd.org>; Fri, 14 Aug 2009 17:33:54 GMT
	(envelope-from flz@freefall.freebsd.org)
Received: (from flz@localhost)
	by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n7EHXsPa031760;
	Fri, 14 Aug 2009 17:33:54 GMT
	(envelope-from flz)
Message-Id: <200908141733.n7EHXsPa031760@freefall.freebsd.org>
Date: Fri, 14 Aug 2009 17:33:54 GMT
From: Florent Thoumie <flz@freebsd.org>
Reply-To: Florent Thoumie <flz@freebsd.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [rum] panic in rum(4) driver on 8.0-BETA2
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         137776
>Category:       kern
>Synopsis:       [rum] panic in rum(4) driver on 8.0-BETA2
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-net
>State:          patched
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Aug 14 17:40:05 UTC 2009
>Closed-Date:    
>Last-Modified:  Sun Nov 14 01:45:32 UTC 2010
>Originator:     Florent Thoumie
>Release:        FreeBSD 7.2-STABLE i386
>Organization:
>Environment:
System: FreeBSD freefall.freebsd.org 7.2-STABLE FreeBSD 7.2-STABLE #39 r196005: Fri Jul 31 21:51:38 UTC 2009 simon@freefall.freebsd.org:/usr/src/sys/i386/compile/FREEFALL i386

>Description:

The panic will occur after a certain period of time. Wireless connection drops and eventually, the kernel panics.

http://people.freebsd.org/~flz/local/rum-core.txt

The configuration is basic:

:: flz@cream:/var/crash> cat /etc/wpa_supplicant.conf
network={
    ssid="xxx"
    psk="xxx"
}

:: flz@cream:/var/crash> grep -i wlan /etc/rc.conf
wlans_rum0="wlan0"
ifconfig_wlan0="WPA DHCP"

>How-To-Repeat:

I cannot reproduce everytime but it happens when I run '/etc/rc.d/netif restart wlan0' after the connection has dropped.

>Fix:


>Release-Note:
>Audit-Trail:

From: Florent Thoumie <flz@xbsd.org>
To: bug-followup@freebsd.org, sam@freebsd.org, 
	Hans Petter Selasky <hselasky@c2i.net>
Cc:  
Subject: Re: kern/137776: [rum] panic in rum(4) driver on 8.0-BETA2
Date: Fri, 14 Aug 2009 19:07:29 +0100

 --000e0cd29f4412ee4904711dee74
 Content-Type: text/plain; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 
 Here's the core.txt with wlandebug set, as per Sam's instructions:
 http://people.freebsd.org/~flz/local/rum-core-2.txt
 
 -- 
 Florent Thoumie
 flz@FreeBSD.org
 FreeBSD Committer
 
 --000e0cd29f4412ee4904711dee74
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: 7bit
 
 Here&#39;s the core.txt with wlandebug set, as per Sam&#39;s instructions:<div><br></div><div><a href="http://people.freebsd.org/~flz/local/rum-core-2.txt">http://people.freebsd.org/~flz/local/rum-core-2.txt</a></div><div>
 
 <br>-- <br>Florent Thoumie<br>flz@FreeBSD.org<br>FreeBSD Committer<br>
 </div>
 
 --000e0cd29f4412ee4904711dee74--
Responsible-Changed-From-To: freebsd-bugs->freebsd-net 
Responsible-Changed-By: remko 
Responsible-Changed-When: Mon Aug 17 19:26:38 UTC 2009 
Responsible-Changed-Why:  
Reassin to networking team 

http://www.freebsd.org/cgi/query-pr.cgi?pr=137776 

From: Carlos <decvt100@gmail.com>
To: bug-followup@freebsd.org,
 flz@freebsd.org
Cc:  
Subject: Re: kern/137776: [rum] panic in rum(4) driver on 8.0-BETA2
Date: Mon, 5 Oct 2009 12:52:32 +0200

 hi list,
 
 I would like to say sorry for my poor english
 
 i want to say that I can reproduce this panic always. If i run wine + 
 WoW (World of Warcraft), the internet connection is lost and then if i 
 run /etc/rc.d/netif restart the panic always appear.
 
 if you need make tests i can make it on my pc and give you the 
 results of the test.
 
 I am only a normal user, not a developer user. If I have to apply patch 
 (maybe) I need some help in how to apply it.
 
 My system is running  8.0-RC1 FreeBSD 8.0-RC1 #0: Thu Sep 17 
 20:45:19 UTC 2009     
 r...@almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386
 
 and this is my panic:
 
 
 kgdb /boot/kernel/kernel.symbols vmcore.1 
 GNU gdb 6.1.1 [FreeBSD]
 
 This GDB was configured as "i386-marcel-freebsd"...
 
 Unread portion of the kernel message buffer:
 
 
 Fatal trap 12: page fault while in kernel mode
 cpuid = 1; apic id = 01
 fault virtual address   = 0x20
 fault code              = supervisor read, page not present
 instruction pointer     = 0x20:0xc09408a8
 stack pointer           = 0x28:0xe89809a4
 frame pointer           = 0x28:0xe89809c0
 code segment            = base 0x0, limit 0xfffff, type 0x1b
                         = DPL 0, pres 1, def32 1, gran 1
 processor eflags        = interrupt enabled, resume, IOPL = 0
 current process         = 2321 (wpa_supplicant)
 trap number             = 12
 panic: page fault
 cpuid = 1
 Uptime: 3m18s
 Physical memory: 2022 MB
 Dumping 222 MB: 207 191 175 159 143 127 111 95 79 63 47 31 15
 
 Reading symbols from /boot/kernel/geom_journal.ko...Reading symbols 
 from /boot/kernel/geom_journal.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/geom_journal.ko
 Reading symbols from /boot/kernel/snd_hda.ko...Reading symbols 
 from /boot/kernel/snd_hda.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/snd_hda.ko
 Reading symbols from /boot/kernel/sound.ko...Reading symbols from 
 /boot/kernel/sound.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/sound.ko
 Reading symbols from /boot/kernel/coretemp.ko...Reading symbols 
 from /boot/kernel/coretemp.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/coretemp.ko
 Reading symbols from /boot/modules/nvidia.ko...done.
 Loaded symbols for /boot/modules/nvidia.ko
 Reading symbols from /boot/kernel/linux.ko...Reading symbols from 
 /boot/kernel/linux.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/linux.ko
 Reading symbols from /boot/kernel/atapicam.ko...Reading symbols 
 from /boot/kernel/atapicam.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/atapicam.ko
 Reading symbols from /boot/kernel/linprocfs.ko...Reading symbols 
 from /boot/kernel/linprocfs.ko.symbols...done.
 done.
 Loaded symbols for /boot/kernel/linprocfs.ko
 Reading symbols from /usr/local/modules/fuse.ko...done.
 Loaded symbols for /usr/local/modules/fuse.ko
 Reading symbols from /usr/local/modules/rtc.ko...done.
 Loaded symbols for /usr/local/modules/rtc.ko
 #0  doadump () at pcpu.h:246
 246     pcpu.h: No such file or directory.
         in pcpu.h
 
 
 (kgdb) bt
 #0  doadump () at pcpu.h:246
 #1  0xc08823c7 in boot (howto=260) at 
 /usr/src/sys/kern/kern_shutdown.c:416
 #2  0xc08826b9 in panic (fmt=Variable "fmt" is not available.
 ) at /usr/src/sys/kern/kern_shutdown.c:579
 #3  0xc0bb346c in trap_fatal (frame=0xe8980964, eva=32) at 
 /usr/src/sys/i386/i386/trap.c:933
 #4  0xc0bb36f0 in trap_pfault (frame=0xe8980964, usermode=0, 
 eva=32) at /usr/src/sys/i386/i386/trap.c:846
 #5  0xc0bb40d5 in trap (frame=0xe8980964) at 
 /usr/src/sys/i386/i386/trap.c:528
 #6  0xc0b96a4b in calltrap () at 
 /usr/src/sys/i386/i386/exception.s:165
 #7  0xc09408a8 in ieee80211_crypto_encap (ni=0xc6b5d000, 
 m=0xc776dc00) at /usr/src/sys/net80211/ieee80211_crypto.c:560
 #8  0xc07ca32b in rum_start (ifp=0xc67e2400) at 
 /usr/src/sys/dev/usb/wlan/if_rum.c:1216
 #9  0xc0923582 in if_start (ifp=0xc67e2400) at 
 /usr/src/sys/net/if.c:3242
 #10 0xc092750b in if_transmit (ifp=0xc67e2400, m=0xc6a60c00) at 
 /usr/src/sys/net/if.c:3254
 #11 0xc0963082 in ieee80211_start (ifp=0xc6409400) at 
 /usr/src/sys/net80211/ieee80211_output.c:362
 #12 0xc0923582 in if_start (ifp=0xc6409400) at 
 /usr/src/sys/net/if.c:3242
 #13 0xc092750b in if_transmit (ifp=0xc6409400, m=0xc6acc200) at 
 /usr/src/sys/net/if.c:3254
 #14 0xc092bd90 in ether_output_frame (ifp=0xc6409400, 
 m=0xc6acc200) at /usr/src/sys/net/if_ethersubr.c:452
 #15 0xc092c77b in ether_output (ifp=0xc6409400, m=0xc6acc200, 
 dst=0xe8980b98, ro=0x0) at /usr/src/sys/net/if_ethersubr.c:423
 #16 0xc09626fd in ieee80211_output (ifp=0xc6409400, 
 m=0xc6acc200, dst=0xe8980b98, ro=0x0) at 
 /usr/src/sys/net80211/ieee80211_output.c:406
 #17 0xc092034b in bpfwrite (dev=0xc61df200, uio=0xe8980c58, 
 ioflag=0) at /usr/src/sys/net/bpf.c:889
 #18 0xc0806b4f in devfs_write_f (fp=0xc68c8310, uio=0xe8980c58, 
 cred=0xc77d8e00, flags=0, td=0xc68586c0) at 
 /usr/src/sys/fs/devfs/devfs_vnops.c:1509
 #19 0xc08be3f7 in dofilewrite (td=0xc68586c0, fd=6, 
 fp=0xc68c8310, auio=0xe8980c58, offset=-1, flags=0) at file.h:239
 #20 0xc08be6e8 in kern_writev (td=0xc68586c0, fd=6, 
 auio=0xe8980c58) at /usr/src/sys/kern/sys_generic.c:446
 #21 0xc08be76f in write (td=0xc68586c0, uap=0xe8980cf8) at 
 /usr/src/sys/kern/sys_generic.c:362
 #22 0xc0bb3a35 in syscall (frame=0xe8980d38) at 
 /usr/src/sys/i386/i386/trap.c:1073
 #23 0xc0b96ab0 in Xint0x80_syscall () at 
 /usr/src/sys/i386/i386/exception.s:261
 #24 0x00000033 in ?? ()
 Previous frame inner to this frame (corrupt stack?)

From: "O.Herold" <oliver@akephalos.de>
To: bug-followup@freebsd.org, flz@freebsd.org
Cc:  
Subject: Re: kern/137776: [rum] panic in rum(4) driver on 8.0-BETA2
Date: Sat, 17 Oct 2009 11:38:35 +0200

 Hi,
 
 there is a fix for this kind of bug. I tried it myself (FreeBSD 8.0 RC1)  
 and it works like a charm. I had a stable connection without any panic  
 (the first one since using if_rum driver in FreeBSD; see the PRs) for  
 several hours while downloading and installing different packages on a new  
 system.
 
 http://lists.freebsd.org/pipermail/freebsd-current/2009-October/012659.html
 
 Would be nice to see this fix in stable, I think it's too late for the  
 release.
 
 Cheers, Oliver Herold
 
 -- 
 F!XMBR:http://www.fixmbr.de
State-Changed-From-To: open->patched 
State-Changed-By: arundel 
State-Changed-When: Sun Nov 14 01:43:13 UTC 2010 
State-Changed-Why:  
Fixed in HEAD (r198098) and MFC'ed to 8.x (r198300). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=137776 
>Unformatted:
