i386/60690: atapicd driver causes spontaneous unconditional reboots after media change

Seva Gluschenko gvs at rinet.ru
Mon Dec 29 06:10:20 PST 2003 

>Number:         60690
>Category:       i386
>Synopsis:       atapicd driver causes spontaneous unconditional reboots after media change
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-i386
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 29 06:10:16 PST 2003
>Closed-Date:
>Last-Modified:
>Originator:     Seva Gluschenko
>Release:        FreeBSD 5.2-CURRENT i386
>Organization:
Yandex LLC
>Environment:
System: FreeBSD road.yandex.ru 5.2-CURRENT FreeBSD 5.2-CURRENT #2: Mon Dec 22 19:53:00 MSK 2003 root@:/local/obj/local/usr/src/sys/ROAD i386


	
>Description:
	It looks like incorrect memory handling somewhere in atapicd driver
	because it causes spontaneous reboots after media change when trying
	to access media. The typical crash happens when new audio CD is
	inserted and "play" command issued (e.g. with cdcontrol), once it
	happened after inserting DVD and mplayer -dvd-device /dev/acd0 ...

	The last time it happened with AudioCD playback started, so last few
	seconds before reboot I listened to the music ;>.

	The /var/run/dmesg.boot shows page fault in kernel mode:

acd0: FAILURE - READ_CD status=51<READY,DSC,ERROR> sensekey=ILLEGAL REQUEST error=0
acd0: FAILURE - READ_CD status=51<READY,DSC,ERROR> sensekey=ILLEGAL REQUEST error=0
acd0: FAILURE - READ_CD status=51<READY,DSC,ERROR> sensekey=ILLEGAL REQUEST error=0


Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0x1c
fault code              = supervisor read, page not present
instruction pointer     = 0x8:0xc04fc2ec
stack pointer           = 0x10:0xd6d49c88
frame pointer           = 0x10:0xd6d49c9c
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = 2 (g_event)
trap number             = 12
panic: page fault

syncing disks, buffers remaining... 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811 3811
 3811 3811
giving up on 303 buffers
Uptime: 6d23h43m31s

	Hardware is:

CPU: Intel(R) Pentium(R) 4 CPU 1.80GHz (1795.51-MHz 686-class CPU)
  Origin = "GenuineIntel"  Id = 0xf27  Stepping = 7
real memory  = 527630336 (503 MB)
avail memory = 510771200 (487 MB)
Pentium Pro MTRR support enabled
VESA: v3.0, 8000k memory, flags:0x1, mode table:0xc06a6520 (1000040)
VESA: Intel(r)865G Graphics Chip Accelerated VGA BIOS
atapci0: <Intel ICH5 UDMA100 controller> port 0xfc00-0xfc0f,0-0x3,0-0x7,0-0x3,0-0x7 at device 31.1 on pci0
ata0: at 0x1f0 irq 14 on atapci0
ata0: [MPSAFE]
ata1: at 0x170 irq 15 on atapci0
ata1: [MPSAFE]
ad0: 38166MB <ST340014A> [77545/16/63] at ata0-master UDMA100
acd0: DVDROM <DV-516D 0106> at ata1-master UDMA33

	(portions from /var/run/dmesg.boot, again). This is ASUS P4-P800 m/b.

>How-To-Repeat:
	Get the same (I think it's important) h/w and run cdcontrol several times, changing
	media in DVD-ROM. You're likely to catch the trap after 4 or 5 tries. Kscd from KDE
	caused it at the 2nd disk, though.
>Fix:

	Sorry, no fix available.
	


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-i386 mailing list