* Re: mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() [not found] ` <200906050007.13507.psoting@blx4.net> @ 2009-06-05 2:59 ` Andrew Morton 2009-06-05 10:01 ` Karsten Keil 0 siblings, 1 reply; 4+ messages in thread From: Andrew Morton @ 2009-06-05 2:59 UTC (permalink / raw) To: Mathias Kretschmer; +Cc: linux-kernel, isdn, netdev (cc's added) On Fri, 5 Jun 2009 00:07:12 +0200 Mathias Kretschmer <psoting@blx4.net> wrote: > Hi *, > > the following pops up from time to time when I place a call (might also > happened on incoming calls). > > machine is an AMD K8 dual core running a x86_64 2.6.29.4-grsec kernel. > > please, let me know if you need more details. > > cheers, > > Mathias > > [88563.318126] ------------[ cut here ]------------ > [88563.318129] WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() > [88563.318130] Hardware name: empty > [88563.318132] Modules linked in: usbtouchscreen dvb_usb_cinergyT2 dummy > bonding snd_emu10k1 snd_rawmidi snd_ac97_codec ath9k ac97_bus snd_pcm > snd_page_alloc snd_util_mem forcedeth snd_hwdep > [88563.318141] Pid: 826, comm: mISDN_hfc-pci.1 Not tainted 2.6.29.4-grsec #13 > [88563.318142] Call Trace: > [88563.318147] [<ffffffff8025909a>] warn_slowpath+0xea/0x160 > [88563.318149] [<ffffffff8025ee0f>] local_bh_enable+0x8f/0xb0 > [88563.318152] [<ffffffff8065f284>] sk_filter+0x44/0xa0 > [88563.318154] [<ffffffff8064548d>] sock_queue_rcv_skb+0x5d/0x120 > [88563.318156] [<ffffffff8060410f>] mISDN_send+0x4f/0xa0 > [88563.318159] [<ffffffff8060790e>] l2up_create+0x7e/0x100 > [88563.318161] [<ffffffff8060b6e0>] l2_got_tei+0x0/0x90 > [88563.318163] [<ffffffff8060b722>] l2_got_tei+0x42/0x90 > [88563.318164] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > [88563.318167] [<ffffffff8060cb00>] tei_id_assign+0x0/0x120 > [88563.318168] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > [88563.318170] [<ffffffff8060e373>] mgr_send+0x4d3/0x660 > [88563.318172] [<ffffffff8061ac8e>] hfcpci_l2l1D+0x19e/0x2f0 > [88563.318174] [<ffffffff80606591>] mISDNStackd+0x431/0x680 > [88563.318177] [<ffffffff80270950>] autoremove_wake_function+0x0/0x30 > [88563.318179] [<ffffffff80606160>] mISDNStackd+0x0/0x680 > [88563.318181] [<ffffffff80270547>] kthread+0x47/0x80 > [88563.318183] [<ffffffff802226fa>] child_rip+0xa/0x20 > [88563.318185] [<ffffffff80270500>] kthread+0x0/0x80 > [88563.318186] [<ffffffff802226f0>] child_rip+0x0/0x20 > [88563.318188] ---[ end trace 2a7bb9b2f669de5a ]--- > hm, tricky, who disabled interrupts? It could be spin_lock_irqsave(&hc->lock, flags); in hfcpci_l2l1D(). ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() 2009-06-05 2:59 ` mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() Andrew Morton @ 2009-06-05 10:01 ` Karsten Keil 2009-06-09 13:05 ` Karsten Keil 0 siblings, 1 reply; 4+ messages in thread From: Karsten Keil @ 2009-06-05 10:01 UTC (permalink / raw) To: Andrew Morton; +Cc: Mathias Kretschmer, linux-kernel, netdev Hi, I'm currently see this too from time to time, but have no idea about it. On Freitag, 5. Juni 2009 04:59:48 Andrew Morton wrote: > (cc's added) > > On Fri, 5 Jun 2009 00:07:12 +0200 Mathias Kretschmer <psoting@blx4.net> wrote: > > Hi *, > > > > the following pops up from time to time when I place a call (might also > > happened on incoming calls). > > > > machine is an AMD K8 dual core running a x86_64 2.6.29.4-grsec kernel. > > > > please, let me know if you need more details. > > > > cheers, > > > > Mathias > > > > [88563.318126] ------------[ cut here ]------------ > > [88563.318129] WARNING: at kernel/softirq.c:124 > > local_bh_enable+0x8f/0xb0() [88563.318130] Hardware name: empty > > [88563.318132] Modules linked in: usbtouchscreen dvb_usb_cinergyT2 dummy > > bonding snd_emu10k1 snd_rawmidi snd_ac97_codec ath9k ac97_bus snd_pcm > > snd_page_alloc snd_util_mem forcedeth snd_hwdep > > [88563.318141] Pid: 826, comm: mISDN_hfc-pci.1 Not tainted 2.6.29.4-grsec > > #13 [88563.318142] Call Trace: > > [88563.318147] [<ffffffff8025909a>] warn_slowpath+0xea/0x160 > > [88563.318149] [<ffffffff8025ee0f>] local_bh_enable+0x8f/0xb0 > > [88563.318152] [<ffffffff8065f284>] sk_filter+0x44/0xa0 > > [88563.318154] [<ffffffff8064548d>] sock_queue_rcv_skb+0x5d/0x120 > > [88563.318156] [<ffffffff8060410f>] mISDN_send+0x4f/0xa0 > > [88563.318159] [<ffffffff8060790e>] l2up_create+0x7e/0x100 > > [88563.318161] [<ffffffff8060b6e0>] l2_got_tei+0x0/0x90 > > [88563.318163] [<ffffffff8060b722>] l2_got_tei+0x42/0x90 > > [88563.318164] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > [88563.318167] [<ffffffff8060cb00>] tei_id_assign+0x0/0x120 > > [88563.318168] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > [88563.318170] [<ffffffff8060e373>] mgr_send+0x4d3/0x660 > > [88563.318172] [<ffffffff8061ac8e>] hfcpci_l2l1D+0x19e/0x2f0 > > [88563.318174] [<ffffffff80606591>] mISDNStackd+0x431/0x680 > > [88563.318177] [<ffffffff80270950>] autoremove_wake_function+0x0/0x30 > > [88563.318179] [<ffffffff80606160>] mISDNStackd+0x0/0x680 > > [88563.318181] [<ffffffff80270547>] kthread+0x47/0x80 > > [88563.318183] [<ffffffff802226fa>] child_rip+0xa/0x20 > > [88563.318185] [<ffffffff80270500>] kthread+0x0/0x80 > > [88563.318186] [<ffffffff802226f0>] child_rip+0x0/0x20 > > [88563.318188] ---[ end trace 2a7bb9b2f669de5a ]--- > > hm, tricky, who disabled interrupts? Yes, indeed I have no idea what exactely is going on. > It could be > > spin_lock_irqsave(&hc->lock, flags); > > in hfcpci_l2l1D(). I do not think that this function is really in the call trace, in my dumps I see also traces without hfcpci_l2l1D in it. And I see no way back to mgr_send from hfcpci_l2l1D from the design the HW functions are decoupled from the stack thread via queues, so here should be no direct callback. The common part is, that it seems always happen on successful TEI assign. Karsten ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() 2009-06-05 10:01 ` Karsten Keil @ 2009-06-09 13:05 ` Karsten Keil 2009-06-22 22:37 ` Mathias Kretschmer 0 siblings, 1 reply; 4+ messages in thread From: Karsten Keil @ 2009-06-09 13:05 UTC (permalink / raw) To: netdev; +Cc: Andrew Morton, Mathias Kretschmer, linux-kernel On Freitag, 5. Juni 2009 12:01:03 Karsten Keil wrote: > Hi, > > I'm currently see this too from time to time, but have no idea about it. > ... > > > [88563.318126] ------------[ cut here ]------------ > > > [88563.318129] WARNING: at kernel/softirq.c:124 > > > local_bh_enable+0x8f/0xb0() [88563.318130] Hardware name: empty > > > [88563.318132] Modules linked in: usbtouchscreen dvb_usb_cinergyT2 > > > dummy bonding snd_emu10k1 snd_rawmidi snd_ac97_codec ath9k ac97_bus > > > snd_pcm snd_page_alloc snd_util_mem forcedeth snd_hwdep > > > [88563.318141] Pid: 826, comm: mISDN_hfc-pci.1 Not tainted > > > 2.6.29.4-grsec #13 [88563.318142] Call Trace: > > > [88563.318147] [<ffffffff8025909a>] warn_slowpath+0xea/0x160 > > > [88563.318149] [<ffffffff8025ee0f>] local_bh_enable+0x8f/0xb0 > > > [88563.318152] [<ffffffff8065f284>] sk_filter+0x44/0xa0 > > > [88563.318154] [<ffffffff8064548d>] sock_queue_rcv_skb+0x5d/0x120 > > > [88563.318156] [<ffffffff8060410f>] mISDN_send+0x4f/0xa0 > > > [88563.318159] [<ffffffff8060790e>] l2up_create+0x7e/0x100 > > > [88563.318161] [<ffffffff8060b6e0>] l2_got_tei+0x0/0x90 > > > [88563.318163] [<ffffffff8060b722>] l2_got_tei+0x42/0x90 > > > [88563.318164] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > > [88563.318167] [<ffffffff8060cb00>] tei_id_assign+0x0/0x120 > > > [88563.318168] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > > [88563.318170] [<ffffffff8060e373>] mgr_send+0x4d3/0x660 OK found it, it was in a inlined function call ph_data_ind() in mgr_send(). This patch should fix it (will send it upstream later). From: Karsten Keil <keil@b1-systems.de> Date: Tue, 9 Jun 2009 14:38:39 +0200 Subject: [PATCH] mISDN: Do not disable IRQ in ph_data_ind() This fix triggering the WARN_ON_ONCE(in_irq() || irqs_disabled()); in local_bh_enable(). Here is no need to grab this lock, this was wrong at all and may cause a deadlock and access to freed memory, since on a TEI remove the current listelement can be deleted under us. So this is clearly a case for list_for_each_entry_safe. Signed-off-by: Karsten Keil <keil@b1-systems.de> --- drivers/isdn/mISDN/tei.c | 7 ++----- 1 files changed, 2 insertions(+), 5 deletions(-) diff --git a/drivers/isdn/mISDN/tei.c b/drivers/isdn/mISDN/tei.c index bfcdd97..e04bad6 100644 --- a/drivers/isdn/mISDN/tei.c +++ b/drivers/isdn/mISDN/tei.c @@ -862,8 +862,7 @@ static int ph_data_ind(struct manager *mgr, struct sk_buff *skb) { int ret = -EINVAL; - struct layer2 *l2; - u_long flags; + struct layer2 *l2, *nl2; u_char mt; if (skb->len < 8) { @@ -908,11 +907,9 @@ ph_data_ind(struct manager *mgr, struct sk_buff *skb) new_tei_req(mgr, &skb->data[4]); goto done; } - read_lock_irqsave(&mgr->lock, flags); - list_for_each_entry(l2, &mgr->layer2, list) { + list_for_each_entry_safe(l2, nl2, &mgr->layer2, list) { tei_ph_data_ind(l2->tm, mt, &skb->data[4], skb->len - 4); } - read_unlock_irqrestore(&mgr->lock, flags); done: return ret; } -- 1.6.0.2 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() 2009-06-09 13:05 ` Karsten Keil @ 2009-06-22 22:37 ` Mathias Kretschmer 0 siblings, 0 replies; 4+ messages in thread From: Mathias Kretschmer @ 2009-06-22 22:37 UTC (permalink / raw) To: Karsten Keil; +Cc: netdev, Andrew Morton, linux-kernel [-- Attachment #1: Type: text/plain, Size: 3333 bytes --] Hi Karsten, applied your patch. Not sure if it fixed anything, though. Attached is another call trace which looks slightly different. Cheers, Mathias On Tuesday 09 June 2009 15:05:31 Karsten Keil wrote: > On Freitag, 5. Juni 2009 12:01:03 Karsten Keil wrote: > > Hi, > > > > I'm currently see this too from time to time, but have no idea about it. > > ... > > > > > [88563.318126] ------------[ cut here ]------------ > > > > [88563.318129] WARNING: at kernel/softirq.c:124 > > > > local_bh_enable+0x8f/0xb0() [88563.318130] Hardware name: empty > > > > [88563.318132] Modules linked in: usbtouchscreen dvb_usb_cinergyT2 > > > > dummy bonding snd_emu10k1 snd_rawmidi snd_ac97_codec ath9k ac97_bus > > > > snd_pcm snd_page_alloc snd_util_mem forcedeth snd_hwdep > > > > [88563.318141] Pid: 826, comm: mISDN_hfc-pci.1 Not tainted > > > > 2.6.29.4-grsec #13 [88563.318142] Call Trace: > > > > [88563.318147] [<ffffffff8025909a>] warn_slowpath+0xea/0x160 > > > > [88563.318149] [<ffffffff8025ee0f>] local_bh_enable+0x8f/0xb0 > > > > [88563.318152] [<ffffffff8065f284>] sk_filter+0x44/0xa0 > > > > [88563.318154] [<ffffffff8064548d>] sock_queue_rcv_skb+0x5d/0x120 > > > > [88563.318156] [<ffffffff8060410f>] mISDN_send+0x4f/0xa0 > > > > [88563.318159] [<ffffffff8060790e>] l2up_create+0x7e/0x100 > > > > [88563.318161] [<ffffffff8060b6e0>] l2_got_tei+0x0/0x90 > > > > [88563.318163] [<ffffffff8060b722>] l2_got_tei+0x42/0x90 > > > > [88563.318164] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > > > [88563.318167] [<ffffffff8060cb00>] tei_id_assign+0x0/0x120 > > > > [88563.318168] [<ffffffff80602d32>] mISDN_FsmEvent+0x82/0x100 > > > > [88563.318170] [<ffffffff8060e373>] mgr_send+0x4d3/0x660 > > OK found it, it was in a inlined function call ph_data_ind() in mgr_send(). > > This patch should fix it (will send it upstream later). > > > From: Karsten Keil <keil@b1-systems.de> > Date: Tue, 9 Jun 2009 14:38:39 +0200 > Subject: [PATCH] mISDN: Do not disable IRQ in ph_data_ind() > > > This fix triggering the WARN_ON_ONCE(in_irq() || irqs_disabled()); in > local_bh_enable(). > > Here is no need to grab this lock, this was wrong at all and may > cause a deadlock and access to freed memory, since on a TEI remove > the current listelement can be deleted under us. So this is clearly > a case for list_for_each_entry_safe. > > Signed-off-by: Karsten Keil <keil@b1-systems.de> > --- > drivers/isdn/mISDN/tei.c | 7 ++----- > 1 files changed, 2 insertions(+), 5 deletions(-) > > diff --git a/drivers/isdn/mISDN/tei.c b/drivers/isdn/mISDN/tei.c > index bfcdd97..e04bad6 100644 > --- a/drivers/isdn/mISDN/tei.c > +++ b/drivers/isdn/mISDN/tei.c > @@ -862,8 +862,7 @@ static int > ph_data_ind(struct manager *mgr, struct sk_buff *skb) > { > int ret = -EINVAL; > - struct layer2 *l2; > - u_long flags; > + struct layer2 *l2, *nl2; > u_char mt; > > if (skb->len < 8) { > @@ -908,11 +907,9 @@ ph_data_ind(struct manager *mgr, struct sk_buff *skb) > new_tei_req(mgr, &skb->data[4]); > goto done; > } > - read_lock_irqsave(&mgr->lock, flags); > - list_for_each_entry(l2, &mgr->layer2, list) { > + list_for_each_entry_safe(l2, nl2, &mgr->layer2, list) { > tei_ph_data_ind(l2->tm, mt, &skb->data[4], skb->len - 4); > } > - read_unlock_irqrestore(&mgr->lock, flags); > done: > return ret; > } [-- Attachment #2: misdn.txt --] [-- Type: text/plain, Size: 2396 bytes --] Jun 21 21:49:27 [kernel] [ 202.818502] ------------[ cut here ]------------ Jun 21 21:49:27 [kernel] [ 202.818520] WARNING: at kernel/softirq.c:141 local_bh_enable+0x8b/0xb0() Jun 21 21:49:27 [kernel] [ 202.818525] Hardware name: empty Jun 21 21:49:27 [kernel] [ 202.818528] Modules linked in: iscsi_trgt dummy bonding forcedeth usbtouchscreen Jun 21 21:49:27 [kernel] [ 202.818542] Pid: 811, comm: mISDN_hfc-pci.1 Not tainted 2.6.30 #6 Jun 21 21:49:27 [kernel] [ 202.818546] Call Trace: Jun 21 21:49:27 [kernel] [ 202.818556] [<ffffffff8026b45b>] ? local_bh_enable+0x8b/0xb0 Jun 21 21:49:27 [kernel] [ 202.818562] [<ffffffff8026b45b>] ? local_bh_enable+0x8b/0xb0 Jun 21 21:49:27 [kernel] [ 202.818572] [<ffffffff80265ad9>] ? warn_slowpath_common+0x79/0xd0 Jun 21 21:49:27 [kernel] [ 202.818578] [<ffffffff8026b45b>] ? local_bh_enable+0x8b/0xb0 Jun 21 21:49:27 [kernel] [ 202.818587] [<ffffffff806ea8e4>] ? sk_filter+0x44/0xa0 Jun 21 21:49:27 [kernel] [ 202.818594] [<ffffffff806d142d>] ? sock_queue_rcv_skb+0x5d/0x120 Jun 21 21:49:27 [kernel] [ 202.818604] [<ffffffff8066738f>] ? mISDN_send+0x4f/0xa0 Jun 21 21:49:27 [kernel] [ 202.818610] [<ffffffff8066c650>] ? l2_got_ui+0x0/0x70 Jun 21 21:49:27 [kernel] [ 202.818617] [<ffffffff8066a837>] ? l2up+0x27/0x50 Jun 21 21:49:27 [kernel] [ 202.818623] [<ffffffff80666052>] ? mISDN_FsmEvent+0x82/0x100 Jun 21 21:49:27 [kernel] [ 202.818630] [<ffffffff8066e7ba>] ? l2_send+0x6fa/0x980 Jun 21 21:49:27 [kernel] [ 202.818636] [<ffffffff8066bd40>] ? l2_pull_iqueue+0x0/0x310 Jun 21 21:49:27 [kernel] [ 202.818643] [<ffffffff80670733>] ? mgr_bcast+0x83/0x160 Jun 21 21:49:27 [kernel] [ 202.818649] [<ffffffff80669899>] ? mISDNStackd+0x429/0x670 Jun 21 21:49:27 [kernel] [ 202.818657] [<ffffffff8027c930>] ? autoremove_wake_function+0x0/0x30 Jun 21 21:49:27 [kernel] [ 202.818663] [<ffffffff80669470>] ? mISDNStackd+0x0/0x670 Jun 21 21:49:27 [kernel] [ 202.818668] [<ffffffff80669470>] ? mISDNStackd+0x0/0x670 Jun 21 21:49:27 [kernel] [ 202.818674] [<ffffffff8027c4d4>] ? kthread+0x54/0x90 Jun 21 21:49:27 [kernel] [ 202.818681] [<ffffffff8022dfba>] ? child_rip+0xa/0x20 Jun 21 21:49:27 [kernel] [ 202.818687] [<ffffffff8027c480>] ? kthread+0x0/0x90 Jun 21 21:49:27 [kernel] [ 202.818692] [<ffffffff8022dfb0>] ? child_rip+0x0/0x20 Jun 21 21:49:27 [kernel] [ 202.818696] ---[ end trace d74f848acdfc6568 ]--- ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2009-06-22 22:37 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20090603190952.2dd0cc70.sfr@canb.auug.org.au>
[not found] ` <20090603231152.GA18701@suse.de>
[not found] ` <20090604232610.GA16053@intel.com>
[not found] ` <200906050007.13507.psoting@blx4.net>
2009-06-05 2:59 ` mISDN: WARNING: at kernel/softirq.c:124 local_bh_enable+0x8f/0xb0() Andrew Morton
2009-06-05 10:01 ` Karsten Keil
2009-06-09 13:05 ` Karsten Keil
2009-06-22 22:37 ` Mathias Kretschmer
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).