Kernel panic for if_epair

From: qroxana <qroxana_at_protonmail.com>
Date: Wed, 16 Feb 2022 10:31:02 UTC
It's running 14.0-CURRENT armv7 main-n252983-d21e71efce39

Kernel page fault with the following non-sleepable locks held:
exclusive sleep mutex epairidx (epairidx) r = 0 (0xe2fe9160) locked @ /usr/src/sys/net/if_epair.c:165
stack backtrace:
#0 0xc03558f8 at witness_debugger+0x7c
#1 0xc0356b3c at witness_warn+0x3fc
#2 0xc05eb3c8 at abort_handler+0x1d8
#3 0xc05ca8e0 at exception_exit+0
#4 0xc0475928 at udp_input+0x1c0
#5 0xc0441884 at ip_input+0xa18
#6 0xc041426c at netisr_dispatch_src+0x100
#7 0xc040b9a0 at ether_demux+0x1c8
#8 0xc040d22c at ether_nh_input+0x514
#9 0xc041426c at netisr_dispatch_src+0x100
#10 0xc040be94 at ether_input+0x8c
#11 0xe2fd8130 at $a.8+0x128
#12 0xc02a1ee0 at ithread_loop+0x268
#13 0xc029e088 at fork_exit+0xa0
#14 0xc05ca870 at swi_exit+0
Fatal kernel mode data abort: 'Alignment Fault' on read
trapframe: 0xe2a0baf0
FSR=00000001, FAR=e3f02a56, spsr=20000013
r0 =00000000, r1 =00000001, r2 =00000001, r3 =00000a0a
r4 =00000000, r5 =e3f02a6a, r6 =e3f02a56, r7 =00000044
r8 =00000044, r9 =c0af955c, r10=00000014, r11=e2a0bc10
r12=00000000, ssp=e2a0bb80, slr=c0441884, pc =c0475928

panic: Fatal abort
cpuid = 0
time = 1645004889
KDB: stack backtrace:
db_trace_self() at db_trace_self
         pc = 0xc05c7f34  lr = 0xc007ac48 (db_trace_self_wrapper+0x30)
         sp = 0xe2a0b8c8  fp = 0xe2a0b9e0
db_trace_self_wrapper() at db_trace_self_wrapper+0x30
         pc = 0xc007ac48  lr = 0xc02e259c (vpanic+0x170)
         sp = 0xe2a0b9e8  fp = 0xe2a0ba08
         r4 = 0x00000100  r5 = 0x00000000
         r6 = 0xc077f670  r7 = 0xc090d910
vpanic() at vpanic+0x170
         pc = 0xc02e259c  lr = 0xc02e234c (doadump)
         sp = 0xe2a0ba10  fp = 0xe2a0ba14
         r4 = 0xe2a0baf0  r5 = 0x00000013
         r6 = 0xe3f02a56  r7 = 0x00000001
         r8 = 0x00000001  r9 = 0xe294e000
        r10 = 0xe3f02a56
doadump() at doadump
         pc = 0xc02e234c  lr = 0xc05eba18 (abort_align)
         sp = 0xe2a0ba1c  fp = 0xe2a0ba48
         r4 = 0xe3f02a56  r5 = 0xe2a0ba14
         r6 = 0xc02e234c r10 = 0xe2a0ba1c
abort_align() at abort_align
         pc = 0xc05eba18  lr = 0xc05eb518 (abort_handler+0x328)
         sp = 0xe2a0ba50  fp = 0xe2a0bae8
         r4 = 0x00000013  r5 = 0xe3f02a56
abort_handler() at abort_handler+0x328
         pc = 0xc05eb518  lr = 0xc05ca8e0 (exception_exit)
         sp = 0xe2a0baf0  fp = 0xe2a0bc10
         r4 = 0x00000000  r5 = 0xe3f02a6a
         r6 = 0xe3f02a56  r7 = 0x00000044
         r8 = 0x00000044  r9 = 0xc0af955c
        r10 = 0x00000014
exception_exit() at exception_exit
         pc = 0xc05ca8e0  lr = 0xc0441884 (ip_input+0xa18)
         sp = 0xe2a0bb80  fp = 0xe2a0bc10
         r0 = 0x00000000  r1 = 0x00000001
         r2 = 0x00000001  r3 = 0x00000a0a
         r4 = 0x00000000  r5 = 0xe3f02a6a
         r6 = 0xe3f02a56  r7 = 0x00000044
         r8 = 0x00000044  r9 = 0xc0af955c
        r10 = 0x00000014 r12 = 0x00000000
udp_input() at udp_input+0x1c0
         pc = 0xc0475928  lr = 0xc0441884 (ip_input+0xa18)
         sp = 0xe2a0bc18  fp = 0xe2a0bc50
         r4 = 0x00022e75  r5 = 0x00000000
         r6 = 0x00000014  r7 = 0x000000fb
         r8 = 0xc090d910  r9 = 0xc09457fc
        r10 = 0xe3f02a56
ip_input() at ip_input+0xa18
         pc = 0xc0441884  lr = 0xc041426c (netisr_dispatch_src+0x100)
         sp = 0xe2a0bc58  fp = 0xe2a0bc80
         r4 = 0x0003a73b  r5 = 0xe3f02a00
         r6 = 0x00000000  r7 = 0xc0b5b4b4
         r8 = 0xe4417ac0  r9 = 0x5e4a6f28
        r10 = 0x00000008
netisr_dispatch_src() at netisr_dispatch_src+0x100
         pc = 0xc041426c  lr = 0xc040b9a0 (ether_demux+0x1c8)
         sp = 0xe2a0bc88  fp = 0xe2a0bca0
         r4 = 0xe3244400  r5 = 0xe3f02a00
         r6 = 0x00000800  r7 = 0xe3244400
         r8 = 0xe4417ac0  r9 = 0x5e4a6f28
        r10 = 0x00000008
ether_demux() at ether_demux+0x1c8
         pc = 0xc040b9a0  lr = 0xc040d22c (ether_nh_input+0x514)
         sp = 0xe2a0bca8  fp = 0xe2a0bd10
         r4 = 0xe3244400  r5 = 0xe3f02a00
         r6 = 0xe3f02a48  r7 = 0x00000000
ether_nh_input() at ether_nh_input+0x514
         pc = 0xc040d22c  lr = 0xc041426c (netisr_dispatch_src+0x100)
         sp = 0xe2a0bd18  fp = 0xe2a0bd40
         r4 = 0x00050e88  r5 = 0xe3f02a00
         r6 = 0x00000000  r7 = 0xc0b5b534
         r8 = 0x5e4a6f28  r9 = 0x00000020
        r10 = 0x00000000
netisr_dispatch_src() at netisr_dispatch_src+0x100
         pc = 0xc041426c  lr = 0xc040be94 (ether_input+0x8c)
         sp = 0xe2a0bd48  fp = 0xe2a0bd80
         r4 = 0xe3244400  r5 = 0x00000000
         r6 = 0xe3f02a00  r7 = 0x00000000
         r8 = 0x5e4a6f28  r9 = 0x00000020
        r10 = 0x00000000
ether_input() at ether_input+0x8c
         pc = 0xc040be94  lr = 0xe2fd8130 ($a.8+0x128)
         sp = 0xe2a0bd88  fp = 0xe2a0bdb8
         r4 = 0xc57f5c8c  r5 = 0x00000000
         r6 = 0xe3244400  r7 = 0xc57f5c80
         r8 = 0xe2fe9170  r9 = 0xc0938328
        r10 = 0xe2a0bd88
$a.8() at $a.8+0x128
         pc = 0xe2fd8130  lr = 0xc02a1ee0 (ithread_loop+0x268)
         sp = 0xe2a0bdc0  fp = 0xe2a0be20
         r4 = 0xdb77f640  r5 = 0x00000000
         r6 = 0xe3b3f544  r7 = 0xe3b3f500
         r8 = 0xc077cec9  r9 = 0xe3b3f508
        r10 = 0xdb77f640
ithread_loop() at ithread_loop+0x268
         pc = 0xc02a1ee0  lr = 0xc029e088 (fork_exit+0xa0)
         sp = 0xe2a0be28  fp = 0xe2a0be40
         r4 = 0xe294e000  r5 = 0xd7967000
         r6 = 0xc02a1c78  r7 = 0xdb6e8120
         r8 = 0xe2a0be48  r9 = 0x00000000
        r10 = 0x00000000
fork_exit() at fork_exit+0xa0
         pc = 0xc029e088  lr = 0xc05ca870 (swi_exit)
         sp = 0xe2a0be48  fp = 0x00000000
         r4 = 0xc02a1c78  r5 = 0xdb6e8120
         r6 = 0x00000000  r7 = 0x00000000
         r8 = 0x00000000 r10 = 0x00000000
swi_exit() at swi_exit
         pc = 0xc05ca870  lr = 0xc05ca870 (swi_exit)
         sp = 0xe2a0be48  fp = 0x00000000
KDB: enter: panic
[ thread pid 11 tid 100174 ]
Stopped at      kdb_enter+0x58: ldrb    r15, [r15, r15, ror r15]!
db> bt
Tracing pid 11 tid 100174 td 0xe294e000
db_trace_self() at db_trace_self
         pc = 0xc05c7f34  lr = 0xc00776f4 (db_stack_trace+0x140)
         sp = 0xe2a0b718  fp = 0xe2a0b730
db_stack_trace() at db_stack_trace+0x140
         pc = 0xc00776f4  lr = 0xc0077404 (db_command+0x39c)
         sp = 0xe2a0b738  fp = 0xe2a0b7d8
         r4 = 0xc0724646  r5 = 0x00000000
         r6 = 0xc0af955c r10 = 0xc08a8ba0
db_command() at db_command+0x39c
         pc = 0xc0077404  lr = 0xc0077040 (db_command_loop+0x64)
         sp = 0xe2a0b7e0  fp = 0xe2a0b7f0
         r4 = 0xc0786dcd  r5 = 0xc0786445
         r6 = 0xc095ef5c  r7 = 0xc0afb858
         r8 = 0xc0afb838  r9 = 0xc08a8f38
        r10 = 0xc0938778
db_command_loop() at db_command_loop+0x64
         pc = 0xc0077040  lr = 0xc007adcc (db_trap+0x128)
         sp = 0xe2a0b7f8  fp = 0xe2a0b910
         r4 = 0x00000000  r5 = 0xc095ef50
         r6 = 0xe2a0b948 r10 = 0xc0938778
db_trap() at db_trap+0x128
         pc = 0xc007adcc  lr = 0xc0332544 (kdb_trap+0x1b8)
         sp = 0xe2a0b918  fp = 0xe2a0b940
         r4 = 0x00000000  r5 = 0x00000001
         r6 = 0xe2a0b948  r7 = 0xc0afb858
kdb_trap() at kdb_trap+0x1b8
         pc = 0xc0332544  lr = 0xc05ca8e0 (exception_exit)
         sp = 0xe2a0b948  fp = 0xe2a0b9e0
         r4 = 0x600001d3  r5 = 0x00000000
         r6 = 0xc077f670  r7 = 0xc090d910
         r8 = 0xe294e000  r9 = 0xe2a0ba1c
        r10 = 0xc0aebb30
exception_exit() at exception_exit
         pc = 0xc05ca8e0  lr = 0xc0331abc (kdb_enter+0x48)
         sp = 0xe2a0b9d8  fp = 0xe2a0b9e0
         r0 = 0xc0afb848  r1 = 0x00000000
         r2 = 0x00000012  r3 = 0x00000000
         r4 = 0xc0798704  r5 = 0x00000000
         r6 = 0xc077f670  r7 = 0xc090d910
         r8 = 0xe294e000  r9 = 0xe2a0ba1c
        r10 = 0xc0aebb30 r12 = 0x20000000
kdb_enter() at kdb_enter+0x5c
         pc = 0xc0331ad0  lr = 0xc02e25e8 (vpanic+0x1bc)
         sp = 0xe2a0b9e8  fp = 0xe2a0ba08
         r4 = 0x00000100 r10 = 0xc0aebb30
vpanic() at vpanic+0x1bc
         pc = 0xc02e25e8  lr = 0xc02e234c (doadump)
         sp = 0xe2a0ba10  fp = 0xe2a0ba14
         r4 = 0xe2a0baf0  r5 = 0x00000013
         r6 = 0xe3f02a56  r7 = 0x00000001
         r8 = 0x00000001  r9 = 0xe294e000
        r10 = 0xe3f02a56
doadump() at doadump
         pc = 0xc02e234c  lr = 0xc05eba18 (abort_align)
         sp = 0xe2a0ba1c  fp = 0xe2a0ba48
         r4 = 0xe3f02a56  r5 = 0xe2a0ba14
         r6 = 0xc02e234c r10 = 0xe2a0ba1c
abort_align() at abort_align
         pc = 0xc05eba18  lr = 0xc05eb518 (abort_handler+0x328)
         sp = 0xe2a0ba50  fp = 0xe2a0bae8
         r4 = 0x00000013  r5 = 0xe3f02a56
abort_handler() at abort_handler+0x328
         pc = 0xc05eb518  lr = 0xc05ca8e0 (exception_exit)
         sp = 0xe2a0baf0  fp = 0xe2a0bc10
         r4 = 0x00000000  r5 = 0xe3f02a6a
         r6 = 0xe3f02a56  r7 = 0x00000044
         r8 = 0x00000044  r9 = 0xc0af955c
        r10 = 0x00000014
exception_exit() at exception_exit
         pc = 0xc05ca8e0  lr = 0xc0441884 (ip_input+0xa18)
         sp = 0xe2a0bb80  fp = 0xe2a0bc10
         r0 = 0x00000000  r1 = 0x00000001
         r2 = 0x00000001  r3 = 0x00000a0a
         r4 = 0x00000000  r5 = 0xe3f02a6a
         r6 = 0xe3f02a56  r7 = 0x00000044
         r8 = 0x00000044  r9 = 0xc0af955c
        r10 = 0x00000014 r12 = 0x00000000
udp_input() at udp_input+0x1c0
         pc = 0xc0475928  lr = 0xc0441884 (ip_input+0xa18)
         sp = 0xe2a0bc18  fp = 0xe2a0bc50
         r4 = 0x00022e75  r5 = 0x00000000
         r6 = 0x00000014  r7 = 0x000000fb
         r8 = 0xc090d910  r9 = 0xc09457fc
        r10 = 0xe3f02a56
ip_input() at ip_input+0xa18
         pc = 0xc0441884  lr = 0xc041426c (netisr_dispatch_src+0x100)
         sp = 0xe2a0bc58  fp = 0xe2a0bc80
         r4 = 0x0003a73b  r5 = 0xe3f02a00
         r6 = 0x00000000  r7 = 0xc0b5b4b4
         r8 = 0xe4417ac0  r9 = 0x5e4a6f28
        r10 = 0x00000008
netisr_dispatch_src() at netisr_dispatch_src+0x100
         pc = 0xc041426c  lr = 0xc040b9a0 (ether_demux+0x1c8)
         sp = 0xe2a0bc88  fp = 0xe2a0bca0
         r4 = 0xe3244400  r5 = 0xe3f02a00
         r6 = 0x00000800  r7 = 0xe3244400
         r8 = 0xe4417ac0  r9 = 0x5e4a6f28
        r10 = 0x00000008
ether_demux() at ether_demux+0x1c8
         pc = 0xc040b9a0  lr = 0xc040d22c (ether_nh_input+0x514)
         sp = 0xe2a0bca8  fp = 0xe2a0bd10
         r4 = 0xe3244400  r5 = 0xe3f02a00
         r6 = 0xe3f02a48  r7 = 0x00000000
ether_nh_input() at ether_nh_input+0x514
         pc = 0xc040d22c  lr = 0xc041426c (netisr_dispatch_src+0x100)
         sp = 0xe2a0bd18  fp = 0xe2a0bd40
         r4 = 0x00050e88  r5 = 0xe3f02a00
         r6 = 0x00000000  r7 = 0xc0b5b534
         r8 = 0x5e4a6f28  r9 = 0x00000020
        r10 = 0x00000000
netisr_dispatch_src() at netisr_dispatch_src+0x100
         pc = 0xc041426c  lr = 0xc040be94 (ether_input+0x8c)
         sp = 0xe2a0bd48  fp = 0xe2a0bd80
         r4 = 0xe3244400  r5 = 0x00000000
         r6 = 0xe3f02a00  r7 = 0x00000000
         r8 = 0x5e4a6f28  r9 = 0x00000020
        r10 = 0x00000000
ether_input() at ether_input+0x8c
         pc = 0xc040be94  lr = 0xe2fd8130 ($a.8+0x128)
         sp = 0xe2a0bd88  fp = 0xe2a0bdb8
         r4 = 0xc57f5c8c  r5 = 0x00000000
         r6 = 0xe3244400  r7 = 0xc57f5c80
         r8 = 0xe2fe9170  r9 = 0xc0938328
        r10 = 0xe2a0bd88
$a.8() at $a.8+0x128
         pc = 0xe2fd8130  lr = 0xc02a1ee0 (ithread_loop+0x268)
         sp = 0xe2a0bdc0  fp = 0xe2a0be20
         r4 = 0xdb77f640  r5 = 0x00000000
         r6 = 0xe3b3f544  r7 = 0xe3b3f500
         r8 = 0xc077cec9  r9 = 0xe3b3f508
        r10 = 0xdb77f640
ithread_loop() at ithread_loop+0x268
         pc = 0xc02a1ee0  lr = 0xc029e088 (fork_exit+0xa0)
         sp = 0xe2a0be28  fp = 0xe2a0be40
         r4 = 0xe294e000  r5 = 0xd7967000
         r6 = 0xc02a1c78  r7 = 0xdb6e8120
         r8 = 0xe2a0be48  r9 = 0x00000000
        r10 = 0x00000000
fork_exit() at fork_exit+0xa0
         pc = 0xc029e088  lr = 0xc05ca870 (swi_exit)
         sp = 0xe2a0be48  fp = 0x00000000
         r4 = 0xc02a1c78  r5 = 0xdb6e8120
         r6 = 0x00000000  r7 = 0x00000000
         r8 = 0x00000000 r10 = 0x00000000
swi_exit() at swi_exit
         pc = 0xc05ca870  lr = 0xc05ca870 (swi_exit)
         sp = 0xe2a0be48  fp = 0x00000000