Subject: kern/8272: pcmcia com driver stacks in device open or write
To: None <gnats-bugs@gnats.netbsd.org>
From: None <kawamoto@tenjin.org>
List: netbsd-bugs
Date: 08/25/1999 01:15:58
>Number: 8272
>Category: kern
>Synopsis: pcmcia com driver stacks in device open and write
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people (Kernel Bug People)
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Aug 25 00:50:01 1999
>Last-Modified:
>Originator: Kawamoto Yosihisa
>Organization:
tenjin.org
>Release: 1999/08/24
>Environment:
note pc (SONY VAIO 505RX)
System: NetBSD rerun.tenjin.org 1.4K NetBSD 1.4K (RERUN) #212: Tue Aug 24 12:39:38 JST 1999 kawamoto@rerun.tenjin.org:/usr/src/sys/arch/i386/compile/RERUN i386
>Description:
My two modem cards stacks in device open.
One is the Megahertz XJACK 14,400bps modem card,
and another is the SII PHS DATA 32S modem card.
Followings are the Megahertz system messages.
pcmcia0: CIS version PCMCIA 2.0 or 2.1
pcmcia0: CIS info: MEGAHERTZ, XJ2144-81, A5, PCMCIA MODEM
pcmcia0: Manufacturer code 0x102, product 0x5
pcmcia0: function 0: serial port, ccr addr 200 mask 1
pcmcia0: function 0, config table entry 32: I/O card; irq mask 3c; iomask 0, iospace 3f8; rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 33: I/O card; irq mask 3c; iomask 0, iospace 2f8; rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 34: I/O card; irq mask 3c; iomask 0, iospace 3e8; rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 35: I/O card; irq mask 3c; iomask 0, iospace 2e8; rdybsy_active wp_active bvd_active io8 irqlevel
com2 at pcmcia0 function 0 port 0x3e8-0x3ef: serial device
com2: ns8250 or ns16450, no fifo
And followings are the SII system messages.
pcmcia0: CIS version PCMCIA 2.0 or 2.1
pcmcia0: CIS info: SII, PHS DATA 32S
pcmcia0: Manufacturer code 0xc01e, product 0x0
pcmcia0: function 0: serial port, ccr addr 1000 mask f
pcmcia0: function 0, config table entry 32: I/O card; irq mask 86bc; iomask a, iospace 3f8; mwait_required rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 33: I/O card; irq mask 86bc; iomask a, iospace 2f8; mwait_required rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 34: I/O card; irq mask 86bc; iomask a, iospace 3e8; mwait_required rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 35: I/O card; irq mask 86bc; iomask a, iospace 2e8; mwait_required rdybsy_active wp_active bvd_active io8 irqlevel
pcmcia0: function 0, config table entry 48: I/O card; irq mask 86bc; iomask 3, iospace 0; mwait_required rdybsy_active wp_active bvd_active io8 irqlevel
com2 at pcmcia0 function 0 port 0x3e8-0x3ef: serial device
com2: ns8250 or ns16450, no fifo
>How-To-Repeat:
When I tipped to com2, the system fell into ddb as following.
bash$ tip com2
pcmcia0: card irq 15
kernel: integer divide fault trap, code=0
Stopped in tip at com_loadchannelregs+0x123: jmp com_loadchannelregs+0x131
db> trace
com_loadchannelregs(f04b2300) at com_loadchannelregs+0x123
comparam(f49b42ac,f4a14d78,140,20,f4a17a88) at comparam+0x24e
comopen(802,7,2000,f49fa780,0) at comopen+0x23a
spec_open(f4a14e08,0,f4a14f88,fffffffc,5) at spec_open+0x162
vn_open(f4a14ed8,4,1a0,f4a14f88,f49fa780) at vn_open+0x341
sys_open(f49fa780,f4a14f88,f4a14f80,0,efbfdbe8) at sys_open+0xd0
syscall() at syscall+0x23a
--- syscall (number 5) ---
0x480bbee1:
db>show registers
es 0x10
ds 0x10
edi 0
esi 0xf04b2300 end+0x195674
ebp 0xf4a14d28 end+0x46f809c
ebx 0x3e8
edx 0x3e9
ecx 0x3e8
eax 0xd
eip 0xf010f0ff com_loadchannelregs+0x123
cs 0x8
eflags 0x246
esp 0xf4a14d18 end+0x46f808c
ss 0xf0300010 kernel_map_entry.110+0x1ba30
com_loadchannelregs+0x123: jmp com_loadchannelregs+0x131
db> cont
connected
Followings are the additional information after `continue'.
(I typed an `a')
kernel: integer divide fault trap, code=0
Stopped in tip at comstart_0x137: jmp comstart+0x148
db> trace
comstart(f49b42ac,f4a14df0,f016e132,f49b42ac,f4a17a88) at comstart+0x137
ttstart(f49b42ac) at ttstart+0x13
ttwrite(f49b42ac,f4a14ee4,1,f4a14e6c,f018b33e) at ttwrite+0x28e
comwrite(802,f4a14ee4,1,1,1) at comwrite+0x56
spec_write(f4a14e98,f4a14eac,f0184820,f4a14e98,f4a14f88) at spec_write+0xae
ufsspec_write(f4a14e98,f4a14f88,1,f4a10120,f4a14e98) at ufsspec_write+0x2d
vn_write(f4a10120,f4a1013c,f4a14ee4,f04ff880,1) at vn_write+0xe0
dofilewrite(f49fa780,3,f4a10120,efbfdb0b,1) at dofilewrite+0x94
sys_write(f49fa780,f4a14f88,f4a14f80,0,8053740) at sys_write+0x67
syscall() at syscall+0x23a
--- syscall (number 4) ---
0x480c5ae9:
db>show registers
es 0x10
ds 0x10
edi 0xf04b2300 end+0x195674
esi 0xf49b42ac end+0x4697620
ebp 0xf4a14d58 end+0x46f80cc
ebx 0xf04ea400 end+0x1cd774
edx 0x3e9
ecx 0x1
eax 0xe000da0f
eip 0xf010f3b3 comstart+0x137
cs 0x8
eflags 0x202
esp 0xf4a14d38 end+0x46f80ac
ss 0xf0300010 kernel_map_entry.110+0x1ba30
comstart+0x137: jmp comstart_0x148
db> cont
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa(snip)aaaaaaaaaa
>Fix:
Sorry, I don't know.
>Audit-Trail:
>Unformatted: