Home » Mailing list archives » linux-kernel » 2008 » August » 2

Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
[view in full thread]
From: Mariusz Kozlowski
Subject: Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops
Date: Saturday, August 2, 2008 - 4:25 pm

Hi,
 

It's ALI M15x3 chipset. .config is attached.

# lspci 
00:00.0 Host bridge: ATI Technologies Inc RS200/RS200M AGP Bridge [IGP 340M] (rev 02)
00:01.0 PCI bridge: ATI Technologies Inc PCI Bridge [IGP 340M]
00:03.0 Modem: ALi Corporation M5457 AC'97 Modem Controller
00:04.0 Multimedia audio controller: ALi Corporation M5451 PCI AC-Link Controller Audio Device (rev 02)
00:06.0 Bridge: ALi Corporation M7101 Power Management Controller [PMU]
00:07.0 ISA bridge: ALi Corporation M1533/M1535 PCI to ISA Bridge [Aladdin IV/V/V+]
00:0a.0 CardBus bridge: Ricoh Co Ltd RL5c476 II (rev aa)
00:0a.1 CardBus bridge: Ricoh Co Ltd RL5c476 II (rev aa)
00:0a.2 FireWire (IEEE 1394): Ricoh Co Ltd R5C552 IEEE 1394 Controller (rev 02)
00:0c.0 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 Controller (rev 50)
00:0c.1 USB Controller: VIA Technologies, Inc. VT82xxxxx UHCI USB 1.1 Controller (rev 50)
00:0c.2 USB Controller: VIA Technologies, Inc. USB 2.0 (rev 51)
00:0f.0 IDE interface: ALi Corporation M5229 IDE (rev c4)
00:12.0 Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ (rev 10)
01:05.0 VGA compatible controller: ATI Technologies Inc Radeon IGP 330M/340M/350M



I saw it exploding in two ways. I added simple debugging stuff:

--- linux-2.6.27-rc1-mm1/drivers/ide/ide.c      2008-08-02 11:42:05.000000000 +0200
+++ linux-2.6.27-rc1-mm1-dirty/drivers/ide/ide.c        2008-08-02 23:26:52.000000000 +0200
@@ -714,6 +714,21 @@ EXPORT_SYMBOL_GPL(ide_device_get);
 void ide_device_put(ide_drive_t *drive)
 {
 #ifdef CONFIG_MODULE_UNLOAD
+       void *tmp;
+
+       tmp = drive;
+       printk("drive: 0x%p\n", tmp);
+       tmp = drive->hwif;
+       printk("drive->hwif: 0x%p\n", tmp);
+       tmp = drive->hwif->host;
+       printk("drive->hwif->host: 0x%p\n", tmp);
+       tmp = drive->hwif->host->dev;
+       printk("drive->hwif->host->dev: 0x%p\n", tmp);
+       tmp = drive->hwif->host->dev[0];
+       printk("drive->hwif->host->dev[0]: 0x%p\n", tmp);
+       tmp = drive->hwif->host->dev[0]->driver;
+       printk("drive->hwif->host->dev[0]->driver: 0x%p\n", tmp);
+
        struct device *host_dev = drive->hwif->host->dev[0];
        struct module *module = host_dev ? host_dev->driver->owner : NULL;


1) on drive->hwif (drive is null)

drive: 0x00000000
BUG: unable to handle kernel NULL pointer dereference at 00000024
IP: [<c0247007>] ide_device_put+0x19/0xc3
*pde = 00000000 
Oops: 0000 [#1] PREEMPT 
last sysfs file: /sys/class/power_supply/BAT1/energy_full
Modules linked in: nfsd lockd sunrpc exportfs orinoco_cs orinoco hermes pcmcia ehci_hcd uhci_hcd usbcore yenta_socket snd_ali5451 snd_ac97_codec ac97_bus snd_pcm rsrc_nonstatic ati_agp snd_timer agpgart psmouse pcspkr rtc ide_cd_mod(-) snd soundcore snd_page_alloc cdrom 8139too sony_laptop backlight floppy

Pid: 4477, comm: rmmod Not tainted (2.6.27-rc1-mm1-dirty #7)
EIP: 0060:[<c0247007>] EFLAGS: 00010286 CPU: 0
EIP is at ide_device_put+0x19/0xc3
EAX: 00000015 EBX: 00000000 ECX: ddaac000 EDX: 00000000
ESI: dec3de34 EDI: dec3de34 EBP: ddaacee0 ESP: ddaaced4
 DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process rmmod (pid: 4477, ti=ddaac000 task=dd901700 task.ti=ddaac000)
Stack: c035e577 00000000 dd83ae00 ddaaceec dec37202 dd83ae00 ddaacef8 dec37225 
       dd9138dc ddaacf00 c02469e0 ddaacf10 c024156f dd9138dc dd9139f4 ddaacf24 
       c024162c 00000880 dec3de34 c0398dc0 ddaacf38 c0240a33 00000880 dec3de34 
Call Trace:
 [<dec37202>] ? ide_cd_put+0x26/0x33 [ide_cd_mod]
 [<dec37225>] ? ide_cd_remove+0x16/0x19 [ide_cd_mod]
 [<c02469e0>] ? generic_ide_remove+0x1a/0x1e
 [<c024156f>] ? __device_release_driver+0x59/0x7f
 [<c024162c>] ? driver_detach+0x97/0x99
 [<c0240a33>] ? bus_remove_driver+0x6f/0x8b
 [<c02419f1>] ? driver_unregister+0x2f/0x33
 [<dec3a331>] ? ide_cdrom_exit+0xd/0xf [ide_cd_mod]
 [<c014265a>] ? sys_delete_module+0x10d/0x1e2
 [<c015fedc>] ? do_munmap+0x1d7/0x234
 [<c01e8684>] ? trace_hardirqs_on_thunk+0xc/0x10
 [<c0103015>] ? sysenter_do_call+0x12/0x35
 =======================
Code: c0 89 34 24 e8 cb ce f9 ff 31 c0 83 c4 0c 5b 5e 5d c3 55 89 e5 53 83 ec 08 89 c3 89 44 24 04 c7 04 24 77 e5 35 c0 e8 25 6c ed ff <8b> 43 24 89 44 24 04 c7 04 24 84 e5 35 c0 e8 12 6c ed ff 8b 43 
EIP: [<c0247007>] ide_device_put+0x19/0xc3 SS:ESP 0068:ddaaced4
---[ end trace b3172ff03a3b3a53 ]---

(gdb) l *ide_device_put+0x19
0xc0247007 is in ide_device_put (/home/mako/linux/lkt/sources/linux-2.6.27-rc1-mm1-dirty/drivers/ide/ide.c:722).
717             void *tmp;
718     
719             tmp = drive;
720             printk("drive: 0x%p\n", tmp);
721             tmp = drive->hwif;
722             printk("drive->hwif: 0x%p\n", tmp); <----
723             tmp = drive->hwif->host;
724             printk("drive->hwif->host: 0x%p\n", tmp);
725             tmp = drive->hwif->host->dev;
726             printk("drive->hwif->host->dev: 0x%p\n", tmp);



2) on drive->hwif->host->dev[0] (->dev is bogus?)

drive: 0xdd97c200
drive->hwif: 0xc023f3b8
drive->hwif->host: 0x83535657
drive->hwif->host->dev: 0x83535683
BUG: unable to handle kernel paging request at 83535683
IP: [<c024704f>] ide_device_put+0x61/0xc3
*pde = 00000000 
Oops: 0000 [#1] PREEMPT 
last sysfs file: /sys/class/power_supply/BAT1/energy_full
Modules linked in: radeon drm nfsd lockd sunrpc exportfs orinoco_cs orinoco hermes pcmcia uhci_hcd ehci_hcd snd_ali5451 usbcore yenta_socket snd_ac97_codec ac97_bus snd_pcm snd_timer rsrc_nonstatic pcspkr ati_agp ide_cd_mod(-) snd psmouse sony_laptop agpgart floppy cdrom soundcore snd_page_alloc backlight rtc 8139too

Pid: 4596, comm: rmmod Not tainted (2.6.27-rc1-mm1-dirty #7)
EIP: 0060:[<c024704f>] EFLAGS: 00010286 CPU: 0
EIP is at ide_device_put+0x61/0xc3
EAX: 83535657 EBX: dd97c200 ECX: d9e68000 EDX: 00000000
ESI: dec53e34 EDI: dec53e34 EBP: d9e68ee0 ESP: d9e68ed4
 DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
Process rmmod (pid: 4596, ti=d9e68000 task=dd837300 task.ti=d9e68000)
Stack: c035e5b0 83535683 dd97c600 d9e68eec dec4d202 dd97c600 d9e68ef8 dec4d225 
       dd9138dc d9e68f00 c02469e0 d9e68f10 c024156f dd9138dc dd9139f4 d9e68f24 
       c024162c 00000880 dec53e34 c0398dc0 d9e68f38 c0240a33 00000880 dec53e34 
Call Trace:
 [<dec4d202>] ? ide_cd_put+0x26/0x33 [ide_cd_mod]
 [<dec4d225>] ? ide_cd_remove+0x16/0x19 [ide_cd_mod]
 [<c02469e0>] ? generic_ide_remove+0x1a/0x1e
 [<c024156f>] ? __device_release_driver+0x59/0x7f
 [<c024162c>] ? driver_detach+0x97/0x99
 [<c0240a33>] ? bus_remove_driver+0x6f/0x8b
 [<c02419f1>] ? driver_unregister+0x2f/0x33
 [<dec50331>] ? ide_cdrom_exit+0xd/0xf [ide_cd_mod]
 [<c014265a>] ? sys_delete_module+0x10d/0x1e2
 [<c015fedc>] ? do_munmap+0x1d7/0x234
 [<c01e8684>] ? trace_hardirqs_on_thunk+0xc/0x10
 [<c0103015>] ? sysenter_do_call+0x12/0x35
 =======================
Code: c7 04 24 97 e5 35 c0 e8 fc 6b ed ff 8b 43 24 8b 40 10 83 c0 2c 89 44 24 04 c7 04 24 b0 e5 35 c0 e8 e3 6b ed ff 8b 43 24 8b 40 10 <8b> 40 2c 89 44 24 04 c7 04 24 70 2a 35 c0 e8 ca 6b ed ff 8b 43 
EIP: [<c024704f>] ide_device_put+0x61/0xc3 SS:ESP 0068:d9e68ed4
---[ end trace ad4ca87090e240bd ]---

(gdb) l *ide_device_put+0x61
0xc024704f is in ide_device_put (/home/mako/linux/lkt/sources/linux-2.6.27-rc1-mm1-dirty/drivers/ide/ide.c:728).
723             tmp = drive->hwif->host;
724             printk("drive->hwif->host: 0x%p\n", tmp);
725             tmp = drive->hwif->host->dev;
726             printk("drive->hwif->host->dev: 0x%p\n", tmp);
727             tmp = drive->hwif->host->dev[0];
728             printk("drive->hwif->host->dev[0]: 0x%p\n", tmp); <----
729             tmp = drive->hwif->host->dev[0]->driver;
730             printk("drive->hwif->host->dev[0]->driver: 0x%p\n", tmp);
731     
732             struct device *host_dev = drive->hwif->host->dev[0];


Hope that helps.

	Mariusz
Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]
Messages in current thread:
2.6.27-rc1-mm1, Andrew Morton, (Thu Jul 31, 12:03 am)
Re: 2.6.27-rc1-mm1, Balbir Singh, (Thu Jul 31, 1:10 am)
2.6.27-rc1-mm1: busyloop time-schedule, Alexey Dobriyan, (Thu Jul 31, 5:23 am)
[BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fails ..., Kamalesh Babulal, (Thu Jul 31, 5:43 am)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Tony Breeds, (Thu Jul 31, 10:29 pm)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Andrew Morton, (Thu Jul 31, 11:12 pm)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Peter 1 Oberparleiter, (Fri Aug 1, 8:40 am)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Peter 1 Oberparleiter, (Fri Aug 1, 8:44 am)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Kamalesh Babulal, (Fri Aug 1, 9:16 am)
Re: [BUILD-FAILURE] 2.6.27-rc1-mm1 - allyesconfig build fa ..., Sam Ravnborg, (Fri Aug 1, 9:45 am)
Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops, Mariusz Kozlowski, (Sat Aug 2, 2:23 am)
Re: 2.6.27-rc1-mm1: sparc64 BUG: using smp_processor_id() ..., Mariusz Kozlowski, (Sat Aug 2, 8:17 am)
Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops, Bartlomiej Zolnierki ..., (Sat Aug 2, 9:15 am)
Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops, Mariusz Kozlowski, (Sat Aug 2, 4:25 pm)
Re: 2.6.27-rc1-mm1: sparc64 BUG: using smp_processor_id() ..., David Miller, (Sun Aug 3, 12:02 am)
Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops, Bartlomiej Zolnierki ..., (Sun Aug 3, 7:41 am)
Re: 2.6.27-rc1-mm1: rmmod ide-cd_mod oops, Mariusz Kozlowski, (Sun Aug 3, 8:45 am)
Re: 2.6.27-rc1-mm1: unable to boot with gcov on x86_64, Mariusz Kozlowski, (Tue Aug 5, 1:26 pm)
Re: 2.6.27-rc1-mm1: unable to boot with gcov on x86_64, Mariusz Kozlowski, (Tue Aug 5, 1:29 pm)
Re: 2.6.27-rc1-mm1: unable to boot with gcov on x86_64, Peter Oberparleiter, (Wed Aug 6, 12:23 am)