From owner-freebsd-current@FreeBSD.ORG Fri Aug 14 18:31:19 2009 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 6E63E1065784 for ; Fri, 14 Aug 2009 18:31:19 +0000 (UTC) (envelope-from florent.thoumie@gmail.com) Received: from mail-fx0-f205.google.com (mail-fx0-f205.google.com [209.85.220.205]) by mx1.freebsd.org (Postfix) with ESMTP id EAFB58FC59 for ; Fri, 14 Aug 2009 18:31:18 +0000 (UTC) Received: by fxm1 with SMTP id 1so1256291fxm.7 for ; Fri, 14 Aug 2009 11:31:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:from:date:x-google-sender-auth:message-id:subject:to:cc :content-type; bh=9kkAguHh19EMFI3zIWNck9EnHXHcXOm4I8F0YrgRJzk=; b=CyzZU/wbMoyxj6mbzw62slrT0ItnxlIp/89XhOfxEPyLlwa7AOq3N9u98TR4JIw9T0 XyKseMh1y5FPf33wSM108dl9Sns1sm+XywsHzkWn1UFRKqhaHPbLFbrGoVnP2Y330cCM v+xHpx5o+TIXS7OPgwh74+G4SVlrtXDY36QEc= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=tbRvBiT7LpRdDf/XwF6PvmbkmGpcJnfpSkS4USsGV6vlHRQ0K1rgoE6lOT5noteWLo 0PmJl6QOrpWzE38/SI15JwCoiASz2BNIK9RDIX9G8Ttgi7Z2dXRhJSV1gYSsj3Sl8A8/ pf6Stb7EMCyyaEiqeQSXMEa0pLdka7AqE47RM= MIME-Version: 1.0 Sender: florent.thoumie@gmail.com Received: by 10.86.51.10 with SMTP id y10mr462471fgy.12.1250273185058; Fri, 14 Aug 2009 11:06:25 -0700 (PDT) In-Reply-To: <4A85A6B8.6090400@errno.com> References: <200908141407.56248.hselasky@c2i.net> <4A85A6B8.6090400@errno.com> From: Florent Thoumie Date: Fri, 14 Aug 2009 19:06:05 +0100 X-Google-Sender-Auth: 990feee42088daea Message-ID: To: Sam Leffler Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-current@freebsd.org, Hans Petter Selasky Subject: Re: Panic in rum(4) on 8.0-BETA2 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 14 Aug 2009 18:31:19 -0000 On Fri, Aug 14, 2009 at 7:02 PM, Sam Leffler wrote: > Hans Petter Selasky wrote: > > This looks like a WLAN problem rather than an USB problem. Some months >> back the WLAN statemachine was converted to taskqueues. In that regard I've >> seen 100% reproducable panics, but I did not have time to investigate. If >> you put some delay between the "ifconfig" commands on your wlan device, does >> the problem disappear? >> > > The rum driver violates locking requirements by dropping the net80211 lock > in the driver's newstate method in order to pickup the driver softc to do > usb operations. This opens a race whereby wpa_supplicant makes a request > that clocks the state machine again causing a state transition to be lost: > > wlan0: ieee80211_new_state_locked: pending SCAN -> AUTH transition lost > > This in turns causes net80211 state to be wrong and causes the crash. > > I will need to understand why the above is done to see if the driver can be > changed to do what is required. I also note other bugs in this routine that > can cause further problems. I've filed a PR: kern/137776, as suggested by Sam. We should probably move the discussion there. -- Florent Thoumie flz@FreeBSD.org FreeBSD Committer