Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 18 Oct 2012 10:48:43 +0000 (UTC)
From:      Marcin Cieslak <saper@saper.info>
To:        freebsd-current@freebsd.org
Subject:   Regression: panic in camq_remove when plugging in Huawei IDEOS phone
Message-ID:  <slrnk7vnkc.2uvc.saper@saper.info>
next in thread | raw e-mail | index | archive | help 
Hello,

I got this crash in -CURRENT (r241671) when plugging in 
Huawei IDEOS Android mobile phone via USB.

#10 0xffffffff802ab7a7 in heap_down (queue_array=0xfffffe0002f29878, index=Variable "index" is not available.
)
    at /usr/src/sys/cam/cam_queue.c:357
#11 0xffffffff802ab86e in camq_remove (queue=0xfffffe0002e9f880, 
    index=49453168) at /usr/src/sys/cam/cam_queue.c:185
#12 0xffffffff802b0bf3 in xpt_run_dev_sendq (bus=0xfffffe0002e98d00)
    at cam_queue.h:210
---Type <return> to continue, or q <return> to quit---
#13 0xffffffff802b150f in camisr_runqueue (V_queue=Variable "V_queue" is not available.
)
    at /usr/src/sys/cam/cam_xpt.c:5117
#14 0xffffffff802b171a in camisr (dummy=Variable "dummy" is not available.
) at /usr/src/sys/cam/cam_xpt.c:5017
#15 0xffffffff80767fab in intr_event_execute_handlers (p=Variable "p" is not available.
)
    at /usr/src/sys/kern/kern_intr.c:1272
#16 0xffffffff8076967f in ithread_loop (arg=0xfffffe00024b48c0)
    at /usr/src/sys/kern/kern_intr.c:1285

Some randomly collected data from the dump file:

#11 0xffffffff802ab86e in camq_remove (queue=0xfffffe0002e9f880, 
    index=49453168) at /usr/src/sys/cam/cam_queue.c:185
185			heap_down(queue->queue_array, index, queue->entries - 1);
(kgdb) print queue
$3 = (struct camq *) 0xfffffe0002e9f880
(kgdb) print *queue
$4 = {queue_array = 0xfffffe0002f29878, array_size = 5, entries = 1, 
  generation = 28, qfrozen_cnt = {0, 0, 0, 0, 0}}
(kgdb) print *queue->queue_array
$5 = (cam_pinfo *) 0x0
(kgdb) print queue->queue_array
$6 = (cam_pinfo **) 0xfffffe0002f29878
(kgdb) print queue->queue_array[0]
$7 = (cam_pinfo *) 0x0
(kgdb) print queue->queue_array[1]
$8 = (cam_pinfo *) 0xfffffe0002d24800

I have a full core dump so I can poke around more.

It did work when the machine was running a ca. 1 year old 9-something
system.

//Marcin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?slrnk7vnkc.2uvc.saper>