Running "pccacrdctl eject" once resulted in the following kernel BUG. pccard: card ejected from slot 1 uhci_hcd 0000:07:00.0: remove, state 4 usb usb5: USB disconnect, address 1 uhci_hcd 0000:07:00.0: HCRESET not completed yet! uhci_hcd 0000:07:00.0: USB bus 5 deregistered ACPI: PCI interrupt for device 0000:07:00.0 disabled ehci_hcd 0000:07:00.2: remove, state 4 usb usb6: USB disconnect, address 1 ehci_hcd 0000:07:00.2: dma_pool_destroy ehci_qh, 32785c32 busy BUG: unable to handle kernel paging request at virtual address 37303a34 printing eip: c0242ca0 *pde = 00000000 Oops: 0002 [#1] Modules linked in: ndiswrapper cpufreq_stats nls_iso8859_1 nls_cp437 vfat fat sco rfcomm l2cap hci_usb bluetooth ohci1394 ieee1394 snd_pcm_oss snd_mixer_oss snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_bt_sco snd_hwdep snd_intel8x0m snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer snd soundcore snd_page_alloc tun xt_mac ipt_LOG xt_limit nf_conntrack_ipv4 xt_state nf_conntrack xt_tcpudp iptable_filter ip_tables x_tables rtc evdev lt_hotswap squashfs zlib_inflate fuse unionfs sd_mod usb_storage scsi_mod usbhid uhci_hcd ehci_hcd button yenta_socket rsrc_nonstatic pcmcia_core psmouse e1000 loop ibm_acpi backlight battery radeonfb cfbcopyarea cfbimgblt cfbfillrect fbcon font bitblit softcursor fb CPU: 0 EIP: 0060:[<c0242ca0>] Tainted: P VLI EFLAGS: 00010286 (2.6.21.7-1 #1) EIP is at dma_pool_destroy+0xb0/0x150 eax: dbbc9e40 ebx: 32785c32 ecx: 00000000 edx: 37303a30 esi: dbbc9e00 edi: e85a3048 ebp: dbbc9e40 esp: f5e7be40 ds: 007b es: 007b fs: 00d8 gs: 0033 ss: 0068 Process pccardctl (pid: 6960, ti=f5e7a000 task=f7d5c570 task.ti=f5e7a000) Stack: c033ace8 f88fcf58 e85a30ec dbbc9e58 32785c32 dbb72cd4 dbb72c00 dbb72c00 c1d2a448 f88fabb5 dbb72c00 dbb72cd4 dbb72c00 f88fcce8 00000000 e85a30ec c0257c3a c03340eb f88fcf58 e85a30ec 00000004 dbb72c00 e85a3000 e85a30b0 Call Trace: [<f88fabb5>] ehci_mem_cleanup+0x45/0xc0 [ehci_hcd] [<f88fcce8>] ehci_stop+0x68/0x80 [ehci_hcd] [<c0257c3a>] usb_remove_hcd+0x8a/0xc0 [<c0261f2d>] usb_hcd_pci_remove+0x1d/0x90 [<c01dece6>] pci_device_remove+0x16/0x40 [<c02406c8>] __device_release_driver+0x68/0xa0 [<c0240bf2>] device_release_driver+0x22/0x40 [<c024004d>] bus_remove_device+0x4d/0x80 [<c023e4a7>] device_del+0x117/0x180 [<c023e518>] device_unregister+0x8/0x10 [<c01db896>] pci_stop_dev+0x26/0x60 [<c01db9a8>] pci_remove_bus_device+0x28/0xa0 [<c01dba4a>] pci_remove_behind_bridge+0x2a/0x40 [<f88ef634>] socket_shutdown+0x74/0xd0 [pcmcia_core] [<f88ef6ac>] socket_remove+0x1c/0x30 [pcmcia_core] [<f88ef722>] pcmcia_eject_card+0x62/0x70 [pcmcia_core] [<f88f276d>] pccard_store_eject+0x1d/0x30 [pcmcia_core] [<f88f2750>] pccard_store_eject+0x0/0x30 [pcmcia_core] [<c023dd2d>] dev_attr_store+0x2d/0x40 [<c01992c6>] sysfs_write_file+0xb6/0x110 [<c01646c1>] vfs_write+0xc1/0x160 [<c0199210>] sysfs_write_file+0x0/0x110 [<c0164cb1>] sys_write+0x41/0x70 [<c0103eca>] sysenter_past_esp+0x5f/0x85 ======================= Code: eb 55 8b 42 04 83 c2 04 40 75 4c 83 e9 20 85 c9 7f f0 8b 4e 08 8b 55 14 8b 45 10 8b 5e 0c 89 1c 24 e8 45 52 ec ff 8b 46 04 8b 16 <89> 42 04 89 10 89 f0 c7 06 00 01 10 00 c7 46 04 00 02 20 00 e8 EIP: [<c0242ca0>] dma_pool_destroy+0xb0/0x150 SS:ESP 0068:f5e7be40 Is there allready a patch that addresses this problem? If there is, please refer me to it, so I can integrate it with my kernel. Regards, Ruben
Reply-To: akpm@linux-foundation.org (please respond via emailed reply-to-all, not via the bugzilla web interface) On Thu, 13 Sep 2007 03:13:56 -0700 (PDT) bugme-daemon@bugzilla.kernel.org wrote: > http://bugzilla.kernel.org/show_bug.cgi?id=9013 > > Summary: running "pccardctl eject" results in kernel BUG > Product: Other > Version: 2.5 > KernelVersion: 2.6.21.7 > Platform: All > OS/Version: Linux > Tree: Mainline > Status: NEW > Severity: normal > Priority: P1 > Component: Modules > AssignedTo: other_modules@kernel-bugs.osdl.org > ReportedBy: rjenster@arcor.de > > > Running "pccacrdctl eject" once resulted in the following kernel BUG. > > pccard: card ejected from slot 1 > uhci_hcd 0000:07:00.0: remove, state 4 > usb usb5: USB disconnect, address 1 > uhci_hcd 0000:07:00.0: HCRESET not completed yet! > uhci_hcd 0000:07:00.0: USB bus 5 deregistered > ACPI: PCI interrupt for device 0000:07:00.0 disabled > ehci_hcd 0000:07:00.2: remove, state 4 > usb usb6: USB disconnect, address 1 > ehci_hcd 0000:07:00.2: dma_pool_destroy ehci_qh, 32785c32 busy > BUG: unable to handle kernel paging request at virtual address 37303a34 > printing eip: > c0242ca0 > *pde = 00000000 > Oops: 0002 [#1] > Modules linked in: ndiswrapper cpufreq_stats nls_iso8859_1 nls_cp437 vfat fat > sco rfcomm l2cap hci_usb bluetooth ohci1394 ieee1394 snd_pcm_oss > snd_mixer_oss > snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_bt_sco snd_hwdep > snd_intel8x0m snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer snd > soundcore snd_page_alloc tun xt_mac ipt_LOG xt_limit nf_conntrack_ipv4 > xt_state > nf_conntrack xt_tcpudp iptable_filter ip_tables x_tables rtc evdev lt_hotswap > squashfs zlib_inflate fuse unionfs sd_mod usb_storage scsi_mod usbhid > uhci_hcd > ehci_hcd button yenta_socket rsrc_nonstatic pcmcia_core psmouse e1000 loop > ibm_acpi backlight battery radeonfb cfbcopyarea cfbimgblt cfbfillrect fbcon > font bitblit softcursor fb > CPU: 0 > EIP: 0060:[<c0242ca0>] Tainted: P VLI > EFLAGS: 00010286 (2.6.21.7-1 #1) > EIP is at dma_pool_destroy+0xb0/0x150 > eax: dbbc9e40 ebx: 32785c32 ecx: 00000000 edx: 37303a30 > esi: dbbc9e00 edi: e85a3048 ebp: dbbc9e40 esp: f5e7be40 > ds: 007b es: 007b fs: 00d8 gs: 0033 ss: 0068 > Process pccardctl (pid: 6960, ti=f5e7a000 task=f7d5c570 task.ti=f5e7a000) > Stack: c033ace8 f88fcf58 e85a30ec dbbc9e58 32785c32 dbb72cd4 dbb72c00 > dbb72c00 > c1d2a448 f88fabb5 dbb72c00 dbb72cd4 dbb72c00 f88fcce8 00000000 > e85a30ec > c0257c3a c03340eb f88fcf58 e85a30ec 00000004 dbb72c00 e85a3000 > e85a30b0 > Call Trace: > [<f88fabb5>] ehci_mem_cleanup+0x45/0xc0 [ehci_hcd] > [<f88fcce8>] ehci_stop+0x68/0x80 [ehci_hcd] > [<c0257c3a>] usb_remove_hcd+0x8a/0xc0 > [<c0261f2d>] usb_hcd_pci_remove+0x1d/0x90 > [<c01dece6>] pci_device_remove+0x16/0x40 > [<c02406c8>] __device_release_driver+0x68/0xa0 > [<c0240bf2>] device_release_driver+0x22/0x40 > [<c024004d>] bus_remove_device+0x4d/0x80 > [<c023e4a7>] device_del+0x117/0x180 > [<c023e518>] device_unregister+0x8/0x10 > [<c01db896>] pci_stop_dev+0x26/0x60 > [<c01db9a8>] pci_remove_bus_device+0x28/0xa0 > [<c01dba4a>] pci_remove_behind_bridge+0x2a/0x40 > [<f88ef634>] socket_shutdown+0x74/0xd0 [pcmcia_core] > [<f88ef6ac>] socket_remove+0x1c/0x30 [pcmcia_core] > [<f88ef722>] pcmcia_eject_card+0x62/0x70 [pcmcia_core] > [<f88f276d>] pccard_store_eject+0x1d/0x30 [pcmcia_core] > [<f88f2750>] pccard_store_eject+0x0/0x30 [pcmcia_core] > [<c023dd2d>] dev_attr_store+0x2d/0x40 > [<c01992c6>] sysfs_write_file+0xb6/0x110 > [<c01646c1>] vfs_write+0xc1/0x160 > [<c0199210>] sysfs_write_file+0x0/0x110 > [<c0164cb1>] sys_write+0x41/0x70 > [<c0103eca>] sysenter_past_esp+0x5f/0x85 > ======================= > Code: eb 55 8b 42 04 83 c2 04 40 75 4c 83 e9 20 85 c9 7f f0 8b 4e 08 8b 55 14 > 8b 45 10 8b 5e 0c 89 1c 24 e8 45 52 ec ff 8b 46 04 8b 16 <89> 42 04 89 10 89 > f0 > c7 06 00 01 10 00 c7 46 04 00 02 20 00 e8 > EIP: [<c0242ca0>] dma_pool_destroy+0xb0/0x150 SS:ESP 0068:f5e7be40 > > Is there allready a patch that addresses this problem? If there is, please > refer me to it, so I can integrate it with my kernel. > Looks like a USB bug to me. Are you able to reproduce it on an untainted kernel (ndiswrapper is the culprit I guess). And are you able to test a later kernel?
Unfortunately I can't reproduce it till now.
Ruben, If this problem doesn't appear with newer kernels, we should close the bug.
Hi Natalie, thanks for your reminder - doesn't happen with 2.6.22.x kernels - so the bug can be closed.