From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joerg Roedel Subject: Lockdep warning and kernel panic with e1000e on 2.6.33-rc4 Date: Fri, 22 Jan 2010 14:24:32 +0100 Message-ID: <20100122132432.GI8665@amd.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Cc: e1000-devel@lists.sourceforge.net, netdev@vger.kernel.org, linux-kernel@vger.kernel.org To: Jeff Kirsher , Jesse Brandeburg , Bruce Allan , PJ Waskiewicz , Joh Return-path: Content-Disposition: inline List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: e1000-devel-bounces@lists.sourceforge.net List-Id: netdev.vger.kernel.org Hi, I just tried to unbind a device from the e1000e driver and got the following output from lockdep and the kernel panic from a NULL pointer dereference. The kernel running on the machine is 2.6.33-rc4 + kvm patches (which shouldn't matter): [ 157.282671] ============================================= [ 157.283400] [ INFO: possible recursive locking detected ] [ 157.283400] 2.6.33-rc4 #76 [ 157.283400] --------------------------------------------- [ 157.283400] bash/3686 is trying to acquire lock: [ 157.283400] (s_active){++++.+}, at: [] sysfs_hash_and_remove+0x53/0x6a [ 157.283400] [ 157.283400] but task is already holding lock: [ 157.283400] (s_active){++++.+}, at: [] sysfs_get_active_two+0x24/0x4b [ 157.283400] [ 157.283400] other info that might help us debug this: [ 157.283400] 3 locks held by bash/3686: [ 157.283400] #0: (&buffer->mutex){+.+.+.}, at: [] sysfs_write_file+0x3e/0x12b [ 157.283400] #1: (s_active){++++.+}, at: [] sysfs_get_active_two+0x24/0x4b [ 157.283400] #2: (s_active){++++.+}, at: [] sysfs_get_active_two+0x31/0x4b [ 157.283400] [ 157.283400] stack backtrace: [ 157.283400] Pid: 3686, comm: bash Not tainted 2.6.33-rc4 #76 [ 157.283400] Call Trace: [ 157.283400] [] __lock_acquire+0xcf1/0xd86 [ 157.283400] [] ? debug_check_no_locks_freed+0x120/0x12f [ 157.283400] [] ? trace_hardirqs_on_caller+0x11f/0x14a [ 157.283400] [] lock_acquire+0xc4/0xe1 [ 157.283400] [] ? sysfs_hash_and_remove+0x53/0x6a [ 157.283400] [] sysfs_addrm_finish+0xcd/0x135 [ 157.283400] [] ? sysfs_hash_and_remove+0x53/0x6a [ 157.283400] [] ? __mutex_lock_common+0x324/0x335 [ 157.283400] [] ? mutex_lock_nested+0x3c/0x41 [ 157.283400] [] sysfs_hash_and_remove+0x53/0x6a [ 157.283400] [] sysfs_remove_link+0x21/0x23 [ 157.283400] [] __device_release_driver+0x2d/0xce [ 157.283400] [] device_release_driver+0x23/0x30 [ 157.283400] [] driver_unbind+0x5c/0x9e [ 157.283400] [] drv_attr_store+0x2c/0x2e [ 157.283400] [] sysfs_write_file+0xf6/0x12b [ 157.283400] [] vfs_write+0xb0/0x10a [ 157.283400] [] sys_write+0x4c/0x75 [ 157.283400] [] system_call_fastpath+0x16/0x1b [ 157.506592] e1000e 0000:02:00.0: PCI INT A disabled [ 157.511796] BUG: unable to handle kernel NULL pointer dereference at 0000000000000024 [ 157.512464] IP: [] do_raw_spin_unlock+0xc/0x8b [ 157.512464] PGD 835651067 PUD 835a98067 PMD 0 [ 157.512464] Oops: 0000 [#1] SMP [ 157.512464] last sysfs file: /sys/bus/pci/drivers/e1000e/unbind [ 157.512464] CPU 19 [ 157.512464] Pid: 3686, comm: bash Not tainted 2.6.33-rc4 #76 Dinar/Dinar [ 157.512464] RIP: 0010:[] [] do_raw_spin_unlock+0xc/0x8b [ 157.512464] RSP: 0018:ffff88043675dcf8 EFLAGS: 00010092 [ 157.512464] RAX: ffff880435116540 RBX: 0000000000000020 RCX: 0000000000000000 [ 157.512464] RDX: ffffffff81023c47 RSI: 0000000000000001 RDI: 0000000000000020 [ 157.512464] RBP: ffff88043675dd08 R08: 0000000000000086 R09: 0000000000000000 [ 157.512464] R10: ffff88043675ddc8 R11: ffff88043675dd08 R12: 0000000000000082 [ 157.512464] R13: 0000000000000082 R14: 0000000000000282 R15: 0000000000000005 [ 157.512464] FS: 00007f5ddd27f6f0(0000) GS:ffff88063f440000(0000) knlGS:0000000000000000 [ 157.512464] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.512464] CR2: 0000000000000024 CR3: 0000000835601000 CR4: 00000000000006e0 [ 157.512464] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 157.512464] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 [ 157.512464] Process bash (pid: 3686, threadinfo ffff88043675c000, task ffff880435116540) [ 157.512464] Stack: [ 157.512464] 0000000000000282 0000000000000020 ffff88043675dd28 ffffffff816600ab [ 157.512464] <0> ffff880c35829600 ffff8808365dd088 ffff88043675dd58 ffffffff81023c47 [ 157.512464] <0> 0000000000000005 ffff8808365dd088 0000000000000200 ffff880c359e75c0 [ 157.512464] Call Trace: [ 157.512464] [] _raw_spin_unlock_irqrestore+0x2c/0x4c [ 157.512464] [] detach_device+0x90/0xc7 [ 157.512464] [] device_change_notifier+0x8e/0x127 [ 157.512464] [] notifier_call_chain+0x38/0x60 [ 157.512464] [] __blocking_notifier_call_chain+0x52/0x6f [ 157.512464] [] blocking_notifier_call_chain+0x14/0x16 [ 157.512464] [] __device_release_driver+0xc9/0xce [ 157.512464] [] device_release_driver+0x23/0x30 [ 157.512464] [] driver_unbind+0x5c/0x9e [ 157.512464] [] drv_attr_store+0x2c/0x2e [ 157.512464] [] sysfs_write_file+0xf6/0x12b [ 157.512464] [] vfs_write+0xb0/0x10a [ 157.512464] [] sys_write+0x4c/0x75 [ 157.512464] [] system_call_fastpath+0x16/0x1b [ 157.512464] Code: c0 4c 89 e6 48 c7 c7 9e 2a ac 81 31 c0 e8 c8 a7 44 00 e8 d8 a5 44 00 5f 5b 41 5c 41 5d c9 c3 55 48 89 e5 53 48 89 fb 48 83 ec 08 <81> 7f 04 ad 4e ad de 74 0c 48 c7 c6 4a 2a ac 81 e8 35 ff ff ff [ 157.512464] RIP [] do_raw_spin_unlock+0xc/0x8b [ 157.512464] RSP [ 157.512464] CR2: 0000000000000024 [ 157.512464] ---[ end trace a773b332cbda2d29 ]--- lspci of the affected card looks as follows: evelt:~# lspci -n -vv -s 02:00.0 02:00.0 0200: 8086:10d3 Subsystem: 8086:a01f Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx+ Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- SERR-