Most recent kernel where this bug did not occur: n/a Distribution: OpenZaurus (unstable) Hardware Environment: arm (Zaurus C3100) Software Environment: OpenZaurus distro Problem Description: if a bluetooth card is inserted which is driven by the serial_cs driver, a hciattach helper process has to be started by cardmgr in order to use the card via rfcomm. if the card gets removed from the system the hciattach process should vanish, because after re-insertion a new hciattach process must be started anyway (it's not possible to reuse the old process). unfortunately the process doesn't get killed properly via the cardmgr scripts and if you try to kill the process after removal of the card a kernel oops appears and the process is stuck for good (see the kernel trace below). funny enough it is possible to kill the hciattach properly if you re-insert the card and start a new hciattach manually afterwards. but it seems to me that there is no proper way within the pcmcia-cs framework to get around that race situation, i.e. killing the hciattach process _before_ the serial_cs module gets unloaded ... Steps to reproduce: - you need a bluetooth card which is driven by serial_cs (billionton cf card in my case) - after card insertion serial_cs module gets loaded by cardmgr and a hciattach will be spawn - remove the card (either by ejecting via cardctl or by removing the real card from the cf socket) - hciattach won't get killed (though it should be by cardmgr) - kill the hciattach process (while the card is _NOT_ inserted) kernel trace: Jan 12 13:43:39 borzoi user.err kernel: serial8250: too much work for irq137 Jan 12 13:43:40 borzoi user.notice kernel: pccard: card ejected from slot 1 Jan 12 13:43:40 borzoi daemon.info cardmgr[2576]: shutting down socket 1 Jan 12 13:43:40 borzoi daemon.info cardmgr[2576]: executing: './serial stop ttyS3' Jan 12 13:43:41 borzoi daemon.info cardmgr[2576]: + /dev/ttyS3: Jan 12 13:43:41 borzoi daemon.info cardmgr[2576]: + /dev/ttyS3: Jan 12 13:43:41 borzoi daemon.info cardmgr[2576]: + /dev/modem: Jan 12 13:43:41 borzoi daemon.info cardmgr[2576]: + killall hciattach Jan 12 13:43:43 borzoi user.alert kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000008 Jan 12 13:43:43 borzoi user.alert kernel: pgd = c0004000 Jan 12 13:43:43 borzoi user.alert kernel: [00000008] *pgd=00000000 Jan 12 13:43:43 borzoi user.warn kernel: Internal error: Oops: 817 [#1] Jan 12 13:43:43 borzoi user.warn kernel: Modules linked in: serial_cs 8250 hci_uart ohci_hcd usbcore snd_soc_spitz snd_soc_pxa2xx_i2s snd_soc_wm8750 snd_soc_pxa2xx snd_soc_core snd_pcm_oss snd_pcm snd_timer snd_page_alloc snd_mixer_oss snd soundcore rfcomm pxaficp_ir ircomm_tty ircomm irda ipv6 hidp l2cap bluetooth Jan 12 13:43:43 borzoi user.warn kernel: CPU: 0 Jan 12 13:43:43 borzoi user.warn kernel: PC is at uart_flush_buffer+0x3c/0x74 Jan 12 13:43:43 borzoi user.warn kernel: LR is at hci_uart_flush+0x88/0xb4 [hci_uart] Jan 12 13:43:43 borzoi user.warn kernel: pc : [<c014b288>] lr : [<bf124324>] Not tainted Jan 12 13:43:43 borzoi user.warn kernel: sp : c1ac7cc0 ip : c3f42b40 fp : c1ac7cd0 Jan 12 13:43:43 borzoi user.warn kernel: r10: 00000938 r9 : c1ad8938 r8 : 00000000 Jan 12 13:43:43 borzoi user.warn kernel: r7 : 00000000 r6 : 00000000 r5 : c1ad8000 r4 : c1ad8000 Jan 12 13:43:43 borzoi user.warn kernel: r3 : 00000000 r2 : c1ac6000 r1 : 00000000 r0 : a0000013 Jan 12 13:43:43 borzoi user.warn kernel: Flags: NzCv IRQs off FIQs on Mode SVC_32 Segment user Jan 12 13:43:43 borzoi user.warn kernel: Control: 397F Table: A1830000 DAC: 00000015 Jan 12 13:43:43 borzoi user.warn kernel: Process hciattach (pid: 3203, stack limit = 0xc1ac61a4) Jan 12 13:43:43 borzoi user.warn kernel: Stack: (0xc1ac7cc0 to 0xc1ac8000) Jan 12 13:43:43 borzoi user.warn kernel: 7cc0: c1bc07a0 c1ac7ce8 c1ac7cd4 bf124324 c014b258 c1bc07a0 c1a25000 c1ac7cf8 Jan 12 13:43:43 borzoi user.warn kernel: 7ce0: c1ac7cec bf12438c bf1242a8 c1ac7d10 c1ac7cfc bf124504 bf12435c c1ac6000 Jan 12 13:43:43 borzoi user.warn kernel: 7d00: c1ad8000 c1ac7dc0 c1ac7d14 c0137b88 bf1244e4 00000930 c1ad8930 00000000 Jan 12 13:43:43 borzoi user.warn kernel: 7d20: 00000000 00000000 00000001 00000000 c0060018 c005fa74 00000000 bee88000 Jan 12 13:43:43 borzoi user.warn kernel: 7d40: bee88000 bee87fff c027a298 c1832fb8 c1ac7d6c c1ac7d60 c0060110 c005ff5c Jan 12 13:43:43 borzoi user.warn kernel: 7d60: 00000000 00000000 c1ac7d90 c1ac7d90 c1ac7d7c c009f8e0 c0113888 c3466d00 Jan 12 13:43:43 borzoi user.warn kernel: 7d80: 00000000 c1ac7db4 c1ac7d94 c007f354 c009f8cc c3466d00 c360d6c0 00000008 Jan 12 13:43:43 borzoi user.warn kernel: 7da0: c3ae04cc c1a6f5e0 c0334ca0 c1ac6000 00000001 c1ac7dd4 c1ac7dc4 c0138028 Jan 12 13:43:43 borzoi user.warn kernel: 7dc0: c0137384 c360d6c0 c1ac7df8 c1ac7dd8 c007f368 c0138018 c360d6c0 c03ac040 Jan 12 13:43:43 borzoi user.warn kernel: 7de0: 00000000 c03ac040 00000000 c1ac7e0c c1ac7dfc c007f404 c007f1ec c360d6c0 Jan 12 13:43:43 borzoi user.warn kernel: 7e00: c1ac7e28 c1ac7e10 c007d650 c007f3a4 00000001 00000000 c03ac048 c1ac7e50 Jan 12 13:43:43 borzoi user.warn kernel: 7e20: c1ac7e2c c003a704 c007d600 c03ac040 0000000f 00000001 0000000f c35a52e0 Jan 12 13:43:43 borzoi user.warn kernel: 7e40: 00000005 c1ac7e70 c1ac7e54 c003aec0 c003a668 c1ac6000 00000005 c1ac7e88 Jan 12 13:43:43 borzoi user.warn kernel: 7e60: c1ac7e6c c1ac7e88 c1ac7e74 c003bb98 c003ad6c c1860614 c1860604 c1ac7ec0 Jan 12 13:43:43 borzoi user.warn kernel: 7e80: c1ac7e8c c0046a5c c003bae4 c35a54d4 c1ac7fb0 c1ac7f60 c001bfa4 00000000 Jan 12 13:43:43 borzoi user.warn kernel: 7ea0: c1ac7fb0 c1ac6000 c35a54d4 c1ac6000 00000005 c1ac7f9c c1ac7ec4 c0020004 Jan 12 13:43:43 borzoi user.warn kernel: 7ec0: c0046714 c1ac7ed0 c0033a0c c00336f0 02c76300 c1ac7f24 c1ac7ee4 c01f7504 Jan 12 13:43:43 borzoi user.warn kernel: 7ee0: 00000009 00000000 00000000 00000000 00000000 00000000 c1ac7f28 c1ac7f24 Jan 12 13:43:43 borzoi user.warn kernel: 7f00: c1ac7f0c c00429e8 c0042948 a0000013 800130fe 7fffffd1 c1ac7f5c c1ac7f28 Jan 12 13:43:43 borzoi user.warn kernel: 7f20: c01f8530 c00429c0 00000000 00200200 800130fe c004389c c35a52e0 c027fdf4 Jan 12 13:43:43 borzoi user.warn kernel: 7f40: 00ffffff 00000000 00000000 7ffff14c 00000000 7fffffd0 00000000 bee87aa4 Jan 12 13:43:43 borzoi user.warn kernel: 7f60: 00000008 00000000 3b9aca00 c0043a24 0147ae14 bee87bb8 00000000 00000000 Jan 12 13:43:43 borzoi user.warn kernel: 7f80: 000000a2 c001bfa4 c1ac6000 00000005 c1ac7fac c1ac7fa0 c00206e0 c001ffac Jan 12 13:43:43 borzoi user.warn kernel: 7fa0: 00000000 c1ac7fb0 c001be6c c00206bc fffffdfc bee87aa4 00000000 00000008 Jan 12 13:43:43 borzoi user.warn kernel: 7fc0: bee87bb8 00000000 00000000 bee87b38 bee87aa4 00012e94 00000005 00000001 Jan 12 13:43:43 borzoi user.warn kernel: 7fe0: 00000000 bee87aa0 000036fc 400b8130 40000010 bee87aa4 00000000 00000000 Jan 12 13:43:43 borzoi user.warn kernel: Backtrace: Jan 12 13:43:43 borzoi user.warn kernel: [<c014b24c>] (uart_flush_buffer+0x0/0x74) from [<bf124324>] (hci_uart_flush+0x88/0xb4 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: r4 = C1BC07A0 Jan 12 13:43:43 borzoi user.warn kernel: [<bf12429c>] (hci_uart_flush+0x0/0xb4 [hci_uart]) from [<bf12438c>] (hci_uart_close+0x3c/0x44 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1A25000 r4 = C1BC07A0 Jan 12 13:43:43 borzoi user.warn kernel: [<bf124350>] (hci_uart_close+0x0/0x44 [hci_uart]) from [<bf124504>] (hci_uart_tty_close+0x2c/0x78 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: [<bf1244d8>] (hci_uart_tty_close+0x0/0x78 [hci_uart]) from [<c0137b88>] (release_dev+0x810/0x890) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1AD8000 r4 = C1AC6000 Jan 12 13:43:43 borzoi user.warn kernel: [<c0137378>] (release_dev+0x0/0x890) from [<c0138028>] (tty_release+0x1c/0x28) Jan 12 13:43:43 borzoi user.warn kernel: [<c013800c>] (tty_release+0x0/0x28) from [<c007f368>] (__fput+0x188/0x1b8) Jan 12 13:43:43 borzoi user.warn kernel: r4 = C360D6C0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007f1e0>] (__fput+0x0/0x1b8) from [<c007f404>] (fput+0x6c/0x9c) Jan 12 13:43:43 borzoi user.warn kernel: r8 = 00000000 r7 = C03AC040 r6 = 00000000 r5 = C03AC040 Jan 12 13:43:43 borzoi user.warn kernel: r4 = C360D6C0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007f398>] (fput+0x0/0x9c) from [<c007d650>] (filp_close+0x5c/0x88) Jan 12 13:43:43 borzoi user.warn kernel: 0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007d5f4>] (filp_close+0x0/0x88) from [<c003a704>] (put_files_struct+0xa8/0xe0) Jan 12 13:43:43 borzoi user.warn kernel: r6 = C03AC048 r5 = 00000000 r4 = 00000001 Jan 12 13:43:43 borzoi user.warn kernel: [<c003a65c>] (put_files_struct+0x0/0xe0) from [<c003aec0>] (do_exit+0x160/0xd40) Jan 12 13:43:43 borzoi user.warn kernel: [<c003ad60>] (do_exit+0x0/0xd40) from [<c003bb98>] (do_group_exit+0xc0/0xfc) Jan 12 13:43:43 borzoi user.warn kernel: [<c003bad8>] (do_group_exit+0x0/0xfc) from [<c0046a5c>] (get_signal_to_deliver+0x354/0x5c4) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1860604 r4 = C1860614 Jan 12 13:43:43 borzoi user.warn kernel: [<c0046708>] (get_signal_to_deliver+0x0/0x5c4) from [<c0020004>] (do_signal+0x64/0x520) Jan 12 13:43:43 borzoi user.warn kernel: [<c001ffa0>] (do_signal+0x0/0x520) from [<c00206e0>] (do_notify_resume+0x30/0x34) Jan 12 13:43:43 borzoi user.warn kernel: [<c00206b0>] (do_notify_resume+0x0/0x34) from [<c001be6c>] (work_pending+0x1c/0x20) Jan 12 13:43:43 borzoi user.warn kernel: Code: e2833001 e5823004 e59c1010 e3a03000 (e5813008) Jan 12 13:43:43 borzoi user.warn kernel: <1>Fixing recursive fault but reboot is needed! Jan 12 13:43:43 borzoi user.err kernel: scheduling while atomic: hciattach/0x00000002/3203 Jan 12 13:43:43 borzoi user.warn kernel: [<c002179c>] (dump_stack+0x0/0x14) from [<c01f7680>] (schedule+0x620/0x6bc) Jan 12 13:43:43 borzoi user.warn kernel: [<c01f7060>] (schedule+0x0/0x6bc) from [<c003b968>] (do_exit+0xc08/0xd40) Jan 12 13:43:43 borzoi user.warn kernel: [<c003ad60>] (do_exit+0x0/0xd40) from [<c0021ad4>] (die+0x2dc/0x3ac) Jan 12 13:43:43 borzoi user.warn kernel: [<c00217f8>] (die+0x0/0x3ac) from [<c00241b8>] (__do_kernel_fault+0x70/0x80) Jan 12 13:43:43 borzoi user.warn kernel: [<c0024148>] (__do_kernel_fault+0x0/0x80) from [<c002444c>] (do_page_fault+0x1c0/0x214) Jan 12 13:43:43 borzoi user.warn kernel: r7 = 00000008 r6 = C0232220 r5 = 00000817 r4 = C02321B0 Jan 12 13:43:43 borzoi user.warn kernel: [<c002428c>] (do_page_fault+0x0/0x214) from [<c00245dc>] (do_DataAbort+0x3c/0xa4) Jan 12 13:43:43 borzoi user.warn kernel: [<c00245a0>] (do_DataAbort+0x0/0xa4) from [<c001b9c0>] (__dabt_svc+0x40/0x60) Jan 12 13:43:43 borzoi user.warn kernel: r8 = 00000000 r7 = 00000000 r6 = 00000000 r5 = C1AC7CAC Jan 12 13:43:43 borzoi user.warn kernel: r4 = FFFFFFFF Jan 12 13:43:43 borzoi user.warn kernel: [<c014b24c>] (uart_flush_buffer+0x0/0x74) from [<bf124324>] (hci_uart_flush+0x88/0xb4 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: r4 = C1BC07A0 Jan 12 13:43:43 borzoi user.warn kernel: [<bf12429c>] (hci_uart_flush+0x0/0xb4 [hci_uart]) from [<bf12438c>] (hci_uart_close+0x3c/0x44 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1A25000 r4 = C1BC07A0 Jan 12 13:43:43 borzoi user.warn kernel: [<bf124350>] (hci_uart_close+0x0/0x44 [hci_uart]) from [<bf124504>] (hci_uart_tty_close+0x2c/0x78 [hci_uart]) Jan 12 13:43:43 borzoi user.warn kernel: [<bf1244d8>] (hci_uart_tty_close+0x0/0x78 [hci_uart]) from [<c0137b88>] (release_dev+0x810/0x890) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1AD8000 r4 = C1AC6000 Jan 12 13:43:43 borzoi user.warn kernel: [<c0137378>] (release_dev+0x0/0x890) from [<c0138028>] (tty_release+0x1c/0x28) Jan 12 13:43:43 borzoi user.warn kernel: [<c013800c>] (tty_release+0x0/0x28) from [<c007f368>] (__fput+0x188/0x1b8) Jan 12 13:43:43 borzoi user.warn kernel: r4 = C360D6C0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007f1e0>] (__fput+0x0/0x1b8) from [<c007f404>] (fput+0x6c/0x9c) Jan 12 13:43:43 borzoi user.warn kernel: r8 = 00000000 r7 = C03AC040 r6 = 00000000 r5 = C03AC040 Jan 12 13:43:43 borzoi user.warn kernel: r4 = C360D6C0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007f398>] (fput+0x0/0x9c) from [<c007d650>] (filp_close+0x5c/0x88) Jan 12 13:43:43 borzoi user.warn kernel: r4 = C360D6C0 Jan 12 13:43:43 borzoi user.warn kernel: [<c007d5f4>] (filp_close+0x0/0x88) from [<c003a704>] (put_files_struct+0xa8/0xe0) Jan 12 13:43:43 borzoi user.warn kernel: r6 = C03AC048 r5 = 00000000 r4 = 00000001 Jan 12 13:43:43 borzoi user.warn kernel: [<c003a65c>] (put_files_struct+0x0/0xe0) from [<c003aec0>] (do_exit+0x160/0xd40) Jan 12 13:43:43 borzoi user.warn kernel: [<c003ad60>] (do_exit+0x0/0xd40) from [<c003bb98>] (do_group_exit+0xc0/0xfc) Jan 12 13:43:43 borzoi user.warn kernel: [<c003bad8>] (do_group_exit+0x0/0xfc) from [<c0046a5c>] (get_signal_to_deliver+0x354/0x5c4) Jan 12 13:43:43 borzoi user.warn kernel: r5 = C1860604 r4 = C1860614 Jan 12 13:43:43 borzoi user.warn kernel: [<c0046708>] (get_signal_to_deliver+0x0/0x5c4) from [<c0020004>] (do_signal+0x64/0x520) Jan 12 13:43:43 borzoi user.warn kernel: [<c001ffa0>] (do_signal+0x0/0x520) from [<c00206e0>] (do_notify_resume+0x30/0x34) Jan 12 13:43:43 borzoi user.warn kernel: [<c00206b0>] (do_notify_resume+0x0/0x34) from [<c001be6c>] (work_pending+0x1c/0x20) Jan 12 13:43:44 borzoi daemon.info cardmgr[2576]: executing: 'modprobe -r serial_cs'
Created attachment 7103 [details] kernel oops added kernel trace as attachement for better readability
*** This bug has been marked as a duplicate of 5958 ***