From owner-freebsd-current@FreeBSD.ORG Tue Nov 2 19:53:33 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D543716A4CE for ; Tue, 2 Nov 2004 19:53:33 +0000 (GMT) Received: from mailgate1b.savvis.net (mailgate1b.savvis.net [216.91.182.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5FFCE43D1D for ; Tue, 2 Nov 2004 19:53:33 +0000 (GMT) (envelope-from Maksim.Yevmenkin@savvis.net) Received: from out001.email.savvis.net (out001.apptix.savvis.net [216.91.32.44])iA2Jr6JW018979; Tue, 2 Nov 2004 13:53:06 -0600 Received: from s228130hz1ew17.apptix-01.savvis.net ([10.146.4.29]) by out001.email.savvis.net with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Nov 2004 13:53:01 -0600 Received: from [10.254.186.111] ([66.35.239.94]) by s228130hz1ew17.apptix-01.savvis.net with Microsoft SMTPSVC(6.0.3790.211); Tue, 2 Nov 2004 13:53:11 -0600 Message-ID: <4187E594.5080306@savvis.net> Date: Tue, 02 Nov 2004 11:52:52 -0800 From: Maksim Yevmenkin User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20040822 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Niki Denev References: <416DB569.4010805@savvis.net> <416DC1E5.1060904@savvis.net> In-Reply-To: Content-Type: multipart/mixed; boundary="------------060106090403000906090205" X-OriginalArrivalTime: 02 Nov 2004 19:53:11.0860 (UTC) FILETIME=[956C6740:01C4C115] X-ECS-MailScanner: No virus is found cc: current@freebsd.org Subject: Re: bluetooth / hcseriald panics -current. X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Nov 2004 19:53:34 -0000 This is a multi-part message in MIME format. --------------060106090403000906090205 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Hi Niki, sorry for the delay. i was able to reproduce and track down the problem. please find attached patch. let me know if it works for you. i'm sorry about this. max Niki Denev wrote: > Maksim Yevmenkin writes: > >> >> stack trace? >> what is the version of sio.c? >> >> i'm trying to reproduce it on my system with xircom cbt adapter. >> > > sio.c is 1.456 > > here is the crash message and the trace : > > kernel trap 12 with interrupts disabled > > Fatal trap 12: page fault while in kernel mode > fault virtual address = 0x64 > fault code = supervisor write, page not present > instruction pointer = 0x8:0xc062f2b1 > stack pointer = 0x10:0xe6879a2c > frame pointer = 0x10:0xe6879a38 > code segment = base 0x0, limit 0xfffff, type 0x1b > = DPL 0, pres 1, def32 1, gran 1 > processor eflags = resume, IOPL = 0 > current process = 542 (hcseriald) > [thread 100071] > Stopped at comstop+0x75: andl $-0x5,0x64(%eax) > db> trace > comstop(c1d6c000,3) at comstop+0x75 > ttyflush(c1d6c000,3,c1fd0600,303468,e6879a80) at ttyflush+0x37 > ng_h4_open(c1d5f900,c1d6c000) at ng_h4_open+0x194 > ttioctl(c1d6c000,8004741b,e6879c60,3,c206a948) at ttioctl+0xc32 > ttyioctl(c1d5f900,8004741b,e6879c60,3,c1d8b180) at ttyioctl+0x41 > spec_ioctl(d540bb88,e6879c34,c056a017,e6879b88,c06e8100) at spec_ioctl+0xee > spec_vnoperate(d540bb88) at spec_vnoperate+0x13 > vn_ioctl(c1d84110,8004741b,e6879c60,c1ff0380,c1d8b180) at vn_ioctl+0x1ab > ioctl(c1d8b180,e6879d14,3,1,246) at ioctl+0x3e0 > syscall(2f,2f,2f,bfbfe8ec,bfbfee67) at syscall+0x213 > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (54, FreeBSD ELF32, ioctl), eip = 0x280ce80f, esp = > 0xbfbfe80c, ebp = 0xbfbfed54 --- > db> > > --niki > --------------060106090403000906090205 Content-Type: text/plain; name="ng_h4.c.diff.txt" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="ng_h4.c.diff.txt" --- /usr/src/sys/netgraph/bluetooth/drivers/h4/ng_h4.c Sat Jul 10 17:06:58 2004 +++ ng_h4.c Tue Nov 2 11:47:26 2004 @@ -25,7 +25,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $Id: ng_h4.c,v 1.5 2003/05/10 05:51:25 max Exp $ + * $Id: ng_h4.c,v 1.7 2004/08/23 18:08:15 max Exp $ * $FreeBSD: src/sys/netgraph/bluetooth/drivers/h4/ng_h4.c,v 1.10 2004/06/26 08:44:04 phk Exp $ * * Based on: @@ -70,6 +70,8 @@ ***************************************************************************** *****************************************************************************/ +NET_NEEDS_GIANT("ng_h4"); + /* MALLOC define */ #ifndef NG_SEPARATE_MALLOC MALLOC_DEFINE(M_NETGRAPH_H4, "netgraph_h4", "Netgraph Bluetooth H4 node"); @@ -199,7 +201,7 @@ /* Set back pointers */ NG_NODE_SET_PRIVATE(sc->node, sc); - tp->t_sc = (caddr_t) sc; + tp->t_lsc = (caddr_t) sc; /* The node has to be a WRITER because data can change node status */ NG_NODE_FORCE_WRITER(sc->node); @@ -228,7 +230,7 @@ static int ng_h4_close(struct tty *tp, int flag) { - ng_h4_info_p sc = (ng_h4_info_p) tp->t_sc; + ng_h4_info_p sc = (ng_h4_info_p) tp->t_lsc; int s; s = spltty(); /* XXX */ @@ -236,7 +238,7 @@ ttyflush(tp, FREAD | FWRITE); clist_free_cblocks(&tp->t_outq); if (sc != NULL) { - tp->t_sc = NULL; + tp->t_lsc = NULL; if (sc->node != NULL) { if (sc->flags & NG_H4_TIMEOUT) @@ -285,7 +287,7 @@ ng_h4_ioctl(struct tty *tp, u_long cmd, caddr_t data, int flag, struct thread *td) { - ng_h4_info_p sc = (ng_h4_info_p) tp->t_sc; + ng_h4_info_p sc = (ng_h4_info_p) tp->t_lsc; int s, error = 0; s = spltty(); /* XXX */ @@ -326,7 +328,7 @@ static int ng_h4_input(int c, struct tty *tp) { - ng_h4_info_p sc = (ng_h4_info_p) tp->t_sc; + ng_h4_info_p sc = (ng_h4_info_p) tp->t_lsc; if (sc == NULL || tp != sc->tp || sc->node == NULL || NG_NODE_NOT_VALID(sc->node)) @@ -546,7 +548,7 @@ static int ng_h4_start(struct tty *tp) { - ng_h4_info_p sc = (ng_h4_info_p) tp->t_sc; + ng_h4_info_p sc = (ng_h4_info_p) tp->t_lsc; if (sc == NULL || tp != sc->tp || sc->node == NULL || NG_NODE_NOT_VALID(sc->node)) --------------060106090403000906090205--