From owner-freebsd-current@FreeBSD.ORG Thu Nov 6 21:03:03 2008 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F53A106564A; Thu, 6 Nov 2008 21:03:03 +0000 (UTC) (envelope-from shuvaev@physik.uni-wuerzburg.de) Received: from mailrelay.rz.uni-wuerzburg.de (mailrelay.rz.uni-wuerzburg.de [132.187.3.28]) by mx1.freebsd.org (Postfix) with ESMTP id CBE6B8FC19; Thu, 6 Nov 2008 21:03:02 +0000 (UTC) (envelope-from shuvaev@physik.uni-wuerzburg.de) Received: from virusscan.mail (localhost [127.0.0.1]) by mailrelay.mail (Postfix) with ESMTP id B7892A0723; Thu, 6 Nov 2008 22:03:01 +0100 (CET) Received: from localhost (localhost [127.0.0.1]) by virusscan.mail (Postfix) with ESMTP id A7DA7A0719; Thu, 6 Nov 2008 22:03:01 +0100 (CET) Received: from mail.physik.uni-wuerzburg.de (wthp192.physik.uni-wuerzburg.de [132.187.40.192]) by mailmaster.uni-wuerzburg.de (Postfix) with ESMTP id 88449A06FA; Thu, 6 Nov 2008 22:03:01 +0100 (CET) Received: from wep4035 ([132.187.37.35]) by mail.physik.uni-wuerzburg.de (Lotus Domino Release 8.0.2) with ESMTP id 2008110622030033-26263 ; Thu, 6 Nov 2008 22:03:00 +0100 Received: by wep4035 (sSMTP sendmail emulation); Thu, 6 Nov 2008 22:03:00 +0100 From: "Alexey Shuvaev" Date: Thu, 6 Nov 2008 22:03:00 +0100 To: Hans Petter Selasky Message-ID: <20081106210300.GA1595@wep4035.physik.uni-wuerzburg.de> References: <200810251925.47273.hselasky@c2i.net> <20081106141323.GA4489@wep4035.physik.uni-wuerzburg.de> <20081106183720.4aa1a83f@ernst.jennejohn.org> <200811061910.21994.hselasky@c2i.net> <20081106191230.GA47600@wep4035.physik.uni-wuerzburg.de> MIME-Version: 1.0 In-Reply-To: <20081106191230.GA47600@wep4035.physik.uni-wuerzburg.de> Organization: Universitaet Wuerzburg User-Agent: Mutt/1.5.18 (2008-05-17) X-MIMETrack: Itemize by SMTP Server on domino1/uni-wuerzburg(Release 8.0.2|August 07, 2008) at 11/06/2008 10:03:00 PM, Serialize by Router on domino1/uni-wuerzburg(Release 8.0.2|August 07, 2008) at 11/06/2008 10:03:00 PM, Serialize complete at 11/06/2008 10:03:00 PM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Virus-Scanned: by amavisd-new at uni-wuerzburg.de Cc: freebsd-current@freebsd.org, freebsd-usb@freebsd.org Subject: Re: USB4BSD release candidate number 3 - request for review X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Nov 2008 21:03:03 -0000 On Thu, Nov 06, 2008 at 08:12:30PM +0100, Alexey Shuvaev wrote: > On Thu, Nov 06, 2008 at 07:10:20PM +0100, Hans Petter Selasky wrote: > > On Thursday 06 November 2008, Gary Jennejohn wrote: > > > > > > Alexey Shuvaev wrote: > > > > I am having quite reliable panics with the new stack when I insert > > > > usb stick (actually during the first access to it). > > > > Well, they are not so reliable. I have managed to produce one, but not with this stick. It is with USB-microSDHC adapter with 8 Gb card. > > > > Trying to collect more information I haven't managed to produce > > > > memory dump. Is it working on amd64 SMP CURRENT? I remember there were > > > > some complains about it. > > > > Here I was actually asking about kernel memory dumps... > Will try harder this time. > Calling doadump at ddb prompt does the job. > Now I will play with offending usb stick and with another one > (actually microSDHC-usb adapter). > > Can it be that some modules are automatically loaded when I insert usb stick? > Seems not to be the case. Now I have a kernel dump. Some info from it: Unread portion of the kernel message buffer: [snip] ugen7.2: at usbus7 umass0: on usbus7 umass0: SCSI over Bulk-Only; quirks = 0x0000 umass0:1:0:-1: Attached to scbus1 da0 at umass-sim0 bus 0 target 0 lun 0 da0: Removable Direct Access SCSI-0 device da0: 40.000MB/s transfers da0: 7790MB (15954944 512 byte sectors: 255H 63S/T 993C) <118># [here I have mounted it rw] <118># <118>.Spotlight-V100 IMG_2684.CR2 IMG_2836.JPG films <118>.Trashes IMG_2684.JPG My Documents gpsVP <118>._.Trashes IMG_2836.CR2 bombus-ng pilot [and here umounted, IIRC] <118># Kernel page fault with the following non-sleepable locks held: exclusive sleep mutex UMASS lock (UMASS lock) r = 0 (0xffffffff80b426a0) locked @ /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:1795 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2a _witness_debugger() at _witness_debugger+0x49 witness_warn() at witness_warn+0x2b7 trap() at trap+0x38f calltrap() at calltrap+0x8 --- trap 0xc, rip = 0xffffffff804b2466, rsp = 0xfffffffeba7f8ac0, rbp = 0xfffffffeba7f8b00 --- bcopy() at bcopy+0x16 usb2_bdma_pre_sync() at usb2_bdma_pre_sync+0x35 usb2_bdma_work_loop() at usb2_bdma_work_loop+0x29b usb2_command_wrapper() at usb2_command_wrapper+0x76 usb2_callback_wrapper() at usb2_callback_wrapper+0xfd usb2_command_wrapper() at usb2_command_wrapper+0x76 usb2_callback_proc() at usb2_callback_proc+0x68 usb2_process() at usb2_process+0xc0 fork_exit() at fork_exit+0x12a fork_trampoline() at fork_trampoline+0xe --- trap 0, rip = 0, rsp = 0xfffffffeba7f8d40, rbp = 0 --- Fatal trap 12: page fault while in kernel mode cpuid = 1; apic id = 01 fault virtual address = 0xfffffffea429a000 fault code = supervisor write data, page not present instruction pointer = 0x8:0xffffffff804b2466 stack pointer = 0x10:0xfffffffeba7f8ac0 frame pointer = 0x10:0xfffffffeba7f8b00 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = interrupt enabled, resume, IOPL = 0 current process = 3393 (USBPROC) lock order reversal: (Giant after non-sleepable) 1st 0xffffffff80b426a0 UMASS lock (UMASS lock) @ /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:1795 2nd 0xffffffff806eeb20 Giant (Giant) @ /usr/src/sys/dev/kbdmux/kbdmux.c:1044 KDB: stack backtrace: lock order reversal: (sleepable after non-sleepable) 1st 0xffffffff80b426a0 UMASS lock (UMASS lock) @ /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:1795 2nd 0xffffff00014ab3d0 user map (user map) @ /usr/src/sys/vm/vm_map.c:3115 KDB: stack backtrace: db_trace_self_wrapper() at db_trace_self_wrapper+0x2a _witness_debugger() at _witness_debugger+0x49 witness_checkorder() at witness_checkorder+0x7e6 _sx_xlock() at _sx_xlock+0x44 vm_map_lookup() at vm_map_lookup+0x47 vm_fault() at vm_fault+0xfe trap_pfault() at trap_pfault+0x1fa trap() at trap+0x201 calltrap() at calltrap+0x8 --- trap 0xc, rip = 0xffffffff804b2466, rsp = 0xfffffffeba7f8ac0, rbp = 0xfffffffeba7f8b00 --- bcopy() at bcopy+0x16 usb2_bdma_pre_sync() at usb2_bdma_pre_sync+0x35 usb2_bdma_work_loop() at usb2_bdma_work_loop+0x29b usb2_command_wrapper() at usb2_command_wrapper+0x76 usb2_callback_wrapper() at usb2_callback_wrapper+0xfd usb2_command_wrapper() at usb2_command_wrapper+0x76 usb2_callback_proc() at usb2_callback_proc+0x68 usb2_process() at usb2_process+0xc0 fork_exit() at fork_exit+0x12a fork_trampoline() at fork_trampoline+0xe --- trap 0, rip = 0, rsp = 0xfffffffeba7f8d40, rbp = 0 --- panic: vm_fault: fault on nofault entry, addr: fffffffea429a000 cpuid = 1 KDB: enter: panic Physical memory: 4075 MB Dumping 347 MB: 332 316 300 284 268 252 236 220 204 188 172 156 140 124 108 92 76 60 44 28 12 [here starts post-reboot session with kgdb] [snip] #0 doadump () at pcpu.h:196 196 __asm __volatile("movq %%gs:0,%0" : "=r" (td)); (kgdb) bt #0 doadump () at pcpu.h:196 #1 0xffffffff80195f6c in db_fncall (dummy1=Variable "dummy1" is not available. ) at /usr/src/sys/ddb/db_command.c:548 #2 0xffffffff801962a1 in db_command (last_cmdp=0xffffffff806d1aa0, cmd_table=Variable "cmd_table" is not available. ) at /usr/src/sys/ddb/db_command.c:445 #3 0xffffffff801964e9 in db_command_loop () at /usr/src/sys/ddb/db_command.c:498 #4 0xffffffff80198347 in db_trap (type=Variable "type" is not available. ) at /usr/src/sys/ddb/db_main.c:229 #5 0xffffffff802d4cd2 in kdb_trap (type=3, code=0, tf=0xfffffffeba7f84d0) at /usr/src/sys/kern/subr_kdb.c:534 #6 0xffffffff804b3b7f in trap (frame=0xfffffffeba7f84d0) at /usr/src/sys/amd64/amd64/trap.c:533 #7 0xffffffff80496d2e in calltrap () at /usr/src/sys/amd64/amd64/exception.S:217 #8 0xffffffff802d4e81 in kdb_enter (why=0xffffffff805183d9 "panic", msg=0xa
) at cpufunc.h:63 #9 0xffffffff802a804f in panic (fmt=Variable "fmt" is not available. ) at /usr/src/sys/kern/kern_shutdown.c:559 #10 0xffffffff804775f3 in vm_fault (map=0xffffff0001000000, vaddr=18446744067873808384, fault_type=Variable "fault_type" is not available. ) at /usr/src/sys/vm/vm_fault.c:277 #11 0xffffffff804b3359 in trap_pfault (frame=0xfffffffeba7f8a10, usermode=0) at /usr/src/sys/amd64/amd64/trap.c:664 #12 0xffffffff804b3bec in trap (frame=0xfffffffeba7f8a10) at /usr/src/sys/amd64/amd64/trap.c:444 ---Type to continue, or q to quit--- #13 0xffffffff80496d2e in calltrap () at /usr/src/sys/amd64/amd64/exception.S:217 #14 0xffffffff804b2466 in bcopy () at /usr/src/sys/amd64/amd64/support.S:123 #15 0xffffffff804917b4 in _bus_dmamap_sync (dmat=0xffffff0005af6380, map=Variable "map" is not available. ) at /usr/src/sys/amd64/amd64/busdma_machdep.c:932 #16 0xffffffff80ac6549 in usb2_bdma_pre_sync (xfer=0xfffffffea429a000) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_busdma.c:1358 #17 0xffffffff80ac691e in usb2_bdma_work_loop () from /boot/kernel/usb2_core.ko #18 0xffffffff80ad947c in usb2_command_wrapper (pq=0xfffffffe406fc000, xfer=Variable "xfer" is not available. ) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:2515 #19 0xffffffff80adbcb8 in usb2_callback_wrapper (pq=Variable "pq" is not available. ) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:1926 #20 0xffffffff80ad947c in usb2_command_wrapper (pq=0xfffffffe406fc028, xfer=Variable "xfer" is not available. ) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:2515 #21 0xffffffff80ad95c7 in usb2_callback_proc (_pm=Variable "_pm" is not available. ) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_transfer.c:1799 #22 0xffffffff80ad7221 in usb2_process (arg=Variable "arg" is not available. ) at /usr/src/sys/modules/usb2/core/../../../dev/usb2/core/usb2_process.c:139 #23 0xffffffff80289eea in fork_exit ( ---Type to continue, or q to quit--- callout=0xffffffff80ad7161 , arg=0xfffffffe406fc0f0, frame=0xfffffffeba7f8c90) at /usr/src/sys/kern/kern_fork.c:815 #24 0xffffffff8049713e in fork_trampoline () at /usr/src/sys/amd64/amd64/exception.S:521 #25 0x0000000000000000 in ?? () [snip] #50 0x0000000000000000 in ?? () #51 0xffffff00056a05a0 in ?? () #52 0xffffffff806f6900 in tdq_cpu () #53 0xffffff00014e96e0 in ?? () #54 0xfffffffeba7f8a70 in ?? () #55 0xfffffffeba7f8a28 in ?? () #56 0xffffff00056a1000 in ?? () #57 0xffffffff802c8de1 in sched_switch (td=0xfffffffe406fc0f0, newtd=0xffffffff80ad7161, flags=Variable "flags" is not available. ) at /usr/src/sys/kern/sched_ule.c:1848 Previous frame inner to this frame (corrupt stack?) (kgdb) I have a dump so let me know if you need more info. Alexey.