Re: [linux-usb-devel] EHCI problem on SMP machines

[Andreas Hirstius]

Hi David,

Sorry for the confusion of deadlock and Oops. I'm not that familiar with 
the terms...

here is the disassemble output of gdb:

.....
0x00000f95 <qh_completions+210>:        lock addl $0x0,0x0(%esp,1)
0x00000f9b <qh_completions+216>:        mov    0x8(%esi),%ebx
0x00000f9e <qh_completions+219>:        test   %bl,%bl
0x00000fa0 <qh_completions+221>:        js     0x11be <qh_completions+763>
0x00000fa6 <qh_completions+227>:        test   $0x40,%bl
0x00000fa9 <qh_completions+230>:        je     0x116e <qh_completions+683>
0x00000faf <qh_completions+236>:        movl   $0x1,0xffffffe4(%ebp)
0x00000fb6 <qh_completions+243>:        mov    0xffffffd0(%ebp),%eax
0x00000fb9 <qh_completions+246>:        addl   $0x1,0x14(%eax)
0x00000fbd <qh_completions+250>:        xor    %eax,%eax
0x00000fbf <qh_completions+252>:        xchg   %al,(%edi)
0x00000fc1 <qh_completions+254>:        test   %al,%al
0x00000fc3 <qh_completions+256>:        jle    0x1161 <qh_completions+670>
0x00000fc9 <qh_completions+262>:        mov    %ebx,0xc(%esp,1)
0x00000fcd <qh_completions+266>:        mov    0x8(%ebp),%edx
0x00000fd0 <qh_completions+269>:        mov    0x44(%esi),%eax
0x00000fd3 <qh_completions+272>:        mov    %edx,(%esp,1)
0x00000fd6 <qh_completions+275>:        mov    %edi,0x4(%esp,1)
0x00000fda <qh_completions+279>:        mov    %eax,0x8(%esp,1)
0x00000fde <qh_completions+283>:        call   0xc24 <qtd_copy_status>
0x00000fe3 <qh_completions+288>:        movl   $0x0,0xffffffdc(%ebp)
0x00000fea <qh_completions+295>:        cmpl   $0xffffff87,0x24(%edi)
0x00000fee <qh_completions+299>:        je     0x1147 <qh_completions+644>
0x00000ff4 <qh_completions+305>:        cmpl   $0xdead4ead,0x4(%edi)
0x00000ffb <qh_completions+312>:        jne    0x113a <qh_completions+631>
0x00001001 <qh_completions+318>:        movzbl (%edi),%eax
0x00001004 <qh_completions+321>:        test   %al,%al
0x00001006 <qh_completions+323>:        jg     0x112d <qh_completions+618>
0x0000100c <qh_completions+329>:        movb   $0x1,(%edi)
0x0000100f <qh_completions+332>:        mov    0xffffffd0(%ebp),%ecx
0x00001012 <qh_completions+335>:        mov    0x8(%ecx),%eax
0x00001015 <qh_completions+338>:        subl   $0x1,0x14(%ecx)
0x00001019 <qh_completions+342>:        test   $0x8,%al
0x0000101b <qh_completions+344>:        jne    0x1123 <qh_completions+608>
0x00001021 <qh_completions+350>:        mov    0xffffffe4(%ebp),%eax
-------------  that's the spot (0x162/0x35d)
0x00001024 <qh_completions+353>:        test   %eax,%eax
-------------
0x00001026 <qh_completions+355>:        je     0x1035 <qh_completions+370>
0x00001028 <qh_completions+357>:        mov    0x3c(%esi),%edx
0x0000102b <qh_completions+360>:        cmp    0xffffffd4(%ebp),%edx
0x0000102e <qh_completions+363>:        je     0x1035 <qh_completions+370>
0x00001030 <qh_completions+365>:        mov    (%esi),%eax
0x00001032 <qh_completions+367>:        mov    %eax,0xffffffc8(%edx)
0x00001035 <qh_completions+370>:        lea    0x38(%esi),%ecx
0x00001038 <qh_completions+373>:        mov    0x38(%esi),%eax
0x0000103b <qh_completions+376>:        mov    0x4(%ecx),%edx
0x0000103e <qh_completions+379>:        mov    %edx,0x4(%eax)
0x00001041 <qh_completions+382>:        mov    %eax,(%edx)
0x00001043 <qh_completions+384>:        movl   $0x200200,0x4(%ecx)
0x0000104a <qh_completions+391>:        movl   $0x100100,0x38(%esi)
0x00001051 <qh_completions+398>:        mov    %esi,0xfffffff0(%ebp)
0x00001054 <qh_completions+401>:        mov    0xffffffe8(%ebp),%eax
0x00001057 <qh_completions+404>:        mov    (%eax),%edx
0x00001059 <qh_completions+406>:        cmp    0xffffffd4(%ebp),%eax
0x0000105c <qh_completions+409>:        mov    %edx,0xffffffe8(%ebp)
0x0000105f <qh_completions+412>:        jne    0xf34 <qh_completions+113>
0x00001065 <qh_completions+418>:        mov    0xfffffff0(%ebp),%eax
0x00001068 <qh_completions+421>:        test   %eax,%eax
.....
This seems to be somewhere in this part of the code:

.....
       /* remove it from the queue */
       spin_lock (&urb->lock);
       qtd_copy_status (ehci, urb, qtd->length, token);
       do_status = (urb->status == -EREMOTEIO)
               && usb_pipecontrol (urb->pipe);
       spin_unlock (&urb->lock);
       if (stopped && qtd->qtd_list.prev != &qh->qtd_list) {
           last = list_entry (qtd->qtd_list.prev,
                   struct ehci_qtd, qtd_list);
           last->hw_next = qtd->hw_next;
       }
       list_del (&qtd->qtd_list);
       last = qtd;
....
  

 Andreas

David Brownell wrote:

Hi Andreas,

These aren't really examples of a "deadlock", they're just oopses.
Can you disassemble the qh_completions() code and find out what
it's trying to execute when it oopses?  Either GDB or "objdump"
can be used.
This is a new one, but at least it looks like it's the same spot
in the code each time ... so maybe it's simple.  I've not done
as much SMP testing with EHCI as I'd like.
- Dave



-------------------------------------------------------
This SF.Net email is sponsored by: IBM Linux Tutorials
Free Linux tutorial presented by Daniel Robbins, President and CEO of
GenToo technologies. Learn everything from fundamentals to system
administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click
_______________________________________________
[EMAIL PROTECTED]
To unsubscribe, use the last form field at:
https://lists.sourceforge.net/lists/listinfo/linux-usb-devel