On Tue, 29 Jun 2004, Brian Fundakowski Feldman wrote: > I've found and fixed several problems in ata/acd/atapicam locally, but > I've identified several more. Of note, here are the simple ones. The > first one is the most important! > > 1. ATAPI devices come up in an inconsistent state sometimes. Issuing > an ATAPI reset seems to fix this completely; normally I would see, > most of the time, these messages: > acd0: MODE_SENSE_BIG trying to write on read buffer > acd0: timeout waiting for ATAPI ready > acd0: unknown transfer phase 0x1:0x50 > acd0: timeout waiting for ATAPI ready > <lock-up or crash> > 2. Unknown transfer phase what? The old message was very undescriptive. > 3. If using ATAPICAM and the attach fails, it'll crash due to freeing > in-flight CCBs out from underneath. [not fixed] > 4. If not using ATAPICAM, the timeout() function is set and never > reset after each "timeout waiting for ATAPI ready". I made it > untimeout() immediately if that happens, and things are much > smoother (at least without ATAPICAM, when failing to attach an > acd device). > 5. An acd device finishes attaching before GEOM has fully attached to it. > 6. Detachment is done at the wrong places, so generally requests are > still queued to a dying device. > > There are still lots of detachment issues and furthermore I don't think > that my computer won't lock up when trying to rip one of my new CDs, but > this is a huge improvement, so see if it helps your problems with ATAPI > CD/DVD drives in current. I've tested your patch on my T40, against -CURRENT cvsup'ed on Jul-01-2004; however, the GENERIC kernel still crashed with "Memory modified after free 0xc1740a00(508) val=1000100 _at_ 0xc1740a00" during booting(hw.ata.atapi_dma=0). It's interested that the crash only takes place when booting with a GENERIC kernel, a custom kernel(verbose booting dmesg is available for reference at http://www.mmlab.cse.yzu.edu.tw/~avatar/dmesg-ata.txt) never ran into this. /usr/home/avatar# gdb -k sys/i386/compile/GENERIC/kernel.debug GNU gdb 5.2.1 (FreeBSD) Copyright 2002 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-unknown-freebsd"... (kgdb) target remote:8080 Remote debugging using :8080 0xc07322d2 in mtrash_ctor (mem=0xc161bc00, size=-1056882688, arg=0x0) at ../../../vm/uma_dbg.c:137 137 panic("Most recently used by %s\n", (*ksp == NULL)? warning: Unable to find dynamic linker breakpoint function. GDB will be unable to debug shared library initializers and track explicitly loaded dynamic code. warning: shared library handler failed to enable breakpoint (kgdb) bt #0 0xc07322d2 in mtrash_ctor (mem=0xc161bc00, size=-1056882688, arg=0x0) at ../../../vm/uma_dbg.c:137 #1 0xc0730d50 in uma_zalloc_arg (zone=0xc10359a0, udata=0x0, flags=1) at ../../../vm/uma_core.c:1652 #2 0xc05e4f0a in malloc (size=3238288352, type=0xc0800260, flags=1) at uma.h:270 #3 0xc04b0c18 in ata_getparam (atadev=0xc15c04a8, command=161 '¡') at ../../../dev/ata/ata-all.c:563 #4 0xc04b0f0e in ata_identify_devices (ch=0xc15c0400) at ../../../dev/ata/ata-all.c:673 #5 0xc04b107b in ata_boot_attach () at ../../../dev/ata/ata-all.c:728 #6 0xc05fe1c0 in run_interrupt_driven_config_hooks (dummy=0x0) at ../../../kern/subr_autoconf.c:67 #7 0xc05cd2ee in mi_startup () at ../../../kern/init_main.c:212 (kgdb) up #1 0xc0730d50 in uma_zalloc_arg (zone=0xc10359a0, udata=0x0, flags=1) at ../../../vm/uma_core.c:1652 1652 zone->uz_ctor(item,zone->uz_keg->uk_size,udata); (kgdb) l 1647 uma_dbg_alloc(zone, NULL, item); 1648 ZONE_UNLOCK(zone); 1649 #endif 1650 CPU_UNLOCK(cpu); 1651 if (zone->uz_ctor) 1652 zone->uz_ctor(item,zone->uz_keg->uk_size,udata); 1653 if (flags & M_ZERO) 1654 bzero(item, zone->uz_keg->uk_size); 1655 return (item); 1656 } else if (cache->uc_freebucket) { (kgdb) directory /home/avatar/sys/vm/ Source directories searched: /home/avatar/sys/vm:$cdir:$cwd (kgdb) f 2 #2 0xc05e4f0a in malloc (size=3238288352, type=0xc0800260, flags=1) at uma.h:270 270 return uma_zalloc_arg(zone, NULL, flags); (kgdb) l 265 static __inline void *uma_zalloc(uma_zone_t zone, int flags); 266 267 static __inline void * 268 uma_zalloc(uma_zone_t zone, int flags) 269 { 270 return uma_zalloc_arg(zone, NULL, flags); 271 } 272 273 /* 274 * Frees an item back into the specified zone. (kgdb) up #3 0xc04b0c18 in ata_getparam (atadev=0xc15c04a8, command=161 '¡') at ../../../dev/ata/ata-all.c:563 563 atadev->param = malloc(sizeof(struct ata_params), M_ATA, M_NOWAIT); (kgdb) l 555 */ 556 static int 557 ata_getparam(struct ata_device *atadev, u_int8_t command) 558 { 559 struct ata_request *request; 560 int error = ENOMEM; 561 562 if (!atadev->param) 563 atadev->param = malloc(sizeof(struct ata_params), M_ATA, M_NOWAIT); 564 if (atadev->param) { (kgdb) up #4 0xc04b0f0e in ata_identify_devices (ch=0xc15c0400) at ../../../dev/ata/ata-all.c:673 673 if (ata_getparam(&ch->device[MASTER], ATA_ATAPI_IDENTIFY)) (kgdb) l 668 else 669 ch->device[MASTER].attach = ad_attach; 670 #endif 671 } 672 if (ch->devices & ATA_ATAPI_MASTER) { 673 if (ata_getparam(&ch->device[MASTER], ATA_ATAPI_IDENTIFY)) 674 ch->devices &= ~ATA_ATAPI_MASTER; 675 else { 676 switch (ch->device[MASTER].param->config & ATA_ATAPI_TYPE_MASK) { 677 #ifdef DEV_ATAPICD (kgdb) up #5 0xc04b107b in ata_boot_attach () at ../../../dev/ata/ata-all.c:728 728 ata_identify_devices(ch); (kgdb) l 723 * the delays probing of non-exsistent devices can cause. 724 */ 725 for (ctlr=0; ctlr<devclass_get_maxunit(ata_devclass); ctlr++) { 726 if (!(ch = devclass_get_softc(ata_devclass, ctlr))) 727 continue; 728 ata_identify_devices(ch); 729 if (ch->device[MASTER].attach) 730 ch->device[MASTER].attach(&ch->device[MASTER]); 731 if (ch->device[SLAVE].attach) 732 ch->device[SLAVE].attach(&ch->device[SLAVE]); (kgdb) up #6 0xc05fe1c0 in run_interrupt_driven_config_hooks (dummy=0x0) at ../../../kern/subr_autoconf.c:67 67 (*hook_entry->ich_func)(hook_entry->ich_arg); (kgdb) l 62 63 for (hook_entry = TAILQ_FIRST(&intr_config_hook_list); 64 hook_entry != NULL; 65 hook_entry = next_entry) { 66 next_entry = TAILQ_NEXT(hook_entry, ich_links); 67 (*hook_entry->ich_func)(hook_entry->ich_arg); 68 } 69 70 while (!TAILQ_EMPTY(&intr_config_hook_list)) { 71 tsleep(&intr_config_hook_list, PCONFIG, "conifhk", 0); (kgdb) up #7 0xc05cd2ee in mi_startup () at ../../../kern/init_main.c:212 212 (*((*sipp)->func))((*sipp)->udata); (kgdb) l 207 208 if ((*sipp)->subsystem == SI_SUB_DONE) 209 continue; 210 211 /* Call function */ 212 (*((*sipp)->func))((*sipp)->udata); 213 214 /* Check off the one we're just done */ 215 (*sipp)->subsystem = SI_SUB_DONE; 216 (kgdb) next Can't send signals to this remote system. SIGSEGV not sent. Program received signal SIGSEGV, Segmentation fault. 0xc07322d2 in mtrash_ctor (mem=0xc161bc00, size=-1056882688, arg=0x0) at ../../../vm/uma_dbg.c:137 137 panic("Most recently used by %s\n", (*ksp == NULL)? (kgdb) l 132 133 for (p = mem; cnt > 0; cnt--, p++) 134 if (*p != uma_junk) { 135 printf("Memory modified after free %p(%d) val=%x _at_ %p\n", 136 mem, size, *p, p); 137 panic("Most recently used by %s\n", (*ksp == NULL)? 138 "none" : (*ksp)->ks_shortdesc); 139 } 140 } 141 (kgdb) jump 140 Continuing at 0xc07322f0. > > cvs diff: Diffing . > Index: ata-all.c [patch snipped]Received on Fri Jul 02 2004 - 14:44:23 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:00 UTC