From owner-freebsd-bugs@FreeBSD.ORG Tue Nov 23 22:50:01 2004 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A85F816A4D3 for ; Tue, 23 Nov 2004 22:50:01 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A99543D41 for ; Tue, 23 Nov 2004 22:50:01 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.1/8.13.1) with ESMTP id iANMo1Ob061401 for ; Tue, 23 Nov 2004 22:50:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.1/8.13.1/Submit) id iANMo1PW061400; Tue, 23 Nov 2004 22:50:01 GMT (envelope-from gnats) Resent-Date: Tue, 23 Nov 2004 22:50:01 GMT Resent-Message-Id: <200411232250.iANMo1PW061400@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Anish Mistry Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DFB6C16A4CE; Tue, 23 Nov 2004 22:45:32 +0000 (GMT) Received: from smtp1.fuse.net (mail-out1.fuse.net [216.68.8.174]) by mx1.FreeBSD.org (Postfix) with ESMTP id 23E1E43D48; Tue, 23 Nov 2004 22:45:32 +0000 (GMT) (envelope-from amistry@united-ware.com) Received: from gx6.fuse.net ([216.196.157.19]) by smtp1.fuse.net (InterMail vM.6.01.03.04 201-2131-111-106-20040729) with ESMTP id <20041123224448.XRG7599.smtp1.fuse.net@gx6.fuse.net>; Tue, 23 Nov 2004 17:44:48 -0500 Received: from www.united-ware.com ([216.196.157.19]) by gx6.fuse.net (InterMail vG.1.00.00.00 201-2136-104-20040331) with ESMTP id <20041123224421.GEXA3360.gx6.fuse.net@www.united-ware.com>; Tue, 23 Nov 2004 17:44:21 -0500 Received: from www.united-ware.com (localhost [127.0.0.1]) by www.united-ware.com (8.12.9p2/8.12.9) with ESMTP id iANMWSjA035684 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 23 Nov 2004 17:32:28 -0500 (EST) (envelope-from amistry@www.united-ware.com) Received: (from amistry@localhost) by www.united-ware.com (8.12.9p2/8.12.9/Submit) id iANMWRHj035683; Tue, 23 Nov 2004 17:32:27 -0500 (EST) (envelope-from amistry) Message-Id: <200411232232.iANMWRHj035683@www.united-ware.com> Date: Tue, 23 Nov 2004 17:32:27 -0500 (EST) From: Anish Mistry To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 cc: Justin Hibbits cc: John Baldwin Subject: kern/74305: bktr msp sound chip code doesn't hold Giant on a sleeping kthread X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Anish Mistry List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 23 Nov 2004 22:50:01 -0000 >Number: 74305 >Category: kern >Synopsis: bktr msp sound chip code doesn't hold Giant on a sleeping kthread >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Nov 23 22:50:01 GMT 2004 >Closed-Date: >Last-Modified: >Originator: Anish Mistry >Release: FreeBSD 5.3-STABLE i386 >Organization: AM Productions >Environment: System: FreeBSD bigguy.am-productions.biz 5.3-STABLE FreeBSD 5.3-STABLE #6: Tue Nov 23 17:13:38 EST 2004 amistry@bigguy.am-productions.biz:/usr/src/sys/i386/compile/BIGGUY i386 >Description: Giant is not held when tsleep is called in the msp kernel thread. This causes a panic when INVARIANTS are enabled. >How-To-Repeat: Compile your kernel with "options BKTR_NEW_MSP34XX_DRIVER" and have an msp chip bktr card. ie. ATI TV Wonder (not VE) >Fix: The following patch fixes the problem by aquiring Giant. Attached also. http://am-productions.biz/docs/msp34xx-giant-locking.c.diff --- msp34xx-giant-locking.c.diff begins here --- --- msp34xx.c.orig Mon Nov 22 22:57:42 2004 +++ msp34xx.c Tue Nov 23 17:10:16 2004 @@ -702,6 +702,7 @@ dprintk("msp3400: thread started\n"); + mtx_lock(&Giant); for (;;) { if (msp->rmmod) goto done; @@ -892,6 +893,7 @@ msp->kthread = NULL; wakeup(&msp->kthread); + mtx_unlock(&Giant); kthread_exit(0); } @@ -936,6 +938,7 @@ dprintk("msp3410: thread started\n"); + mtx_lock(&Giant); for (;;) { if (msp->rmmod) goto done; @@ -1114,9 +1117,10 @@ done: dprintk("msp3410: thread: exit\n"); msp->active = 0; - + msp->kthread = NULL; wakeup(&msp->kthread); + mtx_unlock(&Giant); kthread_exit(0); } @@ -1213,12 +1217,14 @@ if (msp->kthread) { /* XXX mutex lock required */ + mtx_lock(&Giant); msp->rmmod = 1; msp->watch_stereo = 0; wakeup(msp->kthread); while (msp->kthread) tsleep(&msp->kthread, PRIBIO, "wait for kthread", hz/10); + mtx_unlock(&Giant); } if (client->msp3400c_info != NULL) { --- msp34xx-giant-locking.c.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted: