From avn@ns.any.ru  Tue Mar 20 23:33:53 2001
Return-Path: <avn@ns.any.ru>
Received: from ns.any.ru (ns.any.ru [194.67.127.11])
	by hub.freebsd.org (Postfix) with ESMTP id BF28837B71F
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 20 Mar 2001 23:33:51 -0800 (PST)
	(envelope-from avn@ns.any.ru)
Received: (from avn@localhost)
	by ns.any.ru (8.11.2/8.11.2) id f2L7XSL67237
	for FreeBSD-gnats-submit@freebsd.org.AVP; Wed, 21 Mar 2001 10:33:28 +0300 (MSK)
	(envelope-from avn)
Received: (from avn@localhost)
	by ns.any.ru (8.11.2/8.11.2) id f2L7XSR67228;
	Wed, 21 Mar 2001 10:33:28 +0300 (MSK)
	(envelope-from avn)
Message-Id: <200103210733.f2L7XSR67228@ns.any.ru>
Date: Wed, 21 Mar 2001 10:33:28 +0300 (MSK)
From: "Alexey V. Neyman" <avn@ns.any.ru>
Reply-To: avn@ns.any.ru
To: FreeBSD-gnats-submit@freebsd.org
Subject: mounting unclosed CD-R causes kernel panic <Synopsis of the problem (one line)>
X-Send-Pr-Version: 3.2

>Number:         25960
>Category:       kern
>Synopsis:       mounting unclosed CD-R causes kernel panic
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    sos
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Mar 20 23:40:01 PST 2001
>Closed-Date:    Mon Apr 2 12:16:08 PDT 2001
>Last-Modified:  Mon Apr 02 12:17:38 PDT 2001
>Originator:     Alexey V. Neyman
>Release:        FreeBSD 4.2-STABLE i386
>Organization:
ANY.RU 
>Environment:

FreeBSD srv2.any 4.3-BETA FreeBSD 4.3-BETA #0: Fri Mar 16 01:43:09 MSK 2001
toor@srv2.any:/usr2/obj/usr2/src/sys/AMD4DEBUG  i386

>Description:

making unclosed CD-R (burncd without fixate command) and later mounting it
causes kernel panic:
Fatal trap 12: page fault while in kernel mode
fault virtual address   = 0xc0c21000
fault code              = supervisor write, page not present
instruction pointer     = 0x8:0xc01f2d82
stack pointer           = 0x10:0xc025b8d0
frame pointer           = 0x10:0xc025b8e0
code segment            = base 0x0, limit 0xfffff, type 0x1b
                        = DPL 0, pres 1, def32 1, gran 1
processor eflags        = interrupt enabled, resume, IOPL = 0
current process         = Idle
interrupt mask          = bio

backtrace of the stack in gdb shows:
#0  0xc013ed5e in dumpsys ()
#1  0xc013eb7f in boot ()
#2  0xc013ef15 in panic ()
#3  0xc011d759 in db_panic ()
#4  0xc011d6f9 in db_command ()
#5  0xc011d7be in db_command_loop ()
#6  0xc011f8cb in db_trap ()
#7  0xc020a402 in kdb_trap ()
#8  0xc0219820 in trap_fatal ()
#9  0xc02194f9 in trap_pfault ()
#10 0xc021909b in trap ()
#11 0xc01f2d82 in atapi_read ()
#12 0xc01f2823 in atapi_interrupt ()
#13 0xc01ec33e in ata_intr ()

also (it may be related) burncd fixate produces an error
like 'ioctl(...): Input/output error.

>How-To-Repeat:

#burncd -f /dev/acd0c data i1.iso
#mount_cd9660 /dev/acd0c /cdrom


>Fix:

	

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->sos 
Responsible-Changed-By: phk 
Responsible-Changed-When: Wed Mar 28 10:24:29 PST 2001 
Responsible-Changed-Why:  
MrATA issue. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=25960 
State-Changed-From-To: open->closed 
State-Changed-By: sos 
State-Changed-When: Mon Apr 2 12:16:08 PDT 2001 
State-Changed-Why:  
You cannot mount or use an unfixated CDR/CDRW, granted the  
fs code should be more robust, but thats another matter. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=25960 
>Unformatted:
