Date: Fri, 3 Mar 2000 04:07:55 -0800 (PST) From: gem@express.ru To: freebsd-gnats-submit@FreeBSD.org Subject: kern/17146: panic in devfs_open() while mounting device from devfs Message-ID: <200003031207.EAA39186@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 17146
>Category: kern
>Synopsis: panic in devfs_open() while mounting device from devfs
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 3 04:10:01 PST 2000
>Closed-Date:
>Last-Modified:
>Originator: Maxim Giryaev
>Release: 4.0-CURRENT
>Organization:
BTU "Russian Express"
>Environment:
FreeBSD sql.express.ru 4.0-CURRENT FreeBSD 4.0-CURRENT #3: Fri Mar 3 06:53:46 MSK 2000 root@sql.express.ru:/ext/src/sys/compile/SQL i386
Copyright (c) 1992-2000 The FreeBSD Project.
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
FreeBSD 4.0-CURRENT #3: Fri Mar 3 06:53:46 MSK 2000
root@sql.express.ru:/ext/src/sys/compile/SQL
Timecounter "i8254" frequency 1193182 Hz
CPU: Pentium III/Pentium III Xeon (551.25-MHz 686-class CPU)
Origin = "GenuineIntel" Id = 0x673 Stepping = 3
Features=0x383fbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,XMM>
real memory = 268435456 (262144K bytes)
avail memory = 256647168 (250632K bytes)
Programming 24 pins in IOAPIC #0
IOAPIC #0 intpin 2 -> irq 0
IOAPIC #0 intpin 16 -> irq 11
IOAPIC #0 intpin 18 -> irq 10
FreeBSD/SMP: Multiprocessor motherboard
cpu0 (BSP): apic id: 0, version: 0x00040011, at 0xfee00000
cpu1 (AP): apic id: 1, version: 0x00040011, at 0xfee00000
io0 (APIC): apic id: 2, version: 0x00170011, at 0xfec00000
Preloaded elf kernel "kernel" at 0xc0346000.
Preloaded userconfig_script "/boot/kernel.conf" at 0xc034609c.
DEVFS: ready for devices
ccd0-3: Concatenated disk drivers
Pentium Pro MTRR support enabled
md0: Malloc disk
npx0: <math processor> on motherboard
npx0: INT 16 interface
apm0: <APM BIOS> on motherboard
apm: found APM BIOS v1.2, connected at v1.2
pcib0: <Intel 82443GX host to PCI bridge> on motherboard
pci0: <PCI bus> on pcib0
pcib2: <Intel 82443GX (440 GX) PCI-PCI (AGP) bridge> at device 1.0 on pci0
pci1: <PCI bus> on pcib2
pci1: <S3 Trio3D/2X graphics accelerator> at 0.0
isab0: <Intel 82371AB PCI to ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
atapci0: <Intel PIIX4 ATA33 controller> port 0xffa0-0xffaf at device 7.1 on pci0
ata0: at 0x1f0 irq 14 on atapci0
pci0: <Intel 82371AB/EB (PIIX4) USB controller> at 7.2
Timecounter "PIIX" frequency 3579545 Hz
intpm0: <Intel 82371AB Power management controller> port 0x440-0x44f irq 9 at device 7.3 on pci0
intpm0: I/O mapped 440
intpm0: intr IRQ 9 enabled revision 0
smbus0: <System Management Bus> on intsmb0
smb0: <SMBus general purpose I/O> on smbus0
intpm0: PM I/O mapped 400
ahc0: <Adaptec aic7895 Ultra SCSI adapter> port 0xe400-0xe4ff mem 0xfebfe000-0xfebfefff irq 11 at device 14.0 on pci0
ahc0: aic7895 Wide Channel A, SCSI Id=7, 16/255 SCBs
ahc1: <Adaptec aic7895 Ultra SCSI adapter> port 0xe800-0xe8ff mem 0xfebff000-0xfebfffff irq 11 at device 14.1 on pci0
ahc1: aic7895 Wide Channel B, SCSI Id=7, 16/255 SCBs
fxp0: <Intel EtherExpress Pro 10/100B Ethernet> port 0xef40-0xef5f mem 0xfea00000-0xfeafffff,0xffaff000-0xffafffff irq 10 at device 18.0 on pci0
fxp0: Ethernet address 00:50:8b:5b:b1:da
fxp0: supplying EUI64: 00:50:8b:ff:fe:5b:b1:da
pcib1: <Intel 82443GX host to AGP bridge> on motherboard
pci2: <PCI bus> on pcib1
atkbdc0: <keyboard controller (i8042)> at port 0x60-0x6f on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
sc0: <System console> on isa0
sc0: VGA <16 virtual consoles, flags=0x200>
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 16550A
sio1 at port 0x2f8-0x2ff irq 3 flags 0x10 on isa0
sio1: type 16550A
DEVFS: ready to run
APIC_IO: Testing 8254 interrupt delivery
APIC_IO: routing 8254 via IOAPIC #0 intpin 2
IP packet filtering initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 100 packets/entry by default
DUMMYNET initialized (000106)
IPsec: Initialized Security Association Processing.
IPv6 packet filtering initialized, default to accept, logging limited to 100 packets/entry
SMP: AP CPU #1 Launched!
ad0: 4126MB <ST34311A> [8944/15/63] at ata0-master using UDMA33
Waiting 2 seconds for SCSI devices to settle
Mounting root from ufs:/dev/da0s1a
da1 at ahc1 bus 0 target 6 lun 0
da1: <IBM DNES-309170W SAH0> Fixed Direct Access SCSI-3 device
da1: 40.000MB/s transfers (20.000MHz, offset 8, 16bit), Tagged Queueing Enabled
da1: 8748MB (17916240 512 byte sectors: 255H 63S/T 1115C)
da0 at ahc0 bus 0 target 8 lun 0
da0: <IBM DORS-32160W WA6A> Fixed Direct Access SCSI-2 device
da0: 40.000MB/s transfers (20.000MHz, offset 8, 16bit), Tagged Queueing Enabled
da0: 2063MB (4226725 512 byte sectors: 255H 63S/T 263C)
>Description:
panic in devfs_open() while mounting device on devfs
SMP 2 cpus
IdlePTD 3506176
initial pcb at 2cf980
panicstr: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
mp_lock = 00000002; cpuid = 0; lapic.id = 00000000
fault virtual address = 0x0
fault code = supervisor read, page not present
instruction pointer = 0x8:0xc01903f6
stack pointer = 0x10:0xd043fcd0
frame pointer = 0x10:0xd043fd04
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 182 (mount)
interrupt mask = none <- SMP: XXX
trap number = 12
panic: page fault
mp_lock = 00000002; cpuid = 0; lapic.id = 00000000
boot() called on cpu#0
syncing disks... 2 2
done
Uptime: 13m8s
dumping to dev #da/9, offset 86119
dump 256 255 254 253 252 251 250 ...
(kgdb) bt
#0 boot (howto=256) at ../../kern/kern_shutdown.c:304
#1 0xc015b560 in poweroff_wait (junk=0xc02a244f, howto=-821729120)
at ../../kern/kern_shutdown.c:554
#2 0xc0263d53 in trap_fatal (frame=0xd043fc90, eva=0)
at ../../i386/i386/trap.c:924
#3 0xc02639e9 in trap_pfault (frame=0xd043fc90, usermode=0, eva=0)
at ../../i386/i386/trap.c:817
#4 0xc02635e7 in trap (frame={tf_fs = -800915432, tf_es = -800915440,
tf_ds = -1072168944, tf_edi = -1050317440, tf_esi = -801124384,
tf_ebp = -800850684, tf_isp = -800850756, tf_ebx = -1070803008,
tf_edx = -800850612, tf_ecx = -801124384, tf_eax = 0, tf_trapno = 12,
tf_err = 0, tf_eip = -1072102410, tf_cs = 8, tf_eflags = 66194,
tf_esp = -1050317440, tf_ss = 3}) at ../../i386/i386/trap.c:423
#5 0xc01903f6 in devfs_open (ap=0xd043fd4c)
at ../../miscfs/devfs/devfs_vnops.c:1336
#6 0xc0220fe1 in ffs_mountfs (devvp=0xd03fcfe0, mp=0xc164fc00, p=0xcf0568a0,
malloctype=0xc02c1860) at vnode_if.h:189
#7 0xc02208d4 in ffs_mount (mp=0xc164fc00, path=0xbfbff024 "/mnt",
data=0xbfbfef70 "n|??", ndp=0xd043fe98, p=0xcf0568a0)
at ../../ufs/ffs/ffs_vfsops.c:357
#8 0xc0186c6f in mount (p=0xcf0568a0, uap=0xd043ff80)
at ../../kern/vfs_syscalls.c:304
#9 0xc0263f9e in syscall (frame={tf_fs = 47, tf_es = 47, tf_ds = 47,
tf_edi = 134664598, tf_esi = -1077940188, tf_ebp = -1077940260,
tf_isp = -800849964, tf_ebx = 0, tf_edx = 0, tf_ecx = -1077940480,
tf_eax = 21, tf_trapno = 12, tf_err = 2, tf_eip = 134535536, tf_cs = 31,
tf_eflags = 582, tf_esp = -1077940448, tf_ss = 47})
at ../../i386/i386/trap.c:1073
#10 0xc0252031 in Xint0x80_syscall ()
#11 0x8048b11 in ?? ()
#12 0x80486a1 in ?? ()
#13 0x80480f9 in ?? ()
....
(kgdb) l
1331 return (EPERM);
1332 }
1333 if ((dsw->d_flags & D_TYPEMASK) == D_TTY)
1334 vp->v_flag |= VISTTY;
1335 VOP_UNLOCK(vp, 0, p);
1336 error = (*vp->v_rdev->si_devsw->d_open)(
1337 vp->v_rdev,
1338 ap->a_mode,
1339 S_IFCHR,
1340 p);
(kgdb) p *vp
$1 = {v_flag = 8192, v_usecount = 1, v_writecount = 0, v_holdcnt = 0,
v_id = 4025, v_mount = 0xc163fa00, v_op = 0xc15ea200, v_freelist = {
tqe_next = 0x0, tqe_prev = 0xd03fd1dc}, v_mntvnodes = {
le_next = 0xd03fd1c0, le_prev = 0xc163fa18}, v_cleanblkhd = {
tqh_first = 0x0, tqh_last = 0xd03fd00c}, v_dirtyblkhd = {tqh_first = 0x0,
tqh_last = 0xd03fd014}, v_synclist = {le_next = 0x0, le_prev = 0x0},
v_numoutput = 0, v_type = VCHR, v_un = {vu_mountedhere = 0xc1656d80,
vu_socket = 0xc1656d80, vu_spec = {vu_specinfo = 0xc1656d80,
vu_specnext = {sle_next = 0x0}}, vu_fifoinfo = 0xc1656d80},
v_lease = 0x0, v_lastw = 0, v_cstart = 0, v_lasta = 0, v_clen = 0,
v_object = 0xd043a8a0, v_interlock = {lock_data = 0}, v_vnlock = 0x0,
v_tag = VT_DEVFS, v_data = 0xc16de400, v_cache_src = {lh_first = 0x0},
v_cache_dst = {tqh_first = 0x0, tqh_last = 0xd03fd060}, v_dd = 0xd03fcfe0,
v_ddid = 0, v_pollinfo = {vpi_lock = {lock_data = 0}, vpi_selinfo = {
si_pid = 0, si_flags = 0}, vpi_events = 0, vpi_revents = 0}}
(kgdb) p vp->v_un.vu_spec
$3 = {vu_specinfo = 0xc1656d80, vu_specnext = {sle_next = 0x0}}
(kgdb) p *vp->v_un.vu_spec.vu_specinfo
$5 = {si_flags = 0, si_udev = 3334, si_hash = {le_next = 0xc15c6680,
le_prev = 0xc168b908}, si_hlist = {slh_first = 0xd03fcfe0},
si_name = '\000' <repeats 15 times>, si_drv1 = 0x0, si_drv2 = 0x0,
si_devsw = 0x0, si_devfs = 0x0, si_bdevfs = 0x0, si_iosize_max = 0,
__si_u = {__si_tty = {__sit_tty = 0x0}, __si_disk = {__sid_disk = 0x0,
__sid_mountpoint = 0x0, __sid_bsize_phys = 0, __sid_bsize_best = 0}}}
>How-To-Repeat:
bash-2.03# mount_devfs / /devs
bash-2.03# mount /devs/rda0s1g /mnt
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003031207.EAA39186>