Re: kern/38636: ld(4) is now totally broken with ataraid(4)

To: NetBSD GNATS <gnats-bugs%netbsd.org@localhost>, NetBSD Kernel Technical Discussion List <tech-kern%netbsd.org@localhost>
Subject: Re: kern/38636: ld(4) is now totally broken with ataraid(4)
From: Juergen Hannken-Illjes <hannken%eis.cs.tu-bs.de@localhost>
Date: Sat, 23 Aug 2008 19:20:29 +0200

On Sat, Aug 23, 2008 at 12:56:31PM -0400, Greg A. Woods wrote:
> OK, so it's now near the end of August and a whole lot more has been
> done to -current since this PR was first filed, but yet I'm still seeing
> exactly the same LOCKDEBUG panic.  I've CC'ed this message to tech-kern
> and port-i386 to see if anyone can shed new eyes on this.
> 
> To me, at least, fixing this is really critical for NetBSD-5.
> 
> Any help would be appreciated.
> 
> 
> NetBSD 4.99.72 (GENERIC) #0: Wed Aug 20 15:08:33 EDT 2008
> [[....]]
> ataraid0: found 1 RAID volume
> ld0 at ataraid0 vendtype 1 unit 0: Adaptec ATA RAID-1 array
> ld0: ld_ataraid_attach(): ld unit 0 (ld->sc_dv = 0xd185d6cc)
> ld0: ldattach(): unit 0
> ld0: 186 GB, 24321 cyl, 255 head, 63 sec, 512 bytes/sect x 390721536 sectors
> rnd: ld0 attached as an entropy source (collecting)
> Condition variable error: pool_do_put: allocation contains active lock
> 
> lock address : 0x00000000c31f7edc type     :               spin
> initialized  : 0x00000000c05197f5 interlock: 000000000000000000
> 
> panic: LOCKDEBUG
> Begin traceback...
> copyright(d0d44442,0,d1843580,c0b274dc,d1843580,d1843518,c31f7edc,c0b25fa4,0,0)
>  at 0xc0a9f0a8
> Bad frame pointer: 0xd0d44400
> End traceback...
> fatal breakpoint trap in supervisor mode
> trap type 1 code 0 eip c05ac52c cs 8 eflags 246 cr2 0 ilevel 6
> Stopped in pid 0.4 (system) at  netbsd:breakpoint+0x4:  popl    %ebp
> db{0}> trace
> breakpoint(c0a9fed6,1,ffff,c0afc059,c04e3250,1,0,0,d086fc0c,8) at 
> netbsd:breakpoint+0x4
> panic(c0a9edbc,c0a983ef,c087b03c,c0a9f0a8,c087b03c,1843540,6,c31f7e8c,c31f7e8c,c0bca2a0)
>  at netbsd:panic+0x1b8
> lockdebug_abort1(c0a9f0a8,1,c4,c04dc3da,8,d1823b80,c0bca314,c083ca86,c0be6640,c0be3800)
>  at netbsd:lockdebug_abort1+0xbb
> pool_put(c0bca2a0,c31f7e8c,3,d1823b80,0,0,d1823b80,c04b0aaa,c31e7a14,d185d6cc)
>  at netbsd:pool_put+0x60
> ld_ataraid_iodone_raid0(c31f7e8c,0,0,0,c31f7e8c,c0b29800,d086fd40,c051beca,3,c04c1c60)
>  at netbsd:ld_ataraid_iodone_raid0+0x1c3

Ok, here we pool_put() a cbuf without destroying its cb_buf.  Could you try
this one:

--- sys/dev/ata/ld_ataraid.c    2008-05-08 02:04:47.000000000 +0200
+++ sys/dev/ata/ld_ataraid.c
@@ -516,4 +516,5 @@ ld_ataraid_iodone_raid0(struct buf *vbp)
        }
        count = cbp->cb_buf.b_bcount;
+       buf_destroy(&cbp->cb_buf);
        CBUF_PUT(cbp);
 

-- 
Juergen Hannken-Illjes - hannken%eis.cs.tu-bs.de@localhost - TU Braunschweig 
(Germany)

Follow-Ups:
- Re: kern/38636: ld(4) is now totally broken with ataraid(4)
  - From: Greg A. Woods

References:
- Re: kern/38636: ld(4) is now totally broken with ataraid(4)
  - From: Greg A. Woods

Prev by Date: Re: kern/38636: ld(4) is now totally broken with ataraid(4)
Next by Date: Re: bwi(4): Broadcom AirForce BCM43xx IEEE 802.11b/g wifi driver
Previous by Thread: Re: kern/38636: ld(4) is now totally broken with ataraid(4)
Next by Thread: Re: kern/38636: ld(4) is now totally broken with ataraid(4)
Indexes:

Home | Main Index | Thread Index | Old Index