geom panic after TRYING to mount a flash "disk"
Mikhail Teterin
mi+kde at aldan.algebra.com
Mon Feb 12 04:11:19 UTC 2007
Hello!
I have a small MP3-player, which is recognized by umass(4):
umass2: vendor 0x10d6 USB 2.0(FS) FLASH DISK, rev 1.10/1.00, addr 2
pass7: <USB2.0 (FS) FLASH DISK 1.00> Removable Direct Access SCSI-0 device
da5: <USB2.0 (FS) FLASH DISK 1.00> Removable Direct Access SCSI-0 device
addr 1: OHCI root hub, NEC
addr 2: USB 2.0(FS) FLASH DISK, vendor 0x10d6
There are no /dev/da5s* entries created, and I _used to_ be able
to mount it as a straight /dev/da5:
mount -t msdosfs /dev/da5 /mnt
Last I tried, it worked with a 6.1-STABLE kernel as of a few months ago.
With the more recent 6.2-STABLE (as of a week ago and as of today), the
device is not mountable: "permission denied". The kernel log messages
complain about the device being write protected:
(da5:umass-sim2:2:0:0): DATA PROTECT asc:27,0
(da5:umass-sim2:2:0:0): Write protected
(da5:umass-sim2:2:0:0): error 13
(da5:umass-sim2:2:0:0): Unretryable Error
g_vfs_done():da5[WRITE(offset=512, length=4096)]error = 13
dev da5
There is no read-only switch on the device, although, maybe, "read-only"
can be turned through its software... Not sure -- I suspect the driver
mistake. :-(
What's worse is that 10-20 seconds after the unsuccessful mount attempt,
the kernel panics... According to the core, the culprit is at
/usr/src/sys/geom/geom_io.c:275
275 g_trace(G_T_BIO, "bio_request(%p) from %p(%s) to %p(%s) cmd %d",
276 bp, cp, cp->geom->name, pp, pp->name, bp->bio_cmd);
The pp (struct g_provider *) is NULL... FWIW, other items are:
(kgdb) p *bp
$1 = {bio_cmd = 2 '\002', bio_flags = 0 '\0', bio_cflags = 0 '\0', bio_pflags = 0 '\0', bio_dev = 0x0, bio_disk = 0x0,
bio_offset = 512, bio_bcount = 0, bio_data = 0xffffffffa327a200 "ЬЪЪ\177\003", bio_error = 0, bio_resid = 0,
bio_done = 0xffffffff80270030 <g_vfs_done>, bio_driver1 = 0x0, bio_driver2 = 0x0, bio_caller1 = 0x0,
bio_caller2 = 0xffffffffa164c968, bio_queue = {tqe_next = 0x0, tqe_prev = 0x0}, bio_attribute = 0x0, bio_from = 0x0,
bio_to = 0x0, bio_length = 4096, bio_completed = 0, bio_children = 0, bio_inbed = 0, bio_parent = 0x0, bio_t0 = {sec = 0,
frac = 0}, bio_task = 0, bio_task_arg = 0x0, bio_pblkno = 0}
(kgdb) p *cp
$2 = {geom = 0xffffff00c0e53600, consumer = {le_next = 0x0, le_prev = 0xffffff00c0e53620}, provider = 0x0, consumers = {
le_next = 0xffffff012152ac80, le_prev = 0xffffff012116c120}, acr = 0, acw = 0, ace = 0, spoiled = 0,
stat = 0xffffff000245e120, nstart = 33, nend = 33, private = 0x0, index = 0}
(kgdb) p *cp->geom
$3 = {name = 0xffffff0000ae5280 "з\003", class = 0xffffffff805cb460, geom = {le_next = 0xffffff00069cac00,
le_prev = 0xffffffff805cb4e0}, consumer = {lh_first = 0x0}, provider = {lh_first = 0x0}, geoms = {tqe_next = 0x0,
tqe_prev = 0xffffff00069cac30}, rank = 1, start = 0, spoiled = 0, dumpconf = 0, access = 0,
orphan = 0xffffffff802701c0 <g_vfs_orphan>, ioctl = 0, softc = 0xffffff00c528fb00, flags = 1}
At least some of it looks like junk... Other USB-devices attached to the
computer are:
addr 1: OHCI root hub, AMD
addr 1: OHCI root hub, AMD
addr 2: iRiver iHP-100 Series, iRiver
addr 1: OHCI root hub, NEC
addr 2: USB 2.0(FS) FLASH DISK, vendor 0x10d6
addr 1: OHCI root hub, NEC
addr 2: photosmart 7350, hp
addr 1: EHCI root hub, NEC
addr 2: USB Reader, Genesys
I have no problems mounting the iRiver's disk (as /dev/da4s1). Mounting
/dev/da5 read-only works too -- until the crash... It used to work --
would be nice to have it again...
Full stack attached. I'll keep the core around for some time -- let me
know, if you'd like other variables or some such.
-mi
-------------- next part --------------
[GDB will not be able to debug user-mode threads: /usr/lib/libthread_db.so: Undefined symbol "ps_pglobal_lookup"]
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "amd64-marcel-freebsd".
Unread portion of the kernel message buffer:
Fatal trap 12: page fault while in kernel mode
cpuid = 2; apic id = 02
fault virtual address = 0x0
fault code = supervisor read data, page not present
instruction pointer = 0x8:0xffffffff8026d0e6
stack pointer = 0x10:0xffffffffb3bcdaa0
frame pointer = 0x10:0xffffff00c05b7a00
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 48 (syncer)
trap number = 12
panic: page fault
cpuid = 2
Uptime: 1m27s
Dumping 4095 MB (3 chunks)
chunk 0: 1MB (156 pages) ... ok
chunk 1: 3551MB (909040 pages) 3535 3519 3503 3487 3471 3455 3439 3423 3407 3391 3375 3359 3343 3327 3311 3295 3279 3263 3247 3231 3215 3199 3183 3167 3151 3135 3119 3103 3087 3071 3055 3039 3023 3007 2991 2975 2959 2943 2927 2911 2895 2879 2863 2847 2831 2815 2799 2783 2767 2751 2735 2719 2703 2687 2671 2655 2639 2623 2607 2591 2575 2559 2543 2527 2511 2495 2479 2463 2447 2431 2415 2399 2383 2367 2351 2335 2319 2303 2287 2271 2255 2239 2223 2207 2191 2175 2159 2143 2127 2111 2095 2079 2063 2047 2031 2015 1999 1983 1967 1951 1935 1919 1903 1887 1871 1855 1839 1823 1807 1791 1775 1759 1743 1727 1711 1695 1679 1663 1647 1631 1615 1599 1583 1567 1551 1535 1519 1503 1487 1471 1455 1439 1423 1407 1391 1375 1359 1343 1327 1311 1295 1279 1263 1247 1231 1215 1199 1183 1167 1151 1135 1119 1103 1087 1071 1055 1039 1023 1007 991 975 959 943 927 911 895 879 863 847 831 815 799 783 767 751 735 719 703 687 671 655 639 623 607 591 575 559 543 527 511 495 479 463 447 431 415 399 383 367 3!
51 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15 ... ok
chunk 2: 544MB (139264 pages) 529 513 497 481 465 449 433 417 401 385 369 353 337 321 305 289 273 257 241 225 209 193 177 161 145 129 113 97 81 65 49 33 17 1
#0 doadump () at pcpu.h:172
172 __asm __volatile("movq %%gs:0,%0" : "=r" (td));
(kgdb) #0 doadump () at pcpu.h:172
#1 0x0000000000000004 in ?? ()
#2 0xffffffff802adbb7 in boot (howto=260) at /var/src/sys/kern/kern_shutdown.c:409
#3 0xffffffff802ae251 in panic (fmt=0xffffff012158d000 "XсМ \001ЪЪЪ аf!\001ЪЪЪ")
at /var/src/sys/kern/kern_shutdown.c:565
#4 0xffffffff8040866f in trap_fatal (frame=0xffffff012158d000,
eva=18446742979045348184) at /var/src/sys/amd64/amd64/trap.c:668
#5 0xffffffff804089ec in trap_pfault (frame=0xffffffffb3bcd9f0, usermode=0)
at /var/src/sys/amd64/amd64/trap.c:580
#6 0xffffffff80408ca3 in trap (frame=
{tf_rdi = -1096695984552, tf_rsi = -1096284407296, tf_rdx = -1096275380736, tf_rcx = 2, tf_r8 = 0, tf_r9 = 0, tf_rax = 4096, tf_rbx = -1096695984552, tf_rbp = -1096284407296, tf_r10 = -2141407968, tf_r11 = 512, tf_r12 = 0, tf_r13 = -1096695984376, tf_r14 = 4, tf_r15 = 0, tf_trapno = 12, tf_addr = 0, tf_flags = 1111771889584, tf_err = 0, tf_rip = -2144939802, tf_cs = 8, tf_rflags = 66178, tf_rsp = -1279468880, tf_ss = 0}) at /var/src/sys/amd64/amd64/trap.c:353
#7 0xffffffff803f3e9b in calltrap () at /var/src/sys/amd64/amd64/exception.S:168
#8 0xffffffff8026d0e6 in g_io_request (bp=0xffffff00a7d34e58,
cp=0xffffff00c05b7a00) at /var/src/sys/geom/geom_io.c:275
#9 0xffffffff803094cb in bufwrite (bp=0xffffffffa164c968) at buf.h:426
#10 0xffffffff8030dae7 in vop_stdfsync (ap=0xffffffffb3bcdbc0)
at /var/src/sys/kern/vfs_default.c:431
#11 0xffffffff8044df7d in VOP_FSYNC_APV (vop=0x1000, a=0xffffff00c05b7a00)
at vnode_if.c:1020
#12 0xffffffff803188b1 in sched_sync () at vnode_if.h:537
#13 0xffffffff80292b77 in fork_exit (callout=0xffffffff803184b0 <sched_sync>,
arg=0x0, frame=0xffffffffb3bcdc50) at /var/src/sys/kern/kern_fork.c:821
#14 0xffffffff803f41fe in fork_trampoline ()
at /var/src/sys/amd64/amd64/exception.S:394
#15 0x0000000000000000 in ?? ()
#16 0x0000000000000000 in ?? ()
#17 0x0000000000000001 in ?? ()
#18 0x0000000000000000 in ?? ()
#19 0x0000000000000000 in ?? ()
#20 0x0000000000000000 in ?? ()
#21 0x0000000000000000 in ?? ()
#22 0x0000000000000000 in ?? ()
#23 0x0000000000000000 in ?? ()
#24 0x0000000000000000 in ?? ()
#25 0x0000000000000000 in ?? ()
#26 0x0000000000000000 in ?? ()
#27 0x0000000000000000 in ?? ()
#28 0x0000000000000000 in ?? ()
#29 0x0000000000000000 in ?? ()
#30 0x0000000000000000 in ?? ()
#31 0x0000000000000000 in ?? ()
#32 0x0000000000000000 in ?? ()
#33 0x0000000000000000 in ?? ()
#34 0x0000000000000000 in ?? ()
#35 0x0000000000000000 in ?? ()
#36 0x0000000000000000 in ?? ()
#37 0x0000000000000000 in ?? ()
#38 0x0000000000000000 in ?? ()
#39 0x0000000000000000 in ?? ()
#40 0x0000000000000000 in ?? ()
#41 0x0000000000000000 in ?? ()
#42 0x0000000000000000 in ?? ()
#43 0x0000000000000000 in ?? ()
#44 0x0000000000000000 in ?? ()
#45 0x0000000000000000 in ?? ()
#46 0x0000000000000000 in ?? ()
#47 0x000000000080a000 in ?? ()
#48 0xffffffffb3bcd9f0 in ?? ()
#49 0x0000000000000104 in ?? ()
#50 0x0000000000000000 in ?? ()
#51 0xffffff0120edd358 in ?? ()
#52 0xffffff0121687980 in ?? ()
#53 0xffffffffb3bcd758 in ?? ()
#54 0xffffff012158d000 in ?? ()
#55 0xffffffff802c4326 in sched_switch (td=0x0, newtd=0x0, flags=560127504)
at /var/src/sys/kern/sched_4bsd.c:973
#56 0x0000000000000000 in ?? ()
#57 0x0000000000000000 in ?? ()
#58 0x0000000000000000 in ?? ()
#59 0x0000000000000000 in ?? ()
#60 0x0000000000000000 in ?? ()
#61 0x0000000000000000 in ?? ()
#62 0x0000000000000000 in ?? ()
#63 0x0000000000000000 in ?? ()
#64 0x0000000000000000 in ?? ()
#65 0x0000000000000000 in ?? ()
#66 0x0000000000000000 in ?? ()
#67 0x0000000000000000 in ?? ()
#68 0x0000000000000000 in ?? ()
#69 0x0000000000000000 in ?? ()
#70 0x0000000000000000 in ?? ()
#71 0x0000000000000000 in ?? ()
#72 0x0000000000000000 in ?? ()
#73 0x0000000000000000 in ?? ()
#74 0x0000000000000000 in ?? ()
#75 0x0000000000000000 in ?? ()
#76 0x0000000000000000 in ?? ()
#77 0x0000000000000000 in ?? ()
#78 0x0000000000000000 in ?? ()
#79 0x0000000000000000 in ?? ()
#80 0x0000000000000000 in ?? ()
#81 0x0000000000000000 in ?? ()
#82 0x0000000000000000 in ?? ()
#83 0x0000000000000000 in ?? ()
#84 0x0000000000000000 in ?? ()
#85 0x0000000000000000 in ?? ()
#86 0x0000000000000000 in ?? ()
#87 0x0000000000000000 in ?? ()
#88 0x0000000000000000 in ?? ()
#89 0x0000000000000000 in ?? ()
#90 0x0000000000000000 in ?? ()
#91 0x0000000000000000 in ?? ()
#92 0x0000000000000000 in ?? ()
#93 0x0000000000000000 in ?? ()
#94 0x0000000000000000 in ?? ()
#95 0x0000000000000000 in ?? ()
#96 0x0000000000000000 in ?? ()
#97 0x0000000000000000 in ?? ()
#98 0x0000000000000000 in ?? ()
#99 0x0000000000000000 in ?? ()
#100 0x0000000000000000 in ?? ()
#101 0x0000000000000000 in ?? ()
#102 0x0000000000000000 in ?? ()
#103 0x0000000000000000 in ?? ()
#104 0x0000000000000000 in ?? ()
#105 0x0000000000000000 in ?? ()
#106 0x0000000000000000 in ?? ()
#107 0x0000000000000000 in ?? ()
#108 0x0000000000000000 in ?? ()
#109 0x0000000000000000 in ?? ()
#110 0x0000000000000000 in ?? ()
#111 0x0000000000000000 in ?? ()
#112 0x0000000000000000 in ?? ()
#113 0x0000000000000000 in ?? ()
#114 0x0000000000000000 in ?? ()
#115 0x0000000000000000 in ?? ()
#116 0x0000000000000000 in ?? ()
#117 0x0000000000000000 in ?? ()
#118 0x0000000000000000 in ?? ()
#119 0x0000000000000000 in ?? ()
#120 0x0000000000000000 in ?? ()
#121 0x0000000000000000 in ?? ()
#122 0x0000000000000000 in ?? ()
#123 0x0000000000000000 in ?? ()
#124 0x0000000000000000 in ?? ()
#125 0x0000000000000000 in ?? ()
#126 0x0000000000000000 in ?? ()
#127 0x0000000000000000 in ?? ()
Cannot access memory at address 0xffffffffb3bce000
(kgdb)
More information about the freebsd-geom
mailing list