Re: panic on rpi3b: usbconfig reset

From: Ronald Klop <ronald-lists_at_klop.ws>
Date: Fri, 12 Jul 2024 15:19:01 UTC
 
Van: Ronald Klop <ronald-lists@klop.ws>
Datum: vrijdag, 12 juli 2024 17:04
Aan: freebsd-usb@freebsd.org, freebsd-arm@freebsd.org
Onderwerp: panic on rpi3b: usbconfig reset
> 
> Hi,
> 
> Performing "usbconfig reset" on my RPI3B running 14.1-RELEASE-p2/aarch64 results in a panic.
> 
> Here is the output on the serial console:
> 
> login: Jul 12 13:18:35 rpi3 su[14837]: ronald to root on /dev/pts/0                                                                 
> uhub0: at usbus1, port 1, addr 1 (disconnected)                                                                                     
> ugen1.2: <vendor 0x0424 product 0x2514> at usbus1 (disconnected)                                                                    
> uhub1: at uhub0, port 1, addr 2 (disconnected)                                                                                      
> ugen1.3: <vendor 0x0424 product 0x2514> at usbus1 (disconnected)                                                                    
> uhub2: at uhub1, port 1, addr 3 (disconnected)                                                                                      
> ugen1.4: <vendor 0x0424 product 0x7800> at usbus1 (disconnected)                                                                    
> muge0: at uhub2, port 1, addr 4 (disconnected)                                                                                      
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> muge0: warning: MII is busy                                                                                                         
> muge0: warning: Failed to read register 0x120                                                                                       
> ukphy0: detached                                                                                                                    
> muge0: warning: MII is busy                                                                                                         
> Fatal data abort:                                                                                                                   
> miibus0: detached                                     
>   x0: 0x0000000000000000                                                                                                            
>   x1: 0xffff0000403f44d4                                                                                                            
>   x2: 0x0000000000000000                                                                                                            
>   x3: 0xffff00000032e24c                                                                                                            
>   x4: 0xffff00000088eef8                                                                                                            
>   x5: 0x0000000000000041                                                                                                            
>   x6: 0xffff00000052cee8                                                                                                            
>   x7: 0xffff0000403f43b0                                                                                                            
>   x8: 0x0000000000000053                                                                                                            
>   x9: 0xaf460225cde9dab0                                                                                                            
>  x10: 0x0000000000000001                                                                                                            
>  x11: 0x0000000000000001                                                                                                            
>  x12: 0x0000000000000001                                                                                                            
>  x13: 0x0000000000000001                                                                                                            
>  x14: 0x0000000000000000                                                                                                            
>  x15: 0x0000000000000002                                                                                                            
>  x16: 0x0000000000000000                                                                                                            
>  x17: 0xffff0000403f42b5                                                                                                            
>  x18: 0xffff0000403f45d0                                                                                                            
>  x19: 0xffffa00001980380                                                                                                            
>  x20: 0x0000000000000000                                                                                                            
>  x21: 0x0000000000000000                                                                                                            
>  x22: 0x0000000000000001                                                                                                            
>  x23: 0xffffa00001a70200                                                                                                            
>  x24: 0xffffa00001980800                                                                                                            
>  x25: 0xffff000000c5d410                                                                                                            
>  x26: 0xffffa000018045c0                                                                                                            
>  x27: 0xffff000000ca5000                                                                                                            
>  x28: 0x0000000000000000                                                                                                            
>  x29: 0xffff0000403f45d0                                                                                                            
>   sp: 0xffff0000403f45d0                                                                                                            
>   lr: 0xffff0000001dec34                                                                                                            
>  elr: 0xffff0000001dec44                                                                                                            
> spsr: 0x0000000060000045                                                                                                            
>  far: 0x0000000000000000                                                                                                            
>  esr: 0x0000000096000004                                                                                                            
> panic: vm_fault failed: 0xffff0000001dec44 error 1                                                                                  
> cpuid = 2                                                                                                                           
> time = 1720783402                                                                                                                   
> KDB: stack backtrace:                                                                                                               
> #0 0xffff000000525d3c at kdb_backtrace+0x58                                                                                         
> #1 0xffff0000004d0d40 at vpanic+0x198                                                                                               
> #2 0xffff0000004d0ba4 at panic+0x44                                                                                                 
> #3 0xffff0000008b795c at data_abort+0x2cc                                                                                           
> #4 0xffff000000893814 at handle_el1h_sync+0x14                                                                                      
> Uptime: 7m10s                                           
> Dumping 134 out of 926 MB:..3%..12%..21%..33%..42%..51%..63%..72%..81%..93%                                                         
> Dump complete                                                                                                                       
> Resetting system ...                                                                    
> 
> 
> I have a core dump and can gather more information.
> The panic is repeatable.
> 
> Regards,
> Ronald.
>  


Hi,

I managed to attached the debugger to the core dump and get a backtrace.

[root@rpi3 ~]# kgdb -n 1 /usr/lib/debug/boot/kernel/kernel.debug
Reading symbols from /usr/lib/debug/boot/kernel/kernel.debug...

Unread portion of the kernel message buffer:
panic: vm_fault failed: 0xffff0000001dec44 error 1
cpuid = 2
time = 1720783402
KDB: stack backtrace:
#0 0xffff000000525d3c at kdb_backtrace+0x58
#1 0xffff0000004d0d40 at vpanic+0x198
#2 0xffff0000004d0ba4 at panic+0x44
#3 0xffff0000008b795c at data_abort+0x2cc
#4 0xffff000000893814 at handle_el1h_sync+0x14
Uptime: 7m10s
Dumping 134 out of 926 MB:..3%..12%..21%..33%..42%..51%..63%..72%..81%

Reading symbols from /boot/kernel/if_bridge.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_bridge.ko.debug...
Reading symbols from /boot/kernel/bridgestp.ko...
Reading symbols from /usr/lib/debug//boot/kernel/bridgestp.ko.debug...
Reading symbols from /boot/kernel/if_epair.ko...
Reading symbols from /usr/lib/debug//boot/kernel/if_epair.ko.debug...
Reading symbols from /boot/kernel/ipfw.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ipfw.ko.debug...
Reading symbols from /boot/kernel/ipfw_nat.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ipfw_nat.ko.debug...
Reading symbols from /boot/kernel/libalias.ko...
Reading symbols from /usr/lib/debug//boot/kernel/libalias.ko.debug...
Reading symbols from /boot/kernel/mac_ntpd.ko...
Reading symbols from /usr/lib/debug//boot/kernel/mac_ntpd.ko.debug...
Reading symbols from /boot/kernel/geom_eli.ko...
Reading symbols from /usr/lib/debug//boot/kernel/geom_eli.ko.debug...
Reading symbols from /boot/kernel/nullfs.ko...
Reading symbols from /usr/lib/debug//boot/kernel/nullfs.ko.debug...
Reading symbols from /boot/kernel/uslcom.ko...
Reading symbols from /usr/lib/debug//boot/kernel/uslcom.ko.debug...
Reading symbols from /boot/kernel/ucom.ko...
Reading symbols from /usr/lib/debug//boot/kernel/ucom.ko.debug...
Reading symbols from /boot/kernel/uplcom.ko...
Reading symbols from /usr/lib/debug//boot/kernel/uplcom.ko.debug...
get_curthread () at /usr/src/sys/arm64/include/pcpu.h:77
77        __asm __volatile("ldr    %0, [x18]" : "=&r"(td));
(kgdb) bt
#0  get_curthread () at /usr/src/sys/arm64/include/pcpu.h:77
#1  doadump (textdump=<optimized out>) at /usr/src/sys/kern/kern_shutdown.c:405
#2  0xffff0000004d0794 in kern_reboot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:523
#3  0xffff0000004d0dcc in vpanic (fmt=<optimized out>, ap=...) at /usr/src/sys/kern/kern_shutdown.c:967
#4  0xffff0000004d0ba8 in panic (fmt=0xffff000000cae000 <sysctl___kern_powercycle_on_panic> "")
    at /usr/src/sys/kern/kern_shutdown.c:891
#5  0xffff0000008b7960 in data_abort (td=0xffff0000893f1c80, frame=0xffff0000403f4430, esr=2516582404, far=<optimized out>,
    lower=<optimized out>) at /usr/src/sys/arm64/arm64/trap.c:398
#6  <signal handler called>
#7  MIIBUS_READREG (dev=0x0, phy=1, reg=1) at ./miibus_if.h:26
#8  ukphy_status (phy=0xffffa00001980380) at /usr/src/sys/dev/mii/ukphy_subr.c:68
#9  0xffff0000001deb98 in ukphy_service (sc=0xffffa00001980380, mii=<optimized out>, cmd=3) at /usr/src/sys/dev/mii/ukphy.c:151
#10 0xffff0000001d5b5c in mii_pollstat (mii=mii@entry=0xffffa00001980800) at /usr/src/sys/dev/mii/mii.c:619
#11 0xffff0000002fa298 in muge_ifmedia_sts (ifp=<optimized out>, ifmr=0xffff0000403f4708)
    at /usr/src/sys/dev/usb/net/if_muge.c:2127
#12 0xffff00000061e148 in ifmedia_ioctl (ifp=0x0, ifr=0xffff0000403f4708, ifm=0x0, cmd=18446462598736175692)
    at /usr/src/sys/net/if_media.c:293
#13 0xffff00000071550c in get_operstate_ether (ifp=0xffffa00001363000, pstate=<optimized out>)
    at /usr/src/sys/netlink/route/iface.c:124
#14 get_operstate (ifp=0xffffa00001363000, pstate=<optimized out>) at /usr/src/sys/netlink/route/iface.c:181
#15 dump_iface (nw=nw@entry=0xffff0000403f4790, ifp=ifp@entry=0xffffa00001363000, hdr=hdr@entry=0xffff0000403f47d0,
    if_flags_mask=if_flags_mask@entry=0) at /usr/src/sys/netlink/route/iface.c:310
#16 0xffff000000714dd8 in rtnl_handle_ifevent (ifp=0xffffa00001363000, nlmsg_type=<optimized out>, if_flags_mask=0)
    at /usr/src/sys/netlink/route/iface.c:1411
#17 0xffff000000613c20 in do_link_state_change (arg=0xffffa00001363000, pending=<optimized out>) at /usr/src/sys/net/if.c:2206
#18 0xffff00000053e1f0 in taskqueue_run_locked (queue=queue@entry=0xffffa0000137ac00) at /usr/src/sys/kern/subr_taskqueue.c:518
#19 0xffff00000053df44 in taskqueue_run (queue=0xffffa0000137ac00) at /usr/src/sys/kern/subr_taskqueue.c:533
#20 0xffff000000481b10 in intr_event_execute_handlers (ie=0xffffa00001374a00, p=<optimized out>)
    at /usr/src/sys/kern/kern_intr.c:1205
#21 ithread_execute_handlers (ie=0xffffa00001374a00, p=<optimized out>) at /usr/src/sys/kern/kern_intr.c:1218
#22 ithread_loop (arg=arg@entry=0xffffa0000140f9e0) at /usr/src/sys/kern/kern_intr.c:1306
#23 0xffff00000047cdf4 in fork_exit (callout=0xffff000000481778 <ithread_loop>, arg=0xffffa0000140f9e0, frame=0xffff0000403f4a00)
    at /usr/src/sys/kern/kern_fork.c:1164
#24 <signal handler called>
(kgdb)


I hope this makes sense to somebody. If I need to type some extra commands in the debugger please let me know.

Regards,
Ronald.