Re: Panic from wpa_supplicant in uma_large_free()

From: Sam Leffler <sam_at_freebsd.org> Date: Wed, 28 Jan 2009 10:06:00 -0800 · This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:39:41 UTC

David Wolfskill wrote:
> After updating HEAD to around r187816 (I'm still using CVS), I get the
> following on my laptop (which makes an attempt to use wpa_supplicant):
>
> <118>/dev/ad0s4e: FILE SYSTEM CLEAN; SKIPPING CHECKS
> <118>/dev/ad0s4e: clean, 836915 free (2867 frags, 104256 blocks, 0.3% fragmentation)
> wlan0: bpf attached
> wlan0: Ethernet address: 00:05:3c:09:86:46
> wlan0: bpf attached
> <118>Starting wpa_supplicant.
> <118>ioctl[SIOCG80211, op 98, len 32]: Bad address
> <118>/etc/rc.d/wpa_supplicant: WARNING: failed to start wpa_supplicant
> <118>Starting Network: lo0.
> <118>ifconfig:
> <118>create: bad value
> <118>
> <118>Starting wpa_supplicant.
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid = 0; apic id = 00
> fault virtual address   = 0xbfdb9858
> fault code              = supervisor read, page not present
> instruction pointer     = 0x20:0xc0a507f5
> stack pointer           = 0x28:0xc4b60a60
> frame pointer           = 0x28:0xc4b60a70
> code segment            = base 0x0, limit 0xfffff, type 0x1b
>                         = DPL 0, pres 1, def32 1, gran 1
> processor eflags        = interrupt enabled, resume, IOPL = 0
> current process         = 863 (wpa_supplicant)
>
> db> bt
> Tracing pid 863 tid 100055 td 0xc520a480
> uma_large_free(c5334e20,c0b14908,20,e,c5334dc0,...) at uma_large_free+0x35
> free(c5334dc0,c0ca6660,c0,c5334dd0,c5334de0,...) at free+0xdb
> ieee80211_ioctl_getdevcaps(c4b60ae8,c0805bbc,c4e75a9c,1,c4d20340,...) at ieee80211_ioctl_getdevcaps+0xda
> ieee80211_ioctl_get80211(c0bca91c,c0bb5139,3,c520a480,c4b60b68,...) at ieee80211_ioctl_get80211+0x930
> ieee80211_ioctl(c51a8c00,c01c69eb,c5334de0,c0e6b644,c51a8c00,...) at ieee80211_ioctl+0x2b7
> in_control(c532b930,c01c69eb,c5334de0,c51a8c00,c520a480,...) at in_control+0xe0a
> ifioctl(c532b930,c01c69eb,c5334de0,c520a480,c01c69eb,...) at ifioctl+0x322
> soo_ioctl(c51fe700,c01c69eb,c5334de0,c4d3c900,c520a480,...) at soo_ioctl+0x397
> kern_ioctl(c520a480,3,c01c69eb,c5334de0,184d9e0,...) at kern_ioctl+0x1dd
> ioctl(c520a480,c4b60cf8,c,c0b8dabb,c0ca1db0,...) at ioctl+0x134
> syscall(c4b60d38) at syscall+0x2a3
> Xint0x80_syscall() at Xint0x80_syscall+0x20
> --- syscall (54, FreeBSD ELF32, ioctl), eip = 0x28372c23, esp = 0xbfbfec9c, ebp = 0xbfbfece8 ---
> db> 
>
>   

Actually this is my bad.  It's the changes to getdevcaps.  Let me look 
at it.

    Sam