NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
kern/46826: C-A-ESC to enter ddb with ukbd triggers uhci mutex_owned kassert
>Number: 46826
>Category: kern
>Synopsis: C-A-ESC to enter ddb with ukbd triggers uhci mutex_owned
>kassert
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Aug 22 21:10:00 +0000 2012
>Originator: Taylor R Campbell <campbell+netbsd%mumble.net@localhost>
>Release: NetBSD 6.99.10
>Organization:
>Environment:
System: NetBSD oberon.local 6.99.10 NetBSD 6.99.10 (RIAKERN) #0: Wed Aug 22
14:53:56 UTC 2012
root@oberon.local:/home/riastradh/netbsd/current/obj.i386/sys/arch/i386/compile/RIAKERN
i386
Architecture: i386
Machine: i386
>Description:
I booted my MacBook1,1 into a kernel from a day or two ago and
typed C-A-ESC to make sure ddb works, only to be confronted by
(ten-fingered copy pasta error alert):
fatal breakpoint trap in supervisor mode
trap type 1 code 0 eip c026c5f4 cs 8 eflags 292 cr2 0 ilevel 6 esp daacdbd0
curlwp 0xc31ec540 pid 0 lid 5 lowest kstack 0xdaacb000
Stopped in pid 0.5 (system) at netbsd:breakpoint+0x4: popl %ebp
db{0}> panic: kernel diagnostic assertion "mutex_owned(&sc->sc_lock)" failed:
file "/home/riastradh/netbsd/current/src/sys/dev/usb/uhci.c", line 1508
fatal breakpoint trap in supervisor mode
trap type 1 code 0 eip c026c5f4 cs 8 eflags 292 cr2 0 ilevel 8 esp daacd6d4
curlwp 0xc31ec540 pid 0 lid 5 lowest kstack 0xdaacb000
Stopped in pid 0.5 (system) at netbsd:breakpoint+0x4: popl %ebp
db{0}> bt
breakpoint(c0c6a983,c0da46e0,c0bba7ec,daacd700,c0dae060,18,5,3e,2,0) at
netbsd:breakpoint+0x4
vpanic(c0bba7ec,daacd700,5,6,1,1,daacd754,c089bbc5,c0bba7ec,c0bba99d) at
netbsd:vpanic+0x1e2
kern_assert(c0bba7ec,c0bba99d,c0bdc0fa,c0c5f57c,5e4,0,daacd744,c0597c62,c31e9b80,1)
at netbsd:kern_assert+0x23
uhci_idone(c34e630c,16e4,4,a,3e,0,d,c06a8e63,c0c91e00,c0eea000) at
netbsd:uhci_idone+0x242
uhci_softintr(c36c8004,20a0,2,1,3,daacd824,c36c8000,20a2,0,1) at
netbsd:uhci_softintr+0x1ba
uhci_intr1(c36825c,20a0,2,20,3,1,c0eea000,c0c91e00,c37e1600,daacd888) at
netbsd:uhci_intr1+0x13b
uhci_poll(c36c8004,8,daacd864,c094bc02,c0c91e00,c0eea000,daacd888,0,0,4) at
netbsd:uhci_poll+0x7f
ukbd_cngetc(c37e1600,daacd888,daacd884,c0bd5dfc,daacd8c0,6,daacd8b4,c028f8ed,c0d06060,daacd988)
at netbsd:ukbd_cngetc+0x6e
wskbd_cngetc(2f00,0,daacd8d4,c0d06060,daacd998,0,daacd924,c028dd28,c0bd5dfc,0)
at netbsd:wskbd_cngetc+0xb0
cngetc(c0bd5dfc,0,daacd8f4,c026c5f4,c026c5f5,c026c5f5,daacd974,c028c835,c06a983,c0bd5d49)
at netbsd:cngetc+0x1f
db_readline(c0d06060,78,c026c5f0,c0c24c68,daacd980,0,daacd994,c028bdd1,daacd970,10)
at netbsd:db_readline+0x4e
db_read_line(daacd970,10,0,33fd0d91,daacd980,0,daacd994,0,0,0) at
netbsd:db_read_line+0x1a
db_command_loop(c026c5f4,0,5,c0cecd1d,c37e1600,1,1,b9d2dc,daacdb30,6) at
netbsd:db_command_loop+0xb6
db_trap(1,0,0,7,0,a,0,daacd9f4,c0da47e6,2) at netbsd:db_trap+0xe0
kdb_trap(1,0,daacdb30,5,daacb000,292,0,6,daacdbd0,10000000) at
netbsd:kdb_trap+0x1a
trap() at netbsd:trap+0x2d4
--- trap (number 1) ---
breakpoint(c37e1600,d,c377fea0,c059726b,c3107f80,c365ba00,c377fea0,c0597c62,c3107f80,2)
at netbsd:breakpoint+0x4
wskbd_translate(c37e2400,1,daacdbf0,c058da6b,c365a2c0,c0c92680,daacdc30,c095bb14,c365a2c0,0)
at netbsd:wskbd_translate+0xb57
wskbd_input(c37e2400,2,29,c3107f80,0,0,c36c8cc0,c3751408,5,2) at
netbsd:wskbd_input+0xb8
ukbd_decode(c37e1600,0,0,0,0,0,0,0,c08bb877,c0d72b24) at
netbsd:ukbd_decode+0x292
callout_softclock(0,c058af14,daac3074,c0100310,ec9000,ed2000,0,c0100307,0,0) at
netbsd:callout_softclock+0x346
softint_dispatch(c31ecd20,2,0,0,0,0,daacdd90,daacdd28,c31ec540,0) at
netbsd:softint_dispatch+0xba
fatal page fault in supervisor mode
trap type 6 code 0 eip c028f6a6 cs 8 eflags 10246 cr2 36 ilevel 8 esp daacce28
curlwp 0xc31ec540 pid 0 lid 5 lowest kstack 0xdaacb000
kernel: supervisor trap page fault, code=0
Faulted in DDB; continuting...
db{0}>
>How-To-Repeat:
Enter ddb with C-A-ESC on a ukbd, perhaps.
>Fix:
Yes, please! mrg provisionally approved the following patch to
sys/dev/usb/uhci.c, which I shall commit if it works when I
test it later, but he said there's a deeper problem to address:
Index: uhci.c
===================================================================
RCS file: /cvsroot/src/sys/dev/usb/uhci.c,v
retrieving revision 1.249
diff -p -u -r1.249 uhci.c
--- uhci.c 24 Jun 2012 10:06:34 -0000 1.249
+++ uhci.c 22 Aug 2012 21:07:12 -0000
@@ -1505,7 +1505,7 @@ uhci_idone(uhci_intr_info_t *ii)
u_int32_t status = 0, nstatus;
int actlen;
- KASSERT(mutex_owned(&sc->sc_lock));
+ KASSERT(sc->sc_bus.use_polling || mutex_owned(&sc->sc_lock));
DPRINTFN(12, ("uhci_idone: ii=%p\n", ii));
#ifdef DIAGNOSTIC
Home |
Main Index |
Thread Index |
Old Index