Subject: kern/13065: mounting a CD panics the system
To: None <gnats-bugs@gnats.netbsd.org>
From: None <jarkko.teppo@er-grp.com>
List: netbsd-bugs
Date: 05/29/2001 08:42:22
>Number: 13065
>Category: kern
>Synopsis: mounting a CD panics the system
>Confidential: no
>Severity: critical
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue May 29 08:41:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Jarkko Teppo
>Release: 1.5.1_BETA2
>Organization:
>Environment:
NetBSD varasto 1.5.1_BETA2 NetBSD 1.5.1_BETA2 (GENERIC) #17: Fri May 11 13:19:46 MEST 2001 he@isabel.runit.no:/usr/src/sys/arch/hp300/compile/GENERIC hp300
>Description:
I can reliably panic a hp300 system by just mounting a CD. This happens
with 1.5, 1.5.1BETA2 and with the ELF snapshot from January(?). This
is reproducable and does *not* happen on 1.4.3.
Compiling a kernel without softdeps doesn't help.
Here are the results on a 382 with 16MB memory, Fireball disk
and Mathushita CD-ROM:
varasto# mount -t cd9660^H^C
varasto# stty erase ^H
varasto# mount -o ro -t cd9660 /dev/sd1c /mnt
sd1: WARNING: no disk label, defining `c' partition as entire disk
May 25 04:09:54 varasto /netbsd: sd1: WARNING: no disk label, defining `c' parti
tion as entire disk
varasto#
varasto#
varasto# umount /mnt
varasto# !-2
mount -o ro -t cd9660 /dev/sd1c /mnt
uvm_fault(0x14845c, 0x6d207000, 0, 0x1) -> 0x1
type 8, code [mmu,,ssw]: 545
trap type 8, code = 0x545, v = 0x6d20737e
kernel program counter = 0xe19f2
kernel: MMU fault trap
pid = 253, pc = 000E19F2, ps = 2400, sfc = 1, dfc = 1
Registers:
0 1 2 3 4 5 6 7
dreg: 00100210 FFFFFFFF 00002404 00002400 0013F28C 0013F28C 00000001 FFFFFFFE
areg: 000E53DC 6D207374 01C5FC80 6D207374 0013F28C 01C5FC80 00627B74 FFEFFC58
Kernel stack (00627AA4):
627AA4: 0012852E 00627AF4 00000080 00002404 00002400 0013F28C 0013F28C 00000001
627AC4: FFFFFFFE 01C5FC80 6D207374 0013F28C 01C5FC80 00000000 00000000 00627B74
627AE4: 0000191A 00000008 00000545 6D20737E 00100210 FFFFFFFF 00002404 00002400
627B04: 0013F28C 0013F28C 00000001 FFFFFFFE 000E53DC 6D207374 01C5FC80 6D207374
627B24: 0013F28C 01C5FC80 00627B74 FFEFFC58 00000000 2400000E 19F27008 00627B9C
627B44: 05450005 00450005 6D20737E 00627B74 00627BAC 01C5FC80 00627B9C 0011B47E
627B64: 00A20000 00000007 01C06DD6 01C054F6 00627BAC 000E5416 6D207374 00002404
627B84: 00002400 0000040A 00000001 01C5FC80 01C5FC80 0011B81E 00000000 0011B860
627BA4: 01C06D80 00000000 00627BC4 000443AE 01C5FC80 01C054F6 00000008 01C05400
627BC4: 00627BD4 0011CF1A 01C5FC80 01C05400 00627BF8 0011D014 01C05400 01C5FC80
627BE4: 00002004 00000008 01C05400 01C05400 01C83F20 00627C08 0011CDB4 01C05400
627C04: 01C5FC80 00627C30 0011CD4C 00000001 0000040A 00000008 0000040A 00000000
627C24: 0000000C 01C5FC80 01C05400 00627C5C 0011C590 01C5FC80 0000007C 00000002
627C44: 00000000 00000000 00000001 01C05200 005BB050 01C05400 00627C90 0011C754
627C64: 01C05400 0000040A 0000040A 0000000A 00000000 00006000 000000FF 01C05400
627C84: 005BB050 00627D5C 00000000 00627CB4 0011C8E0 0000040A 00000000 0000040A
panic: MMU fault
Stopped in mount_cd9660 at _cpu_Debugger+0x6: unlk a6
db> t
_cpu_Debugger(2404,627af4,8,308be,627ae0) + 6
_panic(128100,2404,2400,13f28c,13f28c) + 60
_trap(8,545,6d20737e) + 234
_worklist_remove(6d207374) + 1c
_softdep_disk_write_complete(1c5fc80) + 36
_biodone(1c5fc80,1c05400,627bf8,11d014,1c05400) + 5a
_sdfinish(1c05400,1c5fc80,2004,8,1c05400) + 48
_sdstart(1c05400,1c5fc80,627c30,11cd4c,1) + ac
_sdustart(1) + 2a
_sdstrategy(1c5fc80,7c,2) + 170
_sdgetcapacity(1c05400,40a) + ee
_sdgetinfo(40a,0,40a,616328,1) + 5e
_sdopen(40a,1,6000,616328,616328) + 84
_spec_open(627d5c) + 1b4
_iso_mountfs(5bb050,1c82400,616328,627db8) + d8
_cd9660_mount(1c82400,ffeffd89,ffeffc84,627e8c,616328) + 15e
_sys_mount(616328,627f88,627f80) + 3e8
_syscall(15) + 114
_trap0() + e
db>
>How-To-Repeat:
Boot 1.5.x on hp300, mount a CD.
>Fix:
No idea. Probably look at how softdeps treat a device, as a normal
CD-ROM shows up as sd on hp300's. It might get confused. or not.
>Release-Note:
>Audit-Trail:
>Unformatted: