NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/42656: netbsd-5: panic LOCKDEBUG in opencrypto(9) w/ hifn(4)
>Number: 42656
>Category: kern
>Synopsis: netbsd-5: panic LOCKDEBUG in opencrypto(9) w/ hifn(4)
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Jan 21 15:50:00 +0000 2010
>Originator: Hubert Feyrer
>Release: netbsd-5 branch sources from 2010-01-19
>Organization:
n/a
>Environment:
NetBSD/i386 with hifn(4) PCI card
>Description:
Trying to establish performance of hifn(4), I get:
# uname -a
NetBSD 5.0_STABLE NetBSD 5.0_STABLE (GENERIC) #22: Tue Jan 19 14:10:05 CET 2010
feyrer@host:/home/feyrer/repository/Image_Creation/trunk/obj.build/sys/arch/i3
86/compile/GENERIC i386
#
# dmesg | grep -i hifn
hifn0 at pci0 dev 20 function 0: Hifn 7955, rev. 0
hifn0: 3DES/AES, 32KB dram, interrupting at irq 5
#
# openssl speed -evp aes-128-cbc -elapsed
You have chosen to measure elapsed time instead of user CPU time.
Doing aes-128-cbc for 3s on 16 size blocks: 1 aes-128-cbc´s in 27.89s
Doing aes-128-cbc for 3s on 64 size blocks:
1 aes-128-cbc´s Mutex error: lockdebug_barrier: spin lock held
lock address : 0x00000000c04a2774 type : spin
initialized : 0x00000000c0113204
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 0 last held: 0
current lwp : 0x00000000cb9dbac0 last held: 0x00000000cb9dbac0
last locked : 0x00000000c0117984 unlocked : 0x00000000c0118b69
owner field : 0x0000000000010600 wait/spin: 0/1
panic: LOCKDEBUG
fatal breakpoint trap in supervisor mode
trap type 1 code 0 eip c0349efc cs 8 eflags 246 cr2 cb079000 ilevel 6
Stopped in pid 349.1 (openssl) at netbsd:breakpoint+0x4: popl %ebp
db{0}> bt
breakpoint(c0431c16,cb8cf7f8,c045db80,c02a5a0f,6,1,0,0,cb8cf7f8,c0100e1a) at net
bsd:breakpoint+0x4
panic(c0431c18,c042e02a,c0400028,c0431c31,ebc0,1000001,6,0,0,0) at netbsd:panic+
0x1b0
lockdebug_abort1(c0431c31,1,0,0,0,cb9dbac0,0,0,cb9dbac0,cb8cf934) at netbsd:lock
debug_abort1+0xbb
mutex_vector_enter(c04a8e8c,cb9c9d40,cb8cf8ec,c029e49f,cba0ebcc,cb9c9d40,cb8cf8e
c,c029e87a,8,20) at netbsd:mutex_vector_enter+0x3b7
rnd_extract_data(cb8cf8f0,20,1,4,4,4,293,c027351e,0,0) at netbsd:rnd_extract_dat
a+0x13
arc4_randrekey(cacfa17c,10,c04a2776,c1191401,cacfa17c,0,0,4,0,0) at netbsd:arc4_
randrekey+0x3d
hifn_newsession(cacfa000,cb8cfa5c,cb8cfb0c,c02c19c2,0,0,4,c03d8d06,cb9e6940,0) a
t netbsd:hifn_newsession+0xeb
crypto_newsession(cb8cfb54,cb8cfb0c,1,c04139cc,62d,cb9c343c,0,c02e5577,0,cb8cfb0
c) at netbsd:crypto_newsession+0xac
cryptodev_session(c11a8ec0,cb8cfc50,297,c027351e,7,0,cb8cfbac,c03d8d06,c06f9cc0,
c11a8ec0) at netbsd:cryptodev_session+0x432
cryptof_ioctl(cb9c70c0,c0206370,cb8cfc50,0,c028ffd4,cb9dbac0,7,c06f4e14,3,0) at
n
etbsd:cryptof_ioctl+0x78
sys_ioctl(cb9dbac0,cb8cfd00,cb8cfd28,bb9bd000,ca479350,ca479350,293,3,c0206370,b
b8120d0) at netbsd:sys_ioctl+0x13f
syscall(cb8cfd48,b3,ab,1f,1f,bb8120f0,b,bfbfb738,bbb99640,bb8120d0) at netbsd:sy
scall+0xc8
db{0}>
db{0}> sh reg
ds 0x10
es 0x10
fs 0x30
gs 0x10
edi 0xc0400028 __func__.7317
esi 0xc0431c18 copyright+0x1ecd8
ebp 0xcb8cf7ac
ebx 0x104
edx 0xc0000011
ecx 0x6
eax 0x1
eip 0xc0349efc breakpoint+0x4
cs 0x8
eflags 0x246
esp 0xcb8cf7ac
ss 0x10
netbsd:breakpoint+0x4: popl %ebp
db{0}>
db{0}> show lock crypto_mtx
lock address : 0x00000000c04a2774 type : spin
initialized : 0x00000000c0113204
shared holds : 0 exclusive: 1
shares wanted: 0 exclusive: 0
current cpu : 0 last held: 0
current lwp : 0x00000000cb9d9d40 last held: 0x00000000cb9d9d40
last locked : 0x00000000c0117984 unlocked : 0x00000000c0118b69
owner field : 0x0000000000010600 wait/spin: 0/1
db{0}>
db{0}> show lock rndpool_mtx
lock address : 0x00000000c04a8e8c type : sleep/adaptive
initialized : 0x00000000c024b673
shared holds : 0 exclusive: 0
shares wanted: 0 exclusive: 1
current cpu : 0 last held: 0
current lwp : 0x00000000cb9d9d40 last held: 000000000000000000
last locked : 0x00000000c024b0df unlocked : 0x00000000c0380f5c
owner field : 000000000000000000 wait/spin: 0/0
Turnstile chain at 0xc06f5060.
=> No active turnstile for this lock.
db{0}>
In GDB (gdb netbsd.gdb):
1) ´last locked´ from output.
(gdb) list *(0x00000000c0117984)
0xc0117984 is in cryptodev_session
(/usr/nbcvs/src-5/sys/opencrypto/cryptodev.c:1615).
1610 }
1611 }
1612
1613 /* crypto_newsession requires that we hold the mutex. */
1614 mutex_spin_enter(&crypto_mtx);
1615 error = crypto_newsession(&sid, crihead, crypto_devallowsoft);
1616 if (!error) {
1617 DPRINTF(("cyrptodev_session: got session %d\n",
(uint32_t)sid));
1618 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen,
1619 cria.cri_key, cria.cri_klen, (txform ? sop->cipher
: 0), sop->mac,
(gdb)
2) line from panic message:
(gdb) list *(cryptodev_session+0x432)
0xc01179a2 is in cryptodev_session
(/usr/nbcvs/src-5/sys/opencrypto/cryptodev.c:1616).
1611 }
1612
1613 /* crypto_newsession requires that we hold the mutex. */
1614 mutex_spin_enter(&crypto_mtx);
1615 error = crypto_newsession(&sid, crihead, crypto_devallowsoft);
1616 if (!error) {
1617 DPRINTF(("cyrptodev_session: got session %d\n",
(uint32_t)sid));
1618 cse = csecreate(fcr, sid, crie.cri_key, crie.cri_klen,
1619 cria.cri_key, cria.cri_klen, (txform ? sop->cipher
: 0), sop->mac,
1620 (tcomp ? sop->comp_alg : 0), txform, thash, tcomp);
>How-To-Repeat:
- Plug in hifn(4) card into NetBSD/i386 machine with netbsd-5 kernel sources
from 20100119 with options LOCKDEBUG in kernel
- Run above openssl command
- See panic after some time
>Fix:
Unknown, probably some locking problem.
Some suggestions made while getting the above data were
(thanks to martin, pooka & phone):
* we may try to sleep on a mutex_enter() on rndpool_mtx while holding the
crypto_mtx spin lock
* The comment near the CRIOGET case may be related here:
/* XXX deprecated, remove after 5.0 */
* the same may be in cryptoopen()
* that type of locking misuse seems common
* one of those was removed recently from bpf
Home |
Main Index |
Thread Index |
Old Index