Bug 436325

Summary: iwl3945/iwl4965 - BUG: bad unlock balance detected!
Product: [Fedora] Fedora Reporter: Ralf Ertzinger <redhat-bugzilla>
Component: kernelAssignee: John W. Linville <linville>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: low Docs Contact:
Priority: low    
Version: rawhideCC: ajax, jarod, kernel-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-03-14 14:09:17 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ralf Ertzinger 2008-03-06 15:12:40 UTC
Description of problem:
Shortly after boot finishes, (runlevel 3) the following appears on the console:

=====================================
[ BUG: bad unlock balance detected! ]
-------------------------------------
iwl3945/0/781 is trying to release lock (rcu_read_lock) at:
[<f90994f5>] ieee80211_scan_completed+0x19d/0x1e5 [mac80211]
but there are no more locks to release!

other info that might help us debug this:
2 locks held by iwl3945/0/781:
 #0:  (iwl3945){--..}, at: [<c0436582>] run_workqueue+0x91/0x1a1
 #1:  (&priv->scan_completed){--..}, at: [<c0436582>] run_workqueue+0x91/0x1a1

stack backtrace:
Pid: 781, comm: iwl3945/0 Not tainted 2.6.25-0.93.rc4.fc9PAE #1
 [<c0445fb7>] print_unlock_inbalance_bug+0xd7/0xe1
 [<c043c730>] ? hrtimer_interrupt+0x143/0x163
 [<c044468f>] ? mark_held_locks+0x4e/0x66
 [<c0404d85>] ? restore_nocheck+0x12/0x15
 [<c0444817>] ? trace_hardirqs_on+0xe9/0x10a
 [<c0404d85>] ? restore_nocheck+0x12/0x15
 [<c044604b>] lock_release_non_nested+0x8a/0x12d
 [<f90994f5>] ? ieee80211_scan_completed+0x19d/0x1e5 [mac80211]
 [<c044623a>] lock_release+0x14c/0x172
 [<f9099509>] ieee80211_scan_completed+0x1b1/0x1e5 [mac80211]
 [<f90c71c8>] iwl3945_bg_scan_completed+0x76/0x94 [iwl3945]
 [<c04365c4>] run_workqueue+0xd3/0x1a1
 [<c0436582>] ? run_workqueue+0x91/0x1a1
 [<f90c7152>] ? iwl3945_bg_scan_completed+0x0/0x94 [iwl3945]
 [<c0436748>] worker_thread+0xb6/0xc2
 [<c043959b>] ? autoremove_wake_function+0x0/0x33
 [<c0436692>] ? worker_thread+0x0/0xc2
 [<c043934a>] kthread+0x3b/0x61
 [<c043930f>] ? kthread+0x0/0x61
 [<c04059f3>] kernel_thread_helper+0x7/0x10
 =======================

Wireless works after this, however.

Version-Release number of selected component (if applicable):
kernel-PAE-2.6.25-0.93.rc4.fc9.i686

How reproducible:
Always

Steps to Reproduce:
1. Install kernel, boot
2.
3.
  
Actual results:
Above message

Expected results:
No messageh

Additional info:

Comment 1 John W. Linville 2008-03-10 15:05:29 UTC
*** Bug 436658 has been marked as a duplicate of this bug. ***

Comment 2 Jarod Wilson 2008-03-10 23:45:10 UTC
Also happens with my iwl4965.

Comment 3 Jarod Wilson 2008-03-10 23:55:16 UTC
In addition, I get a ton of spew in dmesg, basically this dump repeating pretty
regularly:

------------[ cut here ]------------
WARNING: at net/mac80211/rx.c:2073 __ieee80211_rx+0x59/0x5d8 [mac80211]() (Not t
ainted)
Modules linked in: aes_x86_64 aes_generic fuse nls_utf8 hfsplus ipt_MASQUERADE i
ptable_nat nf_nat bridge rfcomm l2cap bluetooth autofs4 sunrpc nf_conntrack_ipv4
 ipt_REJECT iptable_filter ip_tables nf_conntrack_ipv6 xt_state nf_conntrack xt_
tcpudp ip6t_ipv6header ip6t_REJECT ip6table_filter ip6_tables x_tables cpufreq_o
ndemand acpi_cpufreq freq_table dm_mirror dm_multipath dm_mod ipv6 uinput kvm_in
tel kvm snd_hda_intel snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq arc4 
snd_seq_device ecb thinkpad_acpi crypto_blkcipher snd_pcm_oss hwmon snd_mixer_os
s firewire_ohci iwl4965 snd_pcm firewire_core pcspkr joydev snd_timer mac80211 i
TCO_wdt snd_page_alloc iTCO_vendor_support snd_hwdep sdhci mmc_core ricoh_mmc i2
c_i801 i915 crc_itu_t snd cfg80211 drm soundcore e1000e i2c_algo_bit i2c_core ac
 battery wmi button sg ata_piix ahci libata sd_mod scsi_mod ext3 jbd mbcache
uhci_hcd ohci_hcd ehci_hcd [last unloaded: microcode]
Pid: 0, comm: swapper Not tainted 2.6.25-0.102.rc4.git3.fc8.fw #1

Call Trace:
 <IRQ>  [<ffffffff81032f47>] warn_on_slowpath+0x60/0x73
 [<ffffffff881bf808>] :mac80211:__ieee80211_rx+0x59/0x5d8
 [<ffffffff881b0676>] :mac80211:ieee80211_tasklet_handler+0x5b/0x104
 [<ffffffff81038353>] tasklet_action+0x5e/0xb2
 [<ffffffff81038200>] __do_softirq+0x5f/0xe3
 [<ffffffff8100d1bc>] call_softirq+0x1c/0x28
 [<ffffffff8100eab7>] do_softirq+0x39/0x8a
 [<ffffffff81038160>] irq_exit+0x4e/0x8f
 [<ffffffff8100ec76>] do_IRQ+0x144/0x166
 [<ffffffff8100c546>] ret_from_intr+0x0/0xf
 <EOI>  [<ffffffff8102e538>] ? sched_clock_idle_wakeup_event+0x44/0x68
 [<ffffffff81181ac9>] ? acpi_idle_enter_bm+0x2b1/0x320
 [<ffffffff81181abf>] ? acpi_idle_enter_bm+0x2a7/0x320
 [<ffffffff811f7f5f>] ? menu_select+0x70/0x99
 [<ffffffff811f734b>] ? cpuidle_idle_call+0x75/0xa2
 [<ffffffff811f72d6>] ? cpuidle_idle_call+0x0/0xa2
 [<ffffffff8100b071>] ? cpu_idle+0xa4/0xce
 [<ffffffff81289a26>] ? rest_init+0x5a/0x5c

---[ end trace 55de59de9b7e36a0 ]---

Comment 4 John W. Linville 2008-03-11 13:15:26 UTC
Please try these kernels:

   http://koji.fedoraproject.org/koji/buildinfo?buildID=42458

Do they resolve the issue?

Comment 5 Jarod Wilson 2008-03-12 04:45:00 UTC
No more iwl4965 problems here.

Comment 6 Ralf Ertzinger 2008-03-14 12:23:11 UTC
Fixed for me in kernel-PAE-2.6.25-0.113.rc5.git2.fc9.i686