Panics occured only with ath clients activity. I have attach backtraces, what should i do else? fxp0: flags=18943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,POLLING> mtu 1500 options=48<VLAN_MTU,POLLING> ether 00:04:ac:d7:bd:24 media: Ethernet autoselect (100baseTX <full-duplex>) status: active ath0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500 ether 00:0f:3d:a9:4e:20 media: IEEE 802.11 Wireless Ethernet autoselect mode 11g <hostap> status: associated ssid D2HOME channel 6 bssid 00:0f:3d:a9:4e:20 authmode SHARED privacy ON deftxkey 1 wepkey 1:104-bit txpowmax 39 protmode CTS ssid HIDE dtimperiod 1 bintval 100 fxp1: flags=18843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,POLLING> mtu 1500 options=48<VLAN_MTU,POLLING> inet 212.58.xx.xx netmask 0xfffffff0 broadcast 212.58.xx.xx ether 00:08:c7:89:f5:5f media: Ethernet autoselect (100baseTX <full-duplex>) status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384 inet 127.0.0.1 netmask 0xff000000 inet 192.168.8.1 netmask 0xffffffff vlan0: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500 inet 192.168.50.30 netmask 0xffffffe0 broadcast 192.168.50.31 ether 00:08:c7:89:f5:5f media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 903 parent interface: fxp1 vlan1: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500 inet 192.168.197.1 netmask 0xffffff00 broadcast 192.168.197.255 ether 00:08:c7:89:f5:5f media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 47 parent interface: fxp1 vlan2: flags=9843<UP,BROADCAST,RUNNING,SIMPLEX,LINK0,MULTICAST> mtu 1500 inet 192.168.60.2 netmask 0xffffff00 broadcast 192.168.60.255 ether 00:08:c7:89:f5:5f media: Ethernet autoselect (100baseTX <full-duplex>) status: active vlan: 602 parent interface: fxp1 bridge0: flags=8041<UP,RUNNING,MULTICAST> mtu 1500 inet 192.168.7.1 netmask 0xffffff00 ether ac:de:48:37:8e:76 priority 32768 hellotime 2 fwddelay 15 maxage 20 member: fxp0 flags=3<LEARNING,DISCOVER> member: ath0 flags=3<LEARNING,DISCOVER> ng0: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500 ng1: flags=8890<POINTOPOINT,NOARP,SIMPLEX,MULTICAST> mtu 1500 Unread portion of the kernel message buffer: Fatal trap 12: page fault while in kernel mode fault virtual address = 0xbfc00b04 fault code = supervisor read, page not present instruction pointer = 0x20:0xc070c33a stack pointer = 0x28:0xd2779ba0 frame pointer = 0x28:0xd2779c10 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 32 (swi6: task queue) trap number = 12 panic: page fault Uptime: 33m44s Dumping 191 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 191MB (48893 pages) 176 160 144 128 112 96 80 64 48 32 16 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt full #0 doadump () at pcpu.h:165 No locals. #1 0xc0538e9c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 first_buf_printf = 1 #2 0xc05391e9 in panic (fmt=0xc074fe21 "%s") at /usr/src/sys/kern/kern_shutdown.c:555 td = (struct thread *) 0xc14b6c00 bootopt = 260 newpanic = 0 ap = 0xc14b6c00 "\030TKà À>à" buf = "page fault", '\0' <repeats 245 times> #3 0xc072263c in trap_fatal (frame=0xd2779b60, eva=0) at /usr/src/sys/i386/i386/trap.c:841 code = 40 type = 12 ss = 40 esp = 0 softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl = 0, ssd_p = 1, ssd_xx = 10, ssd_xx1 = 1, ssd_def32 = 1, ssd_gran = 1} #4 0xc0722312 in trap_pfault (frame=0xd2779b60, usermode=0, eva=3217033988) at /usr/src/sys/i386/i386/trap.c:752 va = 3217031168 vm = (struct vmspace *) 0x0 map = 0x1 rv = 1 ftype = 1 '\001' td = (struct thread *) 0xc14b6c00 p = (struct proc *) 0xc14b5418 #5 0xc0721ead in trap (frame= {tf_fs = 8, tf_es = 40, tf_ds = -763953112, tf_edi = -1051083600, tf_esi = -1051723264, tf_ebp = -763913200, tf_isp = -763913332, tf_ebx = 0, tf_edx = 0, tf_ecx = 2888008, tf_eax = 705, tf_trapno = 12, tf_err = 0, tf_eip = -1066351814, tf_cs = 32, tf_eflags = 590338, tf_esp = 0, tf_ss = -763953151}) at /usr/src/sys/i386/i386/trap.c:442 td = (struct thread *) 0xc14b6c00 p = (struct proc *) 0xc14b5418 sticks = 3228242063 i = 0 ucode = 0 type = 12 code = 0 eva = 3217033988 #6 0xc070e5fa in calltrap () at /usr/src/sys/i386/i386/exception.s:139 No locals. #7 0xc070c33a in bus_dmamap_load_mbuf_sg (dmat=0xc14d5700, map=0x0, m0=0x0, segs=0xc159bcd4, nsegs=0xc159bcb4, flags=1) at pmap.h:200 first = 0 lastaddr = 0 m = (struct mbuf *) 0xc14ffa00 error = 2888008 #8 0xc049534e in ath_rxbuf_init (sc=0xc1595000, bf=0xc159bcb0) at /usr/src/sys/dev/ath/if_ath.c:2495 ah = (struct ath_hal *) 0xc1597000 error = -1051111424 m = (struct mbuf *) 0xc14ffa00 ds = (struct ath_desc *) 0xc1595000 __func__ = "ath_rxbuf_init" #9 0xc0495bc6 in ath_rx_proc (arg=0xc1595000, npending=705) at /usr/src/sys/dev/ath/if_ath.c:2858 sc = (struct ath_softc *) 0xc1595000 bf = (struct ath_buf *) 0xc159bcb0 ic = (struct ieee80211com *) 0xc15951ac ifp = (struct ifnet *) 0xc1592800 ah = (struct ath_hal *) 0xc1597000 ds = (struct ath_desc *) 0xc14b1cd0 m = (struct mbuf *) 0xc154f000 ni = (struct ieee80211_node *) 0xc1a01000 an = (struct ath_node *) 0x2c1148 len = -1046474752 type = 8 phyerr = 705 status = 3248492544 __func__ = "ath_rx_proc" #10 0xc055f600 in taskqueue_run (queue=0xc13e9480) at /usr/src/sys/kern/subr_taskqueue.c:217 task = (struct task *) 0xc15960a8 owned = 0 pending = 1 #11 0xc055f7c3 in taskqueue_swi_run (dummy=0x0) at /usr/src/sys/kern/subr_taskqueue.c:252 No locals. #12 0xc051e338 in ithread_loop (arg=0xc13e9400) at /usr/src/sys/kern/kern_intr.c:547 ithd = (struct ithd *) 0xc13e9400 ih = (struct intrhand *) 0xc148da40 td = (struct thread *) 0xc14b6c00 p = (struct proc *) 0xc14b5418 count = 0 warned = 0 #13 0xc051d20f in fork_exit (callout=0xc051e180 <ithread_loop>, arg=0x2c1, frame=0x2c1) at /usr/src/sys/kern/kern_fork.c:789 p = (struct proc *) 0xc14b5418 td = (struct thread *) 0x0 #14 0xc070e65c in fork_trampoline () at /usr/src/sys/i386/i386/exception.s:208 No locals. (kgdb) Unread portion of the kernel message buffer: in_cksum_skip: out of data by 88 in_cksum_skip: out of data by 88 ath0: stuck beacon; resetting (bmiss count 4) Fatal trap 12: page fault while in kernel mode fault virtual address = 0xc fault code = supervisor read, page not present instruction pointer = 0x20:0xc057b4d0 stack pointer = 0x28:0xd712fa80 frame pointer = 0x28:0xd712fab4 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, def32 1, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 2230 (sshd) trap number = 12 panic: page fault Uptime: 2h30m16s Dumping 191 MB (2 chunks) chunk 0: 1MB (159 pages) ... ok chunk 1: 191MB (48893 pages) 176 160 144 128 112 96 80 64 48 32 16 #0 doadump () at pcpu.h:165 165 __asm __volatile("movl %%fs:0,%0" : "=r" (td)); (kgdb) bt full #0 doadump () at pcpu.h:165 No locals. #1 0xc0538e9c in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:399 first_buf_printf = 1 #2 0xc05391e9 in panic (fmt=0xc074fe21 "%s") at /usr/src/sys/kern/kern_shutdown.c:555 td = (struct thread *) 0xc18a2d80 bootopt = 260 newpanic = 0 ap = 0xc18a2d80 "H\034\212à_at_\213Kà" buf = "page fault", '\0' <repeats 245 times> #3 0xc072263c in trap_fatal (frame=0xd712fa40, eva=0) at /usr/src/sys/i386/i386/trap.c:841 code = 40 type = 12 ss = 40 esp = 0 softseg = {ssd_base = 0, ssd_limit = 1048575, ssd_type = 27, ssd_dpl = 0, ssd_p = 1, ssd_xx = 9, ssd_xx1 = 1, ssd_def32 = 1, ssd_gran = 1} #4 0xc0722312 in trap_pfault (frame=0xd712fa40, usermode=0, eva=12) at /usr/src/sys/i386/i386/trap.c:752 va = 0 vm = (struct vmspace *) 0x0 map = 0x1 rv = 1 ftype = 1 '\001' td = (struct thread *) 0xc18a2d80 p = (struct proc *) 0xc18a1c48 #5 0xc0721ead in trap (frame= {tf_fs = -1047920632, tf_es = -1047920600, tf_ds = -686686168, tf_edi = 88, tf_esi = 0, tf_ebp = -686622028, tf_isp = -686622100, tf_ebx = 1460, tf_edx = 164, tf_ecx = -1047051576, tf_eax = -1051016448, tf_trapno = 12, tf_err = 0, tf_eip = -1067993904, tf_cs = 32, tf_eflags = 66066, tf_esp = -1056645432, tf_ss = -1056645504}) at /usr/src/sys/i386/i386/trap.c:442 td = (struct thread *) 0xc18a2d80 p = (struct proc *) 0xc18a1c48 sticks = 3247060480 i = 0 ucode = 0 type = 12 code = 0 eva = 12 #6 0xc070e5fa in calltrap () at /usr/src/sys/i386/i386/exception.s:139 No locals. #7 0xc057b4d0 in m_copym (m=0x0, off0=164, len=324, wait=1) at /usr/src/sys/kern/uipc_mbuf.c:389 n = (struct mbuf *) 0x5b4 np = (struct mbuf **) 0xc154dc00 off = 88 top = (struct mbuf *) 0xd712fac0 copyhdr = 0 #8 0xc062b5d7 in tcp_output (tp=0xc182aac8) at /usr/src/sys/netinet/tcp_output.c:774 so = (struct socket *) 0xc19742c8 len = 324 recwin = 131400 sendwin = 1460 off = 164 flags = 16 error = -1047051576 m = (struct mbuf *) 0xc154dc00 ip = (struct ip *) 0x3 th = (struct tcphdr *) 0x5b4 opt = "\000\000\000\000HØ\022â`5Xþ\220C\227à\000ÅZà\000ýTà\220C\227àhØ\022âî5Xþ\220C\227à" ipoptlen = 164 optlen = 0 hdrlen = 40 idle = 0 sendalot = 0 i = 4 sack_rxmit = 0 sack_bytes_rxmt = 0 p = (struct sackhole *) 0x0 #9 0xc0632bac in tcp_usr_send (so=0xc19742c8, flags=0, m=0xc15ae500, nam=0x0, control=0x0, td=0xc18a2d80) at /usr/src/sys/netinet/tcp_usrreq.c:702 error = 0 inp = (struct inpcb *) 0xc17c5924 tp = (struct tcpcb *) 0xc182aac8 unlocked = 1 #10 0xc057efb1 in sosend (so=0xc19742c8, addr=0x0, uio=0xd712fcb0, top=0xc15ae500, control=0x0, flags=0, td=0xc18a2d80) at /usr/src/sys/kern/uipc_socket.c:829 mp = (struct mbuf **) 0xc15ae500 m = (struct mbuf *) 0xc15ae500 space = 130912 len = 324 resid = 0 clen = -1051007744 error = 0 dontroute = 0 atomic = 0 #11 0xc0569dc7 in soo_write (fp=0xc15ac300, uio=0xd712fcb0, active_cred=0xc1985c00, flags=0, td=0xc18a2d80) at /usr/src/sys/kern/sys_socket.c:118 so = (struct socket *) 0xc19742c8 error = 324 #12 0xc0562968 in dofilewrite (td=0xc18a2d80, fd=-1051016448, fp=0xc18c5360, auio=0xd712fcb0, offset=Unhandled dwarf expression opcode 0x93 ) at file.h:246 cnt = 324 error = -1047768224 ktruio = (struct uio *) 0x0 #13 0xc0562785 in kern_writev (td=0xc18a2d80, fd=3, auio=0xc15ac300) at /usr/src/sys/kern/sys_generic.c:402 fp = (struct file *) 0xc18c5360 error = 0 #14 0xc056263f in write (td=0xc15ac300, uap=0xc19742c8) at /usr/src/sys/kern/sys_generic.c:326 auio = {uio_iov = 0xd712fca8, uio_iovcnt = 1, uio_offset = 323, uio_resid = 0, uio_segflg = UIO_USERSPACE, uio_rw = UIO_WRITE, uio_td = 0xc18a2d80} aiov = {iov_base = 0x8083144, iov_len = 0} #15 0xc0722a30 in syscall (frame= {tf_fs = 59, tf_es = -1078001605, tf_ds = -1078001605, tf_edi = 134693032, tf_esi = 324, tf_ebp = -1077944808, tf_isp = -686621340, tf_ebx = 671959216, tf_edx = 134693032, tf_ecx = 134754304, tf_eax = 4, tf_trapno = 0, tf_err = 2, tf_eip = 674158639, tf_cs = 51, tf_eflags = 518, tf_esp = -1077944836, tf_ss = 59}) at /usr/src/sys/i386/i386/trap.c:986 params = 0xbfbfde00 <Address 0xbfbfde00 out of bounds> callp = (struct sysent *) 0xc078c950 td = (struct thread *) 0xc18a2d80 p = (struct proc *) 0xc18a1c48 orig_tf_eflags = 518 sticks = 8 error = 0 narg = 3 args = {3, 134754304, 324, 0, 0, -1065678288, -686621388, 671959216} code = 4 #16 0xc070e64f in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:200 No locals. #17 0x00000033 in ?? () No symbol table info available. Previous frame inner to this frame (corrupt stack?) (kgdb)Received on Fri Oct 07 2005 - 09:26:12 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:44 UTC