biodone() and splbio ?

[Manuel Bouyer <bouyer%antioche.eu.org@localhost>]

hi,
I just got this panic:
panic: kernel diagnostic assertion "!ISSET(bp->b_oflags, BO_DONE)" failed: file 
"/home/src/src-5/src/sys/kern/vfs_bio.c", line 1542
fatal breakpoint trap in supervisor mode
trap type 1 code 0 rip ffffffff803dab65 cs 8 rflags 246 cr2  521080 cpl 3 rsp 
ffff8000a3b6ab60
Stopped in pid 0.4 (system) at  netbsd:breakpoint+0x5:  leave
db{0}> tr
breakpoint() at netbsd:breakpoint+0x5
panic() at netbsd:panic+0x24d
__kernassert() at netbsd:__kernassert+0x2d
biodone() at netbsd:biodone+0xc4
dkiodone() at netbsd:dkiodone+0x8f
biodone2() at netbsd:biodone2+0x95
biointr() at netbsd:biointr+0x3c
softint_dispatch() at netbsd:softint_dispatch+0xe7

The top comment of dkiodone() says "NOTE: Must be called at splbio()!"
but I can't see what would raise to splbio() in the trace above:
biointr() is called at splsoftbio. It raises to splvm() to deal with
the per-cpu iodone queue, but lowers the spl before calling
biodone2(). uses mutex to protect bp's members, but releases it before
calling b_iodone(). The callback is called with the kernel_lock held,
but not at splbio(). Did I miss something ?

If not, dk.c needs to be fixed to raise to splbio() in its done routine.
raidcframe already does it. I suspect ccdiodone() and vndiodone()
need it too.
cgdiodone() definitively needs it as the comment says it needs to be called
at splbio. 

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--