From owner-freebsd-stable@FreeBSD.ORG Fri Apr 7 22:34:46 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3227916A400 for ; Fri, 7 Apr 2006 22:34:46 +0000 (UTC) (envelope-from max@love2party.net) Received: from moutng.kundenserver.de (moutng.kundenserver.de [212.227.126.186]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8E7D443D76 for ; Fri, 7 Apr 2006 22:34:42 +0000 (GMT) (envelope-from max@love2party.net) Received: from [88.64.182.191] (helo=amd64.laiers.local) by mrelayeu.kundenserver.de (node=mrelayeu8) with ESMTP (Nemesis), id 0ML2ov-1FRzXM43t2-0001Sf; Sat, 08 Apr 2006 00:34:41 +0200 From: Max Laier Organization: FreeBSD To: freebsd-stable@freebsd.org Date: Sat, 8 Apr 2006 00:33:24 +0200 User-Agent: KMail/1.9.1 References: <20060406121421.GA1030@roadrunner.q.local> In-Reply-To: <20060406121421.GA1030@roadrunner.q.local> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2005096.HsxDHX5Rip"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200604080033.32208.max@love2party.net> X-Provags-ID: kundenserver.de abuse@kundenserver.de login:61c499deaeeba3ba5be80f48ecc83056 Cc: Ulrich Spoerlein Subject: Re: [panic] ipw and kismet X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Apr 2006 22:34:46 -0000 --nextPart2005096.HsxDHX5Rip Content-Type: multipart/mixed; boundary="Boundary-01=_1iuNE/cqJaWdkrf" Content-Transfer-Encoding: 7bit Content-Disposition: inline --Boundary-01=_1iuNE/cqJaWdkrf Content-Type: text/plain; charset="iso-8859-6" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Thursday 06 April 2006 14:14, Ulrich Spoerlein wrote: > Hello, > > I almost always get a panic when running kismet on my ipw-Interface > under 6.1-PRERELEASE. This has been the case ever since ipw hit the > tree. Sometimes kismet works, sometimes it doesn't. A sure way to > trigger the panic is to switch between bss/ibss/monitor mode prior to > running kismet. Perhaps there is a bug in the re-initialization when > loading a different firmware? > > Is this panic known? Does the new firmware-framework address this? The trace below seems unrelated to firmware loading, but there have been so= me=20 problems with firmware loading before and we hope to improve things with th= e=20 new firmware framework. Could you try the attached patch, please? This is something I did for iwi = and=20 just moved the general idea over without testing or close evaluation. So b= e=20 aware and let me know either way. Thanks. > ipw0: mem 0xfaffc000-0xfaffcfff irq 9 > at device 3.0 on pci2 ... > panic: mutex ipw0 recursed at /usr/src/sys/kern/kern_synch.c:177 > KDB: enter: panic > [thread pid 1527 tid 100119 ] > Stopped at kdb_enter+0x2b: nop > db> tr > Tracing pid 1527 tid 100119 td 0xc5cca300 > kdb_enter(c06d3e90) at kdb_enter+0x2b > panic(c06d332c,c4c5d600,c06d4661,b1,0) at panic+0xbb > _mtx_assert(c4d3cc74,9,c06d4661,b1,0) at _mtx_assert+0x83 > msleep(c4d3c000,c4d3cc74,0,c0912121,3e8) at msleep+0x16a > ipw_init(c4d3c000,c4d3c000,2080,c4d3c904,c4c2dc00) at ipw_init+0xb63 > ipw_media_change(c4c2dc00,c4f6fd00,80,c4d36600,0) at ipw_media_change+0x8b > ifmedia_ioctl(c4c2dc00,c4d9a360,c4d3c904,c0206937,0) at ifmedia_ioctl+0x93 > ieee80211_ioctl(c4d3c004,c0206937,c4d9a360,c4d3cc74,c4d3c000) at > ieee80211_ioctl+0xc1 > ipw_ioctl(c4c2dc00,c0206937,c4d9a360,ef577c38,c051bbee) at ipw_ioctl+0x5c > ifhwioctl(c0206937,c4c2dc00,c4d9a360,c5cca300,c074a4c0) at ifhwioctl+0x9ac > ifioctl(c5a4f858,c0206937,c4d9a360,c5cca300,0) at ifioctl+0xc3 > soo_ioctl(c59c0750,c0206937,c4d9a360,c5a41a80,c5cca300) at soo_ioctl+0x2db > ioctl(c5cca300,ef577d04,3,2,282) at ioctl+0x370 > syscall(3b,3b,3b,bfbf90a0,80dc400) at syscall+0x22f > Xint0x80_syscall() at Xint0x80_syscall+0x1f > --- syscall (54, FreeBSD ELF32, ioctl), eip =3D 0x482d468f, esp =3D 0xbfb= f906c, > ebp =3D 0xbfbf90e8 --- > > > Ulrich Spoerlein =2D-=20 /"\ Best regards, | mlaier@freebsd.org \ / Max Laier | ICQ #67774661 X http://pf4freebsd.love2party.net/ | mlaier@EFnet / \ ASCII Ribbon Campaign | Against HTML Mail and News --Boundary-01=_1iuNE/cqJaWdkrf Content-Type: text/x-diff; charset="iso-8859-6"; name="ipw.unrecurse.diff" Content-Transfer-Encoding: quoted-printable Content-Disposition: attachment; filename="ipw.unrecurse.diff" Index: if_ipw.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/store/mlaier/fcvs/src/sys/dev/ipw/if_ipw.c,v retrieving revision 1.7.2.4 diff -u -r1.7.2.4 if_ipw.c =2D-- if_ipw.c 29 Jan 2006 15:13:01 -0000 1.7.2.4 +++ if_ipw.c 7 Apr 2006 22:27:33 -0000 @@ -220,7 +220,7 @@ sc->sc_dev =3D dev; =20 mtx_init(&sc->sc_mtx, device_get_nameunit(dev), MTX_NETWORK_LOCK, =2D MTX_DEF | MTX_RECURSE); + MTX_DEF); =20 if (pci_get_powerstate(dev) !=3D PCI_POWERSTATE_D0) { device_printf(dev, "chip is in D%d power mode " @@ -380,6 +380,7 @@ struct ipw_softc *sc =3D device_get_softc(dev); struct ieee80211com *ic =3D &sc->sc_ic; struct ifnet *ifp =3D ic->ic_ifp; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -722,6 +723,7 @@ { struct ipw_softc *sc =3D device_get_softc(dev); struct ifnet *ifp =3D sc->sc_ic.ic_ifp; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -743,6 +745,7 @@ { struct ipw_softc *sc =3D ifp->if_softc; int error; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -1222,6 +1225,7 @@ { struct ipw_softc *sc =3D arg; uint32_t r; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -1474,6 +1478,7 @@ struct mbuf *m0; struct ether_header *eh; struct ieee80211_node *ni; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -1557,6 +1562,7 @@ struct ieee80211com *ic =3D &sc->sc_ic; struct ifreq *ifr; int error =3D 0; + IPW_LOCK_DECL; =20 IPW_LOCK(sc); =20 @@ -1769,6 +1775,7 @@ struct ipw_firmware_hdr hdr; u_char *p =3D data; int error; + IPW_LOCK_DECL; =20 ipw_free_firmware(sc); =20 Index: if_ipwvar.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /usr/store/mlaier/fcvs/src/sys/dev/ipw/if_ipwvar.h,v retrieving revision 1.3 diff -u -r1.3 if_ipwvar.h =2D-- if_ipwvar.h 10 Jun 2005 16:49:11 -0000 1.3 +++ if_ipwvar.h 7 Apr 2006 22:23:46 -0000 @@ -170,5 +170,12 @@ #define SIOCSLOADFW _IOW('i', 137, struct ifreq) #define SIOCSKILLFW _IOW('i', 138, struct ifreq) =20 =2D#define IPW_LOCK(sc) mtx_lock(&(sc)->sc_mtx) =2D#define IPW_UNLOCK(sc) mtx_unlock(&(sc)->sc_mtx) +#define IPW_LOCK_DECL int __waslocked =3D 0 +#define IPW_LOCK(sc) do { \ + if (!(__waslocked =3D mtx_owned(&(sc)->sc_mtx))) \ + mtx_lock(&(sc)->sc_mtx); \ +} while (0) +#define IPW_UNLOCK(sc) do { \ + if (!__waslocked) \ + mtx_unlock(&(sc)->sc_mtx); \ +} while (0) --Boundary-01=_1iuNE/cqJaWdkrf-- --nextPart2005096.HsxDHX5Rip Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (FreeBSD) iD8DBQBENui8XyyEoT62BG0RApjzAJ9UMnRSY9r8JnRMtLwN3tK+87EkvgCfeu9c +4Yr4bm4HwkJjc+QciqRimo= =lKOR -----END PGP SIGNATURE----- --nextPart2005096.HsxDHX5Rip--