kern/58050: ccd(4) allocates memory at inopportune moments, crashes

To: kern-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: kern/58050: ccd(4) allocates memory at inopportune moments, crashes
From: paul%whooppee.com@localhost
Date: Tue, 19 Mar 2024 01:20:01 +0000 (UTC)

>Number:         58050
>Category:       kern
>Synopsis:       ccd(4) allocates memory at inopportune moments, crashes
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Mar 19 01:20:01 +0000 2024
>Originator:     Paul Goyette
>Release:        NetBSD 10.99.10
>Organization:
+---------------------+--------------------------+----------------------+
| Paul Goyette (.sig) | PGP Key fingerprint:     | E-mail addresses:    |
| (Retired)           | 1B11 1849 721C 56C8 F63A | paul%whooppee.com@localhost    |
| Software Developer  | 6E2E 05FD 15CE 9F2D 5102 | pgoyette%netbsd.org@localhost  |
| & Network Engineer  |                          | pgoyette99%gmail.com@localhost |
+---------------------+--------------------------+----------------------+
>Environment:
	
	
System: NetBSD speedy.whooppee.com 10.99.10 NetBSD 10.99.10 (SPEEDY 2024-03-18 02:46:01 UTC) #0: Mon Mar 18 05:00:00 UTC 2024 paul%speedy.whooppee.com@localhost:/build/netbsd-local/obj/amd64/sys/arch/amd64/compile/SPEEDY amd64
Architecture: x86_64
Machine: amd64
>Description:
	The ccd(4) driver apparently allocates memory while in a soft
	interrupt.  Shortly thereafter the system crashes.  Here is a
	sample stack trace:

#0  0xffffffff80239b95 in cpu_reboot (howto=howto@entry=256, bootstr=bootstr@entry=0x0) at /build/netbsd-local/src_ro/sys/arch/amd64/amd64/machdep.c:708
#1  0xffffffff806a84f5 in kern_reboot (howto=howto@entry=256, bootstr=bootstr@entry=0x0) at /build/netbsd-local/src_ro/sys/kern/kern_reboot.c:91
#2  0xffffffff80588d23 in db_sync_cmd (addr=<optimized out>, have_addr=<optimized out>, count=<optimized out>, modif=<optimized out>) at /build/netbsd-local/src_ro/sys/ddb/db_command.c:1651
#3  0xffffffff805894ca in db_command (last_cmdp=last_cmdp@entry=0xffffd220dfd9c958) at /build/netbsd-local/src_ro/sys/ddb/db_command.c:970
#4  0xffffffff80589abf in db_execute_commandlist (cmdlist=0xffffffff80e353e0 <db_cmd_on_enter> "bt; show reg; sync") at /build/netbsd-local/src_ro/sys/ddb/db_command.c:466
#5  db_command_loop () at /build/netbsd-local/src_ro/sys/ddb/db_command.c:618
#6  0xffffffff8058dc98 in db_trap (type=type@entry=1, code=code@entry=0) at /build/netbsd-local/src_ro/sys/ddb/db_trap.c:91
#7  0xffffffff80236a54 in kdb_trap (type=type@entry=1, code=code@entry=0, regs=regs@entry=0xffffd220dfd9cc10) at /build/netbsd-local/src_ro/sys/arch/amd64/amd64/db_interface.c:251
#8  0xffffffff8023c066 in trap (frame=0xffffd220dfd9cc10) at /build/netbsd-local/src_ro/sys/arch/amd64/amd64/trap.c:314
#9  0xffffffff80234a24 in alltraps ()
#10 0xffffffff80235365 in breakpoint ()
#11 0xffffffff806ef1be in vpanic (fmt=fmt@entry=0xffffffff80b34a1b "%s: %s caller=%p", ap=ap@entry=0xffffd220dfd9cd48) at /build/netbsd-local/src_ro/sys/kern/subr_prf.c:286
#12 0xffffffff806ef29d in panic (fmt=fmt@entry=0xffffffff80b34a1b "%s: %s caller=%p") at /build/netbsd-local/src_ro/sys/kern/subr_prf.c:209
#13 0xffffffff8069349d in assert_sleepable () at /build/netbsd-local/src_ro/sys/kern/kern_lock.c:109
#14 0xffffffff806ec0e7 in pool_cache_get_paddr (pc=0xfffff7cf1a829540, flags=flags@entry=1, pap=pap@entry=0x0) at /build/netbsd-local/src_ro/sys/kern/subr_pool.c:2721
#15 0xffffffff813ad275 in ccdbuffer (bcount=4096, addr=0xffffd220bf420000, bn=5046122874, bp=0xfffff7cf1b4a85c0, cs=0xfffff7cf1b04be40) at /build/netbsd-local/src_ro/sys/dev/ccd.c:932
#16 ccdstart (cs=0xfffff7cf1b04be40) at /build/netbsd-local/src_ro/sys/dev/ccd.c:844
#17 0xffffffff806d8331 in bdev_strategy (bp=0xfffff7cf1b4a85c0) at /build/netbsd-local/src_ro/sys/kern/subr_devsw.c:1267
#18 0xffffffff8076f142 in spec_strategy (v=<optimized out>) at /build/netbsd-local/src_ro/sys/miscfs/specfs/spec_vnops.c:1508
#19 0xffffffff80762459 in VOP_STRATEGY (vp=vp@entry=0xfffff7cf1c61cb00, bp=bp@entry=0xfffff7cf1b4a85c0) at /build/netbsd-local/src_ro/sys/kern/vnode_if.c:1733
#20 0xffffffff8077226d in dkstart (sc=0xfffff7cf1a35b248) at /build/netbsd-local/src_ro/sys/dev/dkwedge/dk.c:1626
#21 0xffffffff80772f69 in dkiodone (bp=<optimized out>) at /build/netbsd-local/src_ro/sys/dev/dkwedge/dk.c:1658
#22 0xffffffff802e186a in lddone (sc=0xfffff7cf188dcb40, bp=<optimized out>) at /build/netbsd-local/src_ro/sys/dev/ld.c:527
#23 0xffffffff802f0930 in nvme_q_complete (sc=0xffffd200fac10000, q=0xfffff7cf1717a600) at /build/netbsd-local/src_ro/sys/dev/ic/nvme.c:1541
#24 0xffffffff806b6bb1 in softint_execute (s=3, l=0xfffff7de5cf6b800) at /build/netbsd-local/src_ro/sys/kern/kern_softint.c:599
#25 softint_dispatch (pinned=<optimized out>, s=3) at /build/netbsd-local/src_ro/sys/kern/kern_softint.c:848
#26 0xffffffff8023475c in Xsoftintr ()
quit
	
>How-To-Repeat:
	Configure a ccd(4) and exercise it heavily.
	
>Fix:
	please

>Unformatted:

Prev by Date: NetBSD Nightly Trouble Ticket Report
Next by Date: Re: kern/58050 (ccd(4) allocates memory at inopportune moments, crashes)
Previous by Thread: kern/58049: vioif(4) panics if the virtq size is too small
Next by Thread: Re: kern/58050 (ccd(4) allocates memory at inopportune moments, crashes)
Indexes:

Home | Main Index | Thread Index | Old Index