Date: Mon, 28 May 2001 00:25:45 +0200 From: Jesper Skriver <jesper@FreeBSD.org> To: FreeBSD-gnats-submit@FreeBSD.org Cc: Jesper Skriver <jesper@FreeBSD.org> Subject: kern/27694: Panic in csa(4) Message-ID: <20010528002545.A15786@skriver.dk>
next in thread | raw e-mail | index | archive | help
>Number: 27694
>Category: kern
>Synopsis: Panic in csa(4)
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun May 27 15:30:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator: Jesper Skriver
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD tam 5.0-CURRENT FreeBSD 5.0-CURRENT #4: Sat May 26 20:54:27 CEST 2001 root@tam:/usr/obj/usr/src/sys/TAM2 i386
>Description:
About every other time I boot my IBM ThinkPad 600E I get this panic
(hand typed, as I don't have a second machine here to be able to use a
serial console).
Fatal trap 12: page fault while in kernel mode
Fault virtual address = 0x28
Fault code = supervisor read, page not present
instruction pointer = 0x8:0xc0159bd3
stack pointer = 0x10:0xc5e3ef44
frame pointer = 0x10:0xc5e3ef48
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def21 1, gran 1
processor eflags = interrupt enabled, resume, IOPL=0
current process = 16 (irq11: pccbb0+++)
kernel: type 12 trap, code=0
Stopped at csa_readio+0x17: movl 0x28(%eax),%edx
db> trace
csa_readio(c0d0c804,0,c0d0c700,c0d1f400,4) at csa_readio+0x17
csa_intr(c0d0c800) at csa_intr+0x14
ithread_loop(c0d1f400,c5e3efa0) at ithread_loop+0x23f
fork_exit(c018dd20,c0d1f400,c4e2efa8) at fork_exit+0x59
fork_trampoline() at fork_trampoline+0x8
When I see this, I just power it off, and boot again, and usually it
will boot.
(kgdb) l *csa_readio+0x17
0xc0159cd3 is in csa_readio (machine/bus_at386.h:205).
200 }
201
202 static __inline u_int32_t
203 bus_space_read_4(bus_space_tag_t tag, bus_space_handle_t handle,
204 bus_size_t offset)
205 {
206 #if defined(_I386_BUS_PIO_H_)
207 #if defined(_I386_BUS_MEMIO_H_)
208 if (tag == I386_BUS_SPACE_IO)
209 #endif
(kgdb) l *csa_intr+0x14
0xc015a5ec is in csa_intr (/usr/src/sys/dev/sound/pci/csapcm.c:685).
680 csa_intr (void *p)
681 {
682 struct csa_info *csa = p;
683
684 if ((csa->binfo->hisr & HISR_VC0) != 0)
685 chn_intr(csa->pch.channel);
686 if ((csa->binfo->hisr & HISR_VC1) != 0)
687 chn_intr(csa->rch.channel);
688 }
689
(kgdb) l *ithread_loop+0x23f
0xc018e077 is in ithread_loop (/usr/src/sys/kern/kern_intr.c:518).
513 free(ih, M_ITHREAD);
514 mtx_unlock(&Giant);
515 goto restart;
516 }
517 ih->ih_handler(ih->ih_argument);
518 if ((ih->ih_flags & IH_MPSAFE) == 0)
519 mtx_unlock(&Giant);
520 }
521 }
522
(kgdb) l *fork_exit+0x59
0xc018d221 is in fork_exit (/usr/src/sys/kern/kern_fork.c:737).
732
733 /*
734 * Check if a kernel thread misbehaved and returned from its main
735 * function.
736 */
737 PROC_LOCK(p);
738 if (p->p_flag & P_KTHREAD) {
739 PROC_UNLOCK(p);
740 mtx_lock(&Giant);
741 printf("Kernel thread \"%s\" (pid %d) exited prematurely.\n",
(kgdb) l *fork_trampoline+0x8
No source file for address 0xc0299f6c.
looking in src/sys/dev/sound/pci/csa.c at the csa_readio() function,
bus_space_read_4() is called once:
if (offset < BA0_AC97_RESET)
return bus_space_read_4(rman_get_bustag(resp->io), rman_get_bushandle(resp->io), offset) & 0xffffffff;
else {
if (csa_readcodec(resp, offset, &ul))
ul = 0;
return (ul);
}
So it's probably where it goes wrong, any idea why ?
>How-To-Repeat:
I can reproduce relative easy, but it could be related to my specific HW.
>Fix:
None known.
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010528002545.A15786>