Re: kernel BUG at ide-cd.c:1726 in 2.6.24-03863-g0ba6c33 &&-g8561b089
From: Kiyoshi Ueda
Date: Tue Jan 29 2008 - 15:15:10 EST
Hi,
Sorry for the inconvenience.
I can't reproduce this bug on my test environment.
So please give me more information below to find what's wrong.
On Tue, 29 Jan 2008 22:01:45 +0800, Nai Xia wrote:
> Hi,
>
> Build environment: debian sid, gcc-4.2.3, i386.
>
> The bug is in lately git-pull from
>
> git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
>
> And it can be reproduced very easily on a machine with normal cdroms.
> It halts booting and I grabbed the bug output with an serial console.
>
> Code around the bug is:
>
> /*
> * If DRQ is clear, the command has completed.
> */
> if ((stat & DRQ_STAT) == 0) {
> spin_lock_irqsave(&ide_lock, flags);
> if (__blk_end_request(rq, 0, 0))
> BUG(); // Here comes the bug !
> HWGROUP(drive)->rq = NULL;
> spin_unlock_irqrestore(&ide_lock, flags);
>
> return ide_stopped;
> }
>
> [ 6.964356] kernel BUG at drivers/ide/ide-cd.c:1726!
> [ 6.964435] invalid opcode: 0000 [#1] PREEMPT SMP
> [ 6.964435] Modules linked in:
> [ 6.964435]
> [ 6.964435] Pid: 1138, comm: scsi_id Not tainted (2.6.24-g8561b089 #19)
> [ 6.964435] EIP: 0060:[<c03edf9c>] EFLAGS: 00010002 CPU: 0
> [ 6.964435] EIP is at cdrom_newpc_intr+0x2bc/0x2c0
> [ 6.964435] EAX: 00000001 EBX: 00000002 ECX: 00000001 EDX: 00000001
> [ 6.964435] ESI: 00000003 EDI: cf0144d8 EBP: c07a3c58 ESP: cf2b59a8
> [ 6.964435] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
> [ 6.964435] Process scsi_id (pid: 1138, ti=cf2b4000 task=cf8856b0 task.ti=cf2b4000)
> [ 6.964435] Stack: 00000202 00000002 c0778e80 c0133b57 0000009e 00000000 cf009c00 00000050
> [ 6.964435] 0000000f c07a3c00 cf009c00 c07a3c58 c03df2c9 00000000 00000000 00000000
> [ 6.964435] 00000000 00000000 00000202 c03edce0 cfbcbb60 00000000 00000000 0000000f
> [ 6.964435] Call Trace:
> [ 6.964435] [<c0133b57>] lock_timer_base+0x27/0x60
> [ 6.964435] [<c03df2c9>] ide_intr+0xa9/0x200
> [ 6.964435] [<c03edce0>] cdrom_newpc_intr+0x0/0x2c0
> [ 6.964435] [<c01503d5>] handle_IRQ_event+0x25/0x50
> [ 6.964435] [<c01517d9>] handle_edge_irq+0xb9/0x120
> [ 6.964435] [<c010687b>] do_IRQ+0x3b/0x70
> [ 6.964435] [<c0104df3>] common_interrupt+0x23/0x28
> [ 6.964435] [<c03dfa88>] ide_outsw+0x8/0x10
> [ 6.964435] [<c03e0ae4>] ata_output_data+0x84/0x90
> [ 6.964435] [<c03dfe07>] atapi_output_bytes+0x27/0x60
> [ 6.964435] [<c03ee2f8>] cdrom_transfer_packet_command+0x98/0x110
> [ 6.964435] [<c03eafb0>] cdrom_timer_expiry+0x0/0x60
> [ 6.964435] [<c03ecd8b>] cdrom_start_packet_command+0x10b/0x130
> [ 6.964435] [<c03ee370>] cdrom_do_newpc_cont+0x0/0x30
> [ 6.964435] [<c03deb96>] ide_do_request+0x426/0x990
> [ 6.964435] [<c0133ee7>] del_timer+0x57/0x70
> [ 6.964435] [<c0321ae6>] blk_remove_plug+0x26/0x60
> [ 6.964435] [<c031db95>] elv_drain_elevator+0x15/0x60
> [ 6.964435] [<c031e6d8>] elv_insert+0xd8/0x170
> [ 6.964435] [<c0321ba4>] blk_execute_rq_nowait+0x54/0xa0
> [ 6.964435] [<c0321c70>] blk_execute_rq+0x80/0xf0
> [ 6.964435] [<c0320a10>] blk_end_sync_rq+0x0/0x30
> [ 6.964435] [<c019b563>] bio_add_pc_page+0x23/0x30
> [ 6.964435] [<c0320c06>] blk_rq_bio_prep+0x96/0xb0
> [ 6.964435] [<c0320f0c>] blk_rq_append_bio+0x1c/0x70
> [ 6.964435] [<c03210f2>] blk_rq_map_user+0x122/0x1a0
> [ 6.964435] [<c032577e>] sg_io+0x1be/0x320
> [ 6.964435] [<c0325bdc>] scsi_cmd_ioctl+0x2fc/0x430
> [ 6.964435] [<c03ec9a0>] idecd_revalidate_disk+0x10/0x20
> [ 6.964435] [<c01794d9>] get_super+0x99/0xa0
> [ 6.964435] [<c019c329>] __invalidate_device+0x39/0x50
> [ 6.964435] [<c047d0b7>] cdrom_ioctl+0x37/0xe20
> [ 6.964435] [<c01886c6>] __d_lookup+0x146/0x160
> [ 6.964435] [<c03eb6ed>] idecd_ioctl+0x17d/0x190
> [ 6.964435] [<c01804bf>] __link_path_walk+0xa1f/0xd50
> [ 6.964435] [<c032366d>] blkdev_driver_ioctl+0x6d/0x80
> [ 6.964435] [<c032390e>] blkdev_ioctl+0x28e/0x810
> [ 6.964435] [<c032bd9f>] kobject_get+0xf/0x20
> [ 6.964435] [<c0324169>] get_disk+0x29/0xa0
> [ 6.964435] [<c03241e7>] exact_lock+0x7/0x10
> [ 6.964435] [<c03b33b8>] kobj_lookup+0x148/0x160
> [ 6.964435] [<c019cb47>] do_open+0xb7/0x290
> [ 6.964435] [<c019cf50>] blkdev_open+0x0/0x70
> [ 6.964435] [<c019cf80>] blkdev_open+0x30/0x70
> [ 6.964435] [<c01757ed>] __dentry_open+0x16d/0x1f0
> [ 6.964435] [<c0175925>] nameidata_to_filp+0x35/0x40
> [ 6.964435] [<c017597b>] do_filp_open+0x4b/0x60
> [ 6.964435] [<c017a5c2>] sys_readlinkat+0x32/0x90
> [ 6.964435] [<c019c218>] block_ioctl+0x18/0x20
> [ 6.964435] [<c019c200>] block_ioctl+0x0/0x20
> [ 6.964435] [<c0182cfb>] do_ioctl+0x2b/0x90
> [ 6.964435] [<c0182f7e>] vfs_ioctl+0x21e/0x2a0
> [ 6.964435] [<c018303d>] sys_ioctl+0x3d/0x70
> [ 6.964435] [<c010444a>] syscall_call+0x7/0xb
> [ 6.964435] =======================
> [ 6.964435] Code: 04 00 00 89 44 24 0c e9 b4 fe ff ff b8 00 71 70 c0 e8 49 a5 18 00 31 c9 31 d2 89 c3 89 f8 e8 ac 27 f3 ff 85 c0 0f 84 5c fe ff ff <0f> 0b eb fe 83 ec 38 31 d2 89 7c 24 30 89 c7 89 5c 24 28 8d 4c
> [ 6.964435] EIP: [<c03edf9c>] cdrom_newpc_intr+0x2bc/0x2c0 SS:ESP 0068:cf2b59a8
> [ 6.964435] Kernel panic - not syncing: Fatal exception in interrupt
Could you give me all boot messages and your config?
Are you able to get some outputs on 2.6.24 + the patch below?
If yes, original ide-cd might have a problem.
--- 2.6.24.orig/drivers/ide/ide-cd.c 2008-01-24 17:58:37.000000000 -0500
+++ 2.6.24/drivers/ide/ide-cd.c 2008-01-29 20:55:59.000000000 -0500
@@ -1711,8 +1711,12 @@
/*
* If DRQ is clear, the command has completed.
*/
- if ((stat & DRQ_STAT) == 0)
+ if ((stat & DRQ_STAT) == 0) {
+ if (end_that_request_chunk(rq, 1, 0))
+ blk_dump_rq_flags(rq, "ide-cd: rq still having bio");
+
goto end_request;
+ }
/*
* check which way to transfer data
If that's not comfortable for you, could you try with the patch
on top of current 2.6.24-git and send outputs?
--- linus-git.orig/drivers/ide/ide-cd.c 2008-01-29 10:04:51.000000000 -0500
+++ linus-git/drivers/ide/ide-cd.c 2008-01-29 21:00:19.000000000 -0500
@@ -1723,7 +1723,7 @@
if ((stat & DRQ_STAT) == 0) {
spin_lock_irqsave(&ide_lock, flags);
if (__blk_end_request(rq, 0, 0))
- BUG();
+ blk_dump_rq_flags(rq, "ide-cd: rq still having bio");
HWGROUP(drive)->rq = NULL;
spin_unlock_irqrestore(&ide_lock, flags);
Thanks,
Kiyoshi Ueda
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/