From amistry@united-ware.com  Tue Nov 23 22:45:32 2004
Return-Path: <amistry@united-ware.com>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id DFB6C16A4CE; Tue, 23 Nov 2004 22:45:32 +0000 (GMT)
Received: from smtp1.fuse.net (mail-out1.fuse.net [216.68.8.174])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 23E1E43D48; Tue, 23 Nov 2004 22:45:32 +0000 (GMT)
	(envelope-from amistry@united-ware.com)
Received: from gx6.fuse.net ([216.196.157.19]) by smtp1.fuse.net
          (InterMail vM.6.01.03.04 201-2131-111-106-20040729) with ESMTP
          id <20041123224448.XRG7599.smtp1.fuse.net@gx6.fuse.net>;
          Tue, 23 Nov 2004 17:44:48 -0500
Received: from www.united-ware.com ([216.196.157.19]) by gx6.fuse.net
          (InterMail vG.1.00.00.00 201-2136-104-20040331) with ESMTP
          id <20041123224421.GEXA3360.gx6.fuse.net@www.united-ware.com>;
          Tue, 23 Nov 2004 17:44:21 -0500
Received: from www.united-ware.com (localhost [127.0.0.1])
	by www.united-ware.com (8.12.9p2/8.12.9) with ESMTP id iANMWSjA035684
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT);
	Tue, 23 Nov 2004 17:32:28 -0500 (EST)
	(envelope-from amistry@www.united-ware.com)
Received: (from amistry@localhost)
	by www.united-ware.com (8.12.9p2/8.12.9/Submit) id iANMWRHj035683;
	Tue, 23 Nov 2004 17:32:27 -0500 (EST)
	(envelope-from amistry)
Message-Id: <200411232232.iANMWRHj035683@www.united-ware.com>
Date: Tue, 23 Nov 2004 17:32:27 -0500 (EST)
From: Anish Mistry <amistry@am-productions.biz>
Reply-To: Anish Mistry <amistry@am-productions.biz>
To: FreeBSD-gnats-submit@freebsd.org
Cc: John Baldwin <jhb@freebsd.org>,
	Justin Hibbits <jrh29@po.cwru.edu>
Subject: bktr msp sound chip code doesn't hold Giant on a sleeping kthread
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         74305
>Category:       kern
>Synopsis:       [patch] [bktr] bktr msp sound chip code doesn't hold Giant on a sleeping kthread
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Nov 23 22:50:01 GMT 2004
>Closed-Date:    Thu Dec 16 23:22:01 GMT 2004
>Last-Modified:  Thu Dec 16 23:22:01 GMT 2004
>Originator:     Anish Mistry
>Release:        FreeBSD 5.3-STABLE i386
>Organization:
AM Productions
>Environment:
System: FreeBSD bigguy.am-productions.biz 5.3-STABLE FreeBSD 5.3-STABLE #6: Tue Nov 23 17:13:38 EST 2004     amistry@bigguy.am-productions.biz:/usr/src/sys/i386/compile/BIGGUY  i386


	
>Description:
	Giant is not held when tsleep is called in the msp kernel thread.  This causes a panic when INVARIANTS are enabled.
>How-To-Repeat:
	Compile your kernel with "options BKTR_NEW_MSP34XX_DRIVER" and have an msp chip bktr card.  ie. ATI TV Wonder (not VE)
>Fix:
	The following patch fixes the problem by aquiring Giant.  Attached also.
	http://am-productions.biz/docs/msp34xx-giant-locking.c.diff
	

--- msp34xx-giant-locking.c.diff begins here ---
--- msp34xx.c.orig	Mon Nov 22 22:57:42 2004
+++ msp34xx.c	Tue Nov 23 17:10:16 2004
@@ -702,6 +702,7 @@
 	
 	dprintk("msp3400: thread started\n");
 	
+	mtx_lock(&Giant);
 	for (;;) {
 		if (msp->rmmod)
 			goto done;
@@ -892,6 +893,7 @@
 
 	msp->kthread = NULL;
 	wakeup(&msp->kthread);
+	mtx_unlock(&Giant);
 
 	kthread_exit(0);
 }
@@ -936,6 +938,7 @@
     
 	dprintk("msp3410: thread started\n");
 		
+	mtx_lock(&Giant);
 	for (;;) {
 		if (msp->rmmod)
 			goto done;
@@ -1114,9 +1117,10 @@
 done:
 	dprintk("msp3410: thread: exit\n");
 	msp->active = 0;
-
+	
 	msp->kthread = NULL;
 	wakeup(&msp->kthread);
+	mtx_unlock(&Giant);
 
 	kthread_exit(0);
 }
@@ -1213,12 +1217,14 @@
 	if (msp->kthread) 
 	{
 		/* XXX mutex lock required */
+		mtx_lock(&Giant);
 		msp->rmmod = 1;
 		msp->watch_stereo = 0;
 		wakeup(msp->kthread);
 
 		while (msp->kthread)
 			tsleep(&msp->kthread, PRIBIO, "wait for kthread", hz/10);
+		mtx_unlock(&Giant);
 	}
 
 	if (client->msp3400c_info != NULL) {
--- msp34xx-giant-locking.c.diff ends here ---


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: julian 
State-Changed-When: Thu Dec 16 23:21:25 GMT 2004 
State-Changed-Why:  
Patch applied. will MFC in a week. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=74305 
>Unformatted:
