Bug #947

Kernel panic during boot in usb_add_task

Added by mneumann about 6 years ago. Updated over 5 years ago.

Status:ClosedStart date:
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:-
Target version:-

Description

I tried my brand new HP Compaq laptop 6710b under DragonFly, but during booting
the installer CD it "throws" a page fault:

uhub0: 2 ports ...
uhub0: <Intel UHCI root hub, ...>

Fatal trap 12: page fault while in kernel mode
fault virtual address = 0x0
fault code = supervisor write, page not present
instruction pointer = 0x8:0xc04a9c5c
stack pointer = 0x10:0xc25f8d38
frame pointer = 0x10:0xc25f8d48
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gram 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = Idle
current thread = pri 46 (CRIT)

kernel: type 12, code=2
stopped at usb_add_task+0x4c: movl %edi,0(%eax)

This happens with the latest snapshot version as of yesterday and also with the
1.10 release.

FreeBSD 7.0-BETA3 silently hangs during boot, while NetBSD 4.0RC_4 works like a
charm (it can even dual-boot windows natively)!

There exists a thread on dragonfly.kernel named "Kernel panic during boot in
usb_add_task" about this issue.

History

#1 Updated by mneumann about 6 years ago

The "bug" disappears if I compile a kernel without USB support.

#2 Updated by TGEN about 6 years ago

...
> stopped at usb_add_task+0x4c: movl %edi,0(%eax)

Smells of a null pointer dereference to me.
--
Thomas E. Spanjaard

#3 Updated by corecode about 6 years ago

Could we get a backtrace and/or a crashdump?

#4 Updated by dillon about 6 years ago

:New submission from Michael Neumann <>:
:
:I tried my brand new HP Compaq laptop 6710b under DragonFly, but during boo=
:ting
:the installer CD it "throws" a page fault:
:
: uhub0: 2 ports ...
: uhub0: <Intel UHCI root hub, ...>
:
: Fatal trap 12: page fault while in kernel mode
: fault virtual address =3D 0x0
: fault code =3D supervisor write, page not present
: instruction pointer =3D 0x8:0xc04a9c5c
: stack pointer =3D 0x10:0xc25f8d38
: frame pointer =3D 0x10:0xc25f8d48
: code segment =3D base 0x0, limit 0xfffff, type 0x1b
: =3D DPL 0, pres 1, def32 1, gram 1
: processor eflags =3D interrupt enabled, resume, IOPL =3D 0
: current process =3D Idle
: current thread =3D pri 46 (CRIT)
:
: kernel: type 12, code=3D2
: stopped at usb_add_task+0x4c: movl %edi,0(%eax)
:
:
:This happens with the latest snapshot version as of yesterday and also with=
: the
:1=2E10 release.
:
:FreeBSD 7.0-BETA3 silently hangs during boot, while NetBSD 4.0RC_4 works li=
:ke a
:charm (it can even dual-boot windows natively)!=20
:
:There exists a thread on dragonfly.kernel named "Kernel panic during boot in
:usb_add_task" about this issue.

Can you do a traceback ? The 'trace' command from the DDB prompt,
I believe.

-Matt
Matthew Dillon
<>

#5 Updated by nthery about 6 years ago

The exception occurs in TAILQ_INSERT_HEAD(&taskq->tasks, task, next),
more precisely, looking at the macro expansion, in
*(&taskq->tasks)->tqh_last = task.

So it looks like tqh_last is a NULL ptr which presumably means that
the list head has not been initialized yet.

Maybe usb_add_task() is called before usb_create_event_thread() (which
initializes usb_taskq[]).

#6 Updated by mneumann almost 6 years ago

This is fixed in revision 1.44 of src/sys/bus/usb/usb.c.

#7 Updated by majeru almost 6 years ago

Hello,

I also have a HP 6710b laptop, and when I first got this panic I started hunting
for devices, and I noticed that the crash is triggered only when the bluetooth
adapter is enabled in BIOS and when it is already started at boot time, so I
disabled it from BIOS as a workaround.
I'm going to re-enable it and see if it works.

Thanks for the fix and huge amounts of beer to the one who did it ;)

Regards,
Cristi

Also available in: Atom PDF