Date: Thu, 17 Sep 1998 23:56:58 +0200 From: Tor.Egge@fast.no To: freebsd-scsi@FreeBSD.ORG Subject: aic7xxx.c: Fatal trap 12: page fault while in kernel mode Message-ID: <199809172156.XAA20501@midten.fast.no>
next in thread | raw e-mail | index | archive | help
With target mode disabled and 255 scbs available, scb index
TARGET_CMD_CMPLT (0xfe) is used for normal commands. Unfortunately,
ahc_intr does not check for target mode being enabled when the scb index
is TARGET_CMD_CMPLT.
A suggested fix is appended.
------
ahc0: <Adaptec aic7890/91 Ultra2 SCSI adapter> rev 0x00 int a irq 19 on pci0.6.0
ahc0: aic7890/91 Wide Channel A, SCSI Id=7, 16/255 SCBs
[..snip..]
(da2:ahc0:0:2:0): tagged openings now 63
(da0:ahc0:0:0:0): tagged openings now 63
(da0:ahc0:0:0:0): tagged openings now 49
(da1:ahc0:0:1:0): tagged openings now 62
(da2:ahc0:0:2:0): tagged openings now 62
(da3:ahc0:0:3:0): tagged openings now 63
(da3:ahc0:0:3:0): tagged openings now 62
(da4:ahc0:0:4:0): tagged openings now 57
(da1:ahc0:0:1:0): tagged openings now 53
(da5:ahc0:0:5:0): tagged openings now 60
(da2:ahc0:0:2:0): tagged openings now 58
Fatal trap 12: page fault while in kernel mode
mp_lock = 00000002; cpuid = 0; lapic.id = 01000000
fault virtual address = 0x0
fault code = supervisor read, page not present
instruction pointer = 0x8:0xe0117577
stack pointer = 0x10:0xff806f60
frame pointer = 0x10:0xff806f78
code segment = base 0x0, limit 0xfffff, type 0x1b
= DPL 0, pres 1, def32 1, gran 1
processor eflags = interrupt enabled, resume, IOPL = 0
current process = Idle
interrupt mask = cam <- SMP: XXX
kernel: type 12 trap, code=0
Stopped at _ahc_handle_target_cmd+0x3f: movb 0(%ecx),%al
db> trace
_ahc_handle_target_cmd(e1b60000) at _ahc_handle_target_cmd+0x3f
_ahc_intr(e1b60000,cc080000,0,6,0) at _ahc_intr+0xd5
_intr_mux(e115af60,0,e01e0010,10,0) at _intr_mux+0x1d
Xresume19() at Xresume19+0x51
--- interrupt, eip = 0xe01f4f60, esp = 0xff806ff0, ebp = 0 ---
_default_halt() at _default_halt
db> panic
panic: from debugger
mp_lock = 00000002; cpuid = 0; lapic.id = 01000000
Debugger("panic")
Stopped at _ahc_handle_target_cmd+0x3f: movb 0(%ecx),%al
db> panic
panic: from debugger
mp_lock = 00000003; cpuid = 0; lapic.id = 01000000
boot() called on cpu#0
Automatic reboot in 15 seconds - press a key on the console to abort
Rebooting...
cpu_reset called on cpu#0
------
Index: aic7xxx.c
===================================================================
RCS file: /home/ncvs/src/sys/dev/aic7xxx/aic7xxx.c,v
retrieving revision 1.2
diff -u -r1.2 aic7xxx.c
--- aic7xxx.c 1998/09/16 03:26:10 1.2
+++ aic7xxx.c 1998/09/17 21:15:47
@@ -961,7 +961,8 @@
scb_index = ahc->qoutfifo[ahc->qoutfifonext];
ahc->qoutfifo[ahc->qoutfifonext++] = SCB_LIST_NULL;
- if (scb_index == TARGET_CMD_CMPLT) {
+ if (scb_index == TARGET_CMD_CMPLT &&
+ (ahc->flags & AHC_TARGETMODE) != 0) {
ahc_handle_target_cmd(ahc);
continue;
}
- Tor Egge
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-scsi" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809172156.XAA20501>