[asterisk-bugs] [DAHDI-linux 0017669]: [patch] oops after driver is removed
Asterisk Bug Tracker
noreply at bugs.digium.com
Sun Aug 29 01:05:28 CDT 2010
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=17669
======================================================================
Reported By: tzafrir
Assigned To: sruffell
======================================================================
Project: DAHDI-linux
Issue ID: 17669
Category: General
Reproducibility: always
Severity: minor
Priority: normal
Status: acknowledged
JIRA:
Reviewboard Link:
======================================================================
Date Submitted: 2010-07-18 11:37 CDT
Last Modified: 2010-08-29 01:05 CDT
======================================================================
Summary: [patch] oops after driver is removed
Description:
The 'bind' and 'unbind' properties allow (un)binding a device to a driver
at runtime:
zavadi:~# dahdi_hardware
pci:0000:00:09.0 wcb4xxp+ 1397:08b4 Junghanns QuadBRI ISDN card
zavadi:~# echo -n 0000:00:09.0 >/sys/bus/pci/drivers/wcb4xxp/unbind
zavadi:~# dahdi_hardware
pci:0000:00:09.0 wcb4xxp- 1397:08b4 Junghanns QuadBRI ISDN card
zavadi:~# echo -n 0000:00:09.0 >/sys/bus/pci/drivers/wcb4xxp/bind
zavadi:~# dahdi_hardware
pci:0000:00:09.0 wcb4xxp+ 1397:08b4 Junghanns QuadBRI ISDN card
However if any of the channels used by the device had a channel that was
open at unbind time, userspace is left with invalid file handles. You'll
probably soon get something along the lines of:
wcb4xxp 0000:00:09.0: Driver unloaded.
BUG: unable to handle kernel NULL pointer dereference at 00000080
IP: [<cc98c11e>] :dahdi:dahdi_chan_ioctl+0x18/0x819
*pde = 00000000
Oops: 0000 [https://issues.asterisk.org/view.php?id=1] SMP
Modules linked in: dahdi_echocan_oslec echo ipv6 xpp_usb xpp wctdm wct4xxp
firmware_class loop parport_pc parport snd_via82xx gameport snd_ac97_codec
ac97_bus snd_pcm snd_page_alloc snd_mpu401_uart snd_seq_midi
snd_seq_midi_event serio_raw pcspkr snd_rawmidi snd_seq snd_timer
snd_seq_device psmouse snd i2c_viapro i2c_core soundcore button wcb4xxp
dahdi crc_ccitt shpchp pci_hotplug via_agp agpgart evdev ext3 jbd mbcache
dm_mirror dm_log dm_snapshot dm_mod ide_cd_mod cdrom sd_mod via82cxxx
ide_pci_generic ide_core sata_via floppy via_rhine mii ehci_hcd ata_generic
uhci_hcd usbcore libata scsi_mod dock thermal processor fan thermal_sys
[last unloaded: scsi_wait_scan]
Pid: 2827, comm: asterisk Not tainted (2.6.26-2-686
https://issues.asterisk.org/view.php?id=1)
EIP: 0060:[<cc98c11e>] EFLAGS: 00210286 CPU: 0
EIP is at dahdi_chan_ioctl+0x18/0x819 [dahdi]
EAX: ffffffff EBX: b29608d8 ECX: b29608d8 EDX: 8004da08
ESI: 8004da08 EDI: c87d2280 EBP: 00000000 ESP: c629de24
DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process asterisk (pid: 2827, ti=c629c000 task=cb4a6660 task.ti=c629c000)
Stack: 00000000 00000000 00000000 00000000 00000000 00000000 8004da08
000000fe
c87d2280 8004da08 cc98e068 ffffffff 00000009 b29608d8 b2960886
00000005
00000000 ffffffff ffffffff c1188fc0 ca3574e0 00000001 ca3574e8
c011be2d
Call Trace:
[<cc98e068>] dahdi_ioctl+0x1749/0x17e9 [dahdi]
[<c011be2d>] push_rt_task+0xff/0x1ac
[<c011bee4>] push_rt_tasks+0xa/0x10
[<c011b733>] try_to_wake_up+0xe8/
[<c0118511>] __wake_up_common+0x2
[<c011a6fb>] __wake_up+0x29/0x39
[<c013ab0a>] wake_futex+0x1c/0x26
[<c013baa2>] do_futex+0x303/0x70e
[<c01dd39a>] __next_cpu+0x12/0x21
[<c011a0d3>] find_lowest_rq+0xb0/
[<cc98c91f>] dahdi_ioctl+0x0/0x17
[<c017e83c>] vfs_ioctl+0x1c/0x5d
[<c017eac7>] do_vfs_ioctl+0x24a/0
[<c017eb1f>] sys_ioctl+0x41/0x5a
[<c0103857>] sysenter_past_esp+0x
[<c02b0000>] quirk_ali7101_acpi+0
=======================
Code: 00 89 95 98 05 00 00 31 f6 83 c4 60 89 f0 5b 5e 5f 5d c3 55 57 89 c7
56 89 d6 53 89 cb 83 ec 18 8b 44 24 2c 8b 2c 85 60 09 9b cc <83> bd 80 00
00 00 00 75 0f ba eb 14 00 00 b8 99 fe 98 cc e8 bd
EIP: [<cc98c11e>] dahdi_chan_ioctl+0x18/0x819 [dahdi] SS:ESP
0068:c629de24
---[ end trace 4cc6bfb9265c52fd ]---
Only tested with wcb4xxp, and not the latest, but I suspect it has not
changed recently.
======================================================================
----------------------------------------------------------------------
(0126424) sruffell (administrator) - 2010-08-29 01:05
https://issues.asterisk.org/view.php?id=17669#c126424
----------------------------------------------------------------------
I attached the patch
"0002-dahdi-Sleep-a-bit-before-returning-ENODEV-from-read-.patch" in case a
read loop is still a problem.
The idea that this still may be needed was brought up in the following
thread:
http://lists.digium.com/pipermail/asterisk-dev/2010-August/045935.html
Issue History
Date Modified Username Field Change
======================================================================
2010-08-29 01:05 sruffell Note Added: 0126424
======================================================================
More information about the asterisk-bugs
mailing list