* 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
@ 2005-03-28 17:26 Alexey Dobriyan
2005-03-29 6:27 ` Dmitry Torokhov
0 siblings, 1 reply; 9+ messages in thread
From: Alexey Dobriyan @ 2005-03-28 17:26 UTC (permalink / raw)
To: linux-kernel; +Cc: Vojtech Pavlik
[-- Attachment #1: Type: text/plain, Size: 2650 bytes --]
Steps to reproduce for me:
* Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
* Start rebooting
* Start moving serial mouse (I have Genius NetMouse Pro)
* Right after gpm is shut down I see the oops
* The system continues to reboot
Doing a "# service gpm stop" produce several pages of messages and then hang
the system.
CONFIG_PREEMPT_BKL=n kernel survives gpm shutdown in both cases.
============================================================================
Unable to handle kernel NULL pointer dereference at virtual address 00000888
printing eip:
c02011fe
*pde = 1ae8c067
*pte = 00000000
Oops: 0000 [#1]
PREEMPT
Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
CPU: 0
EIP: 0060:[<c02011fe>] Not tainted VLI
EFLAGS: 00010006 (2.6.12-rc1-bk2)
EIP is at serio_interrupt+0x3c/0x92
eax: ddbc0000 ebx: 00000874 ecx: 00000000 edx: 0000003e
esi: ddbc0000 edi: 0000003e ebp: 00000000 esp: c145def4
ds: 007b es: 007b ss: 0068
Process events/0 (pid: 3, threadinfo=c145d000 task=def82020)
Stack: 00000000 00000000 00000292 00000001 de024180 c173c128 00000001 c020273e
00000000 c173c000 c173c00c 00000001 00000246 c01dbf0c 00000001 c173c528
c173c128 c173c0d4 00000287 c173c0d8 defeb680 c01207fc 00000000 def82a00
Call Trace:
[<c020273e>] serport_ldisc_receive+0x31/0x3d
[<c01dbf0c>] flush_to_ldisc+0xae/0x11b
[<c01207fc>] worker_thread+0x1d1/0x284
[<c01dbe5e>] flush_to_ldisc+0x0/0x11b
[<c010ed10>] default_wake_function+0x0/0xc
[<c010ed4f>] __wake_up_common+0x33/0x5a
[<c010ed10>] default_wake_function+0x0/0xc
[<c012062b>] worker_thread+0x0/0x284
[<c0124470>] kthread+0x7c/0xa4
[<c01243f4>] kthread+0x0/0xa4
[<c0100c31>] kernel_thread_helper+0x5/0xb
Code: 00 00 00 00 9c 8f 44 24 08 fa b8 01 00 00 00 e8 b8 da f0 ff 8b 5e 68 85 db 74 40 89 f8 89 e9 0f b6 d0 8b 44 24 20 89 04 24 89 f0 <ff> 53 14 89 44 24 04 ff 74 24 08 9d b8 01 00 00 00 e8 bd da f0
<6>note: events/0[3] exited with preempt_count 1
"ff 53 14" is "call *0x14(%ebx)". 0x14 is the offset of
struct serio_interrupt::interrupt().
irqreturn_t serio_interrupt(struct serio *serio,
unsigned char data, unsigned int dfl, struct pt_regs *regs)
{
unsigned long flags;
irqreturn_t ret = IRQ_NONE;
spin_lock_irqsave(&serio->lock, flags);
if (likely(serio->drv)) {
=> ret = serio->drv->interrupt(serio, data, dfl, regs); <=
} else if (!dfl && serio->registered) {
serio_rescan(serio);
ret = IRQ_HANDLED;
}
spin_unlock_irqrestore(&serio->lock, flags);
return ret;
}
[-- Attachment #2: config_serio_interrupt_oops --]
[-- Type: text/plain, Size: 6003 bytes --]
CONFIG_X86=y
CONFIG_MMU=y
CONFIG_UID16=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_IOMAP=y
CONFIG_EXPERIMENTAL=y
CONFIG_CLEAN_COMPILE=y
CONFIG_BROKEN_ON_SMP=y
CONFIG_LOCK_KERNEL=y
CONFIG_LOCALVERSION=""
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
CONFIG_POSIX_MQUEUE=y
CONFIG_SYSCTL=y
CONFIG_HOTPLUG=y
CONFIG_KOBJECT_UEVENT=y
CONFIG_KALLSYMS=y
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
CONFIG_EPOLL=y
CONFIG_SHMEM=y
CONFIG_CC_ALIGN_FUNCTIONS=0
CONFIG_CC_ALIGN_LABELS=0
CONFIG_CC_ALIGN_LOOPS=0
CONFIG_CC_ALIGN_JUMPS=0
CONFIG_BASE_SMALL=0
CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
CONFIG_OBSOLETE_MODPARM=y
CONFIG_KMOD=y
CONFIG_X86_PC=y
CONFIG_MPENTIUM4=y
CONFIG_X86_CMPXCHG=y
CONFIG_X86_XADD=y
CONFIG_X86_L1_CACHE_SHIFT=7
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_X86_WP_WORKS_OK=y
CONFIG_X86_INVLPG=y
CONFIG_X86_BSWAP=y
CONFIG_X86_POPAD_OK=y
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_HPET_TIMER=y
CONFIG_PREEMPT=y
CONFIG_PREEMPT_BKL=y
CONFIG_X86_TSC=y
CONFIG_X86_MCE=y
CONFIG_X86_MCE_NONFATAL=y
CONFIG_NOHIGHMEM=y
CONFIG_MTRR=y
CONFIG_HAVE_DEC_LOCK=y
CONFIG_REGPARM=y
CONFIG_PM=y
CONFIG_ACPI=y
CONFIG_ACPI_BOOT=y
CONFIG_ACPI_INTERPRETER=y
CONFIG_ACPI_BUTTON=y
CONFIG_ACPI_FAN=y
CONFIG_ACPI_PROCESSOR=y
CONFIG_ACPI_THERMAL=y
CONFIG_ACPI_BLACKLIST_YEAR=2001
CONFIG_ACPI_BUS=y
CONFIG_ACPI_EC=y
CONFIG_ACPI_POWER=y
CONFIG_ACPI_PCI=y
CONFIG_ACPI_SYSTEM=y
CONFIG_PCI=y
CONFIG_PCI_GOANY=y
CONFIG_PCI_BIOS=y
CONFIG_PCI_DIRECT=y
CONFIG_PCI_MMCONFIG=y
CONFIG_PCI_NAMES=y
CONFIG_BINFMT_ELF=y
CONFIG_BINFMT_MISC=m
CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
CONFIG_PNP=y
CONFIG_PNPACPI=y
CONFIG_BLK_DEV_FD=m
CONFIG_BLK_DEV_LOOP=m
CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_COUNT=16
CONFIG_BLK_DEV_RAM_SIZE=16384
CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE=""
CONFIG_IOSCHED_NOOP=y
CONFIG_IOSCHED_CFQ=y
CONFIG_IDE=y
CONFIG_BLK_DEV_IDE=y
CONFIG_BLK_DEV_IDEDISK=y
CONFIG_IDEDISK_MULTI_MODE=y
CONFIG_BLK_DEV_IDECD=y
CONFIG_IDE_GENERIC=y
CONFIG_BLK_DEV_IDEPCI=y
CONFIG_IDEPCI_SHARE_IRQ=y
CONFIG_BLK_DEV_GENERIC=y
CONFIG_BLK_DEV_IDEDMA_PCI=y
CONFIG_IDEDMA_PCI_AUTO=y
CONFIG_BLK_DEV_PIIX=y
CONFIG_BLK_DEV_IDEDMA=y
CONFIG_IDEDMA_AUTO=y
CONFIG_NET=y
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
CONFIG_UNIX=y
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_SYN_COOKIES=y
CONFIG_IP_TCPDIAG=m
CONFIG_NETFILTER=y
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_CT_ACCT=y
CONFIG_IP_NF_CONNTRACK_MARK=y
CONFIG_IP_NF_CT_PROTO_SCTP=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_QUEUE=m
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_LIMIT=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_MAC=m
CONFIG_IP_NF_MATCH_PKTTYPE=m
CONFIG_IP_NF_MATCH_MARK=m
CONFIG_IP_NF_MATCH_MULTIPORT=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH_ESP=m
CONFIG_IP_NF_MATCH_LENGTH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_TCPMSS=m
CONFIG_IP_NF_MATCH_HELPER=m
CONFIG_IP_NF_MATCH_STATE=m
CONFIG_IP_NF_MATCH_CONNTRACK=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_MATCH_REALM=m
CONFIG_IP_NF_MATCH_SCTP=m
CONFIG_IP_NF_MATCH_COMMENT=m
CONFIG_IP_NF_MATCH_CONNMARK=m
CONFIG_IP_NF_MATCH_HASHLIMIT=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_NAT_SNMP_BASIC=m
CONFIG_IP_NF_NAT_IRC=m
CONFIG_IP_NF_NAT_FTP=m
CONFIG_IP_NF_NAT_TFTP=m
CONFIG_IP_NF_NAT_AMANDA=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_MARK=m
CONFIG_IP_NF_TARGET_CLASSIFY=m
CONFIG_IP_NF_TARGET_CONNMARK=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_TARGET_NOTRACK=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
CONFIG_IP_NF_ARP_MANGLE=m
CONFIG_XFRM=y
CONFIG_NET_CLS_ROUTE=y
CONFIG_NETDEVICES=y
CONFIG_NET_ETHERNET=y
CONFIG_MII=y
CONFIG_NET_PCI=y
CONFIG_8139TOO=y
CONFIG_8139TOO_PIO=y
CONFIG_INPUT=y
CONFIG_INPUT_MOUSEDEV=y
CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
CONFIG_INPUT_EVDEV=y
CONFIG_INPUT_KEYBOARD=y
CONFIG_KEYBOARD_ATKBD=y
CONFIG_INPUT_MOUSE=y
CONFIG_MOUSE_SERIAL=y
CONFIG_SERIO=y
CONFIG_SERIO_I8042=y
CONFIG_SERIO_SERPORT=y
CONFIG_SERIO_LIBPS2=y
CONFIG_SOUND_GAMEPORT=y
CONFIG_VT=y
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y
CONFIG_SERIAL_8250=y
CONFIG_SERIAL_8250_NR_UARTS=4
CONFIG_SERIAL_CORE=y
CONFIG_UNIX98_PTYS=y
CONFIG_RTC=y
CONFIG_AGP=y
CONFIG_AGP_INTEL=y
CONFIG_DRM=y
CONFIG_DRM_I915=y
CONFIG_HPET=y
CONFIG_I2C=y
CONFIG_I2C_SENSOR=y
CONFIG_SENSORS_IT87=y
CONFIG_FB=y
CONFIG_FB_CFB_FILLRECT=y
CONFIG_FB_CFB_COPYAREA=y
CONFIG_FB_CFB_IMAGEBLIT=y
CONFIG_FB_SOFT_CURSOR=y
CONFIG_FB_MODE_HELPERS=y
CONFIG_FB_TILEBLITTING=y
CONFIG_FB_INTEL=y
CONFIG_VGA_CONSOLE=y
CONFIG_DUMMY_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE=y
CONFIG_FONT_8x8=y
CONFIG_FONT_8x16=y
CONFIG_SOUND=m
CONFIG_SND=m
CONFIG_SND_TIMER=m
CONFIG_SND_PCM=m
CONFIG_SND_RTCTIMER=m
CONFIG_SND_AC97_CODEC=m
CONFIG_SND_INTEL8X0=m
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB=y
CONFIG_USB_UHCI_HCD=m
CONFIG_EXT2_FS=y
CONFIG_EXT3_FS=y
CONFIG_JBD=y
CONFIG_DNOTIFY=y
CONFIG_ISO9660_FS=m
CONFIG_JOLIET=y
CONFIG_PROC_FS=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
CONFIG_HUGETLBFS=y
CONFIG_HUGETLB_PAGE=y
CONFIG_RAMFS=y
CONFIG_CIFS=m
CONFIG_MSDOS_PARTITION=y
CONFIG_NLS=y
CONFIG_NLS_DEFAULT="utf8"
CONFIG_NLS_CODEPAGE_437=m
CONFIG_NLS_CODEPAGE_855=m
CONFIG_NLS_CODEPAGE_866=m
CONFIG_NLS_CODEPAGE_1251=m
CONFIG_NLS_ASCII=m
CONFIG_NLS_ISO8859_5=m
CONFIG_NLS_KOI8_R=m
CONFIG_NLS_UTF8=m
CONFIG_DEBUG_KERNEL=y
CONFIG_MAGIC_SYSRQ=y
CONFIG_LOG_BUF_SHIFT=17
CONFIG_DEBUG_PREEMPT=y
CONFIG_DEBUG_BUGVERBOSE=y
CONFIG_EARLY_PRINTK=y
CONFIG_4KSTACKS=y
CONFIG_CRC32=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_X86_BIOS_REBOOT=y
CONFIG_PC=y
[-- Attachment #3: dmesg_serio_interrupt_oops --]
[-- Type: text/plain, Size: 9529 bytes --]
Linux version 2.6.12-rc1-bk2 (ad@mipter.zuzino.mipt.ru) (gcc version 3.4.2 20041017 (Red Hat 3.4.2-6.fc3)) #7 Mon Mar 28 19:18:41 MSD 2005
BIOS-provided physical RAM map:
BIOS-e820: 0000000000000000 - 00000000000a0000 (usable)
BIOS-e820: 00000000000f0000 - 0000000000100000 (reserved)
BIOS-e820: 0000000000100000 - 000000001eff0000 (usable)
BIOS-e820: 000000001eff0000 - 000000001eff3000 (ACPI NVS)
BIOS-e820: 000000001eff3000 - 000000001f000000 (ACPI data)
BIOS-e820: 00000000fec00000 - 0000000100000000 (reserved)
495MB LOWMEM available.
On node 0 totalpages: 126960
DMA zone: 4096 pages, LIFO batch:1
Normal zone: 122864 pages, LIFO batch:16
HighMem zone: 0 pages, LIFO batch:1
DMI 2.3 present.
ACPI: RSDP (v000 GBT ) @ 0x000f6aa0
ACPI: RSDT (v001 GBT AWRDACPI 0x42302e31 AWRD 0x01010101) @ 0x1eff3000
ACPI: FADT (v001 GBT AWRDACPI 0x42302e31 AWRD 0x01010101) @ 0x1eff3040
ACPI: MADT (v001 GBT AWRDACPI 0x42302e31 AWRD 0x01010101) @ 0x1eff6fc0
ACPI: DSDT (v001 GBT AWRDACPI 0x00001000 MSFT 0x0100000c) @ 0x00000000
Allocating PCI resources starting at 1f000000 (gap: 1f000000:dfc00000)
Built 1 zonelists
Kernel command line: ro root=LABEL=/
Initializing CPU#0
CPU 0 irqstacks, hard=c037e000 soft=c037d000
PID hash table entries: 2048 (order: 11, 32768 bytes)
Detected 1818.229 MHz processor.
Using tsc for high-res timesource
Console: colour VGA+ 80x25
Dentry cache hash table entries: 65536 (order: 6, 262144 bytes)
Inode-cache hash table entries: 32768 (order: 5, 131072 bytes)
Memory: 499692k/507840k available (1649k kernel code, 7512k reserved, 747k data, 124k init, 0k highmem)
Checking if this processor honours the WP bit even in supervisor mode... Ok.
Calibrating delay loop... 3588.09 BogoMIPS (lpj=1794048)
Mount-cache hash table entries: 512
CPU: After generic identify, caps: 3febfbff 00000000 00000000 00000000 00000000 00000000 00000000
CPU: After vendor identify, caps: 3febfbff 00000000 00000000 00000000 00000000 00000000 00000000
CPU: Trace cache: 12K uops, L1 D cache: 8K
CPU: L2 cache: 256K
CPU: After all inits, caps: 3febfbff 00000000 00000000 00000080 00000000 00000000 00000000
Intel machine check architecture supported.
Intel machine check reporting enabled on CPU#0.
CPU0: Intel P4/Xeon Extended MCE MSRs (12) available
CPU: Intel(R) Pentium(R) 4 CPU 1.80GHz stepping 02
Enabling fast FPU save and restore... done.
Enabling unmasked SIMD FPU exception support... done.
Checking 'hlt' instruction... OK.
ACPI: setting ELCR to 0200 (from 1e20)
checking if image is initramfs... it is
Freeing initrd memory: 298k freed
NET: Registered protocol family 16
PCI: PCI BIOS revision 2.10 entry at 0xfb040, last bus=1
PCI: Using configuration type 1
mtrr: v2.0 (20020519)
ACPI: Subsystem revision 20050211
ACPI: Interpreter enabled
ACPI: Using PIC for interrupt routing
ACPI: PCI Root Bridge [PCI0] (00:00)
PCI: Probing PCI hardware (bus 00)
PCI: Ignoring BAR0-3 of IDE controller 0000:00:1f.1
PCI: Transparent bridge - 0000:00:1e.0
ACPI: PCI Interrupt Routing Table [\_SB_.PCI0._PRT]
ACPI: PCI Interrupt Routing Table [\_SB_.PCI0.HUB0._PRT]
ACPI: PCI Interrupt Link [LNKA] (IRQs 3 4 5 6 7 9 *10 11 12 14 15)
ACPI: PCI Interrupt Link [LNKB] (IRQs 3 4 5 6 7 9 10 11 *12 14 15)
ACPI: PCI Interrupt Link [LNKC] (IRQs 3 4 5 6 7 9 10 *11 12 14 15)
ACPI: PCI Interrupt Link [LNKD] (IRQs 3 4 5 6 7 *9 10 11 12 14 15)
ACPI: PCI Interrupt Link [LNKE] (IRQs 3 4 5 6 7 9 10 11 12 14 15) *0, disabled.
ACPI: PCI Interrupt Link [LNKF] (IRQs 3 4 5 6 7 9 10 11 12 14 15) *0, disabled.
ACPI: PCI Interrupt Link [LNK0] (IRQs 3 4 5 6 7 9 10 11 12 14 15) *0, disabled.
ACPI: PCI Interrupt Link [LNK1] (IRQs 3 4 *5 6 7 9 10 11 12 14 15)
Linux Plug and Play Support v0.97 (c) Adam Belay
pnp: PnP ACPI init
pnp: PnP ACPI: found 12 devices
usbcore: registered new driver hub
PCI: Using ACPI for IRQ routing
PCI: If a device doesn't work, try "pci=routeirq". If it helps, post a report
Machine check exception polling timer started.
Total HugeTLB memory allocated, 0
ACPI: Power Button (FF) [PWRF]
ACPI: Sleep Button (CM) [SLPB]
Real Time Clock Driver v1.12
Linux agpgart interface v0.101 (c) Dave Jones
agpgart: Detected an Intel 865 Chipset.
agpgart: Detected 16252K stolen memory.
agpgart: AGP aperture is 128M @ 0xf0000000
[drm] Initialized drm 1.0.0 20040925
ACPI: PCI Interrupt Link [LNKA] enabled at IRQ 10
PCI: setting IRQ 10 as level-triggered
ACPI: PCI interrupt 0000:00:02.0[A] -> GSI 10 (level, low) -> IRQ 10
[drm] Initialized i915 1.1.0 20040405 on minor 0: Intel Corporation 82865G Integrated Graphics Controller
intelfb: Framebuffer driver for Intel(R) 830M/845G/852GM/855GM/865G/915G chipsets
intelfb: Version 0.9.2
ACPI: PCI interrupt 0000:00:02.0[A] -> GSI 10 (level, low) -> IRQ 10
intelfb: 00:02.0: Intel(R) 865G, aperture size 128MB, stolen memory 16252kB
intelfb: Mode is interlaced.
intelfb: Initial video mode is 1024x768-32@70.
Console: switching to colour frame buffer device 128x48
PNP: PS/2 Controller [PNP0303:PS2K] at 0x60,0x64 irq 10
serio: i8042 KBD port at 0x60,0x64 irq 1
Serial: 8250/16550 driver $Revision: 1.90 $ 8 ports, IRQ sharing disabled
ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
ttyS0 at I/O 0x3f8 (irq = 4) is a 16550A
ttyS1 at I/O 0x2f8 (irq = 3) is a 16550A
io scheduler noop registered
io scheduler cfq registered
RAMDISK driver initialized: 16 RAM disks of 16384K size 1024 blocksize
8139too Fast Ethernet driver 0.9.27
ACPI: PCI Interrupt Link [LNKC] enabled at IRQ 11
PCI: setting IRQ 11 as level-triggered
ACPI: PCI interrupt 0000:01:04.0[A] -> GSI 11 (level, low) -> IRQ 11
eth0: RealTek RTL8139 at 0xa000, 00:80:48:2e:06:2e, IRQ 11
eth0: Identified 8139 chip type 'RTL-8100B/8139D'
Uniform Multi-Platform E-IDE driver Revision: 7.00alpha2
ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx
ICH5: IDE controller at PCI slot 0000:00:1f.1
ACPI: PCI interrupt 0000:00:1f.1[A] -> GSI 11 (level, low) -> IRQ 11
ICH5: chipset revision 2
ICH5: not 100% native mode: will probe irqs later
ide0: BM-DMA at 0xf000-0xf007, BIOS settings: hda:DMA, hdb:pio
ide1: BM-DMA at 0xf008-0xf00f, BIOS settings: hdc:DMA, hdd:pio
Probing IDE interface ide0...
hda: WDC WD400LB-07DNA2, ATA DISK drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
Probing IDE interface ide1...
hdc: SONY CD-RW CRX230E, ATAPI CD/DVD-ROM drive
ide1 at 0x170-0x177,0x376 on irq 15
Probing IDE interface ide2...
Probing IDE interface ide3...
Probing IDE interface ide4...
Probing IDE interface ide5...
hda: max request size: 1024KiB
hda: 78165360 sectors (40020 MB) w/2048KiB Cache, CHS=16383/255/63, UDMA(100)
hda: cache flushes supported
hda: hda1 hda2
hdc: ATAPI 52X CD-ROM CD-R/RW drive, 2048kB Cache, UDMA(33)
Uniform CD-ROM driver Revision: 3.20
mice: PS/2 mouse device common for all mice
it87: Found IT8712F chip at 0x290, revision 5
NET: Registered protocol family 2
IP: routing cache hash table of 4096 buckets, 32Kbytes
TCP established hash table entries: 16384 (order: 5, 131072 bytes)
TCP bind hash table entries: 16384 (order: 4, 65536 bytes)
TCP: Hash tables configured (established 16384 bind 16384)
NET: Registered protocol family 1
NET: Registered protocol family 17
Freeing unused kernel memory: 124k freed
input: AT Translated Set 2 keyboard on isa0060/serio0
kjournald starting. Commit interval 5 seconds
EXT3-fs: mounted filesystem with ordered data mode.
Floppy drive(s): fd0 is 1.44M
FDC 0 is a post-1991 82077
ACPI: PCI Interrupt Link [LNKB] enabled at IRQ 12
PCI: setting IRQ 12 as level-triggered
ACPI: PCI interrupt 0000:00:1f.5[B] -> GSI 12 (level, low) -> IRQ 12
PCI: Setting latency timer of device 0000:00:1f.5 to 64
intel8x0_measure_ac97_clock: measured 49504 usecs
intel8x0: clocking to 48000
USB Universal Host Controller Interface driver v2.2
ACPI: PCI interrupt 0000:00:1d.0[A] -> GSI 10 (level, low) -> IRQ 10
PCI: Setting latency timer of device 0000:00:1d.0 to 64
uhci_hcd 0000:00:1d.0: Intel Corporation 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #1
uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1
uhci_hcd 0000:00:1d.0: irq 10, io base 0x0000b000
hub 1-0:1.0: USB hub found
hub 1-0:1.0: 2 ports detected
ACPI: PCI Interrupt Link [LNKD] enabled at IRQ 9
PCI: setting IRQ 9 as level-triggered
ACPI: PCI interrupt 0000:00:1d.1[B] -> GSI 9 (level, low) -> IRQ 9
PCI: Setting latency timer of device 0000:00:1d.1 to 64
uhci_hcd 0000:00:1d.1: Intel Corporation 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #2
uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2
uhci_hcd 0000:00:1d.1: irq 9, io base 0x0000b400
hub 2-0:1.0: USB hub found
hub 2-0:1.0: 2 ports detected
ACPI: PCI interrupt 0000:00:1d.2[C] -> GSI 11 (level, low) -> IRQ 11
PCI: Setting latency timer of device 0000:00:1d.2 to 64
uhci_hcd 0000:00:1d.2: Intel Corporation 82801EB/ER (ICH5/ICH5R) USB UHCI #3
uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3
uhci_hcd 0000:00:1d.2: irq 11, io base 0x0000b800
hub 3-0:1.0: USB hub found
hub 3-0:1.0: 2 ports detected
ACPI: PCI interrupt 0000:00:1d.3[A] -> GSI 10 (level, low) -> IRQ 10
PCI: Setting latency timer of device 0000:00:1d.3 to 64
uhci_hcd 0000:00:1d.3: Intel Corporation 82801EB/ER (ICH5/ICH5R) USB UHCI Controller #4
uhci_hcd 0000:00:1d.3: new USB bus registered, assigned bus number 4
uhci_hcd 0000:00:1d.3: irq 10, io base 0x0000bc00
hub 4-0:1.0: USB hub found
hub 4-0:1.0: 2 ports detected
EXT3 FS on hda1, internal journal
Adding 618492k swap on /dev/hda2. Priority:-1 extents:1
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-28 17:26 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt Alexey Dobriyan
@ 2005-03-29 6:27 ` Dmitry Torokhov
2005-03-29 17:28 ` Alexey Dobriyan
0 siblings, 1 reply; 9+ messages in thread
From: Dmitry Torokhov @ 2005-03-29 6:27 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, Vojtech Pavlik
On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> Steps to reproduce for me:
> * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> * Start rebooting
> * Start moving serial mouse (I have Genius NetMouse Pro)
> * Right after gpm is shut down I see the oops
> * The system continues to reboot
>
Could you try the patch below, please? Thanks!
--
Dmitry
===================================================================
Input: serport - fix an Oops when closing port - should not call
serio_interrupt when serio port is being unregistered.
Signed-off-by: Dmitry Torokhov <dtor@mail.ru>
serport.c | 40 ++++++++++++++++++++++++++++++++++++++--
1 files changed, 38 insertions(+), 2 deletions(-)
Index: dtor/drivers/input/serio/serport.c
===================================================================
--- dtor.orig/drivers/input/serio/serport.c
+++ dtor/drivers/input/serio/serport.c
@@ -27,11 +27,14 @@ MODULE_LICENSE("GPL");
MODULE_ALIAS_LDISC(N_MOUSE);
#define SERPORT_BUSY 1
+#define SERPORT_ACTIVE 2
+#define SERPORT_DEAD 3
struct serport {
struct tty_struct *tty;
wait_queue_head_t wait;
struct serio *serio;
+ spinlock_t lock;
unsigned long flags;
};
@@ -49,10 +52,31 @@ static void serport_serio_close(struct s
{
struct serport *serport = serio->port_data;
- serport->serio->id.type = 0;
+ set_bit(SERPORT_DEAD, &serport->flags);
wake_up_interruptible(&serport->wait);
}
+static int serport_serio_start(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+
+ spin_lock(&serport->lock);
+ set_bit(SERPORT_ACTIVE, &serport->flags);
+ spin_unlock(&serport->lock);
+
+ return 0;
+}
+
+static void serport_serio_stop(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+
+ spin_lock(&serport->lock);
+ clear_bit(SERPORT_ACTIVE, &serport->flags);
+ serport->serio = NULL;
+ spin_unlock(&serport->lock);
+}
+
/*
* serport_ldisc_open() is the routine that is called upon setting our line
* discipline on a tty. It prepares the serio struct.
@@ -79,6 +103,7 @@ static int serport_ldisc_open(struct tty
serport->serio = serio;
set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
serport->tty = tty;
+ spin_lock_init(&serport->lock);
tty->disc_data = serport;
memset(serio, 0, sizeof(struct serio));
@@ -87,6 +112,8 @@ static int serport_ldisc_open(struct tty
serio->id.type = SERIO_RS232;
serio->write = serport_serio_write;
serio->close = serport_serio_close;
+ serio->start = serport_serio_start;
+ serio->stop = serport_serio_stop;
serio->port_data = serport;
init_waitqueue_head(&serport->wait);
@@ -117,8 +144,17 @@ static void serport_ldisc_receive(struct
{
struct serport *serport = (struct serport*) tty->disc_data;
int i;
+
+ spin_lock(&serport->lock);
+
+ if (!test_bit(SERPORT_ACTIVE, &serport->flags))
+ goto out;
+
for (i = 0; i < count; i++)
serio_interrupt(serport->serio, cp[i], 0, NULL);
+
+out:
+ spin_unlock(&serport->lock);
}
/*
@@ -148,7 +184,7 @@ static ssize_t serport_ldisc_read(struct
serio_register_port(serport->serio);
printk(KERN_INFO "serio: Serial port %s\n", tty_name(tty, name));
- wait_event_interruptible(serport->wait, !serport->serio->id.type);
+ wait_event_interruptible(serport->wait, test_bit(SERPORT_DEAD, &serport->flags));
serio_unregister_port(serport->serio);
clear_bit(SERPORT_BUSY, &serport->flags);
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-29 6:27 ` Dmitry Torokhov
@ 2005-03-29 17:28 ` Alexey Dobriyan
2005-03-29 19:02 ` Dmitry Torokhov
0 siblings, 1 reply; 9+ messages in thread
From: Alexey Dobriyan @ 2005-03-29 17:28 UTC (permalink / raw)
To: Dmitry Torokhov; +Cc: linux-kernel, Vojtech Pavlik
On Tuesday 29 March 2005 10:27, Dmitry Torokhov wrote:
> On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> > Steps to reproduce for me:
> > * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> > * Start rebooting
> > * Start moving serial mouse (I have Genius NetMouse Pro)
> > * Right after gpm is shut down I see the oops
> > * The system continues to reboot
>
> Could you try the patch below, please? Thanks!
> Input: serport - fix an Oops when closing port - should not call
> serio_interrupt when serio port is being unregistered.
Doesn't work, sorry. Even worse: rebooting now also produces many pages of
oopsen, then hang the system. I'm willing to test any new patches.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-29 17:28 ` Alexey Dobriyan
@ 2005-03-29 19:02 ` Dmitry Torokhov
2005-03-29 19:49 ` Alexey Dobriyan
0 siblings, 1 reply; 9+ messages in thread
From: Dmitry Torokhov @ 2005-03-29 19:02 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, Vojtech Pavlik
On Tue, 29 Mar 2005 21:28:20 +0400, Alexey Dobriyan <adobriyan@mail.ru> wrote:
> On Tuesday 29 March 2005 10:27, Dmitry Torokhov wrote:
> > On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> > > Steps to reproduce for me:
> > > * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> > > * Start rebooting
> > > * Start moving serial mouse (I have Genius NetMouse Pro)
> > > * Right after gpm is shut down I see the oops
> > > * The system continues to reboot
> >
> > Could you try the patch below, please? Thanks!
>
> > Input: serport - fix an Oops when closing port - should not call
> > serio_interrupt when serio port is being unregistered.
>
> Doesn't work, sorry. Even worse: rebooting now also produces many pages of
> oopsen, then hang the system. I'm willing to test any new patches.
>
Does it oops at the same place with this patch or at some other place?
Btw, what happen if you try to kill inputattach or GPM or both without
rebooting?
--
Dmitry
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-29 19:02 ` Dmitry Torokhov
@ 2005-03-29 19:49 ` Alexey Dobriyan
2005-03-29 20:20 ` Dmitry Torokhov
2005-03-30 6:30 ` Dmitry Torokhov
0 siblings, 2 replies; 9+ messages in thread
From: Alexey Dobriyan @ 2005-03-29 19:49 UTC (permalink / raw)
To: dtor_core; +Cc: linux-kernel, Vojtech Pavlik
On Tuesday 29 March 2005 23:02, Dmitry Torokhov wrote:
> On Tue, 29 Mar 2005 21:28:20 +0400, Alexey Dobriyan <adobriyan@mail.ru> wrote:
> > On Tuesday 29 March 2005 10:27, Dmitry Torokhov wrote:
> > > On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> > > > Steps to reproduce for me:
> > > > * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> > > > * Start rebooting
> > > > * Start moving serial mouse (I have Genius NetMouse Pro)
> > > > * Right after gpm is shut down I see the oops
> > > > * The system continues to reboot
> > >
> > > Could you try the patch below, please? Thanks!
> >
> > > Input: serport - fix an Oops when closing port - should not call
> > > serio_interrupt when serio port is being unregistered.
> >
> > Doesn't work, sorry. Even worse: rebooting now also produces many pages of
> > oopsen, then hang the system. I'm willing to test any new patches.
>
> Does it oops at the same place with this patch or at some other place?
I manage to find this in the logs (nothing more :-( ):
============================================================================
Unable to handle kernel NULL pointer dereference at virtual address 00000068
printing eip:
c0202947
*pde = 00000000
Oops: 0000 [#1]
PREEMPT
Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
CPU: 0
EIP: 0060:[<c0202947>] Not tainted VLI
EFLAGS: 00010282 (2.6.12-rc1-bk2-serio)
============================================================================
According to vmlinux, c0202947 is at:
c020293e <serport_ldisc_write_wakeup>:
c020293e: 8b 80 78 09 00 00 mov 0x978(%eax),%eax
c0202944: 8b 40 0c mov 0xc(%eax),%eax
c0202947: 8b 50 68 mov 0x68(%eax),%edx <<<<====
c020294a: 85 d2 test %edx,%edx
c020294c: 74 07 je c0202955 <serport_ldisc_write_wakeup+0x17>
c020294e: 8b 52 10 mov 0x10(%edx),%edx
c0202951: 85 d2 test %edx,%edx
c0202953: 75 01 jne c0202956 <serport_ldisc_write_wakeup+0x18>
c0202955: c3 ret
c0202956: ff d2 call *%edx
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-29 19:49 ` Alexey Dobriyan
@ 2005-03-29 20:20 ` Dmitry Torokhov
2005-03-30 6:30 ` Dmitry Torokhov
1 sibling, 0 replies; 9+ messages in thread
From: Dmitry Torokhov @ 2005-03-29 20:20 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, Vojtech Pavlik
On Tue, 29 Mar 2005 23:49:55 +0400, Alexey Dobriyan <adobriyan@mail.ru> wrote:
> On Tuesday 29 March 2005 23:02, Dmitry Torokhov wrote:
> > On Tue, 29 Mar 2005 21:28:20 +0400, Alexey Dobriyan <adobriyan@mail.ru> wrote:
> > > On Tuesday 29 March 2005 10:27, Dmitry Torokhov wrote:
> > > > On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> > > > > Steps to reproduce for me:
> > > > > * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> > > > > * Start rebooting
> > > > > * Start moving serial mouse (I have Genius NetMouse Pro)
> > > > > * Right after gpm is shut down I see the oops
> > > > > * The system continues to reboot
> > > >
> > > > Could you try the patch below, please? Thanks!
> > >
> > > > Input: serport - fix an Oops when closing port - should not call
> > > > serio_interrupt when serio port is being unregistered.
> > >
> > > Doesn't work, sorry. Even worse: rebooting now also produces many pages of
> > > oopsen, then hang the system. I'm willing to test any new patches.
> >
> > Does it oops at the same place with this patch or at some other place?
>
> I manage to find this in the logs (nothing more :-( ):
> ============================================================================
> Unable to handle kernel NULL pointer dereference at virtual address 00000068
> printing eip:
> c0202947
> *pde = 00000000
> Oops: 0000 [#1]
> PREEMPT
> Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
> CPU: 0
> EIP: 0060:[<c0202947>] Not tainted VLI
> EFLAGS: 00010282 (2.6.12-rc1-bk2-serio)
> ============================================================================
> According to vmlinux, c0202947 is at:
>
> c020293e <serport_ldisc_write_wakeup>:
Ok, I have seen this OOPS before - it is a bit different scenario and
I am trying to look into it.
--
Dmitry
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-29 19:49 ` Alexey Dobriyan
2005-03-29 20:20 ` Dmitry Torokhov
@ 2005-03-30 6:30 ` Dmitry Torokhov
2005-03-30 9:14 ` Alexey Dobriyan
1 sibling, 1 reply; 9+ messages in thread
From: Dmitry Torokhov @ 2005-03-30 6:30 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, Vojtech Pavlik
On Tuesday 29 March 2005 14:49, Alexey Dobriyan wrote:
> On Tuesday 29 March 2005 23:02, Dmitry Torokhov wrote:
> > On Tue, 29 Mar 2005 21:28:20 +0400, Alexey Dobriyan <adobriyan@mail.ru> wrote:
> > > On Tuesday 29 March 2005 10:27, Dmitry Torokhov wrote:
> > > > On Monday 28 March 2005 12:26, Alexey Dobriyan wrote:
> > > > > Steps to reproduce for me:
> > > > > * Boot CONFIG_PREEMPT_BKL=y kernel (.config, dmesg are attached)
> > > > > * Start rebooting
> > > > > * Start moving serial mouse (I have Genius NetMouse Pro)
> > > > > * Right after gpm is shut down I see the oops
> > > > > * The system continues to reboot
> > > >
> > > > Could you try the patch below, please? Thanks!
> > >
> > > > Input: serport - fix an Oops when closing port - should not call
> > > > serio_interrupt when serio port is being unregistered.
> > >
> > > Doesn't work, sorry. Even worse: rebooting now also produces many pages of
> > > oopsen, then hang the system. I'm willing to test any new patches.
> >
> > Does it oops at the same place with this patch or at some other place?
>
> I manage to find this in the logs (nothing more :-( ):
> ============================================================================
> Unable to handle kernel NULL pointer dereference at virtual address 00000068
> printing eip:
> c0202947
> *pde = 00000000
> Oops: 0000 [#1]
> PREEMPT
> Modules linked in: ipt_REJECT ipt_state ip_conntrack iptable_filter ip_tables binfmt_misc uhci_hcd snd_intel8x0 snd_ac97_codec snd_pcm snd_timer snd soundcore snd_page_alloc floppy
> CPU: 0
> EIP: 0060:[<c0202947>] Not tainted VLI
> EFLAGS: 00010282 (2.6.12-rc1-bk2-serio)
> ============================================================================
> According to vmlinux, c0202947 is at:
>
> c020293e <serport_ldisc_write_wakeup>:
Could you please try this one instead? Thanks!
--
Dmitry
serport.c | 98 +++++++++++++++++++++++++++++++++++++++++++-------------------
1 files changed, 68 insertions(+), 30 deletions(-)
Index: dtor/drivers/input/serio/serport.c
===================================================================
--- dtor.orig/drivers/input/serio/serport.c
+++ dtor/drivers/input/serio/serport.c
@@ -27,11 +27,15 @@ MODULE_LICENSE("GPL");
MODULE_ALIAS_LDISC(N_MOUSE);
#define SERPORT_BUSY 1
+#define SERPORT_ACTIVE 2
+#define SERPORT_DEAD 3
struct serport {
struct tty_struct *tty;
wait_queue_head_t wait;
struct serio *serio;
+ struct serio_device_id id;
+ spinlock_t lock;
unsigned long flags;
};
@@ -45,11 +49,29 @@ static int serport_serio_write(struct se
return -(serport->tty->driver->write(serport->tty, &data, 1) != 1);
}
+static int serport_serio_open(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+ unsigned long flags;
+
+ spin_lock_irqsave(&serport->lock, flags);
+ set_bit(SERPORT_ACTIVE, &serport->flags);
+ spin_unlock_irqrestore(&serport->lock, flags);
+
+ return 0;
+}
+
+
static void serport_serio_close(struct serio *serio)
{
struct serport *serport = serio->port_data;
+ unsigned long flags;
+
+ spin_lock_irqsave(&serport->lock, flags);
+ clear_bit(SERPORT_ACTIVE, &serport->flags);
+ set_bit(SERPORT_DEAD, &serport->flags);
+ spin_unlock_irqrestore(&serport->lock, flags);
- serport->serio->id.type = 0;
wake_up_interruptible(&serport->wait);
}
@@ -61,36 +83,21 @@ static void serport_serio_close(struct s
static int serport_ldisc_open(struct tty_struct *tty)
{
struct serport *serport;
- struct serio *serio;
- char name[64];
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
- serport = kmalloc(sizeof(struct serport), GFP_KERNEL);
- serio = kmalloc(sizeof(struct serio), GFP_KERNEL);
- if (unlikely(!serport || !serio)) {
- kfree(serport);
- kfree(serio);
+ serport = kcalloc(1, sizeof(struct serport), GFP_KERNEL);
+ if (!serport)
return -ENOMEM;
- }
- memset(serport, 0, sizeof(struct serport));
- serport->serio = serio;
- set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
serport->tty = tty;
- tty->disc_data = serport;
-
- memset(serio, 0, sizeof(struct serio));
- strlcpy(serio->name, "Serial port", sizeof(serio->name));
- snprintf(serio->phys, sizeof(serio->phys), "%s/serio0", tty_name(tty, name));
- serio->id.type = SERIO_RS232;
- serio->write = serport_serio_write;
- serio->close = serport_serio_close;
- serio->port_data = serport;
-
+ spin_lock_init(&serport->lock);
init_waitqueue_head(&serport->wait);
+ tty->disc_data = serport;
+ set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
+
return 0;
}
@@ -100,7 +107,8 @@ static int serport_ldisc_open(struct tty
static void serport_ldisc_close(struct tty_struct *tty)
{
- struct serport *serport = (struct serport*) tty->disc_data;
+ struct serport *serport = (struct serport *) tty->disc_data;
+
kfree(serport);
}
@@ -116,9 +124,19 @@ static void serport_ldisc_close(struct t
static void serport_ldisc_receive(struct tty_struct *tty, const unsigned char *cp, char *fp, int count)
{
struct serport *serport = (struct serport*) tty->disc_data;
+ unsigned long flags;
int i;
+
+ spin_lock_irqsave(&serport->lock, flags);
+
+ if (!test_bit(SERPORT_ACTIVE, &serport->flags))
+ goto out;
+
for (i = 0; i < count; i++)
serio_interrupt(serport->serio, cp[i], 0, NULL);
+
+out:
+ spin_unlock_irqrestore(&serport->lock, flags);
}
/*
@@ -141,16 +159,33 @@ static int serport_ldisc_room(struct tty
static ssize_t serport_ldisc_read(struct tty_struct * tty, struct file * file, unsigned char __user * buf, size_t nr)
{
struct serport *serport = (struct serport*) tty->disc_data;
+ struct serio *serio;
char name[64];
if (test_and_set_bit(SERPORT_BUSY, &serport->flags))
return -EBUSY;
+ serport->serio = serio = kcalloc(1, sizeof(struct serio), GFP_KERNEL);
+ if (!serio)
+ return -ENOMEM;
+
+ strlcpy(serio->name, "Serial port", sizeof(serio->name));
+ snprintf(serio->phys, sizeof(serio->phys), "%s/serio0", tty_name(tty, name));
+ serio->id = serport->id;
+ serio->id.type = SERIO_RS232;
+ serio->write = serport_serio_write;
+ serio->open = serport_serio_open;
+ serio->close = serport_serio_close;
+ serio->port_data = serport;
+
serio_register_port(serport->serio);
printk(KERN_INFO "serio: Serial port %s\n", tty_name(tty, name));
- wait_event_interruptible(serport->wait, !serport->serio->id.type);
+
+ wait_event_interruptible(serport->wait, test_bit(SERPORT_DEAD, &serport->flags));
serio_unregister_port(serport->serio);
+ serport->serio = NULL;
+ clear_bit(SERPORT_DEAD, &serport->flags);
clear_bit(SERPORT_BUSY, &serport->flags);
return 0;
@@ -163,16 +198,15 @@ static ssize_t serport_ldisc_read(struct
static int serport_ldisc_ioctl(struct tty_struct * tty, struct file * file, unsigned int cmd, unsigned long arg)
{
struct serport *serport = (struct serport*) tty->disc_data;
- struct serio *serio = serport->serio;
unsigned long type;
if (cmd == SPIOCSTYPE) {
if (get_user(type, (unsigned long __user *) arg))
return -EFAULT;
- serio->id.proto = type & 0x000000ff;
- serio->id.id = (type & 0x0000ff00) >> 8;
- serio->id.extra = (type & 0x00ff0000) >> 16;
+ serport->id.proto = type & 0x000000ff;
+ serport->id.id = (type & 0x0000ff00) >> 8;
+ serport->id.extra = (type & 0x00ff0000) >> 16;
return 0;
}
@@ -182,9 +216,13 @@ static int serport_ldisc_ioctl(struct tt
static void serport_ldisc_write_wakeup(struct tty_struct * tty)
{
- struct serport *sp = (struct serport *) tty->disc_data;
+ struct serport *serport = (struct serport *) tty->disc_data;
+ unsigned long flags;
- serio_drv_write_wakeup(sp->serio);
+ spin_lock_irqsave(&serport->lock, flags);
+ if (!test_bit(SERPORT_ACTIVE, &serport->flags))
+ serio_drv_write_wakeup(serport->serio);
+ spin_unlock_irqrestore(&serport->lock, flags);
}
/*
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-30 6:30 ` Dmitry Torokhov
@ 2005-03-30 9:14 ` Alexey Dobriyan
2005-03-30 18:35 ` Dmitry Torokhov
0 siblings, 1 reply; 9+ messages in thread
From: Alexey Dobriyan @ 2005-03-30 9:14 UTC (permalink / raw)
To: Dmitry Torokhov; +Cc: linux-kernel, Vojtech Pavlik
On Wednesday 30 March 2005 10:30, Dmitry Torokhov wrote:
> On Tuesday 29 March 2005 14:49, Alexey Dobriyan wrote:
> > According to vmlinux, c0202947 is at:
> >
> > c020293e <serport_ldisc_write_wakeup>:
>
> Could you please try this one instead? Thanks!
Still dies in serport_ldisc_write_wakeup (doesn't matter how to trigger)
via:
Unable to handle kernel NULL pointer dereference at virtual address 00000068
EIP: c020294f
tty_wakeup
uart_close
wait_for_completion
release_dev
If you want me to be more specific, wait until I figure out how to print
only parts of oops (to fit them on console).
============================================================================
c0202930 <serport_ldisc_write_wakeup>:
c0202930: push %esi
c0202931: push %ebx
c0202932: mov 0x978(%eax),%ebx
c0202938: pushf
c0202939: pop %esi
c020293a: cli
c020293b: mov $0x1,%eax
c0202940: call c010ecaf <add_preempt_count>
c0202945: mov 0x14(%ebx),%eax
c0202948: test $0x4,%al
c020294a: jne c0202956 <serport_ldisc_write_wakeup+0x26>
c020294c: mov 0xc(%ebx),%eax
c020294f: ==>> mov 0x68(%eax),%edx <<==
c0202952: test %edx,%edx
c0202954: jne c0202973 <serport_ldisc_write_wakeup+0x43>
c0202956: push %esi
c0202957: popf
c0202958: mov $0x1,%eax
c020295d: call c010ece1 <sub_preempt_count>
c0202962: mov $0xfffff000,%eax
c0202967: and %esp,%eax
c0202969: mov 0x8(%eax),%eax
c020296c: test $0x8,%al
c020296e: jne c0202984 <serport_ldisc_write_wakeup+0x54>
c0202970: pop %ebx
c0202971: pop %esi
c0202972: ret
c0202973: mov 0x10(%edx),%edx
c0202976: test %edx,%edx
c0202978: je c0202956 <serport_ldisc_write_wakeup+0x26>
c020297a: lea 0x0(%esi),%esi
c0202980: call *%edx
c0202982: jmp c0202956 <serport_ldisc_write_wakeup+0x26>
c0202984: pop %ebx
c0202985: pop %esi
c0202986: jmp c029ad16 <preempt_schedule>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt
2005-03-30 9:14 ` Alexey Dobriyan
@ 2005-03-30 18:35 ` Dmitry Torokhov
0 siblings, 0 replies; 9+ messages in thread
From: Dmitry Torokhov @ 2005-03-30 18:35 UTC (permalink / raw)
To: Alexey Dobriyan; +Cc: linux-kernel, Vojtech Pavlik
On Wednesday 30 March 2005 04:14, Alexey Dobriyan wrote:
> On Wednesday 30 March 2005 10:30, Dmitry Torokhov wrote:
> > On Tuesday 29 March 2005 14:49, Alexey Dobriyan wrote:
> > > According to vmlinux, c0202947 is at:
> > >
> > > c020293e <serport_ldisc_write_wakeup>:
> >
> > Could you please try this one instead? Thanks!
>
> Still dies in serport_ldisc_write_wakeup (doesn't matter how to trigger)
> via:
>
> Unable to handle kernel NULL pointer dereference at virtual address 00000068
> EIP: c020294f
> tty_wakeup
> uart_close
> wait_for_completion
> release_dev
>
Doh! What a silly typo:
> + if (!test_bit(SERPORT_ACTIVE, &serport->flags))
> + serio_drv_write_wakeup(serport->serio);
should be "if (test_bit(...))". Oh well, 3rd time is a charm.
--
Dmitry
serport.c | 98 +++++++++++++++++++++++++++++++++++++++++++-------------------
1 files changed, 68 insertions(+), 30 deletions(-)
Index: dtor/drivers/input/serio/serport.c
===================================================================
--- dtor.orig/drivers/input/serio/serport.c
+++ dtor/drivers/input/serio/serport.c
@@ -27,11 +27,15 @@ MODULE_LICENSE("GPL");
MODULE_ALIAS_LDISC(N_MOUSE);
#define SERPORT_BUSY 1
+#define SERPORT_ACTIVE 2
+#define SERPORT_DEAD 3
struct serport {
struct tty_struct *tty;
wait_queue_head_t wait;
struct serio *serio;
+ struct serio_device_id id;
+ spinlock_t lock;
unsigned long flags;
};
@@ -45,11 +49,29 @@ static int serport_serio_write(struct se
return -(serport->tty->driver->write(serport->tty, &data, 1) != 1);
}
+static int serport_serio_open(struct serio *serio)
+{
+ struct serport *serport = serio->port_data;
+ unsigned long flags;
+
+ spin_lock_irqsave(&serport->lock, flags);
+ set_bit(SERPORT_ACTIVE, &serport->flags);
+ spin_unlock_irqrestore(&serport->lock, flags);
+
+ return 0;
+}
+
+
static void serport_serio_close(struct serio *serio)
{
struct serport *serport = serio->port_data;
+ unsigned long flags;
+
+ spin_lock_irqsave(&serport->lock, flags);
+ clear_bit(SERPORT_ACTIVE, &serport->flags);
+ set_bit(SERPORT_DEAD, &serport->flags);
+ spin_unlock_irqrestore(&serport->lock, flags);
- serport->serio->id.type = 0;
wake_up_interruptible(&serport->wait);
}
@@ -61,36 +83,21 @@ static void serport_serio_close(struct s
static int serport_ldisc_open(struct tty_struct *tty)
{
struct serport *serport;
- struct serio *serio;
- char name[64];
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
- serport = kmalloc(sizeof(struct serport), GFP_KERNEL);
- serio = kmalloc(sizeof(struct serio), GFP_KERNEL);
- if (unlikely(!serport || !serio)) {
- kfree(serport);
- kfree(serio);
+ serport = kcalloc(1, sizeof(struct serport), GFP_KERNEL);
+ if (!serport)
return -ENOMEM;
- }
- memset(serport, 0, sizeof(struct serport));
- serport->serio = serio;
- set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
serport->tty = tty;
- tty->disc_data = serport;
-
- memset(serio, 0, sizeof(struct serio));
- strlcpy(serio->name, "Serial port", sizeof(serio->name));
- snprintf(serio->phys, sizeof(serio->phys), "%s/serio0", tty_name(tty, name));
- serio->id.type = SERIO_RS232;
- serio->write = serport_serio_write;
- serio->close = serport_serio_close;
- serio->port_data = serport;
-
+ spin_lock_init(&serport->lock);
init_waitqueue_head(&serport->wait);
+ tty->disc_data = serport;
+ set_bit(TTY_DO_WRITE_WAKEUP, &tty->flags);
+
return 0;
}
@@ -100,7 +107,8 @@ static int serport_ldisc_open(struct tty
static void serport_ldisc_close(struct tty_struct *tty)
{
- struct serport *serport = (struct serport*) tty->disc_data;
+ struct serport *serport = (struct serport *) tty->disc_data;
+
kfree(serport);
}
@@ -116,9 +124,19 @@ static void serport_ldisc_close(struct t
static void serport_ldisc_receive(struct tty_struct *tty, const unsigned char *cp, char *fp, int count)
{
struct serport *serport = (struct serport*) tty->disc_data;
+ unsigned long flags;
int i;
+
+ spin_lock_irqsave(&serport->lock, flags);
+
+ if (!test_bit(SERPORT_ACTIVE, &serport->flags))
+ goto out;
+
for (i = 0; i < count; i++)
serio_interrupt(serport->serio, cp[i], 0, NULL);
+
+out:
+ spin_unlock_irqrestore(&serport->lock, flags);
}
/*
@@ -141,16 +159,33 @@ static int serport_ldisc_room(struct tty
static ssize_t serport_ldisc_read(struct tty_struct * tty, struct file * file, unsigned char __user * buf, size_t nr)
{
struct serport *serport = (struct serport*) tty->disc_data;
+ struct serio *serio;
char name[64];
if (test_and_set_bit(SERPORT_BUSY, &serport->flags))
return -EBUSY;
+ serport->serio = serio = kcalloc(1, sizeof(struct serio), GFP_KERNEL);
+ if (!serio)
+ return -ENOMEM;
+
+ strlcpy(serio->name, "Serial port", sizeof(serio->name));
+ snprintf(serio->phys, sizeof(serio->phys), "%s/serio0", tty_name(tty, name));
+ serio->id = serport->id;
+ serio->id.type = SERIO_RS232;
+ serio->write = serport_serio_write;
+ serio->open = serport_serio_open;
+ serio->close = serport_serio_close;
+ serio->port_data = serport;
+
serio_register_port(serport->serio);
printk(KERN_INFO "serio: Serial port %s\n", tty_name(tty, name));
- wait_event_interruptible(serport->wait, !serport->serio->id.type);
+
+ wait_event_interruptible(serport->wait, test_bit(SERPORT_DEAD, &serport->flags));
serio_unregister_port(serport->serio);
+ serport->serio = NULL;
+ clear_bit(SERPORT_DEAD, &serport->flags);
clear_bit(SERPORT_BUSY, &serport->flags);
return 0;
@@ -163,16 +198,15 @@ static ssize_t serport_ldisc_read(struct
static int serport_ldisc_ioctl(struct tty_struct * tty, struct file * file, unsigned int cmd, unsigned long arg)
{
struct serport *serport = (struct serport*) tty->disc_data;
- struct serio *serio = serport->serio;
unsigned long type;
if (cmd == SPIOCSTYPE) {
if (get_user(type, (unsigned long __user *) arg))
return -EFAULT;
- serio->id.proto = type & 0x000000ff;
- serio->id.id = (type & 0x0000ff00) >> 8;
- serio->id.extra = (type & 0x00ff0000) >> 16;
+ serport->id.proto = type & 0x000000ff;
+ serport->id.id = (type & 0x0000ff00) >> 8;
+ serport->id.extra = (type & 0x00ff0000) >> 16;
return 0;
}
@@ -182,9 +216,13 @@ static int serport_ldisc_ioctl(struct tt
static void serport_ldisc_write_wakeup(struct tty_struct * tty)
{
- struct serport *sp = (struct serport *) tty->disc_data;
+ struct serport *serport = (struct serport *) tty->disc_data;
+ unsigned long flags;
- serio_drv_write_wakeup(sp->serio);
+ spin_lock_irqsave(&serport->lock, flags);
+ if (test_bit(SERPORT_ACTIVE, &serport->flags))
+ serio_drv_write_wakeup(serport->serio);
+ spin_unlock_irqrestore(&serport->lock, flags);
}
/*
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2005-03-30 18:38 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-03-28 17:26 2.6.12-rc1-bk2+PREEMPT_BKL: Oops at serio_interrupt Alexey Dobriyan
2005-03-29 6:27 ` Dmitry Torokhov
2005-03-29 17:28 ` Alexey Dobriyan
2005-03-29 19:02 ` Dmitry Torokhov
2005-03-29 19:49 ` Alexey Dobriyan
2005-03-29 20:20 ` Dmitry Torokhov
2005-03-30 6:30 ` Dmitry Torokhov
2005-03-30 9:14 ` Alexey Dobriyan
2005-03-30 18:35 ` Dmitry Torokhov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox