[551] in linux-scsi channel archive
NCR driver rel. 11 panics
daemon@ATHENA.MIT.EDU (Cristian Gafton)
Sun Aug 27 04:08:18 1995
Date: Sun, 27 Aug 1995 06:57:01 +0300 (EET DST)
From: Cristian Gafton <gafton@cccis.sfos.ro>
To: NCR Mailing List <ncr53c810@colorado.edu>
Cc: linux-scsi@vger.rutgers.edu
Well, I finaly managed to get some info about the panics I get with
rel. 11 of the driver.
If more than that is needed, I'm here, waiting for my system to be
able to use the latest driver :-) ...
------dmseg output---------------------------------------
Console: colour EGA+ 80x28, 1 virtual console (max 63)
bios32_init : BIOS32 Service Directory structure at 0x000fc310
bios32_init : BIOS32 Service Directory entry at 0xfc740
pcibios_init : PCI BIOS revision 2.00 entry at 0xfc770
Probing PCI hardware.
Calibrating delay loop.. ok - 33.55 BogoMips
Serial driver version 4.11 with no serial options enabled
tty00 at 0x03f8 (irq = 4) is a 16550A
tty01 at 0x02f8 (irq = 3) is a 16550A
lp1 at 0x0378, using polling driver
Floppy drive(s): fd0 is 1.44M, fd1 is 1.2M
FDC 0 is a post-1991 82077
scsi-ncr53c7,8xx : at PCI bus 0, device 1, function 0
scsi-ncr53c7,8xx : NCR53c810 at memory 0xfbfef000, io 0xe800, irq 9
scsi0 : burst length 8
scsi0 : reset ccf to 3 from 0
scsi0 : NCR code relocated to 0x1e49d0
scsi0 : test 1 started
scsi0 : NCR53c{7,8}xx (rel 11)
scsi : 1 host.
scsi0 : target 0 accepting asynchronous SCSI
scsi0 : setting target 0 to asynchronous SCSI
Vendor: FUJITSU Model: M2694ES-512 Rev: 8134
Type: Direct-Access ANSI SCSI revision: 01 CCS
Detected scsi disk sda at scsi0, id 0, lun 0
scsi0 : target 1 rejected SDTR
scsi0 : setting target 1 to asynchronous SCSI
Vendor: TANDBERG Model: TDC 3600 Rev: A07:
Type: Sequential-Access ANSI SCSI revision: 01
Detected scsi tape st0 at scsi0, id 1, lun 0
scsi : detected 1 SCSI tape 1 SCSI disk total.
SCSI Hardware sector size is 512 bytes on device sda
Memory: 14952k/16384k available (716k kernel code, 384k reserved, 332k data)
This processor honours the WP bit even when in supervisor mode. Good.
Swansea University Computer Society NET3.019
Swansea University Computer Society TCP/IP for NET3.019
IP Protocols: IGMP, ICMP, UDP, TCP
PPP: version 0.2.7 (4 channels) NEW_TTY_DRIVERS OPTIMIZE_FLAGS
TCP compression code copyright 1989 Regents of the University of California
PPP line discipline registered.
Checking 386/387 coupling... Ok, fpu using exception 16 error reporting.
Checking 'hlt' instruction... Ok.
Linux version 1.2.13 (root@sysadm) (gcc version 2.6.3) #1 Sun Aug 27 04:15:45 EET DST 1995
Partition check:
sda: sda1 sda2 sda3 sda4
VFS: Mounted root (ext2 filesystem) readonly.
Adding Swap: 15588k swap-space
---------------------------------------------------------------------------
Now the panic, reproduced here 'by hand' ...
scsi: aborting command due to timeout: pid 1001, scsi 0, id 0, lun 0,
Write (6) 18 1c 67 02 00
general protection: 0000
EIP: 0010:001a9a3e
EFLAGS: 00010006
eax: 00000025 ebx: 00000000 ecx: 001c128b edx: 00eb3000
esi: c0000004 edi: 7838a800 ebp: 00090084 esp: 001b4530
ds: 0018 es: 0018 fs: 002b gs: 0018 ss: 0018
Process swapper (pid: 0, process nr: 0, stackpage=001b2bdc)
Stack: 00000000 00000006 001ee800 001e4684 00000040 001e4684
001a9c33 001e4640 00090084 001a2263 00000000 00000000
001ee800 00b8a19c 001a22b3 001e4640 00000216 001e4640
001e4684 0000032a
Call Trace: 001a9c33 001a2263 001aa284 001a2263 001a945b
00197ce9 00196384 00196294 00197e52 00118470
0011e15e 001106e5 00110018 0010f8f4 00110761
0010f3a7 00117b70
Code: 0f b6 47 09 50 0f b6 47 08 50 68 84 98 1a 00 e8 b6 00 f7 ff
Aiee, killing the interrupt handler
kfree of non-kmalloced memory: 001b46d4, next=00000000, order=0
task[0] (swapper) killed: unable to recover
Kernel panic: Trying to free up swapper memory space
In swapper task - not syncing
----------------------------------------------------------------
Now a little code trace ...
(gdb) info line *0x1a9a3e
Line 5561 of "53c7,8xx.c" starts at address 0x1a9a3e <print_dsa+262>
and ends at 0x1a9a52 <print_dsa+282>.
(gdb) list 5561
5556 hostdata->dsa_select, dsa[hostdata->dsa_select / sizeof(long)]);
5557 cmd = (Scsi_Cmnd *) dsa[hostdata->dsa_cmnd / sizeof(long)];
5558 printk(" + %ld : dsa_cmnd = 0x%lx ", hostdata->dsa_cmnd, (long)
5559 cmd);
5560 if (cmd) {
5561 printk(" target = %d, lun = %d, cmd = ",
5562 cmd->target, cmd->lun);
5563 print_command(cmd->cmnd);
5564 } else
5565 printk("\n");
(gdb) info line *0x1a9c33
Line 5606 of "53c7,8xx.c" starts at address 0x1a9c1a <print_queues+66>
and ends at 0x1a9c38 <print_queues+96>.
(gdb) list 5606
5601 for (cmd = (Scsi_Cmnd *) hostdata->issue_queue; cmd; cmd = next_cmd) {
5602 next_cmd = (Scsi_Cmnd *) cmd->SCp.ptr;
5603 save_flags(flags);
5604 cli();
5605 if (cmd->host_scribble)
5606 print_dsa (host,
5607 ((struct NCR53c7x0_cmd *) cmd->host_scribble)->dsa, "");
5608 else
5609 printk ("scsi%d : command %ld for target %d lun %d has no dsa\n",
5610 host->host_no, cmd->pid, cmd->target, cmd->lun);
(gdb) info line *0x1a2263
Line 1640 of "53c7,8xx.c" starts at address 0x1a2048 <NCR53c8x0_init_fixup+3056>
and ends at 0x1a24e8 <NCR53c8xx_run_tests>.
(gdb) list 1640
1635 host->host_no, A_dsa_fields_start, Ent_dsa_code_template_end -
1636 Ent_dsa_zero);
1637
1638 printk("scsi%d : NCR code relocated to 0x%lx\n", host->host_no,
1639 (unsigned long) hostdata->script);
1640 }
1641
1642 /*
1643 * Function : static int NCR53c8xx_run_tests (struct Scsi_Host *host)
1644 *
(gdb) info line *0x1aa284
Line 5684 of "53c7,8xx.c" starts at address 0x1aa284 <print_lots+1116>
and ends at 0x1aa287 <print_lots+1119>.
(gdb) list 5684
5679 printk ("scsi%d : DSP 0x%lx ->\n", host->host_no, (long) dsp);
5680 for (i = 6; i > 0; --i, dsp += size)
5681 size = print_insn (host, dsp, "", 1);
5682 print_dsa (host, dsa, "");
5683 print_queues (host);
5684 }
5685 }
5686
5687
5688 /*
(gdb) info line *0x1a2263
Line 1640 of "53c7,8xx.c" starts at address 0x1a2048 <NCR53c8x0_init_fixup+3056>
and ends at 0x1a24e8 <NCR53c8xx_run_tests>.
(gdb) list 1640
1635 host->host_no, A_dsa_fields_start, Ent_dsa_code_template_end -
1636 Ent_dsa_zero);
1637
1638 printk("scsi%d : NCR code relocated to 0x%lx\n", host->host_no,
1639 (unsigned long) hostdata->script);
1640 }
1641
1642 /*
1643 * Function : static int NCR53c8xx_run_tests (struct Scsi_Host *host)
1644 *
(gdb) info line *0x1a945b
Line 5372 of "53c7,8xx.c" starts at address 0x1a945b <NCR53c7xx_reset+35>
and ends at 0x1a9463 <NCR53c7xx_reset+43>.
(gdb) list 5372
5367 NCR53c7x0_local_setup(host);
5368 save_flags(flags);
5369 cli();
5370 halt (host);
5371 print_lots (host);
5372 dump_events (host, 30);
5373 ncr_scsi_reset (host);
5374 for (tmp = nuke_list = return_outstanding_commands (host, 1 /* free */,
5375 0 /* issue */ ); tmp; tmp = (Scsi_Cmnd *) tmp->SCp.buffer)
5376 if (tmp == cmd) {
(gdb) info line *0x197ce9
Line 1674 of "scsi.c" starts at address 0x197ce0 <scsi_reset+136>
and ends at 0x197ceb <scsi_reset+147>.
(gdb) list 1674
1669
1670 save_flags(flags);
1671 cli();
1672 if (!hostdata->idle) {
1673 printk ("scsi%d : chip not idle, aborting tests\n", host->host_no);
1674 restore_flags(flags);
1675 return -1;
1676 }
1677
1678 /*
(gdb) info line *0x196384
Line 665 of "scsi.c" starts at address 0x19637e <scsi_times_out+86>
and ends at 0x19638b <scsi_times_out+99>.
(gdb) list 665
660 int i, j;
661 for (i = 0; i < 8; ++i) {
662 hostdata->request_sense[i] = 0;
663 for (j = 0; j < 8; ++j)
664 hostdata->busy[i][j] = 0;
665 set_synchronous (host, i, /* sxfer */ 0, hostdata->saved_scntl3, 0);
666 }
667 hostdata->issue_queue = NULL;
668 hostdata->running_list = hostdata->finished_queue = NULL;
669 hostdata->issue_dsa_head = NULL;
(gdb) info line *0x196294
Line 633 of "scsi.c" starts at address 0x196289 <scan_scsis+2193>
and ends at 0x196328 <scsi_times_out>.
(gdb) list 633
628 * zero to disallow.
629 *
630 * Returns : 0 on success, * -1 on failure.
631 */
632
633 static int
634 request_disconnect (int host, int on_or_off) {
635 struct Scsi_Host *h;
636 struct NCR53c7x0_hostdata *hostdata;
637 if (!(h = find_host (host)))
(gdb) info line *0x197e52
Line 1757 of "scsi.c" starts at address 0x197e52 <scsi_main_timeout+74>
and ends at 0x197e53 <scsi_main_timeout+75>.
(gdb) list 1757
1752 unsigned long dsa[48];
1753 unsigned char identify = IDENTIFY(0, 0);
1754 unsigned char cmd[6];
1755 unsigned char data[36];
1756 unsigned char status = 0xff;
1757 unsigned char msg = 0xff;
1758
1759 cmd[0] = INQUIRY;
1760 cmd[1] = cmd[2] = cmd[3] = cmd[5] = 0;
1761 cmd[4] = sizeof(data);
(gdb) quit
-------------------------------------------------------
Hope this helps,
Cristian Gafton
Cristian Gafton, SysAdm gafton@cccis.sfos.ro
----------------------------------------------------------------------
Computers & Communications Center str. Moara de Foc nr. 35
Phone: 40-32-252936, 252938 PO-BOX 2-549
Fax: 40-32-252933 IASI 6600, ROMANIA
======================================================================
Good code is hard to write, so it must be hard to understand.
