2.4.17-rc2 BUG at slab.c:1110

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

* 2.4.17-rc2 BUG at slab.c:1110
@ 2001-12-20  0:04 Paul Mackerras
  2001-12-20  0:50 ` Andrew Morton
  2001-12-20 21:14 ` degger
  0 siblings, 2 replies; 4+ messages in thread
From: Paul Mackerras @ 2001-12-20  0:04 UTC (permalink / raw)
  To: linux-kernel

I'm seeing BUG messages when I eject a compact flash card from the
pcmcia slot on my powerbook, not every time but quite often.  The
stack trace looks like this:

c002e99c kmem_cache_grow+0x94
c002ed60 kmem_cache_alloc+0x144
c008844c devfsd_notify_de+0x60
c008852c devfsd_notify+0x30
c0088984 unregister+0x48
c0088a14 devfs_unregister+0x2c
c010c950 ide_unregister+0x200
cd9798b0 ide_release+0x2c
c001e928 timer_bh+0x2f4
c001a314 bh_action+0x3c
c001a1c4 tasklet_hi_action+0x3c
c0019dc0 do_softirq+0x94
c000610c timer_interrupt+0x23c

What is happening is that ide_event is doing

	mod_timer(&link->release, jiffies + HZ/20);

on the card removal event, with link->release.function == ide_release.
Thus ide_release gets called on a timeout, and it calls
ide_unregister, which calls devfs_unregister, which does various
things which you shouldn't do in interrupt context, like calling
schedule and calling kmem_cache_alloc(..., SLAB_KERNEL).

So, is this devfs's fault for not allowing devfs_unregister to be
called from interrupt context, or is it ide-cs's fault for calling
ide_unregister from interrupt context?

Paul.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: 2.4.17-rc2 BUG at slab.c:1110
  2001-12-20  0:04 2.4.17-rc2 BUG at slab.c:1110 Paul Mackerras
@ 2001-12-20  0:50 ` Andrew Morton
  2001-12-20 23:44   ` Richard Gooch
  2001-12-20 21:14 ` degger
  1 sibling, 1 reply; 4+ messages in thread
From: Andrew Morton @ 2001-12-20  0:50 UTC (permalink / raw)
  To: paulus; +Cc: linux-kernel

Paul Mackerras wrote:
> 
> So, is this devfs's fault for not allowing devfs_unregister to be
> called from interrupt context, or is it ide-cs's fault for calling
> ide_unregister from interrupt context?
> 

ide-cs, I'd say.

The way hotplug generally avoids this problem is via schedule_task() - that
was why it was written in the first place, I think.

And given that we need to bump the event up to process context, we may
as well do it at the earliest stage.  Looks like the fix it to kill
off the timer altogether, replace it with a tqueue and ask keventd
to run ide_release.

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: 2.4.17-rc2 BUG at slab.c:1110
  2001-12-20  0:50 ` Andrew Morton
@ 2001-12-20 23:44   ` Richard Gooch
  0 siblings, 0 replies; 4+ messages in thread
From: Richard Gooch @ 2001-12-20 23:44 UTC (permalink / raw)
  To: Andrew Morton; +Cc: paulus, linux-kernel

Andrew Morton writes:
> Paul Mackerras wrote:
> > 
> > So, is this devfs's fault for not allowing devfs_unregister to be
> > called from interrupt context, or is it ide-cs's fault for calling
> > ide_unregister from interrupt context?
> > 
> 
> ide-cs, I'd say.

Definately. It's always been illegal to call into the devfs API from
interrupt context, and in fact given that devfs_register() always
called kmalloc() with GFP_KERNEL, it should have caught any interrupt
context callers of devfs.

It just happened that in the old devfs core, you could often get away
with a call to devfs_unregister(), since it didn't do any allocations.
However, doing so was unsafe due to races (no locking/irq disabling),
even on UP systems. So it was always a driver bug to do this.

> The way hotplug generally avoids this problem is via schedule_task()
> - that was why it was written in the first place, I think.
> 
> And given that we need to bump the event up to process context, we may
> as well do it at the earliest stage.  Looks like the fix it to kill
> off the timer altogether, replace it with a tqueue and ask keventd
> to run ide_release.

Sounds good to me. I look forward to seeing your patch in -rc3 :-)

				Regards,

					Richard....
Permanent: rgooch@atnf.csiro.au
Current:   rgooch@ras.ucalgary.ca

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: 2.4.17-rc2 BUG at slab.c:1110
  2001-12-20  0:04 2.4.17-rc2 BUG at slab.c:1110 Paul Mackerras
  2001-12-20  0:50 ` Andrew Morton
@ 2001-12-20 21:14 ` degger
  1 sibling, 0 replies; 4+ messages in thread
From: degger @ 2001-12-20 21:14 UTC (permalink / raw)
  To: paulus; +Cc: linux-kernel

On 20 Dec, Paul Mackerras wrote:

> I'm seeing BUG messages when I eject a compact flash card from the
> pcmcia slot on my powerbook, not every time but quite often.  The
> stack trace looks like this:

I wished I could use pcmcia at all on my powerbook; it's still broken
with the latest benh.

--
Servus,
       Daniel


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2001-12-20 23:45 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2001-12-20  0:04 2.4.17-rc2 BUG at slab.c:1110 Paul Mackerras
2001-12-20  0:50 ` Andrew Morton
2001-12-20 23:44   ` Richard Gooch
2001-12-20 21:14 ` degger

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox