kern/118282: device sg + hald + umass plugging crashes 7.0

Kyryll A Mirnenko mirya at zoc.com.ua
Tue Nov 27 04:30:02 PST 2007 

>Number:         118282
>Category:       kern
>Synopsis:       device sg + hald + umass plugging crashes 7.0
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 27 12:30:02 UTC 2007
>Closed-Date:
>Last-Modified:
>Originator:     Kyryll A Mirnenko
>Release:        RELENG_7
>Organization:
>Environment:
FreeBSD miryanote 7.0-BETA3 FreeBSD 7.0-BETA3 #0: Tue Nov 26 18:35:21 EET 2007 mirya at miryanote:/usr/src/sys/i386/compile/MY-LITE i386
>Description:
Putting "device sg" into kernel causes 7.0-BETA3 to crash on the following conditions:

1) hald is run (it's started at the boot time for me)
2) umass device containing ELI-encrypted data is being plugged in (it seems to have nothing to do with ELI, but I can reproduce it cleanly with an USB hard disk with FFS at da0.eli after `geli attach`)

In a few moments the kernel crashes after hald-probe-storage tries to read the block device. The crash is _sometimes_ reproduced with another flash drive containing FAT32 at da0s1. The kernel does not panic if the device is plugged in before hald is started.

Some extra info:

* the device that causes the crash:

acpi0: <HP 3084> on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pci0: <base peripheral> at device 0.1 (no driver attached)
pci0: <base peripheral> at device 0.3 (no driver attached)
ehci0: <Intel 82801DB/L/M (ICH4) USB 2.0 controller> mem 0xe0100000-0xe01003ff irq 11 at device 29.7 on pci0
ehci0: [GIANT-LOCKED]
ehci0: [ITHREAD]
usb3: EHCI version 1.0
usb3: companion controllers, 2 ports each: usb0 usb1 usb2
usb3: <Intel 82801DB/L/M (ICH4) USB 2.0 controller> on ehci0
usb3: USB revision 2.0
uhub3: <Intel EHCI root hub, class 9/0, rev 2.00/1.00, addr 1> on usb3
uhub3: 6 ports with 6 removable, self powered
umass0: <Western Digital External HDD, class 0/0, rev 2.00/2.40, addr 2> on uhub3
da0 at umass-sim0 bus 0 target 0 lun 0
da0: <WDC WD12 00UE-00KVT0 0000> Fixed Direct Access SCSI-0 device
da0: 40.000MB/s transfers
da0: 114473MB (234441648 512 byte sectors: 255H 63S/T 14593C)

* the dump:

panic: msleep
KDB: stack backtrace
db_trace_self_wrapper(c0968c2f,c0a19c40,c09697de,cc12cb30,cc12cb30,...) at 
0xc047b4a6 = db_trace_self_wrapper+0x26
panic(c09697de,c0a19630,c09697ad,c094a106,8,...) at 0xc05d9bef = panic+0xdf
_sleep(0,c0a19630,100,c094a106,0,...) at 0xc05e2a57 = _sleep+0x87
sgread(c31c1f00,cc12cc5c,0,168,0,...) at 0xc046d91f = sgread+0xff
giant_read(c31c1f00,cc12cc5c,0,0,c00,...) at 0xc05aa188 = giant_read+0x48
devfs_read_f(c2faa4c8,cc12cc5c,c2809f00,0,c31be630,...) at 0xc0539746 = 
devfs_read_f+0x76
dofileread(cc12cc5c,ffffffff,ffffffff,0,c2faa4c8,...) at 0xc061423c = 
dofileread+0x6c
kern_readv(c31be630,4,cc12cc5c,cc12cc7c,1,...) at 0xc0615e98 = kern_readv+0x58
read(c31be630,cc12ccf8,c,c096e2b3,c09c97c8,...) at 0xc0615f80 = read+0x50
syscall(cc12cd38) at 0xc90642a = syscall+0x13a
Xint0x80_syscall() at 0xc08eeb20 = Xint0x80_syscall+0x20
--- syscall (3, FreeBSD ELF 32, read), eip = 0x48381673, esp = 0xbfbfe65c, ebp 
= 0xbfbfe68b ---


>How-To-Repeat:
* add "device sg" to the GENERIC
* run hald (make it run via rc.conf on startup)
* plug in the umass device formatted as described above
* expect panic
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list