Site Navigation

Date:      Thu, 9 Mar 2000 23:39:15 +0000
From:      Ben Smithurst <ben@scientia.demon.co.uk>
To:        current@freebsd.org
Subject:   mount_cd9660+atapi-cd panic
Message-ID:  <20000309233915.T62624@strontium.scientia.demon.co.uk>

---

next in thread | raw e-mail | index | archive | help

---

ok, this was partly caused by dodgy hardware it seems, so don't worry
too much, but it would be nice if a panic could be avoided.

first, dmesg:

Copyright (c) 1992-2000 The FreeBSD Project.
Copyright (c) 1982, 1986, 1989, 1991, 1993
	The Regents of the University of California. All rights reserved.
FreeBSD 4.0-CURRENT #12: Sun Mar  5 23:40:38 GMT 2000
    ben@platinum.scientia.demon.co.uk:/usr/src/sys/compile/PLATINUM
Timecounter "i8254"  frequency 1193182 Hz
Timecounter "TSC"  frequency 400909968 Hz
CPU: AMD-K6(tm) 3D processor (400.91-MHz 586-class CPU)
  Origin = "AuthenticAMD"  Id = 0x58c  Stepping = 12
  Features=0x8021bf<FPU,VME,DE,PSE,TSC,MSR,MCE,CX8,PGE,MMX>
  AMD Features=0x80000800<SYSCALL,3DNow!>
real memory  = 67043328 (65472K bytes)
avail memory = 62517248 (61052K bytes)
Preloaded elf kernel "kernel" at 0xc0273000.
npx0: <math processor> on motherboard
npx0: INT 16 interface
pcib0: <AcerLabs M1541 (Aladdin-V) PCI host bridge> on motherboard
pci0: <PCI bus> on pcib0
pcib1: <AcerLabs M5243 PCI-PCI bridge> at device 1.0 on pci0
pci1: <PCI bus> on pcib1
pci1: <ATI Mach64-GB graphics accelerator> at 0.0 irq 11
isab0: <AcerLabs M1533 portable PCI-ISA bridge> at device 7.0 on pci0
isa0: <ISA bus> on isab0
rl0: <RealTek 8139 10/100BaseTX> port 0xe000-0xe0ff mem 0xe8001000-0xe80010ff irq 10 at device 10.0 on pci0
rl0: Ethernet address: 00:e0:7d:74:66:7c
miibus0: <MII bus> on rl0
rlphy0: <RealTek internal media interface> on miibus0
rlphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
rl0: supplying EUI64: 00:e0:7d:ff:fe:74:66:7c
atapci0: <AcerLabs Aladdin ATA33 controller> port 0xf000-0xf00f irq 0 at device 15.0 on pci0
ata0: at 0x1f0 irq 14 on atapci0
ata1: at 0x170 irq 15 on atapci0
atkbdc0: <keyboard controller (i8042)> at port 0x60-0x6f on isa0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: model IntelliMouse, device ID 3
sc0: <System console> on isa0
sc0: VGA <16 virtual consoles, flags=0x200>
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ad0: 8063MB <QUANTUM FIREBALLlct08 08> [16383/16/63] at ata0-master using UDMA33
acd0: MODE_SENSE_BIG command timeout - resetting
ata1: resetting devices .. done
acd0: MODE_SENSE_BIG DONEDRQ
acd0: MODE_SENSE_BIG - ABORTED COMMAND asc=4e ascq=00 error=00
acd0: MODE_SENSE_BIG command timeout - resetting
ata1: resetting devices .. done
acd0: MODE_SENSE_BIG DONEDRQ
acd0: MODE_SENSE_BIG - ABORTED COMMAND asc=4e ascq=00 error=00
acd0: MODE_SENSE_BIG command timeout - resetting
ata1: resetting devices .. done
acd0: MODE_SENSE_BIG DONEDRQ
acd0: MODE_SENSE_BIG - ABORTED COMMAND asc=4e ascq=00 error=00
acd0: MODE_SENSE_BIG command timeout - resetting
ata1: resetting devices .. done
acd0: MODE_SENSE_BIG DONEDRQ
acd0: MODE_SENSE_BIG - ABORTED COMMAND asc=4e ascq=00 error=00
ata1-master: <MATSHITA CR-581/1.00> CDROM device - NO DRIVER!
Mounting root from ufs:/dev/ad0s4a
rl0: starting DAD for fe80:0001::02e0:7dff:fe74:667c
IP packet filtering initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled
rl0: DAD complete for fe80:0001::02e0:7dff:fe74:667c - no duplicates found
rl0: starting DAD for fec0:56c0:60a7:1045:02e0:7dff:fe74:667c
rl0: DAD complete for fec0:56c0:60a7:1045:02e0:7dff:fe74:667c - no duplicates found


Fatal trap 12: page fault while in kernel mode
fault virtual address	= 0x2c
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xc01bc0ad
stack pointer	        = 0x10:0xc6047d30
frame pointer	        = 0x10:0xc6047d3c
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 49742 (mount_cd9660)
interrupt mask		= none
trap number		= 12
panic: page fault

syncing disks... 12 
done
Uptime: 2m50s

dumping to dev #ad/0x50001, offset 278656
dump ata0: resetting devices .. done
63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 

dunno what's wrong with that drive, it worked fine after rebooting. As you
can see, the panic occured when trying to mount the CD-ROM. Here's the
backtrace:

GNU gdb 4.18
Copyright 1998 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-unknown-freebsd"...
IdlePTD 2641920
initial pcb at 21c8a0
panicstr: page fault
panic messages:
---
Fatal trap 12: page fault while in kernel mode
fault virtual address	= 0x2c
fault code		= supervisor read, page not present
instruction pointer	= 0x8:0xc01bc0ad
stack pointer	        = 0x10:0xc6047d30
frame pointer	        = 0x10:0xc6047d3c
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 49742 (mount_cd9660)
interrupt mask		= none
trap number		= 12
panic: page fault

syncing disks... 12 
done
Uptime: 2m50s

dumping to dev #ad/0x50001, offset 278656
dump ata0: resetting devices .. done
63 62 61 60 59 58 57 56 55 54 53 52 51 50 49 48 47 46 45 44 43 42 41 40 39 38 37 36 35 34 33 32 31 30 29 28 27 26 25 24 23 22 21 20 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0 
---
#0  boot (howto=256) at ../../kern/kern_shutdown.c:304
304			dumppcb.pcb_cr3 = rcr3();
(kgdb) bt
#0  boot (howto=256) at ../../kern/kern_shutdown.c:304
#1  0xc012ddc8 in poweroff_wait (junk=0xc01ffccf, howto=-978243040) at ../../kern/kern_shutdown.c:554
#2  0xc01dbcd9 in trap_fatal (frame=0xc6047cf0, eva=44) at ../../i386/i386/trap.c:924
#3  0xc01db9b1 in trap_pfault (frame=0xc6047cf0, usermode=0, eva=44) at ../../i386/i386/trap.c:817
#4  0xc01db57b in trap (frame={tf_fs = 16, tf_es = 16, tf_ds = 16, tf_edi = 1, tf_esi = -1065680896, 
      tf_ebp = -972784324, tf_isp = -972784356, tf_ebx = -1064931712, tf_edx = 0, tf_ecx = 0, tf_eax = 44, 
      tf_trapno = 12, tf_err = 0, tf_eip = -1071923027, tf_cs = 8, tf_eflags = 66050, tf_esp = -1065678848, 
      tf_ss = -1065704960}) at ../../i386/i386/trap.c:423
#5  0xc01bc0ad in atapi_queue_cmd (atp=0xc07b0000, ccb=0xc6047d68 "\036", data=0x0, count=0, flags=0, timeout=30, 
    callback=0, unused=0x0, bp=0x0) at ../../dev/ata/atapi-all.c:178
#6  0xc01bfdd0 in acd_prevent_allow (cdp=0xc07b0800, lock=1) at ../../dev/ata/atapi-cd.c:1747
#7  0xc01bdbae in acdopen (dev=0xc07aa200, flags=1, fmt=8192, p=0xc5b13220) at ../../dev/ata/atapi-cd.c:481
#8  0xc015eef9 in spec_open (ap=0xc6047e10) at ../../miscfs/specfs/spec_vnops.c:191
#9  0xc015edf9 in spec_vnoperate (ap=0xc6047e10) at ../../miscfs/specfs/spec_vnops.c:117
#10 0xc01a4f51 in ufs_vnoperatespec (ap=0xc6047e10) at ../../ufs/ufs/ufs_vnops.c:2301
#11 0xc015ba3f in vn_open (ndp=0xc6047edc, fmode=1, cmode=0) at vnode_if.h:189
#12 0xc0157a3d in open (p=0xc5b13220, uap=0xc6047f80) at ../../kern/vfs_syscalls.c:994
#13 0xc01dbf0a in syscall (frame={tf_fs = 47, tf_es = 47, tf_ds = 47, tf_edi = -1077936645, tf_esi = 2, 
      tf_ebp = -1077938168, tf_isp = -972783660, tf_ebx = -1077936832, tf_edx = -1077936635, tf_ecx = -1077936635, 
      tf_eax = 5, tf_trapno = 12, tf_err = 2, tf_eip = 134525628, tf_cs = 31, tf_eflags = 647, tf_esp = -1077939028, 
      tf_ss = 47}) at ../../i386/i386/trap.c:1073
#14 0xc01d0e86 in Xint0x80_syscall ()
#15 0x80482b9 in ?? ()
#16 0x80480f9 in ?? ()
(kgdb) frame 5
#5  0xc01bc0ad in atapi_queue_cmd (atp=0xc07b0000, ccb=0xc6047d68 "\036", data=0x0, count=0, flags=0, timeout=30, 
    callback=0, unused=0x0, bp=0x0) at ../../dev/ata/atapi-all.c:178
178	    request->ccbsize = (ATP_PARAM->cmdsize) ? 16 : 12;
(kgdb) p request
$1 = (struct atapi_request *) 0x0

(this seems odd, a few lines before that dereferenced request without a
problem.)

(kgdb) p *atp
$2 = {controller = 0x0, unit = 0, driver = 0x10, devname = 0x18 <Address 0x18 out of bounds>, cmd = 32 ' ', 
  flags = 1024}

That doesn't look very useful either... I'm guessing the fix should be
fairly simple (check something != NULL and return ESOMETHING if it is),
unfortunately as the drive seems to be working again I won't be able to
test it. :-(

kernel config file:

## $Id: PLATINUM,v 1.10 2000/02/20 20:34:28 ben Exp $

machine		i386
cpu		I586_CPU
ident		PLATINUM
maxusers	16

options 	ATA_STATIC_ID
options 	COMPAT_43
options 	FFS
options 	FFS_ROOT
options 	INET
options 	INET6
options 	KTRACE
options 	P1003_1B
options 	SOFTUPDATES
options 	SYSVSHM
options 	UCONSOLE
options 	_KPOSIX_PRIORITY_SCHEDULING

device		isa
device		atkbdc0	at isa? port IO_KBD
device		miibus
device		pci

device		ata
device		atadisk
device		atapicd

device		atkbd0	at atkbdc? irq 1
device		psm0	at atkbdc? irq 12

device		npx0	at nexus? port IO_NPX irq 13
device		rl
device		sc0	at isa?
device		vga0	at isa?

pseudo-device	bpf	4
pseudo-device	loop
pseudo-device	ether
pseudo-device	pty
pseudo-device	splash

If you want more information, let me know.

-- 
Ben Smithurst / ben@scientia.demon.co.uk / PGP: 0x99392F7D


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000309233915.T62624>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact