Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, 2007/6/6, Christoph Lameter <[EMAIL PROTECTED]>: Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? I tested several more times under 2.6.22-rc4, there's no such problem. The hci_dev_put is indeed a bug, isn't it? it decrement the refcout on more time like you said. But why the slub doesn't warning under 2.6.22-rc4 but do under 2.6.22-rc3-mm1? I'm puzzled. And if this is a bug , should I write another post to list? then to mm or mainline? I'm still new to kernel list, thanks you all. Regards dave - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Tue, 5 Jun 2007, Andrew Morton wrote: > Could perhaps be due to bluetooth-postpone-hci_dev-unregistration.patch, > but I don't see how. (But that patch looks a bit dodgy wrt module > unload so I think I'll drop it). It is perfectly fine to drop this one, as the issue it was trying to solve has been already fixed in a different way (commit 4ce61d1c7 in mainline). -- Jiri Kosina SUSE Labs - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Tue, 5 Jun 2007, Andrew Morton wrote: Could perhaps be due to bluetooth-postpone-hci_dev-unregistration.patch, but I don't see how. (But that patch looks a bit dodgy wrt module unload so I think I'll drop it). It is perfectly fine to drop this one, as the issue it was trying to solve has been already fixed in a different way (commit 4ce61d1c7 in mainline). -- Jiri Kosina SUSE Labs - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, 2007/6/6, Christoph Lameter [EMAIL PROTECTED]: Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? I tested several more times under 2.6.22-rc4, there's no such problem. The hci_dev_put is indeed a bug, isn't it? it decrement the refcout on more time like you said. But why the slub doesn't warning under 2.6.22-rc4 but do under 2.6.22-rc3-mm1? I'm puzzled. And if this is a bug , should I write another post to list? then to mm or mainline? I'm still new to kernel list, thanks you all. Regards dave - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, 2007/6/6, Christoph Lameter <[EMAIL PROTECTED]>: Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? I noticed in hci_core.c: hci_dev_close call hci_dev_do_close , then call hci_dev_put but in hci_dev_do_close also call hci_dev_put Maybe this is the reason, by apply the below patch the bug seems doesn't exist, but the strange thing is the 2.4.22-rc4 seems works, I will test once more to see the result. Signed-off-by: dave young <[EMAIL PROTECTED]> --- net/bluetooth/hci_core.c |1 - 1 file changed, 1 deletion(-) diff -dur linux/net/bluetooth/hci_core.c linux.new/net/bluetooth/hci_core.c --- linux/net/bluetooth/hci_core.c 2007-06-06 13:47:14.0 + +++ linux.new/net/bluetooth/hci_core.c 2007-06-06 13:46:58.0 + @@ -577,7 +577,6 @@ hci_req_unlock(hdev); - hci_dev_put(hdev); return 0; } Regards dave - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Wed, 6 Jun 2007 03:27:31 + "young dave" <[EMAIL PROTECTED]> wrote: > Hi, > > Are you able to reproduce this in 2.6.22-rc4? > > The bug seems doesn't exist in 2.6.22-rc4, I have tested it, the > unpluging can't produce kernel bug message. > OK, thanks. I'll drop bluetooth-postpone-hci_dev-unregistration.patch - let's see if that helps. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, Are you able to reproduce this in 2.6.22-rc4? The bug seems doesn't exist in 2.6.22-rc4, I have tested it, the unpluging can't produce kernel bug message. Regards dave - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, Are you able to reproduce this in 2.6.22-rc4? The kmalloc in dmesg is in skbuff.c:pskb_expand_head, I will try 2.6.22-rc4 ASAP. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Wed, 6 Jun 2007 01:56:01 + "young dave" <[EMAIL PROTECTED]> wrote: > Hi, > when I remove the usb bluetooth adapter , the kernel reporting bug: > > /* this two line is printk message I printed in net/bluetooth/hci_core.c */ > > #before free dev: c3758430 > #after free dev > > = > BUG kmalloc-1024: Poison overwritten > - > > INFO: 0xc3758440-0xc3758440. First byte 0x6a instead of 0x6b > INFO: Allocated in hci_alloc_dev+0x1f/0x80 [bluetooth] age=6094 cpu=0 pid=9586 > INFO: Freed in device_release+0x82/0x90 age=0 cpu=0 pid=7 > INFO: Slab 0xc106eb00 used=6 fp=0xc3758430 flags=0x400020c3 > INFO: Object 0xc3758430 @offset=1072 fp=0xc375b240 I don't get it. device_release() doesn't call kfree() or kmem_cache_free() or any such thing. > Bytes b4 0xc3758420: 00 00 00 00 b9 ea 09 00 5a 5a 5a 5a 5a 5a 5a 5a > ¹ê.. > Object 0xc3758430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc3758440: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > jkkk > Object 0xc3758450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc3758460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc3758470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc3758480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc3758490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Object 0xc37584a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b > > Redzone 0xc3758830: bb bb bb bb > > Padding 0xc3758858: 5a 5a 5a 5a 5a 5a 5a 5a > > [] check_bytes_and_report+0xaa/0xe0 > [] check_object+0x198/0x1e0 > [] alloc_debug_processing+0x9c/0x130 > [] __slab_alloc+0x10a/0x220 > [] pskb_expand_head+0x4a/0x140 > [] __kmalloc+0x72/0x80 > [] pskb_expand_head+0x4a/0x140 > [] pskb_expand_head+0x4a/0x140 > [] alloc_debug_processing+0xc6/0x130 > [] netlink_broadcast+0x68/0x370 > [] kobject_uevent_env+0x32d/0x4e0 > [] kobject_uevent_env+0x414/0x4e0 > [] d_kill+0x3f/0x60 > [] dput+0x1a/0xf0 > [] device_del+0x1ac/0x2e0 > [] usb_disable_device+0x78/0xf0 > [] usb_disconnect+0x93/0xf0 > [] hub_port_connect_change+0x2f2/0x3b0 > [] hub_events+0x212/0x420 > [] autoremove_wake_function+0x0/0x50 > [] hub_thread+0x25/0x110 > [] autoremove_wake_function+0x0/0x50 > [] autoremove_wake_function+0x0/0x50 > [] hub_thread+0x0/0x110 > [] kthread+0x59/0xa0 > [] kthread+0x0/0xa0 > [] kernel_thread_helper+0x7/0x14 > === > FIX kmalloc-1024: Restoring 0xc3758440-0xc3758440=0x6b > > FIX kmalloc-1024: Marking all objects used Could perhaps be due to bluetooth-postpone-hci_dev-unregistration.patch, but I don't see how. (But that patch looks a bit dodgy wrt module unload so I think I'll drop it). Are you able to reproduce this in 2.6.22-rc4? - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, when I remove the usb bluetooth adapter , the kernel reporting bug: /* this two line is printk message I printed in net/bluetooth/hci_core.c */ #before free dev: c3758430 #after free dev = BUG kmalloc-1024: Poison overwritten - INFO: 0xc3758440-0xc3758440. First byte 0x6a instead of 0x6b INFO: Allocated in hci_alloc_dev+0x1f/0x80 [bluetooth] age=6094 cpu=0 pid=9586 INFO: Freed in device_release+0x82/0x90 age=0 cpu=0 pid=7 INFO: Slab 0xc106eb00 used=6 fp=0xc3758430 flags=0x400020c3 INFO: Object 0xc3758430 @offset=1072 fp=0xc375b240 Bytes b4 0xc3758420: 00 00 00 00 b9 ea 09 00 5a 5a 5a 5a 5a 5a 5a 5a ¹ê.. Object 0xc3758430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758440: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b jkkk Object 0xc3758450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc37584a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Redzone 0xc3758830: bb bb bb bb Padding 0xc3758858: 5a 5a 5a 5a 5a 5a 5a 5a [] check_bytes_and_report+0xaa/0xe0 [] check_object+0x198/0x1e0 [] alloc_debug_processing+0x9c/0x130 [] __slab_alloc+0x10a/0x220 [] pskb_expand_head+0x4a/0x140 [] __kmalloc+0x72/0x80 [] pskb_expand_head+0x4a/0x140 [] pskb_expand_head+0x4a/0x140 [] alloc_debug_processing+0xc6/0x130 [] netlink_broadcast+0x68/0x370 [] kobject_uevent_env+0x32d/0x4e0 [] kobject_uevent_env+0x414/0x4e0 [] d_kill+0x3f/0x60 [] dput+0x1a/0xf0 [] device_del+0x1ac/0x2e0 [] usb_disable_device+0x78/0xf0 [] usb_disconnect+0x93/0xf0 [] hub_port_connect_change+0x2f2/0x3b0 [] hub_events+0x212/0x420 [] autoremove_wake_function+0x0/0x50 [] hub_thread+0x25/0x110 [] autoremove_wake_function+0x0/0x50 [] autoremove_wake_function+0x0/0x50 [] hub_thread+0x0/0x110 [] kthread+0x59/0xa0 [] kthread+0x0/0xa0 [] kernel_thread_helper+0x7/0x14 === FIX kmalloc-1024: Restoring 0xc3758440-0xc3758440=0x6b FIX kmalloc-1024: Marking all objects used - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
[BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, when I remove the usb bluetooth adapter , the kernel reporting bug: /* this two line is printk message I printed in net/bluetooth/hci_core.c */ #before free dev: c3758430 #after free dev = BUG kmalloc-1024: Poison overwritten - INFO: 0xc3758440-0xc3758440. First byte 0x6a instead of 0x6b INFO: Allocated in hci_alloc_dev+0x1f/0x80 [bluetooth] age=6094 cpu=0 pid=9586 INFO: Freed in device_release+0x82/0x90 age=0 cpu=0 pid=7 INFO: Slab 0xc106eb00 used=6 fp=0xc3758430 flags=0x400020c3 INFO: Object 0xc3758430 @offset=1072 fp=0xc375b240 Bytes b4 0xc3758420: 00 00 00 00 b9 ea 09 00 5a 5a 5a 5a 5a 5a 5a 5a ¹ê.. Object 0xc3758430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758440: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b jkkk Object 0xc3758450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc37584a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Redzone 0xc3758830: bb bb bb bb Padding 0xc3758858: 5a 5a 5a 5a 5a 5a 5a 5a [c016db1a] check_bytes_and_report+0xaa/0xe0 [c016de48] check_object+0x198/0x1e0 [c016e2ac] alloc_debug_processing+0x9c/0x130 [c016ed9a] __slab_alloc+0x10a/0x220 [c03c412a] pskb_expand_head+0x4a/0x140 [c016fa12] __kmalloc+0x72/0x80 [c03c412a] pskb_expand_head+0x4a/0x140 [c03c412a] pskb_expand_head+0x4a/0x140 [c016e2d6] alloc_debug_processing+0xc6/0x130 [c03dbcc8] netlink_broadcast+0x68/0x370 [c02727fd] kobject_uevent_env+0x32d/0x4e0 [c02728e4] kobject_uevent_env+0x414/0x4e0 [c01858df] d_kill+0x3f/0x60 [c018591a] dput+0x1a/0xf0 [c02dbd7c] device_del+0x1ac/0x2e0 [c0360e88] usb_disable_device+0x78/0xf0 [c035b923] usb_disconnect+0x93/0xf0 [c035cb02] hub_port_connect_change+0x2f2/0x3b0 [c035cdd2] hub_events+0x212/0x420 [c0138470] autoremove_wake_function+0x0/0x50 [c035d005] hub_thread+0x25/0x110 [c0138470] autoremove_wake_function+0x0/0x50 [c0138470] autoremove_wake_function+0x0/0x50 [c035cfe0] hub_thread+0x0/0x110 [c0137e99] kthread+0x59/0xa0 [c0137e40] kthread+0x0/0xa0 [c0104df3] kernel_thread_helper+0x7/0x14 === FIX kmalloc-1024: Restoring 0xc3758440-0xc3758440=0x6b FIX kmalloc-1024: Marking all objects used - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Wed, 6 Jun 2007 01:56:01 + young dave [EMAIL PROTECTED] wrote: Hi, when I remove the usb bluetooth adapter , the kernel reporting bug: /* this two line is printk message I printed in net/bluetooth/hci_core.c */ #before free dev: c3758430 #after free dev = BUG kmalloc-1024: Poison overwritten - INFO: 0xc3758440-0xc3758440. First byte 0x6a instead of 0x6b INFO: Allocated in hci_alloc_dev+0x1f/0x80 [bluetooth] age=6094 cpu=0 pid=9586 INFO: Freed in device_release+0x82/0x90 age=0 cpu=0 pid=7 INFO: Slab 0xc106eb00 used=6 fp=0xc3758430 flags=0x400020c3 INFO: Object 0xc3758430 @offset=1072 fp=0xc375b240 I don't get it. device_release() doesn't call kfree() or kmem_cache_free() or any such thing. Bytes b4 0xc3758420: 00 00 00 00 b9 ea 09 00 5a 5a 5a 5a 5a 5a 5a 5a ¹ê.. Object 0xc3758430: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758440: 6a 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b jkkk Object 0xc3758450: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758460: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758470: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758480: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc3758490: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Object 0xc37584a0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b Redzone 0xc3758830: bb bb bb bb Padding 0xc3758858: 5a 5a 5a 5a 5a 5a 5a 5a [c016db1a] check_bytes_and_report+0xaa/0xe0 [c016de48] check_object+0x198/0x1e0 [c016e2ac] alloc_debug_processing+0x9c/0x130 [c016ed9a] __slab_alloc+0x10a/0x220 [c03c412a] pskb_expand_head+0x4a/0x140 [c016fa12] __kmalloc+0x72/0x80 [c03c412a] pskb_expand_head+0x4a/0x140 [c03c412a] pskb_expand_head+0x4a/0x140 [c016e2d6] alloc_debug_processing+0xc6/0x130 [c03dbcc8] netlink_broadcast+0x68/0x370 [c02727fd] kobject_uevent_env+0x32d/0x4e0 [c02728e4] kobject_uevent_env+0x414/0x4e0 [c01858df] d_kill+0x3f/0x60 [c018591a] dput+0x1a/0xf0 [c02dbd7c] device_del+0x1ac/0x2e0 [c0360e88] usb_disable_device+0x78/0xf0 [c035b923] usb_disconnect+0x93/0xf0 [c035cb02] hub_port_connect_change+0x2f2/0x3b0 [c035cdd2] hub_events+0x212/0x420 [c0138470] autoremove_wake_function+0x0/0x50 [c035d005] hub_thread+0x25/0x110 [c0138470] autoremove_wake_function+0x0/0x50 [c0138470] autoremove_wake_function+0x0/0x50 [c035cfe0] hub_thread+0x0/0x110 [c0137e99] kthread+0x59/0xa0 [c0137e40] kthread+0x0/0xa0 [c0104df3] kernel_thread_helper+0x7/0x14 === FIX kmalloc-1024: Restoring 0xc3758440-0xc3758440=0x6b FIX kmalloc-1024: Marking all objects used Could perhaps be due to bluetooth-postpone-hci_dev-unregistration.patch, but I don't see how. (But that patch looks a bit dodgy wrt module unload so I think I'll drop it). Are you able to reproduce this in 2.6.22-rc4? - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, Are you able to reproduce this in 2.6.22-rc4? The kmalloc in dmesg is in skbuff.c:pskb_expand_head, I will try 2.6.22-rc4 ASAP. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, Are you able to reproduce this in 2.6.22-rc4? The bug seems doesn't exist in 2.6.22-rc4, I have tested it, the unpluging can't produce kernel bug message. Regards dave - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
On Wed, 6 Jun 2007 03:27:31 + young dave [EMAIL PROTECTED] wrote: Hi, Are you able to reproduce this in 2.6.22-rc4? The bug seems doesn't exist in 2.6.22-rc4, I have tested it, the unpluging can't produce kernel bug message. OK, thanks. I'll drop bluetooth-postpone-hci_dev-unregistration.patch - let's see if that helps. - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Re: [BUG] 2.6.22-rc3-mm1 remove bluetooth usb adapter caused kmalloc bug
Hi, 2007/6/6, Christoph Lameter [EMAIL PROTECTED]: Note that the corruption seems to have its cause in a decrement done at offset 16 into the object pointing to the refcount in struct hci_dev. So it looks like the refcount was decremented after the object was freed. sysfs related? I noticed in hci_core.c: hci_dev_close call hci_dev_do_close , then call hci_dev_put but in hci_dev_do_close also call hci_dev_put Maybe this is the reason, by apply the below patch the bug seems doesn't exist, but the strange thing is the 2.4.22-rc4 seems works, I will test once more to see the result. Signed-off-by: dave young [EMAIL PROTECTED] --- net/bluetooth/hci_core.c |1 - 1 file changed, 1 deletion(-) diff -dur linux/net/bluetooth/hci_core.c linux.new/net/bluetooth/hci_core.c --- linux/net/bluetooth/hci_core.c 2007-06-06 13:47:14.0 + +++ linux.new/net/bluetooth/hci_core.c 2007-06-06 13:46:58.0 + @@ -577,7 +577,6 @@ hci_req_unlock(hdev); - hci_dev_put(hdev); return 0; } Regards dave - To unsubscribe from this list: send the line unsubscribe linux-kernel in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/