kern/181289: "sys/dev/arcmsr" causes page fault

Stefan Zimmermann mail at szimmermann.net
Wed Aug 14 13:30:00 UTC 2013 

>Number:         181289
>Category:       kern
>Synopsis:       "sys/dev/arcmsr" causes page fault
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Aug 14 13:30:00 UTC 2013
>Closed-Date:
>Last-Modified:
>Originator:     Stefan Zimmermann
>Release:        FreeBSD 9.2-PRERELEASE (GENERIC)
>Organization:
>Environment:
FreeBSD storage.dmz.local 9.2-PRERELEASE FreeBSD 9.2-PRERELEASE #1: Mon Aug 12 13:17:24 CEST 2013     root at storage.dmz.local:/usr/obj/usr/src/sys/GENERIC  amd64

>Description:
Under some circumstances the ARECA-RAID device driver causes a page fault; it't not known if this happens only under heavy i/o, but it seems that in such situations the error will raise earlier.

Side hint: Over in the FreeNAS forums is a guy who experienced almost the same problem (http://forums.freenas.org/threads/areca-driver-arcmsr-crashing-since-8-3.11779/).

Interesting is here, that he uses almost the same hardware-environment as me.

I can provide any information about the whole environment, but here are the short facts ...

CPU: Dual Core AMD Opteron(tm) Processor 275 (2193.80-MHz K8-class CPU)

RAM: 16 GB

ARECA ARC-1160 RAID-CONTROLLER

Firmware Version: V1.49 2010-12-02
BOOT ROM Version: V1.49 2010-12-02

Find below the relevant parts of the crash dump (can provide the whole dump if needed) ...

--- BEGIN: CRASH DUMP ---

Fatal trap 12: page fault while in kernel mode
cpuid = 0; apic id = 00
fault virtual address = 0xffffff84d63c8ae8
fault code = supervisor read data, page not present
instruction pointer = 0x20:0xffffffff80d01802
stack pointer = 0x28:0xffffff84686e1af0
frame pointer = 0x28:0xffffff84686e1b10
code segment = base 0x0, limit 0xfffff, type 0x1b
 = DPL 0, pres 1, long 1, def32 0, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = 12 (irq30: arcmsr0)
trap number = 12
panic: page fault
cpuid = 0
KDB: stack backtrace:
#0 0xffffffff80948e26 at kdb_backtrace+0x66
#1 0xffffffff8090ed8e at panic+0x1ce
#2 0xffffffff80cf36b0 at trap_fatal+0x290
#3 0xffffffff80cf3a11 at trap_pfault+0x211
#4 0xffffffff80cf3fc4 at trap+0x344
#5 0xffffffff80cdd2f3 at calltrap+0x8
#6 0xffffffff80d01ede at arcmsr_interrupt+0x51e
#7 0xffffffff80d0211e at arcmsr_intr_handler+0x3e
#8 0xffffffff808e000d at intr_event_execute_handlers+0xfd
#9 0xffffffff808e17fd at ithread_loop+0x9d
#10 0xffffffff808dca5f at fork_exit+0x11f
#11 0xffffffff80cdd81e at fork_trampoline+0xe



#0  doadump (textdump=<value optimized out>) at pcpu.h:234
#1  0xffffffff8090e866 in kern_reboot (howto=260)
    at /usr/src/sys/kern/kern_shutdown.c:449
#2  0xffffffff8090ed67 in panic (fmt=0x1 <Address 0x1 out of bounds>)
    at /usr/src/sys/kern/kern_shutdown.c:637
#3  0xffffffff80cf36b0 in trap_fatal (frame=0xc, eva=<value optimized out>)
    at /usr/src/sys/amd64/amd64/trap.c:879
#4  0xffffffff80cf3a11 in trap_pfault (frame=0xffffff84686e1a40, usermode=0)
    at /usr/src/sys/amd64/amd64/trap.c:795
#5  0xffffffff80cf3fc4 in trap (frame=0xffffff84686e1a40)
    at /usr/src/sys/amd64/amd64/trap.c:463
#6  0xffffffff80cdd2f3 in calltrap ()
    at /usr/src/sys/amd64/amd64/exception.S:232
#7  0xffffffff80d01802 in arcmsr_drain_donequeue (acb=0xffffff800085d000, 
    flag_srb=2014202080, error=0) at /usr/src/sys/dev/arcmsr/arcmsr.c:835
#8  0xffffffff80d01ede in arcmsr_interrupt (acb=0xffffff800085d000)
    at /usr/src/sys/dev/arcmsr/arcmsr.c:1890
#9  0xffffffff80d0211e in arcmsr_intr_handler (arg=<value optimized out>)
    at /usr/src/sys/dev/arcmsr/arcmsr.c:2168
#10 0xffffffff808e000d in intr_event_execute_handlers (
    p=<value optimized out>, ie=0xfffffe000839c900)
    at /usr/src/sys/kern/kern_intr.c:1272
#11 0xffffffff808e17fd in ithread_loop (arg=0xfffffe000a3b49e0)
    at /usr/src/sys/kern/kern_intr.c:1285
#12 0xffffffff808dca5f in fork_exit (
    callout=0xffffffff808e1760 <ithread_loop>, arg=0xfffffe000a3b49e0, 
    frame=0xffffff84686e1c40) at /usr/src/sys/kern/kern_fork.c:992
#13 0xffffffff80cdd81e in fork_trampoline ()
    at /usr/src/sys/amd64/amd64/exception.S:606
#14 0x0000000000000000 in ?? ()



(kgdb) list *0xffffffff80d01802
0xffffffff80d01802 is in arcmsr_drain_donequeue (/usr/src/sys/dev/arcmsr/arcmsr.c:838).
833   case ACB_ADAPTER_TYPE_B:
834   default:
835     srb = (struct CommandControlBlock *)(acb->vir2phy_offset+(flag_srb << 5));/*frame must be 32 bytes aligned*/
836     break;
837   }
838   if((srb->acb != acb) || (srb->srb_state != ARCMSR_SRB_START)) {
839     if(srb->srb_state == ARCMSR_SRB_TIMEOUT) {
840       arcmsr_free_srb(srb);
841       printf("arcmsr%d: srb='%p' return srb has been timeouted\n", acb->pci_unit, srb);
842       return;

--- END: CRASH DUMP ---

>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list