'Translation Fault (L1) on read' error

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Lee MATTHEWS <lee.matthews.external_at_stormshield.eu>
Date: Tue, 08 Mar 2022 10:06:48 UTC
Hello,

We are currently having problems during wifi testing on our embedded devices that run FreeBSD 11.3 on armv6. We know that this version is no longer supported and we are currently working on updating to FreeBSD 13.0.

We get random "Translation Fault (L1) on read" errors followed by a core dump. Continuous repeated testing can take several days before the problem appears.

What could be causing this error? I've been looking online and I wonder if it could be an icache issue ? 

https://lists.freebsd.org/pipermail/freebsd-hackers/2016-December/050255.html

I have attached below a couple of kernel panic messages as well as the code at the origin of the panic.

Thanks in advance.

Best regards,
Lee Matthews

----

Unread portion of the kernel message buffer:
[7022] Fatal kernel mode data abort: 'Translation Fault (L1)' on read
[7022] trapframe: 0xb559e550
[7022] FSR=00000005, FAR=00000024, spsr=00000013
[7022] r0 =00000000, r1 =86bc7e00, r2 =86b26000, r3 =00000000
[7022] r4 =8702f0c8, r5 =000005b6, r6 =85055000, r7 =00000040
[7022] r8 =8702f000, r9 =86bc7e00, r10=853cb9fc, r11=b559e5e8
[7022] r12=853cb9fc, ssp=b559e5e0, slr=80092a34, pc =8036b2b0
[7022] 
[7022] timeout stopping cpus
[7022] panic: Fatal abort
[7022] cpuid = 0
[7022] __HardenedBSD_version = 1100056 __FreeBSD_version = 1103500
[7022] version = NS-BSD 4.3.0.snap20210902--HBSD #0 : Tue Jan 18 01:21:57 CET 2022
[7022]     leem@BuildHBSD113-1-armv6.labo.int:/home/leem/build/kernel/work-OPTIM/sys/arm/compile/NETASQ.S.SMP.HW.RELEASE
[7022] Uptime: 1h57m2s
[7022] Physical memory: 2038 MB
[7022] Dumping 250 MB: 247 243 239 235 231 227 223

savectx () at ../../../arm/arm/swtch.S:103
103	../../../arm/arm/swtch.S: No such file or directory.
(kgdb) bt
#0  savectx () at ../../../arm/arm/swtch.S:103
#1  0x8024e5c0 in dumpsys (di=<unavailable>) at ./machine/dump.h:67
#2  doadump (textdump=<optimized out>) at ../../../kern/kern_shutdown.c:333
#3  0x8024e3dc in kern_reboot (howto=260) at ../../../kern/kern_shutdown.c:390
#4  0x8024e73c in vpanic (fmt=0x84e20400 "0\004�\204", ap=...) at ../../../kern/kern_shutdown.c:785
#5  0x8024e5fc in panic (fmt=<unavailable>) at ../../../kern/kern_shutdown.c:714
#6  0x8052d2cc in abort_fatal (tf=0x0, idx=<optimized out>, fsr=<optimized out>, far=<optimized out>, prefetch=0, td=0x84f5a880, ksig=0xb559e4d0) at ../../../arm/arm/trap-v6.c:625
#7  0x8052d0cc in abort_handler (tf=<optimized out>, prefetch=<optimized out>) at ../../../arm/arm/trap-v6.c:424
#8  <signal handler called>
#9  ieee80211_crypto_encap (ni=<optimized out>, m=0x86bc7e00) at ../../../net80211/ieee80211_crypto.c:573



/*
 * Add privacy headers appropriate for the specified key.
 */
struct ieee80211_key *
ieee80211_crypto_encap(struct ieee80211_node *ni, struct mbuf *m)
{
	struct ieee80211_key *k;
	const struct ieee80211_cipher *cip;

	if ((k = ieee80211_crypto_get_txkey(ni, m)) != NULL) {
		cip = k->wk_cipher;
		return (cip->ic_encap(k, m) ? k : NULL);    -------- ligne 573
	}

	return NULL;
}

----

[1095] Fatal kernel mode data abort: 'Translation Fault (L1)' on read
[1095] trapframe: 0xb559e9c0
[1095] FSR=00000005, FAR=0000ffff, spsr=00000013
[1095] r0 =870a955a, r1 =410c2018, r2 =00000011, r3 =0000ffff
[1095] r4 =86b7c000, r5 =00000000, r6 =00000020, r7 =00000400
[1095] r8 =8705a000, r9 =85055000, r10=86bd7000, r11=b559ea80
[1095] r12=870a9558, ssp=b559ea50, slr=80384ea4, pc =80384f08
[1095] 
[1095] timeout stopping cpus
[1095] panic: Fatal abort
[1095] cpuid = 0
[1095] __HardenedBSD_version = 1100056 __FreeBSD_version = 1103500
[1095] version = NS-BSD 4.3.3--HBSD #0  711c600c(pretag/4.3.3): Thu Dec 23 18:46:12 CET 2021
[1095]     build@buildmajHBSD113-armv6.labo.int:/home/build/fw-PRETAG_4.3.3/firmware/tmp/armv6/kernel/work-OPTIM/sys/arm/compile/NETASQ.S.SMP.HW.RELEASE
[1095] Uptime: 18m15s
[1095] Physical memory: 2038 MB
[1095] Dumping 249 MB: 246 242 238 234 230 226 222

savectx () at ../../../arm/arm/swtch.S:103
103	../../../arm/arm/swtch.S: No such file or directory.
(kgdb) bt
#0  savectx () at ../../../arm/arm/swtch.S:103
#1  0x8024ee28 in dumpsys (di=<unavailable>) at ./machine/dump.h:67
#2  doadump (textdump=<optimized out>) at ../../../kern/kern_shutdown.c:333
#3  0x8024ec44 in kern_reboot (howto=260) at ../../../kern/kern_shutdown.c:390
#4  0x8024efa4 in vpanic (fmt=0x84e20400 "0\004�\204", ap=...) at ../../../kern/kern_shutdown.c:785
#5  0x8024ee64 in panic (fmt=<unavailable>) at ../../../kern/kern_shutdown.c:714
#6  0x8052d9c0 in abort_fatal (tf=0x0, idx=<optimized out>, fsr=<optimized out>, far=<optimized out>, prefetch=0, td=0x84f5a880, ksig=0xb559e940) at ../../../arm/arm/trap-v6.c:625
#7  0x8052d7c0 in abort_handler (tf=<optimized out>, prefetch=<optimized out>) at ../../../arm/arm/trap-v6.c:424
#8  <signal handler called>
#9  0x80384f08 in ieee80211_getcapinfo (vap=<optimized out>, chan=0xffff) at ../../../net80211/ieee80211_output.c:2195

/*
 * Calculate capability information for mgt frames.
 */
uint16_t
ieee80211_getcapinfo(struct ieee80211vap *vap, struct ieee80211_channel *chan)
{
	struct ieee80211com *ic = vap->iv_ic;
	uint16_t capinfo;

	KASSERT(vap->iv_opmode != IEEE80211_M_STA, ("station mode"));

	if (vap->iv_opmode == IEEE80211_M_HOSTAP)
		capinfo = IEEE80211_CAPINFO_ESS;
	else if (vap->iv_opmode == IEEE80211_M_IBSS)
		capinfo = IEEE80211_CAPINFO_IBSS;
	else
		capinfo = 0;
	if (vap->iv_flags & IEEE80211_F_PRIVACY)
		capinfo |= IEEE80211_CAPINFO_PRIVACY;
	if ((ic->ic_flags & IEEE80211_F_SHPREAMBLE) &&
	    IEEE80211_IS_CHAN_2GHZ(chan))
		capinfo |= IEEE80211_CAPINFO_SHORT_PREAMBLE;
	if (ic->ic_flags & IEEE80211_F_SHSLOT)  -------------- line 2195
		capinfo |= IEEE80211_CAPINFO_SHORT_SLOTTIME;
	if (IEEE80211_IS_CHAN_5GHZ(chan) && (vap->iv_flags & IEEE80211_F_DOTH))
		capinfo |= IEEE80211_CAPINFO_SPECTRUM_MGMT;
	return capinfo;
}