From owner-freebsd-current@FreeBSD.ORG Fri Jan 23 18:08:52 2009 Return-Path: Delivered-To: current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 33B601065674 for ; Fri, 23 Jan 2009 18:08:52 +0000 (UTC) (envelope-from maksim.yevmenkin@gmail.com) Received: from rv-out-0506.google.com (rv-out-0506.google.com [209.85.198.237]) by mx1.freebsd.org (Postfix) with ESMTP id 063798FC19 for ; Fri, 23 Jan 2009 18:08:51 +0000 (UTC) (envelope-from maksim.yevmenkin@gmail.com) Received: by rv-out-0506.google.com with SMTP id b25so4929792rvf.43 for ; Fri, 23 Jan 2009 10:08:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=IZpilAdi1saqEdbCX906AGqIWCjPuwy+1/H8f8h2L7E=; b=S5GjFwmVl//634ZecQFrYoxyf4eOK9Ir9y4q1QdWjIIAPnyZML4M7YlLCyAevmswQk PyU8dYU+xakCq3TnViOnTdGwPeMtNbpAy1HZN7hvPP7HstnYqkxiqtN2ytClmIm/RHmu IKo5te/d9PLd00lBx63maAbzbA48uKqA0Da0Y= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=G+rN3UQ9rYpxLbV/atlJIUDnjNR/e5RfmR0cTk94Qbt2B3kMOALjouf/uTPgoUCNRI wXwo0cmltyYIHKBp2v/feyJjfSs8Jiw50PAaveVZqjsi/2lG3VFd4hqUuUMDVFM4VfiB hUqYce9KoQtDzUNkqexQ2DM4GKSATsmjCq4Fo= MIME-Version: 1.0 Received: by 10.141.171.3 with SMTP id y3mr5245101rvo.263.1232732834127; Fri, 23 Jan 2009 09:47:14 -0800 (PST) In-Reply-To: <200901231714.39873.hselasky@c2i.net> References: <20090123154336.GJ60948@e.0x20.net> <200901231714.39873.hselasky@c2i.net> Date: Fri, 23 Jan 2009 09:47:14 -0800 Message-ID: From: Maksim Yevmenkin To: Hans Petter Selasky Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: Lars Engels , current@freebsd.org Subject: Re: panic: mutex Giant not owned at /usr/src/sys/kern/tty_ttydisc.c:1127 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2009 18:08:52 -0000 hello, > Maksim has made a lot of changes to the Bluetooth driver. Maybe he can look > into it? yes, i will take a look at it. > > This looks like a NULL-pointer access to me. > > Maksim: > > In the ubt_detach routine, make sure that: > > 0) No further commands are accepted from the Netgraph stack. yes, we do that. > 1) You drain the task queue! that should not be needed (in theory) but i will add it. > 2) You drain all USB transfers: "usb2_transfer_drain()" called unlocked. yes, usb2_transfer_unsetup() does that, does it not? > 3) Set the "sc_node" to NULL. yes, we do that too. i have lots of questions about stalled transfers. in any case, it appears that my code is wrong when it comes to stalled transfers. in particular, usb2_clear_stall_callback() returns 0 in both USB_ST_SETUP and default/error cases, so the code incorrectly clears node reference in USB_ST_SETUP case. that needs to be fixed. i'm also deeply confused about error handling in transfers. in particular, any error that is not USB_ERR_CANCELLED makes code to assume that it was a stall and queue clear stall transfer. that is clearly not the case when hardware is yanked while transfer is active. in this case transfer callback seems to be called with USB_ERR_IOERROR (or something like that). so, shouldn't we be safe and only queue stall transfer if callback was in fact called with USB_ERR_STALLED? the completely different question here is why stall happens in the first place. also as others pointed out, panic in ttydisc_getc is something else. thanks, max