Bug 16074 - kernel panic at startup with the b44 driver
Summary: kernel panic at startup with the b44 driver
Status: RESOLVED CODE_FIX
Alias: None
Product: Drivers
Classification: Unclassified
Component: Network (show other bugs)
Hardware: All Linux
: P1 high
Assignee: drivers_network@kernel-bugs.osdl.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-05-29 09:58 UTC by François Valenduc
Modified: 2010-06-01 18:07 UTC (History)
0 users

See Also:
Kernel Version: 2.6.34-git
Subsystem:
Regression: Yes
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description François Valenduc 2010-05-29 09:58:18 UTC 
With the current linus git-tree , I get this crash at startup which seems related to the b44 driver:

<c10421d2> tick_dev_program_event+0x32/0x140
<c11178c3> format_decode+0x/323/0x360
<c1118aab> vsnprintf+0x5b/0x500
<c101871f> bad_area_nosemaphore+0xf/0x20
<c1018b3b> do_page_fault+0x29b/0x3c0
<c101f70e> dequeue_task+0x3e/0x60
<c101f45a> finish_task_switch+0x2a/0x3c0
<c11c9324> raw_pci_write+0x84/0xa0
<c10188a0> do_page_fault+0x0/0x3c0
<c124791e> error_code+0x5e/0x64
<c11c0000> cpuidle_resume_and_unlock+0x0/0x30
<c10188a0> do_page_fault+0x0/0x3c0
<c11c3f46> ssb_is_sprom_available+0x16/0x30
<c11c48b0> ssb_pci_get_invariants+0x10/0x530
<c11c256b> ssb_bus_powerup+0x3b/0x60
<c11c323b> ssb_bus_register+0x15b/0x230
<c11c48b0> ssb_pci_get_invariants+0x10/0x530
<c11c3384> ssb_bus_pcibus_register+0x24/0x70
<c11c54c0> ssb_pcihost_probe+0x90/0xd0
<c11c5430> ssb_pcihost_probe+0x0/0xd0
<c112cd2b> local_pci_probe+0xb0/0x10
<c112d6f9> pci_device_probe+0x69/0x90
<c11a004c> driver_probe_device+0x7c/0x1b0
<c11a01f9> __driver_attach+0x79/0x70
<c119f929> bus_for_each_dev+0x49/0x70
<c119fed6> driver_attach+0x16/0x20
<c11a0180> __driver_attach+0x0/0x80
<c119f1d0> bus_add_driver+0xb0/0x260
<c112cd30> pci_device_shutdown+0x0/0x20
<c112d630> pci_device_remove+0x0/0x24
<c11a0477> driver_register+0x67/0x150
<c112d906> _pci_register_driver+0x36/0xa0
<c1340d7b> b44_init+0x0/0x55
<c1340da6> b44_init+0x2b/0x55
<c1340d7b> b44_init+0x0/0x55
<c100111e> do_one_initcall+0x2e/0x190
<c13271c7> kernel_init+0x0/0x12b
<c1340d7b> kernel_init+0x9/0x12b
<c1003076> kernel_thread_helper+0x6/0x10b

This is only the end of the message and I can't record the beginning since I don't have a serial port to use a serial console. I wanted to get the whole message via netconsole but this error occurs if the b44 driver is compiled in the kernel. If it's compiled as a module then a crash occur later. I suppose it's the same one but other messages appears after this one so I am not sure. I have tried git-bisect but I didn't get concluding results. The bugs probably appears between f72caf7e496465182eeda842ac66a5e75404ddf1 (merge branch 'for-2.6.35' of git://linux-nfs.org/~bfields/linux, which is good) and 7a9b149212f3716c598afe973b6261fd58453b7a (Merge git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/usb-2.6, which is bad).

Does anybody knows what is happening ?
Comment 1 François Valenduc 2010-05-29 10:44:48 UTC 
After having tried git-bisect again, I can see the beginning of the message because it crashes earlier. This is in fact a kernel panic:
It begins with:

EIP [<c11a6906>] ssb_is_sprom_availaible+0x16/0x30 SS:ESP 0068:df42ddf4
CR2 0000000000000010
kernel panic not syncing: attempted to kill init !

<c12270dc> panic+0x43/0xf6
<c1024bD3> do_exit+0x653/0x660
<c10056a3> oops_end+0xb3/0xc0
<c1017273> no_context+0xc3/0x150
<c1017365> __bad_area_nosemaphore+0x65/0x180
<c101d655> dequeue_task_fair+0x25/0x1d0

Then it continues with the same message as above from dequeue_task.
Comment 2 François Valenduc 2010-06-01 18:07:20 UTC 
This problem has been solved with the following patch:

commit da1fdb02d9200ff28b6f3a380d21930335fe5429
Author: Christoph Fritz <chf.fritz@googlemail.com>
Date:   Fri May 28 10:45:59 2010 +0200

    ssb: fix NULL ptr deref when pcihost_wrapper is used
Note You need to log in before you can comment on or make changes to this bug.