From simon@comsys.ntu-kpi.kiev.ua  Tue Jan 24 16:06:09 2006
Return-Path: <simon@comsys.ntu-kpi.kiev.ua>
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 89A8516A41F
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 24 Jan 2006 16:06:09 +0000 (GMT)
	(envelope-from simon@comsys.ntu-kpi.kiev.ua)
Received: from comsys.ntu-kpi.kiev.ua (comsys.ntu-kpi.kiev.ua [195.245.194.142])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 08FE743D6E
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 24 Jan 2006 16:05:59 +0000 (GMT)
	(envelope-from simon@comsys.ntu-kpi.kiev.ua)
Received: from pm513-1.comsys.ntu-kpi.kiev.ua (pm513-1.comsys.ntu-kpi.kiev.ua [10.18.52.101])
	(authenticated bits=0)
	by comsys.ntu-kpi.kiev.ua (8.12.10/8.12.10) with ESMTP id k0OGHqVO054901
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL)
	for <FreeBSD-gnats-submit@freebsd.org>; Tue, 24 Jan 2006 18:17:53 +0200 (EET)
Received: by pm513-1.comsys.ntu-kpi.kiev.ua (Postfix, from userid 1001)
	id DAB5B5C021; Tue, 24 Jan 2006 18:06:04 +0200 (EET)
Message-Id: <20060124160604.GA1641@pm513-1.comsys.ntu-kpi.kiev.ua>
Date: Tue, 24 Jan 2006 18:06:04 +0200
From: Andrey Simonenko <simon@comsys.ntu-kpi.kiev.ua>
To: FreeBSD-gnats-submit@freebsd.org
Subject: panic with mdconfig and mount_cd9660

>Number:         92269
>Category:       kern
>Synopsis:       [md] [panic] panic with mdconfig and mount_cd9660
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    rodrigc
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Jan 24 16:10:04 GMT 2006
>Closed-Date:    Tue Feb 06 02:43:32 GMT 2007
>Last-Modified:  Tue Feb 06 02:43:32 GMT 2007
>Originator:     Andrey Simonenko
>Release:        FreeBSD 6.0-STABLE i386
>Organization:
>Environment:

FreeBSD 6.0-STABLE i386 CVSup'ed 23 Jan 2006

>Description:

I debug one script which creates md-devices from ISO images and
then mounts created md-devices with mount_cd9660.  At some point
my system got following panic.

Unread portion of the kernel message buffer:


Fatal trap 12: page fault while in kernel mode
fault virtual address	= 0x47
fault code		= supervisor read, page not present
instruction pointer	= 0x20:0xc04a2052
stack pointer	        = 0x28:0xd54e2ad4
frame pointer	        = 0x28:0xd54e2ae8
code segment		= base 0x0, limit 0xfffff, type 0x1b
			= DPL 0, pres 1, def32 1, gran 1
processor eflags	= interrupt enabled, resume, IOPL = 0
current process		= 889 (mc)
trap number		= 12
panic: page fault
Uptime: 23m16s
Dumping 511 MB (2 chunks)
  chunk 0: 1MB (160 pages) ... ok
  chunk 1: 511MB (130800 pages) 495 479 463 447 431 415 399 383 367 351 335 319 303 287 271 255 239 223 207 191 175 159 143 127 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:165
165		__asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0  doadump () at pcpu.h:165
#1  0xc04da89a in boot (howto=260)
    at /Src/FreeBSD-6/src/sys/kern/kern_shutdown.c:399
#2  0xc04dab30 in panic (fmt=0xc067a418 "%s")
    at /Src/FreeBSD-6/src/sys/kern/kern_shutdown.c:555
#3  0xc0651ebc in trap_fatal (frame=0xd54e2a94, eva=71)
    at /Src/FreeBSD-6/src/sys/i386/i386/trap.c:836
#4  0xc0651c23 in trap_pfault (frame=0xd54e2a94, usermode=0, eva=71)
    at /Src/FreeBSD-6/src/sys/i386/i386/trap.c:744
#5  0xc0651881 in trap (frame=
      {tf_fs = 8, tf_es = 40, tf_ds = 40, tf_edi = -1018538688, tf_esi = 71, tf_ebp = -716297496, tf_isp = -716297536, tf_ebx = -1017898152, tf_edx = 2048, tf_ecx = 0, tf_eax = 1, tf_trapno = 12, tf_err = 0, tf_eip = -1068883886, tf_cs = 32, tf_eflags = 66182, tf_esp = 1, tf_ss = 0})
    at /Src/FreeBSD-6/src/sys/i386/i386/trap.c:434
#6  0xc064192a in calltrap ()
    at /Src/FreeBSD-6/src/sys/i386/i386/exception.s:139
#7  0xc04a2052 in g_io_request (bp=0xc3541b58, cp=0xc34a5540)
    at /Src/FreeBSD-6/src/sys/geom/geom_io.c:259
#8  0xc04a45a9 in g_vfs_strategy (bo=0x1, bp=0xcd58bdd0)
    at /Src/FreeBSD-6/src/sys/geom/geom_vfs.c:106
#9  0xc04ac4ed in cd9660_strategy (ap=0x1)
    at /Src/FreeBSD-6/src/sys/isofs/cd9660/cd9660_vnops.c:756
---Type <return> to continue, or q <return> to quit---
#10 0xc0666ab1 in VOP_STRATEGY_APV (vop=0xc06b08e0, a=0xd54e2b3c)
    at vnode_if.c:1796
#11 0xc0524878 in bufstrategy (bo=0xc35e4b60, bp=0x1) at vnode_if.h:928
#12 0xc051f1b9 in breadn (vp=0xc35e4aa0, blkno=0, size=2048, rablkno=0x0, 
    rabsize=0x0, cnt=0, cred=0x0, bpp=0x1) at buf.h:415
#13 0xc051f0fc in bread (vp=0xc35e4aa0, blkno=0, size=2048, cred=0x0, 
    bpp=0xd54e2bc8) at /Src/FreeBSD-6/src/sys/kern/vfs_bio.c:719
#14 0xc04a8df5 in cd9660_blkatoff (vp=0x800, offset=0, res=0x0, bpp=0xd54e2c28)
    at /Src/FreeBSD-6/src/sys/isofs/cd9660/cd9660_lookup.c:407
#15 0xc04abfc6 in cd9660_readdir (ap=0xd54e2c90)
    at /Src/FreeBSD-6/src/sys/isofs/cd9660/cd9660_vnops.c:514
#16 0xc06667bc in VOP_READDIR_APV (vop=0x1, a=0x800) at vnode_if.c:1427
#17 0xc053a03b in getdirentries (td=0xc2fe7000, uap=0xd54e2d04)
    at vnode_if.h:746
#18 0xc06521d3 in syscall (frame=
      {tf_fs = 59, tf_es = 59, tf_ds = 59, tf_edi = 135183488, tf_esi = 0, tf_ebp = -1077944008, tf_isp = -716296860, tf_ebx = 674616552, tf_edx = 0, tf_ecx = 0, tf_eax = 196, tf_trapno = 0, tf_err = 2, tf_eip = 674469883, tf_cs = 51, tf_eflags = 582, tf_esp = -1077944052, tf_ss = 59})
    at /Src/FreeBSD-6/src/sys/i386/i386/trap.c:981
#19 0xc064197f in Xint0x80_syscall ()
    at /Src/FreeBSD-6/src/sys/i386/i386/exception.s:200
#20 0x00000033 in ?? ()
Previous frame inner to this frame (corrupt stack?)

>How-To-Repeat:

My system got this panic while I debug and restart my script several
times, cannot reproduce this problem.

>Fix:
>Release-Note:
>Audit-Trail:

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/92269: commit references a PR
Date: Tue,  6 Feb 2007 02:37:51 +0000 (UTC)

 rodrigc     2007-02-06 02:37:43 UTC
 
   FreeBSD src repository
 
   Modified files:        (Branch: RELENG_6)
     sys/isofs/cd9660     cd9660_vfsops.c 
   Log:
   MFC: 1.142
   
   Check the actual sector size of the underlying media before mounting.
   Prevents a kernel panic if you try to "mount_cd9660 /dev/acd0 /mnt" while
   an audio CD is in the CD-ROM drive.
   
   PR:     92269
   
   Revision   Changes    Path
   1.140.2.5  +12 -3     src/sys/isofs/cd9660/cd9660_vfsops.c
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->closed 
State-Changed-By: rodrigc 
State-Changed-When: Tue Feb 6 02:42:26 UTC 2007 
State-Changed-Why:  
I recognize the backtrace...I fixed this problem for a different 
reason in CURRENT (trying to mount_cd9660 an audio CD), so I MFC'd 
the fix. 


Responsible-Changed-From-To: freebsd-bugs->rodrigc 
Responsible-Changed-By: rodrigc 
Responsible-Changed-When: Tue Feb 6 02:42:26 UTC 2007 
Responsible-Changed-Why:  
I recognize the backtrace...I fixed this problem for a different 
reason in CURRENT (trying to mount_cd9660 an audio CD), so I MFC'd 
the fix. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=92269 
>Unformatted:
