Discussion:
2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
(too old to reply)
Alexey Dobriyan
2005-03-28 17:34:18 UTC
Permalink
Steps to reproduce for me:
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot

Doing a "# service gpm stop" produce several pages of messages and then hang
the system.

CONFIG_PREEMPT_BKL=n kernel survives gpm shutdown in both cases.
============================================================================
Unable to handle kernel NULL pointer dereference at virtual address 00000888
printing eip:
c02011fe
*pde = 1ae8c067
*pte = 00000000
Oops: 0000 [#1]
PREEMPT
Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
CPU: 0
EIP: 0060:[<c02011fe>] Not tainted VLI
EFLAGS: 00010006 (2.6.12-rc1-bk2)
EIP is at serio_interrupt+0x3c/0x92
eax: ddbc0000 ebx: 00000874 ecx: 00000000 edx: 0000003e
esi: ddbc0000 edi: 0000003e ebp: 00000000 esp: c145def4
ds: 007b es: 007b ss: 0068
Process events/0 (pid: 3, threadinfo=c145d000 task=def82020)
Stack: 00000000 00000000 00000292 00000001 de024180 c173c128 00000001 c020273e
00000000 c173c000 c173c00c 00000001 00000246 c01dbf0c 00000001 c173c528
c173c128 c173c0d4 00000287 c173c0d8 defeb680 c01207fc 00000000 def82a00
Call Trace:
[<c020273e>] serport_ldisc_receive+0x31/0x3d
[<c01dbf0c>] flush_to_ldisc+0xae/0x11b
[<c01207fc>] worker_thread+0x1d1/0x284
[<c01dbe5e>] flush_to_ldisc+0x0/0x11b
[<c010ed10>] default_wake_function+0x0/0xc
[<c010ed4f>] __wake_up_common+0x33/0x5a
[<c010ed10>] default_wake_function+0x0/0xc
[<c012062b>] worker_thread+0x0/0x284
[<c0124470>] kthread+0x7c/0xa4
[<c01243f4>] kthread+0x0/0xa4
[<c0100c31>] kernel_thread_helper+0x5/0xb
Code: 00 00 00 00 9c 8f 44 24 08 fa b8 01 00 00 00 e8 b8 da f0 ff 8b 5e 68 85 db 74 40 89 f8 89 e9 0f b6 d0 8b 44 24 20 89 04 24 89 f0 <ff> 53 14 89 44 24 04 ff 74 24 08 9d b8 01 00 00 00 e8 bd da f0
<6>note: events/0[3] exited with preempt_count 1

"ff 53 14" is "call *0x14(%ebx)". 0x14 is the offset of
struct serio_interrupt::interrupt().

irqreturn_t serio_interrupt(struct serio *serio,
unsigned char data, unsigned int dfl, struct pt_regs *regs)
{
unsigned long flags;
irqreturn_t ret = IRQ_NONE;

spin_lock_irqsave(&serio->lock, flags);

if (likely(serio->drv)) {
=> ret = serio->drv->interrupt(serio, data, dfl, regs); <=
} else if (!dfl && serio->registered) {
serio_rescan(serio);
ret = IRQ_HANDLED;
}

spin_unlock_irqrestore(&serio->lock, flags);

return ret;
}
Dmitry Torokhov
2005-03-29 06:36:35 UTC
Permalink
Post by Alexey Dobriyan
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot
Could you try the patch below, please? Thanks!
--
Dmitry

===================================================================

Input: serport - fix an Oops when closing port - should not call
serio_interrupt when serio port is being unregistered.

Signed-off-by: Dmitry Torokhov <***@mail.ru>

serport.c | 40 ++++++++++++++++++++++++++++++++++++++--
1 files changed, 38 insertions(+), 2 deletions(-)

Index: dtor/drivers/input/serio/serport.c
===================================================================
--- dtor.orig/drivers/input/serio/serport.c
+++ dtor/drivers/input/serio/serport.c
@@ -27,11 +27,14 @@ MODULE_LICENSE("GPL");
MODULE_ALIAS_LDISC(N_MOUSE);

#define SERPORT_BUSY 1
+#define SERPORT_ACTIVE 2
+#define SERPORT_DEAD 3

struct serport {
struct tty_struct *tty;
wait_queue_head_t wait;
struct serio *serio;
+ spinlock_t lock;
unsigned long flags;
};

@@ -49,10 +52,31 @@ static void serport_serio_close(struct s
{
struct serport *serport = serio->port_data;

- serport->serio->id.type = 0;
+ set_bit(SERPORT_DEAD, &serport->flags);
wake_up_interruptible(&serport->wait);
}

+static int serport_serio_start(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+
+ spin_lock(&serport->lock);
+ set_bit(SERPORT_ACTIVE, &serport->flags);
+ spin_unlock(&serport->lock);
+
+ return 0;
+}
+
+static void serport_serio_stop(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+
+ spin_lock(&serport->lock);
+ clear_bit(SERPORT_ACTIVE, &serport->flags);
+ serport->serio = NULL;
+ spin_unlock(&serport->lock);
+}
+
/*
* serport_ldisc_open() is the routine that is called upon setting our line
* discipline on a tty. It prepares the serio struct.
@@ -79,6 +103,7 @@ static int serport_ldisc_open(struct tty
serport->serio = serio;
set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
serport->tty = tty;
+ spin_lock_init(&serport->lock);
tty->disc_data = serport;

memset(serio, 0, sizeof(struct serio));
@@ -87,6 +112,8 @@ static int serport_ldisc_open(struct tty
serio->id.type = SERIO_RS232;
serio->write = serport_serio_write;
serio->close = serport_serio_close;
+ serio->start = serport_serio_start;
+ serio->stop = serport_serio_stop;
serio->port_data = serport;

init_waitqueue_head(&serport->wait);
@@ -117,8 +144,17 @@ static void serport_ldisc_receive(struct
{
struct serport *serport = (struct serport*) tty->disc_data;
int i;
+
+ spin_lock(&serport->lock);
+
+ if (!test_bit(SERPORT_ACTIVE, &serport->flags))
+ goto out;
+
for (i = 0; i < count; i++)
serio_interrupt(serport->serio, cp[i], 0, NULL);
+
+out:
+ spin_unlock(&serport->lock);
}

/*
@@ -148,7 +184,7 @@ static ssize_t serport_ldisc_read(struct

serio_register_port(serport->serio);
printk(KERN_INFO "serio: Serial port %s\n", tty_name(tty, name));
- wait_event_interruptible(serport->wait, !serport->serio->id.type);
+ wait_event_interruptible(serport->wait, test_bit(SERPORT_DEAD, &serport->flags));
serio_unregister_port(serport->serio);

clear_bit(SERPORT_BUSY, &serport->flags);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



-------------------------------------------------------------------------------
Achtung: diese Newsgruppe ist eine unidirektional gegatete Mailingliste.
Antworten nur per Mail an die im Reply-To-Header angegebene Adresse.
Fragen zum Gateway -> ***@inka.de.
-------------------------------------------------------------------------------
Alexey Dobriyan
2005-03-29 17:30:14 UTC
Permalink
Post by Dmitry Torokhov
Post by Alexey Dobriyan
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot
Could you try the patch below, please? Thanks!
Input: serport - fix an Oops when closing port - should not call
serio_interrupt when serio port is being unregistered.
Doesn't work, sorry. Even worse: rebooting now also produces many pages of
oopsen, then hang the system. I'm willing to test any new patches.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



-------------------------------------------------------------------------------
Achtung: diese Newsgruppe ist eine unidirektional gegatete Mailingliste.
Antworten nur per Mail an die im Reply-To-Header angegebene Adresse.
Fragen zum Gateway -> ***@inka.de.
-------------------------------------------------------------------------------
Dmitry Torokhov
2005-03-29 19:11:04 UTC
Permalink
Post by Alexey Dobriyan
Post by Dmitry Torokhov
Post by Alexey Dobriyan
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot
Could you try the patch below, please? Thanks!
Input: serport - fix an Oops when closing port - should not call
serio_interrupt when serio port is being unregistered.
Doesn't work, sorry. Even worse: rebooting now also produces many pages of
oopsen, then hang the system. I'm willing to test any new patches.
Does it oops at the same place with this patch or at some other place?
Btw, what happen if you try to kill inputattach or GPM or both without
rebooting?
--
Dmitry
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



-------------------------------------------------------------------------------
Achtung: diese Newsgruppe ist eine unidirektional gegatete Mailingliste.
Antworten nur per Mail an die im Reply-To-Header angegebene Adresse.
Fragen zum Gateway -> ***@inka.de.
-------------------------------------------------------------------------------
Alexey Dobriyan
2005-03-29 19:52:25 UTC
Permalink
Post by Dmitry Torokhov
Post by Alexey Dobriyan
Post by Dmitry Torokhov
Post by Alexey Dobriyan
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot
Could you try the patch below, please? Thanks!
Input: serport - fix an Oops when closing port - should not call
serio_interrupt when serio port is being unregistered.
Doesn't work, sorry. Even worse: rebooting now also produces many pages of
oopsen, then hang the system. I'm willing to test any new patches.
Does it oops at the same place with this patch or at some other place?
I manage to find this in the logs (nothing more :-( ):
============================================================================
Unable to handle kernel NULL pointer dereference at virtual address 00000068
printing eip:
c0202947
*pde = 00000000
Oops: 0000 [#1]
PREEMPT
Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
CPU: 0
EIP: 0060:[<c0202947>] Not tainted VLI
EFLAGS: 00010282 (2.6.12-rc1-bk2-serio)
============================================================================
According to vmlinux, c0202947 is at:

c020293e <serport_ldisc_write_wakeup>:
c020293e: 8b 80 78 09 00 00 mov 0x978(%eax),%eax
c0202944: 8b 40 0c mov 0xc(%eax),%eax
c0202947: 8b 50 68 mov 0x68(%eax),%edx <<<<====
c020294a: 85 d2 test %edx,%edx
c020294c: 74 07 je c0202955 <serport_ldisc_write_wakeup+0x17>
c020294e: 8b 52 10 mov 0x10(%edx),%edx
c0202951: 85 d2 test %edx,%edx
c0202953: 75 01 jne c0202956 <serport_ldisc_write_wakeup+0x18>
c0202955: c3 ret
c0202956: ff d2 call *%edx
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to ***@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



-------------------------------------------------------------------------------
Achtung: diese Newsgruppe ist eine unidirektional gegatete Mailingliste.
Antworten nur per Mail an die im Reply-To-Header angegebene Adresse.
Fragen zum Gateway -> ***@inka.de.
-------------------------------------------------------------------------------
Loading...