From nobody@FreeBSD.org Tue Jan 27 06:22:10 2009 Return-Path: Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5F9BC106566C for ; Tue, 27 Jan 2009 06:22:10 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 43DE38FC1B for ; Tue, 27 Jan 2009 06:22:10 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n0R6M9K8092171 for ; Tue, 27 Jan 2009 06:22:09 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.3/8.14.3/Submit) id n0R6M9OQ092170; Tue, 27 Jan 2009 06:22:09 GMT (envelope-from nobody) Message-Id: <200901270622.n0R6M9OQ092170@www.freebsd.org> Date: Tue, 27 Jan 2009 06:22:09 GMT From: Dominic Fandrey To: freebsd-gnats-submit@FreeBSD.org Subject: hald causing panic in atapicam X-Send-Pr-Version: www-3.1 X-GNATS-Notify: >Number: 131032 >Category: kern >Synopsis: [panic] hald causing panic in scsi_sg >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-scsi >State: closed >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jan 27 06:30:05 UTC 2009 >Closed-Date: Wed Dec 09 11:35:21 UTC 2009 >Last-Modified: Wed Dec 09 11:35:21 UTC 2009 >Originator: Dominic Fandrey >Release: RELENG_7 >Organization: private >Environment: FreeBSD mobileKamikaze.norad 7.1-STABLE FreeBSD 7.1-STABLE #0: Tue Jan 13 17:15:12 CET 2009 root@mobileKamikaze.norad:/usr/obj/HP6510b/amd64/usr/src/sys/HP6510b amd64 >Description: With hald running as soon as a USB storage device appears the system instantly panics. This applies to any USB storage device, such as hard disks, sticks and card readers. Without hald I can use USB storage devices just fine (even boot FreeBSD from them, since glabel solved the device naming troubles). I have selected high priority, because hald is now used by X and I suspect sooner or later it won't be possible to override this in the xorg.conf file any more. GNU gdb 6.1.1 [FreeBSD] Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-marcel-freebsd"... Unread portion of the kernel message buffer: kernel trap 12 with interrupts disabled Fatal trap 12: page fault while in kernel mode cpuid = 0; apic id = 00 fault virtual address = 0x30 fault code = supervisor read data, page not present instruction pointer = 0x8:0xffffffff80238a70 stack pointer = 0x10:0xffffffffaf32f920 frame pointer = 0x10:0xffffff0026618370 code segment = base 0x0, limit 0xfffff, type 0x1b = DPL 0, pres 1, long 1, def32 0, gran 1 processor eflags = resume, IOPL = 0 current process = 7086 (hald-probe-storage) trap number = 12 panic: page fault cpuid = 0 Uptime: 43m15s Physical memory: 2029 MB Dumping 314 MB: 299 283 267 251 235 219 203 187 (CTRL-C to abort) (CTRL-C to abort) (CTRL-C to abort) 171 155 139 123 107 91 75 59 43 27 11 Reading symbols from /boot/kernel/geom_md.ko...Reading symbols from /boot/kernel/geom_md.ko.symbols...done. done. Loaded symbols for /boot/kernel/geom_md.ko Reading symbols from /boot/kernel/linux.ko...Reading symbols from /boot/kernel/linux.ko.symbols...done. done. Loaded symbols for /boot/kernel/linux.ko Reading symbols from /boot/kernel/if_bge.ko...Reading symbols from /boot/kernel/if_bge.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_bge.ko Reading symbols from /boot/kernel/miibus.ko...Reading symbols from /boot/kernel/miibus.ko.symbols...done. done. Loaded symbols for /boot/kernel/miibus.ko Reading symbols from /boot/kernel/snd_hda.ko...Reading symbols from /boot/kernel/snd_hda.ko.symbols...done. done. Loaded symbols for /boot/kernel/snd_hda.ko Reading symbols from /boot/kernel/sound.ko...Reading symbols from /boot/kernel/sound.ko.symbols...done. done. Loaded symbols for /boot/kernel/sound.ko Reading symbols from /boot/kernel/usb.ko...Reading symbols from /boot/kernel/usb.ko.symbols...done. done. Loaded symbols for /boot/kernel/usb.ko Reading symbols from /boot/kernel/ugen.ko...Reading symbols from /boot/kernel/ugen.ko.symbols...done. done. Loaded symbols for /boot/kernel/ugen.ko Reading symbols from /boot/kernel/ums.ko...Reading symbols from /boot/kernel/ums.ko.symbols...done. done. Loaded symbols for /boot/kernel/ums.ko Reading symbols from /boot/kernel/umass.ko...Reading symbols from /boot/kernel/umass.ko.symbols...done. done. Loaded symbols for /boot/kernel/umass.ko Reading symbols from /boot/kernel/cam.ko...Reading symbols from /boot/kernel/cam.ko.symbols...done. done. Loaded symbols for /boot/kernel/cam.ko Reading symbols from /boot/kernel/agp.ko...Reading symbols from /boot/kernel/agp.ko.symbols...done. done. Loaded symbols for /boot/kernel/agp.ko Reading symbols from /boot/kernel/random.ko...Reading symbols from /boot/kernel/random.ko.symbols...done. done. Loaded symbols for /boot/kernel/random.ko Reading symbols from /boot/kernel/atadisk.ko...Reading symbols from /boot/kernel/atadisk.ko.symbols...done. done. Loaded symbols for /boot/kernel/atadisk.ko Reading symbols from /boot/kernel/ata.ko...Reading symbols from /boot/kernel/ata.ko.symbols...done. done. Loaded symbols for /boot/kernel/ata.ko Reading symbols from /boot/kernel/atapci.ko...Reading symbols from /boot/kernel/atapci.ko.symbols...done. done. Loaded symbols for /boot/kernel/atapci.ko Reading symbols from /boot/modules/u3g.ko...done. Loaded symbols for /boot/modules/u3g.ko Reading symbols from /boot/kernel/ucom.ko...Reading symbols from /boot/kernel/ucom.ko.symbols...done. done. Loaded symbols for /boot/kernel/ucom.ko Reading symbols from /boot/kernel/atapicd.ko...Reading symbols from /boot/kernel/atapicd.ko.symbols...done. done. Loaded symbols for /boot/kernel/atapicd.ko Reading symbols from /boot/kernel/atapicam.ko...Reading symbols from /boot/kernel/atapicam.ko.symbols...done. done. Loaded symbols for /boot/kernel/atapicam.ko Reading symbols from /boot/kernel/if_wpi.ko...Reading symbols from /boot/kernel/if_wpi.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_wpi.ko Reading symbols from /boot/kernel/wlan.ko...Reading symbols from /boot/kernel/wlan.ko.symbols...done. done. Loaded symbols for /boot/kernel/wlan.ko Reading symbols from /boot/kernel/firmware.ko...Reading symbols from /boot/kernel/firmware.ko.symbols...done. done. Loaded symbols for /boot/kernel/firmware.ko Reading symbols from /boot/kernel/wlan_amrr.ko...Reading symbols from /boot/kernel/wlan_amrr.ko.symbols...done. done. Loaded symbols for /boot/kernel/wlan_amrr.ko Reading symbols from /boot/kernel/wpifw.ko...Reading symbols from /boot/kernel/wpifw.ko.symbols...done. done. Loaded symbols for /boot/kernel/wpifw.ko Reading symbols from /boot/kernel/wlan_scan_sta.ko...Reading symbols from /boot/kernel/wlan_scan_sta.ko.symbols...done. done. Loaded symbols for /boot/kernel/wlan_scan_sta.ko Reading symbols from /boot/kernel/wlan_ccmp.ko...Reading symbols from /boot/kernel/wlan_ccmp.ko.symbols...done. done. Loaded symbols for /boot/kernel/wlan_ccmp.ko Reading symbols from /boot/kernel/wlan_tkip.ko...Reading symbols from /boot/kernel/wlan_tkip.ko.symbols...done. done. Loaded symbols for /boot/kernel/wlan_tkip.ko Reading symbols from /boot/kernel/cpufreq.ko...Reading symbols from /boot/kernel/cpufreq.ko.symbols...done. done. Loaded symbols for /boot/kernel/cpufreq.ko Reading symbols from /boot/kernel/uvisor.ko...Reading symbols from /boot/kernel/uvisor.ko.symbols...done. done. Loaded symbols for /boot/kernel/uvisor.ko Reading symbols from /boot/kernel/nullfs.ko...Reading symbols from /boot/kernel/nullfs.ko.symbols...done. done. Loaded symbols for /boot/kernel/nullfs.ko Reading symbols from /boot/kernel/if_tun.ko...Reading symbols from /boot/kernel/if_tun.ko.symbols...done. done. Loaded symbols for /boot/kernel/if_tun.ko Reading symbols from /usr/local/modules/fuse.ko...done. Loaded symbols for /usr/local/modules/fuse.ko Reading symbols from /boot/kernel/i915.ko...Reading symbols from /boot/kernel/i915.ko.symbols...done. done. Loaded symbols for /boot/kernel/i915.ko Reading symbols from /boot/kernel/drm.ko...Reading symbols from /boot/kernel/drm.ko.symbols...done. done. Loaded symbols for /boot/kernel/drm.ko #0 doadump () at pcpu.h:195 195 pcpu.h: No such file or directory. in pcpu.h (kgdb) bt #0 doadump () at pcpu.h:195 #1 0x0000000000000004 in ?? () #2 0xffffffff80205ce1 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:418 #3 0xffffffff8020611c in panic (fmt=0x104
) at /usr/src/sys/kern/kern_shutdown.c:574 #4 0xffffffff803e93aa in trap_fatal (frame=0xffffff0026618370, eva=Variable "eva" is not available. ) at /usr/src/sys/amd64/amd64/trap.c:764 #5 0xffffffff803e9f74 in trap (frame=0xffffffffaf32f870) at /usr/src/sys/amd64/amd64/trap.c:290 #6 0xffffffff803d0b5e in calltrap () at /usr/src/sys/amd64/amd64/exception.S:209 #7 0xffffffff80238a70 in turnstile_broadcast (ts=0x0, queue=0) at /usr/src/sys/kern/subr_turnstile.c:836 #8 0xffffffff801fa3d6 in _mtx_unlock_sleep (m=0xffffffff805aa180, opts=Variable "opts" is not available. ) at /usr/src/sys/kern/kern_mutex.c:619 #9 0xffffffff801fa6d3 in unlock_mtx (lock=0x0) at /usr/src/sys/kern/kern_mutex.c:158 #10 0xffffffff8020d760 in _sleep (ident=0x0, lock=0xffffffff805aa180, priority=256, wmesg=0xffffffff80815847 "sgread", timo=0) at /usr/src/sys/kern/kern_synch.c:185 #11 0xffffffff8080e4a9 in sgread (dev=Variable "dev" is not available. ) at /usr/src/sys/modules/cam/../../cam/scsi/scsi_sg.c:798 #12 0xffffffff801d116f in giant_read (dev=0xffffff0003038800, uio=0xffffffffaf32fb20, ioflag=0) at /usr/src/sys/kern/kern_conf.c:424 #13 0xffffffff80199f4c in devfs_read_f (fp=0xffffff003bbc4e00, uio=0xffffffffaf32fb20, cred=Variable "cred" is not available. ) at /usr/src/sys/fs/devfs/devfs_vnops.c:1000 #14 0xffffffff8023ab8f in dofileread (td=0xffffff0026618370, fd=4, fp=0xffffff003bbc4e00, auio=0xffffffffaf32fb20, offset=Variable "offset" is not available. ) at file.h:244 #15 0xffffffff8023ae58 in kern_readv (td=0xffffff0026618370, fd=4, auio=0xffffffffaf32fb20) at /usr/src/sys/kern/sys_generic.c:192 #16 0xffffffff8023af18 in read (td=Variable "td" is not available. ) at /usr/src/sys/kern/sys_generic.c:108 #17 0xffffffff803e99bc in syscall (frame=0xffffffffaf32fc80) at /usr/src/sys/amd64/amd64/trap.c:907 #18 0xffffffff803d0d6b in Xfast_syscall () at /usr/src/sys/amd64/amd64/exception.S:330 #19 0x0000000800cf03dc in ?? () Previous frame inner to this frame (corrupt stack?) (kgdb) quit >How-To-Repeat: The system was built with CPUTYPE?=core2, the whole base and all ports. Just run hald and add a USB storage device and it all blows up. >Fix: >Release-Note: >Audit-Trail: From: Thomas Quinot To: Dominic Fandrey Cc: bug-followup@FreeBSD.org Subject: Re: kern/131032: hald causing panic in atapicam Date: Tue, 27 Jan 2009 10:52:18 +0100 --IJpNTDwzlM2Ie8A6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Can you clarify why you think this panic is related to ATAPI/CAM at all? The backtrace you show does not give any indication that ATAPI/CAM is involved, which is expected since you are using USB devices, not ATA. Thomas. --IJpNTDwzlM2Ie8A6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFJftlRAE1UuDk9JGkRAsEvAJ0RPYcNIMrttuWGJLwQnXESqdVDtwCgg9LW NsWptHHly5mP15SEagViMww= =n8lp -----END PGP SIGNATURE----- --IJpNTDwzlM2Ie8A6-- From: Dominic Fandrey To: Thomas Quinot Cc: bug-followup@FreeBSD.org Subject: Re: kern/131032: hald causing panic in atapicam Date: Tue, 27 Jan 2009 11:15:12 +0100 It's that line. I don't think it's supposed to be there: at /usr/src/sys/modules/cam/../../cam/scsi/scsi_sg.c:798 As you said atapicam shouldn't be involved at all, so why is an atapicam funtion doing a giant-locked read? From: Thomas Quinot To: Dominic Fandrey Cc: bug-followup@FreeBSD.org Subject: Re: kern/131032: hald causing panic in atapicam Date: Tue, 27 Jan 2009 11:24:56 +0100 --+HP7ph2BbKc20aGI Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Dominic Fandrey, 2009-01-27 : > It's that line. I don't think it's supposed to be there: > at /usr/src/sys/modules/cam/../../cam/scsi/scsi_sg.c:798 This module is part of the generic CAM layer, which sits *above* the various SCSI transport modules (e.g. ATAPI/CAM and umass). It is *not* part of ATAPI/CAM, and it is fully expected that this generic code is involved when using umass devices. > As you said atapicam shouldn't be involved at all, so why > is an atapicam funtion doing a giant-locked read? This is *not* an ATAPI/CAM function. Thomas. --+HP7ph2BbKc20aGI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFJfuD3AE1UuDk9JGkRArfzAJ40+tGYYhnKVrMXsylS8A+DlKf9zQCfSplb rJUMrfZuXgDv0eyrT4tJK38= =hM6J -----END PGP SIGNATURE----- --+HP7ph2BbKc20aGI-- Responsible-Changed-From-To: freebsd-bugs->freebsd-scsi Responsible-Changed-By: thomas Responsible-Changed-When: Tue Jan 27 10:39:49 UTC 2009 Responsible-Changed-Why: Problem isn't in ATAPI/CAM, might be in generic SCSI code, over to SCSI maintainers for futher assessment. http://www.freebsd.org/cgi/query-pr.cgi?pr=131032 From: Dominic Fandrey To: Thomas Quinot Cc: bug-followup@FreeBSD.org, scottl@freebsd.org Subject: Re: kern/131032: hald causing panic in atapicam Date: Tue, 27 Jan 2009 11:31:49 +0100 OK, so thanks for clarifying that. It doesn't get me rid of the panic, though. So I assume I should CC someone involved with SCSI. Regards From: Thomas Quinot To: Dominic Fandrey Cc: bug-followup@FreeBSD.org, scottl@freebsd.org Subject: Re: kern/131032: hald causing panic in atapicam Date: Tue, 27 Jan 2009 11:43:43 +0100 --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Right. I've reassigned this PR to freebsd-scsi for now. Thomas. --PEIAKu/WMn1b1Hv9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (FreeBSD) iD8DBQFJfuVeAE1UuDk9JGkRAmjeAJ0Vbdu5N4nYOyW+8X/YWKH13SECgwCeIs58 awVynC6xudEplaN7GXcClX4= =4kws -----END PGP SIGNATURE----- --PEIAKu/WMn1b1Hv9-- From: Dominic Fandrey To: bug-followup@FreeBSD.org, kamikaze@bsdforen.de Cc: Subject: Re: kern/131032: [panic] hald causing panic in scsi_sg Date: Tue, 17 Feb 2009 10:35:17 +0100 I wonder how HAL manages to start this panic. It doesn't have the rights to access any SCSI device. I did a # su -m haldaemon and tried read operations on all da*, cd*, xpt* and pass* devices. And all I ever received was: Permission denied So how doe HAL go about accessing things it must not? This looks like a major breech of security to me. From: Dominic Fandrey To: bug-followup@FreeBSD.org, kamikaze@bsdforen.de Cc: Subject: Re: kern/131032: [panic] hald causing panic in scsi_sg Date: Fri, 03 Jul 2009 09:19:48 +0200 Request close. The panic is gone. State-Changed-From-To: open->closed State-Changed-By: bsam State-Changed-When: Wed Dec 9 11:33:34 UTC 2009 State-Changed-Why: Closed per submitters request since the problem he observed vanished. http://www.freebsd.org/cgi/query-pr.cgi?pr=131032 >Unformatted: