Date: Wed, 31 May 2006 19:30:08 -0400 From: Anish Mistry <mistry.7@osu.edu> To: freebsd-current@freebsd.org, thierry@herbelot.com Subject: Re: panic while playing with a ugen Message-ID: <200605311930.17675.mistry.7@osu.edu> In-Reply-To: <200606010042.47193.thierry@herbelot.com> References: <200606010042.47193.thierry@herbelot.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--nextPart20197858.J0cRlgbQjK
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
On Wednesday 31 May 2006 18:42, Thierry Herbelot wrote:
> the panic occured when closing one endpoint of a ugen device (the
> device was disconnecting from the USB bus after being reseted).
I haven't seen this particular panic with ugen before.=20
Try the patch in PR: usb/97271. If you've got a test program and=20
instructions that can reproduce this panic after applying that patch=20
let me know.
Thanks,
>
> TfH
>
> Fatal trap 12: page fault while in kernel mode
> cpuid =3D 1; apic id =3D 01
> fault virtual address =3D 0x60
> fault code =3D supervisor read, page not present
> instruction pointer =3D 0x20:0xc0671f2c
> stack pointer =3D 0x28:0xc73ceaa0
> frame pointer =3D 0x28:0xc73ceab4
> code segment =3D base 0x0, limit 0xfffff, type 0x1b
> =3D DPL 0, pres 1, def32 1, gran 1
> processor eflags =3D interrupt enabled, resume, IOPL =3D 0
> current process =3D 800 (test)
> [thread pid 800 tid 100099 ]
> Stopped at giant_close+0x20: movl 0x60(%eax),%eax
> db> bt
> Tracing pid 800 tid 100099 td 0xc17146c0
> giant_close(c173e000,3,2000,c17146c0,c173e000) at giant_close+0x20
> devfs_close(c73ceb0c) at devfs_close+0x2db
> VOP_CLOSE_APV(c09b8000,c73ceb0c) at VOP_CLOSE_APV+0x7e
> vn_close(c1a54410,3,c1969800,c17146c0,0) at vn_close+0x8b
> vn_closefile(c16b5678,c17146c0,c73cebc4,c067ad44,c16b5678) at
> vn_closefile+0xca
> devfs_close_f(c16b5678,c17146c0) at devfs_close_f+0xf
> fdrop_locked(c16b5678,c17146c0,c143a988,0,c0914e2c) at
> fdrop_locked+0x88 fdrop(c16b5678,c17146c0,6b5,c0a0b034,0) at
> fdrop+0x24
> closef(c16b5678,c17146c0,0,0,4) at closef+0x367
> close(c17146c0,c73ced04,c196e234,c,c17146c0) at close+0x1be
> syscall(3b,3b,3b,bfbfeba8,4) at syscall+0x27e
> Xint0x80_syscall() at Xint0x80_syscall+0x1f
> --- syscall (6, FreeBSD ELF32, close), eip =3D 0x2814837f, esp =3D
> 0xbfbfeafc, ebp =3D 0xbfbfebc8 ---
> db> call doadump
> Physical memory: 87 MB
> Dumping 31 MB: 16
> Dump complete
>
>
> multi-cur# kgdb kernel.debug /files1/tmp/vmcore.2
> [GDB will not be able to debug user-mode threads:
> /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
> GNU gdb 6.1.1 [FreeBSD]
> Copyright 2004 Free Software Foundation, Inc.
> GDB is free software, covered by the GNU General Public License,
> and you are welcome to change it and/or distribute copies of it
> under certain conditions. Type "show copying" to see the
> conditions.
> There is absolutely no warranty for GDB. Type "show warranty" for
> details. This GDB was configured as "i386-marcel-freebsd".
>
> Unread portion of the kernel message buffer:
> ugenioctl: cmd=3Dc018556f
> ugenioctl: cmd=3Dc018556f
> ugen0: at uhub4 port 3 (addr 2) disconnected
> ugen_detach: sc=3D0xc1579000
>
>
> Fatal trap 12: page fault while in kernel mode
> cpuid =3D 1; apic id =3D 01
> fault virtual address =3D 0x60
> fault code =3D supervisor read, page not present
> instruction pointer =3D 0x20:0xc0671f2c
> stack pointer =3D 0x28:0xc73ceaa0
> frame pointer =3D 0x28:0xc73ceab4
> code segment =3D base 0x0, limit 0xfffff, type 0x1b
> =3D DPL 0, pres 1, def32 1, gran 1
> processor eflags =3D interrupt enabled, resume, IOPL =3D 0
> current process =3D 800 (udibtest)
> Physical memory: 87 MB
> Dumping 31 MB: 16
>
> #0 doadump () at pcpu.h:166
> 166 __asm __volatile("movl %%fs:0,%0" : "=3Dr" (td));
> (kgdb) where
> #0 doadump () at pcpu.h:166
> #1 0xc04756f3 in db_fncall (dummy1=3D-952309596, dummy2=3D0,
> dummy3=3D1016, dummy4=3D0xc73ce878 "\220=E8<=C7=F8\003") at
> /files1/src/sys/ddb/db_command.c:479 #2 0xc0475504 in db_command
> (last_cmdp=3D0xc09ea3a4, cmd_table=3D0x0) at
> /files1/src/sys/ddb/db_command.c:395
> #3 0xc04755c2 in db_command_loop () at
> /files1/src/sys/ddb/db_command.c:446 #4 0xc04771d9 in db_trap
> (type=3D12, code=3D0)
> at /files1/src/sys/ddb/db_main.c:221
> #5 0xc06b38d0 in kdb_trap (type=3D12, code=3D0, tf=3D0xc73cea60)
> at /files1/src/sys/kern/subr_kdb.c:481
> #6 0xc0892ce8 in trap_fatal (frame=3D0xc73cea60, eva=3D96)
> at /files1/src/sys/i386/i386/trap.c:861
> #7 0xc0892a2b in trap_pfault (frame=3D0xc73cea60, usermode=3D0,
> eva=3D96) at /files1/src/sys/i386/i386/trap.c:778
> #8 0xc0892649 in trap (frame=3D
> {tf_fs =3D -1066729464, tf_es =3D -1063190488, tf_ds =3D
> -1063256024, tf_edi =3D -1046133620, tf_esi =3D -1063566816, tf_ebp =3D
> -952309068, tf_isp =3D -952309108, tf_ebx =3D -1049370624, tf_edx =3D
> -1062922452, tf_ecx =3D -1062922456, tf_eax =3D 0, tf_trapno =3D 12,
> tf_err =3D 0, tf_eip =3D -1066983636, tf_cs =3D 32, tf_eflags =3D 66054,
> tf_esp =3D -1063236056, tf_ss =3D 0}) at
> /files1/src/sys/i386/i386/trap.c:463
> #9 0xc087d7ba in calltrap () at
> /files1/src/sys/i386/i386/exception.s:138 #10 0xc0671f2c in
> giant_close (dev=3D0xc173e000, fflag=3D3, devtype=3D8192, td=3D0xc17146c0)
> at /files1/src/sys/kern/kern_conf.c:266
> #11 0xc064c14f in devfs_close (ap=3D0xc73ceb0c)
> ---Type <return> to continue, or q <return> to quit---
> at /files1/src/sys/fs/devfs/devfs_vnops.c:281
> #12 0xc08a3e7a in VOP_CLOSE_APV (vop=3D0x0, a=3D0xc73ceb0c) at
> vnode_if.c:424 #13 0xc06ff4df in vn_close (vp=3D0xc1a54410, flags=3D3,
> file_cred=3D0x0, td=3D0xc17146c0)
> at vnode_if.h:227
> #14 0xc070033a in vn_closefile (fp=3D0xc16b5678, td=3D0xc17146c0)
> at /files1/src/sys/kern/vfs_vnops.c:870
> #15 0xc064c177 in devfs_close_f (fp=3D0xc16b5678, td=3D0xc17146c0)
> at /files1/src/sys/fs/devfs/devfs_vnops.c:291
> #16 0xc067ad44 in fdrop_locked (fp=3D0xc16b5678, td=3D0xc17146c0) at
> file.h:296 #17 0xc067acb4 in fdrop (fp=3D0xc16b5678, td=3D0xc17146c0)
> at /files1/src/sys/kern/kern_descrip.c:2146
> #18 0xc06797a3 in closef (fp=3D0xc16b5678, td=3D0xc17146c0)
> at /files1/src/sys/kern/kern_descrip.c:1961
> #19 0xc067703a in close (td=3D0xc17146c0, uap=3D0x0)
> at /files1/src/sys/kern/kern_descrip.c:1018
>
> (kgdb) frame 10
> #10 0xc0671f2c in giant_close (dev=3D0xc173e000, fflag=3D3,
> devtype=3D8192, td=3D0xc17146c0)
> at /files1/src/sys/kern/kern_conf.c:266
> 266 retval =3D dev->si_devsw->d_gianttrick->
> (kgdb) list
> 261 giant_close(struct cdev *dev, int fflag, int devtype,
> struct thread *td)
> 262 {
> 263 int retval;
> 264
> 265 mtx_lock(&Giant);
> 266 retval =3D dev->si_devsw->d_gianttrick->
> 267 d_close(dev, fflag, devtype, td);
> 268 mtx_unlock(&Giant);
> 269 return (retval);
> 270 }
> (kgdb) print dev
> $1 =3D (struct cdev *) 0xc173e000
> (kgdb) print dev->si_devsw
> $2 =3D (struct cdevsw *) 0x0
> _______________________________________________
> freebsd-current@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to
> "freebsd-current-unsubscribe@freebsd.org"
=2D-=20
Anish Mistry
--nextPart20197858.J0cRlgbQjK
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (FreeBSD)
iD8DBQBEficJxqA5ziudZT0RAswjAJ9rYsPhzlbA/nQPhZuxRWWE8ZhM4QCggsVD
jxuwjVNr9PomENxbF01odEE=
=AZJ1
-----END PGP SIGNATURE-----
--nextPart20197858.J0cRlgbQjK--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200605311930.17675.mistry.7>