Date: Tue, 23 Nov 2004 17:32:27 -0500 (EST) From: Anish Mistry <amistry@am-productions.biz> To: FreeBSD-gnats-submit@FreeBSD.org Cc: John Baldwin <jhb@FreeBSD.org> Subject: kern/74305: bktr msp sound chip code doesn't hold Giant on a sleeping kthread Message-ID: <200411232232.iANMWRHj035683@www.united-ware.com> Resent-Message-ID: <200411232250.iANMo1PW061400@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 74305 >Category: kern >Synopsis: bktr msp sound chip code doesn't hold Giant on a sleeping kthread >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 23 22:50:01 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Anish Mistry >Release: FreeBSD 5.3-STABLE i386 >Organization: AM Productions >Environment: System: FreeBSD bigguy.am-productions.biz 5.3-STABLE FreeBSD 5.3-STABLE #6: Tue Nov 23 17:13:38 EST 2004 amistry@bigguy.am-productions.biz:/usr/src/sys/i386/compile/BIGGUY i386 >Description: Giant is not held when tsleep is called in the msp kernel thread. This causes a panic when INVARIANTS are enabled. >How-To-Repeat: Compile your kernel with "options BKTR_NEW_MSP34XX_DRIVER" and have an msp chip bktr card. ie. ATI TV Wonder (not VE) >Fix: The following patch fixes the problem by aquiring Giant. Attached also. http://am-productions.biz/docs/msp34xx-giant-locking.c.diff --- msp34xx-giant-locking.c.diff begins here --- --- msp34xx.c.orig Mon Nov 22 22:57:42 2004 +++ msp34xx.c Tue Nov 23 17:10:16 2004 @@ -702,6 +702,7 @@ dprintk("msp3400: thread started\n"); + mtx_lock(&Giant); for (;;) { if (msp->rmmod) goto done; @@ -892,6 +893,7 @@ msp->kthread = NULL; wakeup(&msp->kthread); + mtx_unlock(&Giant); kthread_exit(0); } @@ -936,6 +938,7 @@ dprintk("msp3410: thread started\n"); + mtx_lock(&Giant); for (;;) { if (msp->rmmod) goto done; @@ -1114,9 +1117,10 @@ done: dprintk("msp3410: thread: exit\n"); msp->active = 0; - + msp->kthread = NULL; wakeup(&msp->kthread); + mtx_unlock(&Giant); kthread_exit(0); } @@ -1213,12 +1217,14 @@ if (msp->kthread) { /* XXX mutex lock required */ + mtx_lock(&Giant); msp->rmmod = 1; msp->watch_stereo = 0; wakeup(msp->kthread); while (msp->kthread) tsleep(&msp->kthread, PRIBIO, "wait for kthread", hz/10); + mtx_unlock(&Giant); } if (client->msp3400c_info != NULL) { --- msp34xx-giant-locking.c.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200411232232.iANMWRHj035683>