[rt2x00-users] rt73usb cause system to crash after resuming from suspend

Johannes Stezenbach js at sig21.net
Sat Feb 5 03:50:42 AEDT 2011


On Fri, Feb 04, 2011 at 05:07:33PM +0100, Johannes Stezenbach wrote:
> [  880.245913] kworker/u:2   R running   6612   668      2 0x00000000
> [  880.245913]  f807403b c10663b7 00000000 00000002 00000002 00000002 f6b97e1c f53454fc
> [  880.245913]  f6b97e3c 0000000e f6b97e2c 2071c383 00000000 00000002 00000002 f53454fc
> [  880.245913]  f6b97e64 ef5d65b0 f6b97e4c f807227d f6b97e64 f802c88b 00000998 f53485c0
> [  880.245913] Call Trace:
> [  880.245913]  [<c10663b7>] ? mark_held_locks+0x43/0x5b
> [  880.245913]  [<f807403b>] ? rt2x00queue_index_inc+0x5f/0xaa [rt2x00lib]
> [  880.245913]  [<f807227d>] ? rt2x00lib_dmadone+0x19/0x1b [rt2x00lib]
> [  880.245913]  [<f802c88b>] ? rt2x00usb_clear_entry+0x89/0x8f [rt2x00usb]
> [  880.245913]  [<f80724be>] ? rt2x00lib_rxdone+0x23f/0x25e [rt2x00lib]
> [  880.245913]  [<f8074155>] ? rt2x00queue_get_entry+0x61/0x7f [rt2x00lib]
> [  880.245913]  [<c10663b7>] ? mark_held_locks+0x43/0x5b
> [  880.245913]  [<c147009c>] ? _raw_spin_unlock_irqrestore+0x47/0x5e
> [  880.245913]  [<c1030b88>] ? sub_preempt_count+0x8b/0x98
> [  880.245913]  [<c147009c>] ? _raw_spin_unlock_irqrestore+0x47/0x5e
> [  880.245913]  [<f8074169>] ? rt2x00queue_get_entry+0x75/0x7f [rt2x00lib]
> [  880.245913]  [<f802c456>] ? rt2x00usb_work_rxdone+0x22/0x55 [rt2x00usb]

Could you try the patch below?  It should help with the rmmod/unplug issue.

However, after suspend/resume and then unplug it still crashes:

[  362.555243] BUG: unable to handle kernel paging request at 6b6b6c6f
[  362.555520] IP: [<c106793f>] __lock_acquire+0x355/0x132a
[  362.555726] *pde = 00000000 
[  362.555854] Oops: 0002 [#1] PREEMPT SMP 
[  362.556053] last sysfs file: /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
[  362.556286] Modules linked in: rt73usb crc_itu_t rt2x00usb rt2x00lib ath9k mac80211 ath9k_common ath9k_hw ath cfg80211 [last unloaded: scsi_wait_scan]
[  362.556339] 
[  362.556339] Pid: 343, comm: khubd Not tainted 2.6.37 #4 N130                       /N130                       
[  362.556339] EIP: 0060:[<c106793f>] EFLAGS: 00010002 CPU: 0
[  362.556339] EIP is at __lock_acquire+0x355/0x132a
[  362.556339] EAX: 6b6b6b6b EBX: f6984600 ECX: 00000000 EDX: 00000000
[  362.556339] ESI: 6b6b6b6b EDI: f4f200d0 EBP: f6ab7e1c ESP: f6ab7dac
[  362.556339]  DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
[  362.556339] Process khubd (pid: 343, ti=f6ab6000 task=f6984600 task.ti=f6ab6000)
[  362.556339] Stack:
[  362.556339]  f6802300 f6ab7dc4 c10c9566 f76aae40 f6802300 f4ef2038 f6ab7df0 f6984600
[  362.556339]  00000000 00000000 00000006 f6ab7df0 00000002 00000000 f6984600 c10ca329
[  362.556339]  f6fedb10 f6ab7e00 c10665f3 f76aae40 f6802300 f6ab7e08 c106661f f6ab7e2c
[  362.556339] Call Trace:
[  362.556339]  [<c10c9566>] ? set_track+0x33/0x5d
[  362.556339]  [<c10ca329>] ? kfree+0x170/0x199
[  362.556339]  [<c10665f3>] ? trace_hardirqs_on_caller+0x10a/0x12b
[  362.556339]  [<c106661f>] ? trace_hardirqs_on+0xb/0xd
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c1068a37>] ? lock_acquire+0x123/0x15c
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c146e922>] ? mutex_lock_nested+0x60/0x2a8
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c12cc5a0>] ? put_device+0x14/0x16
[  362.556339]  [<c12ce9e4>] ? klist_devices_put+0x10/0x12
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c12cee65>] ? bus_remove_device+0x7d/0x8a
[  362.556339]  [<c12cd54d>] ? device_del+0xff/0x15a
[  362.556339]  [<c13129b9>] ? usb_disconnect+0x97/0xee
[  362.556339]  [<c1313956>] ? hub_thread+0x3b2/0xcdc
[  362.556339]  [<c10552dd>] ? autoremove_wake_function+0x0/0x39
[  362.556339]  [<c13135a4>] ? hub_thread+0x0/0xcdc
[  362.556339]  [<c1054e7e>] ? kthread+0x67/0x6c
[  362.556339]  [<c1054e17>] ? kthread+0x0/0x6c
[  362.556339]  [<c1002f7a>] ? kernel_thread_helper+0x6/0x10
[  362.556339] Code: a4 cb 19 00 85 c0 0f 84 8f 0f 00 00 83 3d fc 95 cb c1 00 ba 17 03 00 00 0f 85 7d 0f 00 00 e9 bc 0e 00 00 85 f6 0f 84 70 0f 00 00 <f0> ff 86 04 01 00 00 8b 8b 64 04 00 00 83 3d d4 1e 78 c1 00 89 
[  362.556339] EIP: [<c106793f>] __lock_acquire+0x355/0x132a SS:ESP 0068:f6ab7dac
[  362.556339] CR2: 000000006b6b6c6f
[  362.556339] ---[ end trace 89c297aa41556fb9 ]---
[  362.556339] note: khubd[343] exited with preempt_count 1
[  362.556339] BUG: sleeping function called from invalid context at kernel/mutex.c:278
[  362.556339] in_atomic(): 1, irqs_disabled(): 1, pid: 343, name: khubd
[  362.556339] INFO: lockdep is turned off.
[  362.556339] irq event stamp: 23779
[  362.556339] hardirqs last  enabled at (23779): [<c10ca329>] kfree+0x170/0x199
[  362.556339] hardirqs last disabled at (23778): [<c10ca2b9>] kfree+0x100/0x199
[  362.556339] softirqs last  enabled at (23730): [<c13d3c7d>] sk_filter+0xd4/0xdf
[  362.556339] softirqs last disabled at (23728): [<c13d3bbf>] sk_filter+0x16/0xdf
[  362.556339] Pid: 343, comm: khubd Tainted: G      D     2.6.37 #4
[  362.556339] Call Trace:
[  362.556339]  [<c13d3bbf>] ? sk_filter+0x16/0xdf
[  362.556339]  [<c102e90b>] __might_sleep+0x112/0x11a
[  362.556339]  [<c146e8ed>] mutex_lock_nested+0x2b/0x2a8
[  362.556339]  [<c10373ad>] ? mm_release+0x5e/0xcf
[  362.556339]  [<c109ebd0>] perf_event_exit_task+0x1b/0x192
[  362.556339]  [<c14700f2>] ? _raw_spin_unlock+0x3f/0x42
[  362.556339]  [<c10eecb3>] ? exit_fs+0x54/0x65
[  362.556339]  [<c103cf3a>] do_exit+0x2e2/0x6d6
[  362.556339]  [<c103a445>] ? kmsg_dump+0x10f/0x121
[  362.556339]  [<c1005ebe>] oops_end+0x81/0x86
[  362.556339]  [<c146ca07>] ? printk+0x1d/0x26
[  362.556339]  [<c10206c9>] no_context+0x122/0x12a
[  362.556339]  [<c10207e9>] __bad_area_nosemaphore+0x118/0x120
[  362.556339]  [<c1207e84>] ? __debug_check_no_obj_freed+0x5a/0x160
[  362.556339]  [<c1020945>] ? do_page_fault+0x0/0x365
[  362.556339]  [<c1020808>] bad_area_nosemaphore+0x17/0x19
[  362.556339]  [<c1020aaf>] do_page_fault+0x16a/0x365
[  362.556339]  [<c1203690>] ? trace_hardirqs_off_thunk+0xc/0x10
[  362.556339]  [<c1470c6f>] ? error_code+0x5b/0x64
[  362.556339]  [<c1020945>] ? do_page_fault+0x0/0x365
[  362.556339]  [<c1065632>] ? trace_hardirqs_off_caller+0x18/0x8d
[  362.556339]  [<c1020945>] ? do_page_fault+0x0/0x365
[  362.556339]  [<c1470c73>] error_code+0x5f/0x64
[  362.556339]  [<c1020945>] ? do_page_fault+0x0/0x365
[  362.556339]  [<c106793f>] ? __lock_acquire+0x355/0x132a
[  362.556339]  [<c10c9566>] ? set_track+0x33/0x5d
[  362.556339]  [<c10ca329>] ? kfree+0x170/0x199
[  362.556339]  [<c10665f3>] ? trace_hardirqs_on_caller+0x10a/0x12b
[  362.556339]  [<c106661f>] ? trace_hardirqs_on+0xb/0xd
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c1068a37>] lock_acquire+0x123/0x15c
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c146e922>] mutex_lock_nested+0x60/0x2a8
[  362.556339]  [<c12cf884>] ? device_release_driver+0x18/0x2a
[  362.556339]  [<c12cc5a0>] ? put_device+0x14/0x16
[  362.556339]  [<c12ce9e4>] ? klist_devices_put+0x10/0x12
[  362.556339]  [<c12cf884>] device_release_driver+0x18/0x2a
[  362.556339]  [<c12cee65>] bus_remove_device+0x7d/0x8a
[  362.556339]  [<c12cd54d>] device_del+0xff/0x15a
[  362.556339]  [<c13129b9>] usb_disconnect+0x97/0xee
[  362.556339]  [<c1313956>] hub_thread+0x3b2/0xcdc
[  362.556339]  [<c10552dd>] ? autoremove_wake_function+0x0/0x39
[  362.556339]  [<c13135a4>] ? hub_thread+0x0/0xcdc
[  362.556339]  [<c1054e7e>] kthread+0x67/0x6c
[  362.556339]  [<c1054e17>] ? kthread+0x0/0x6c
[  362.556339]  [<c1002f7a>] kernel_thread_helper+0x6/0x10

(captured via netconsole)

I'm not sure if this is related to rt73usb, though.


Can you please test if the patch works?  If so and Ivo ACKs it
I can resend with proper description and Cc: stable.


Ivo: I'm not sure about the
	while (!rt2x00queue_empty(rt2x00dev->rx)
in rt2x00usb_work_rxdone() (in 2.6.37 and also in rt2x00/master).
It seems if rt2x00queue_empty(rt2x00dev->rx) is true, it means all
queue entries contain received frames.  Could this cause
TX queue stuck issues?  I think it should be changed to
while (!rt2x00queue_full(rt2x00dev->rx).


Signed-off-by: Johannes Stezenbach <js at sig21.net>

diff --git a/drivers/net/wireless/rt2x00/rt2x00dev.c b/drivers/net/wireless/rt2x00/rt2x00dev.c
index d019830..0fa8e84 100644
--- a/drivers/net/wireless/rt2x00/rt2x00dev.c
+++ b/drivers/net/wireless/rt2x00/rt2x00dev.c
@@ -570,9 +570,12 @@ void rt2x00lib_rxdone(struct queue_entry *entry)
 	entry->skb = skb;
 
 submit_entry:
-	rt2x00dev->ops->lib->clear_entry(entry);
-	rt2x00queue_index_inc(entry->queue, Q_INDEX);
 	rt2x00queue_index_inc(entry->queue, Q_INDEX_DONE);
+	if (test_bit(DEVICE_STATE_PRESENT, &rt2x00dev->flags) &&
+	    test_bit(DEVICE_STATE_ENABLED_RADIO, &rt2x00dev->flags)) {
+		rt2x00dev->ops->lib->clear_entry(entry);
+		rt2x00queue_index_inc(entry->queue, Q_INDEX);
+	}
 }
 EXPORT_SYMBOL_GPL(rt2x00lib_rxdone);
 




More information about the users mailing list