NetBSD Problem Report #42374
From buhrow@lothlorien.nfbcal.org Wed Nov 25 08:43:03 2009
Return-Path: <buhrow@lothlorien.nfbcal.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id 7F33763B8B4
for <gnats-bugs@gnats.NetBSD.org>; Wed, 25 Nov 2009 08:43:03 +0000 (UTC)
Message-Id: <200911250843.nAP8h2Zk002472@lothlorien.nfbcal.org>
Date: Wed, 25 Nov 2009 00:43:02 -0800 (PST)
From: buhrow@lothlorien.nfbcal.org
Reply-To: buhrow@lothlorien.nfbcal.org
To: gnats-bugs@gnats.NetBSD.org
Subject: The fdc driver panics the system when it's attached using the pnpbios.
X-Send-Pr-Version: 3.95
>Number: 42374
>Category: kern
>Synopsis: The fdc driver panics the system when it's attached using the pnpbios.
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: kern-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Nov 25 08:45:00 +0000 2009
>Closed-Date: Thu Dec 03 10:19:24 +0000 2009
>Last-Modified: Thu Dec 03 10:19:24 +0000 2009
>Originator: Brian Buhrow
>Release: NetBSD 5.0 and later
>Organization:
>Environment:
>Description:
When the fdc(4) driver tries to attach via the pnpbios, it panics the
system with a NULL pointer reference.
Here is a trace:
[... starts with dmesg output, clipped to the relevant part]
lpt3 at pnpbios0 index 3 (PNP0400)
lpt3: io 378-37f 778-77f, irq 7
fdc1 at pnpbios0 index 4 (PNP0700)
fdc1: io 3f0-3f5, irq 6, DMA 2
fdc1: ctl io 3f7 didn't probe. Forced attach
uvm_fault(0xc0ac3580, 0, 2) -> 0xe
fatal page fault in supervisor mode
trap type 6 code 2 eip c0414ae6 cs 8 eflags 10246 cr2 80 ilevel 8
kernel: supervisor trap page fault, code=0
Stopped in pid 0.1 (system) at netbsd:device_pmf_driver_register+0x56: movl %
ebx,0x80(%esi)
db{0}> bt
device_pmf_driver_register(0,c0658d50,c0657d90,0,c0ab33d8,cb7d7484,c0bd59b8,c065
8d0b,0,c0658d50) at netbsd:device_pmf_driver_register+0x56
pmf_device_register1(0,c0658d50,c0657d90,0,cb7d7484,cb7d7484,c0bd59f8,c070366a,c
b7d7484,6) at netbsd:pmf_device_register1+0x27
fdcattach(cb7d7484,6,2,6,c0657bb0,cb7d7484,cb517ed0,c0700f38,198b5cd,3f0) at net
bsd:fdcattach+0x12b
fdc_pnpbios_attach(cb517eb4,cb7d754c,c0bd5b08,c0bd5a60,c0bd5b08,c0a18c60,cb7d754
c,cb1a6a14,c0bd5b08,0) at netbsd:fdc_pnpbios_attach+0x1ca
config_attach_loc(cb517eb4,c0a0a448,c0bd5a60,c0bd5b08,c0700ec0,c0414f30,c0bd5b28
,c04224e6,c09adc96,3) at netbsd:config_attach_loc+0x163
pnpbios_attachchild(0,cb517ed0,2,0,0,4,cb1a6a14,64,0,0) at netbsd:pnpbios_attach
child+0x77
pnpbios_attachnode(3f,0,1,1b,0,1,0,c0a0af40,cb1cdee0,cb1a6a14) at netbsd:pnpbios
_attachnode+0x24e
pnpbios_attach(cb517bac,cb517eb4,c0bd5c0c,0,c0bd5c0c,c0bd5bc4,cb517eb4,0,0,0) at
netbsd:pnpbios_attach+0x403
config_attach_loc(cb517bac,c0a0ad90,0,c0bd5c0c,0,0,c0bd5c58,c04fb2b5,cb517bac,c0
9707b4) at netbsd:config_attach_loc+0x163
config_found_ia(cb517bac,c09707b4,c0bd5c0c,0,cb1cef64,c0bd5c0c,0,c0ae8ec0,c0a9df
34,c0972ab2) at netbsd:config_found_ia+0x32
mainbus_attach(0,cb517bac,0,c04150ae,c096fbc4,c096fbc4,cb517bac,0,c096fbc4,bda00
0) at netbsd:mainbus_attach+0x2e5
config_attach_loc(0,c0a094e8,0,0,0,bda000,c0bd5cc8,c0416674,0,c0a094e8) at netbs
d:config_attach_loc+0x163
config_attach(0,c0a094e8,0,0,c0bd3010,bd3000,c0bd5ce8,c04c409d,c096fbc4,0) at ne
tbsd:config_attach+0x2c
config_rootfound(c096fbc4,0,c0bd5ce8,c0416945,c0ac5860,c0bd3010,c0bd5d38,c03dca0
f,c0aafa40,a) at netbsd:config_rootfound+0x44
cpu_configure(c0aafa40,a,14,f9300,0,0,0,0,0,0) at netbsd:cpu_configure+0x2d
main(0,c01002a7,0,0,0,0,0,0,0,0) at netbsd:main+0x1af
db{0}> sync
ACPI Error (hwacpi-0156): No SMI_CMD in FADT, mode transition failed [20080321]
ACPI Error (evxfevnt-0221): Could not exit ACPI mode to legacy mode [20080321]
The operating system has halted.
Please press any key to reboot.
rebooting...
>How-To-Repeat:
Build an I386 kernel with the pnpbios enabled and uncomment the fdc
attachment to the pnpbios in the config file.
i.e.
Make sure the following two lines appear in your config:
pnpbios* at mainbus?
fdc* at pnpbios? index ? # floppy controller
Then, boot the kernel without acpi enabled, as the acpi attachment
will take precedence over the pnpbios attachment.
>Fix:
The following patch fixes the problem. I imagine this applies to -current
as well as 5.x, so if it could be fixed in both places, that would be
great.
-thanks
-Brian
Index: fdc_pnpbios.c
===================================================================
RCS file: /cvsroot/src/sys/arch/i386/pnpbios/fdc_pnpbios.c,v
retrieving revision 1.14
diff -u -r1.14 fdc_pnpbios.c
--- fdc_pnpbios.c 28 Apr 2008 20:23:25 -0000 1.14
+++ fdc_pnpbios.c 25 Nov 2009 08:21:28 -0000
@@ -93,6 +93,7 @@
aprint_normal("\n");
fdc->sc_ic = aa->ic;
+ fdc->sc_dev = self;
if (pnpbios_io_map(aa->pbt, aa->resc, 0, &fdc->sc_iot,
&pdc->sc_baseioh)) {
Here's what the correct probe/attachment should look like:
[ ... again, dmesg trimmed for relevants...]
lpt3 at pnpbios0 index 3 (PNP0400)
lpt3: io 378-37f 778-77f, irq 7
fdc1 at pnpbios0 index 4 (PNP0700)
fdc1: io 3f0-3f5, irq 6, DMA 2
fdc1: ctl io 3f7 didn't probe. Forced attach
pckbc1 at pnpbios0 index 5 (PNP0F13): aux port
PNP0A03 (io cf8-cff) at pnpbios0 index 6 ignored
...
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->pending-pullups
State-Changed-By: cube@NetBSD.org
State-Changed-When: Wed, 25 Nov 2009 13:20:23 +0000
State-Changed-Why:
Patch applied, pull-up request sent.
From: Quentin Garnier <cube@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/42374 CVS commit: src/sys/arch/i386/pnpbios
Date: Wed, 25 Nov 2009 13:15:17 +0000
Module Name: src
Committed By: cube
Date: Wed Nov 25 13:15:17 UTC 2009
Modified Files:
src/sys/arch/i386/pnpbios: fdc_pnpbios.c
Log Message:
Properly fix fdc@pnpbios as shown by Brian Buhrow in PR#42374.
I think it tells a lot about the relevancy of that attachment when it took
20 months for someone to experience the issue and even then, acpi had to be
disabled.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.15 src/sys/arch/i386/pnpbios/fdc_pnpbios.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Soren Jacobsen <snj@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/42374 CVS commit: [netbsd-5] src/sys/arch/i386/pnpbios
Date: Tue, 1 Dec 2009 19:37:03 +0000
Module Name: src
Committed By: snj
Date: Tue Dec 1 19:37:03 UTC 2009
Modified Files:
src/sys/arch/i386/pnpbios [netbsd-5]: fdc_pnpbios.c
Log Message:
Pull up following revision(s) (requested by cube in ticket #1161):
sys/arch/i386/pnpbios/fdc_pnpbios.c: revision 1.15
Properly fix fdc@pnpbios as shown by Brian Buhrow in PR#42374.
I think it tells a lot about the relevancy of that attachment when it took
20 months for someone to experience the issue and even then, acpi had to be
disabled.
To generate a diff of this commit:
cvs rdiff -u -r1.14 -r1.14.10.1 src/sys/arch/i386/pnpbios/fdc_pnpbios.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: pending-pullups->closed
State-Changed-By: snj@NetBSD.org
State-Changed-When: Thu, 03 Dec 2009 10:19:24 +0000
State-Changed-Why:
Pulled up.
>Unformatted:
When the fdc driver attaches via the pnpbios under NetBSD-5, it panics the system with a NULL pointer reference.
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home