Bug 389761

Summary: Kernel oops on b43legacy link up.
Product: [Fedora] Fedora Reporter: David Woodhouse <dwmw2>
Component: kernelAssignee: John W. Linville <linville>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: 8   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: 2.6.23.8-63.fc8 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-26 19:46:11 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description David Woodhouse 2007-11-18 21:13:50 UTC 
Upon 'ip link set eth1 down ; ip link set eth1 up' on b43legacy:

b43legacy-phy0 debug: Removing Interface type 2
b43legacy-phy0 debug: Wireless interface stopped
b43legacy-phy0 debug: DMA-32 0x0260 (RX) max used slots: 1/64
b43legacy-phy0 debug: DMA-32 0x0200 (RX) max used slots: 6/64
b43legacy-phy0 debug: DMA-32 0x02A0 (TX) max used slots: 0/128
b43legacy-phy0 debug: DMA-32 0x0280 (TX) max used slots: 0/128
b43legacy-phy0 debug: DMA-32 0x0260 (TX) max used slots: 0/128
b43legacy-phy0 debug: DMA-32 0x0240 (TX) max used slots: 0/128
b43legacy-phy0 debug: DMA-32 0x0220 (TX) max used slots: 6/128
b43legacy-phy0 debug: DMA-32 0x0200 (TX) max used slots: 0/128
b43legacy-phy0 debug: Radio initialized
b43legacy-phy0 debug: Radio initialized
b43legacy-phy0 debug: Loading firmware version 0x127, patch level 14 (2005-04-18
02:36:27)
Registered led device: b43legacy-phy0:tx
Registered led device: b43legacy-phy0:rx
Unable to handle kernel paging request for data at address 0x00110002
Faulting instruction address: 0xc00184fc
Oops: Kernel access of bad area, sig: 11 [#1]
PowerMac
Modules linked in: radeon(U) drm(U) hidp(U) rfcomm(U) hci_usb(U) l2cap(U)
bluetooth(U) ipv6(U) dm_mirror(U) dm_mod(U) therm_adt746x(U) snd_aoa_i2sbus(U)
arc4(U) snd_powermac(U) ecb(U) blkcipher(U) snd_seq_dummy(U) snd_seq_oss(U)
snd_seq_midi_event(U) snd_seq(U) pmac_zilog(U) snd_seq_device(U) b43legacy(U)
rfkill(U) snd_pcm_oss(U) snd_mixer_oss(U) mac80211(U) ide_cd(U) cdrom(U)
cfg80211(U) input_polldev(U) snd_pcm(U) snd_timer(U) snd_page_alloc(U) snd(U)
soundcore(U) snd_aoa_soundbus(U) firewire_ohci(U) firewire_core(U) crc_itu_t(U)
sungem(U) sungem_phy(U) ftdi_sio(U) usbserial(U) ssb(U) ext3(U) jbd(U)
mbcache(U) uhci_hcd(U) ohci_hcd(U) ehci_hcd(U)
NIP: c00184fc LR: c023db3c CTR: c00e63e0
REGS: e880bbe0 TRAP: 0300   Not tainted  (2.6.23.1-49.fc8)
MSR: 00009032 <EE,ME,IR,DR>  CR: 24000484  XER: 20000000
DAR: 00110002, DSISR: 40000000
TASK = ea708da0[3065] 'ip' THREAD: e880a000
GPR00: c0d5dcb4 e880bc90 ea708da0 00110002 c038512b 00110001 c0420000 c0420000 
GPR08: 4740a0c3 c0415f10 3ac74c8a 00000000 84000448 100450e4 100270b0 1002890c 
GPR16: 10024eb0 10023eac 10020000 10020000 10030000 00000000 7f89f781 e880bcfc 
GPR24: 00000000 00110002 00000000 00000001 c0415ee8 c0e312b4 c0e312a0 c0d5dca0 
NIP [c00184fc] strcmp+0x8/0x24
LR [c023db3c] led_trigger_set_default+0x38/0x8c
Call Trace:
[e880bc90] [c0e312b4] 0xc0e312b4 (unreliable)
[e880bca0] [c023d7f4] led_classdev_register+0xa8/0xec
[e880bcc0] [f2532a54] b43legacy_register_led+0x94/0xcc [b43legacy]
[e880bcf0] [f2532c88] b43legacy_leds_init+0x1fc/0x2b0 [b43legacy]
[e880bd50] [f2524208] b43legacy_chip_init+0x5c4/0xa6c [b43legacy]
[e880bd80] [f2524a08] b43legacy_wireless_core_init+0x358/0x80c [b43legacy]
[e880bdb0] [f2525818] b43legacy_start+0x3c/0x98 [b43legacy]
[e880bdd0] [f24d4c14] ieee80211_open+0x1c4/0x3bc [mac80211]
[e880be00] [c025ca5c] dev_open+0x60/0xc8
[e880be20] [c025a948] dev_change_flags+0xcc/0x1a8
[e880be40] [c02a8dec] devinet_ioctl+0x288/0x6e8
[e880bea0] [c02a9770] inet_ioctl+0xc8/0xfc
[e880beb0] [c024d7e0] sock_ioctl+0x248/0x284
[e880bed0] [c00a7690] do_ioctl+0x38/0x84
[e880bee0] [c00a7aac] vfs_ioctl+0x3d0/0x404
[e880bf10] [c00a7b48] sys_ioctl+0x68/0x98
[e880bf40] [c0012bcc] ret_from_syscall+0x0/0x38
--- Exception: c01 at 0xff09798
    LR = 0xff09730
Instruction dump:
3884ffff 8c050001 2c000000 4082fff8 38a5ffff 8c040001 2c000000 9c050001 
4082fff4 4e800020 38a3ffff 3884ffff <8c650001> 2c830000 8c040001 7c601851 


Seems not to happen if I revert to 2.6.23.1-42.fc8
Comment 1 John W. Linville 2007-11-20 22:48:50 UTC 
Dave is that with the -58 kernel?  Or the -49?  Can you try -58 if you haven't 
already?
Comment 2 David Woodhouse 2007-11-22 02:39:51 UTC 
That was with -49. Will retry with -63.
Comment 3 David Woodhouse 2007-11-22 03:16:21 UTC 
Works in 2.6.23.8-63.fc8