Description of problem: There is really no "button" on my machine to be handled by ACPI and 'lsmod' shows usage 0. Still 'rmmod button' ends up with the following oops: kernel BUG at fs/proc/generic.c:660! invalid operand: 0000 [#1] SMP CPU: 0 EIP: 0060:[<0218f128>] Not tainted EFLAGS: 00010202 (2.6.4-1.305smp) EIP is at remove_proc_entry+0xa6/0xf6 eax: 21ecc4b0 ebx: 228615f5 ecx: 00000000 edx: 21ecc4b0 esi: 21ecc4b0 edi: 20e82d80 ebp: 00000006 esp: 1ede3f50 ds: 007b es: 007b ss: 0068 Process rmmod (pid: 1218, threadinfo=1ede3000 task=1ee68670) Stack: 21ecc480 228615f5 22861f80 02314b38 00000000 1ede3000 228614b2 0213817d 00000000 74747562 21006e6f 21015380 f70cb000 02150345 21ee7e00 f70cc000 021507f3 210153bc 1ed6a140 1f776080 00000246 21015380 1ede3fc0 00000004 Call Trace: [<228614b2>] acpi_button_exit+0x1a/0x1b [button] [<0213817d>] sys_delete_module+0x115/0x157 [<02150345>] unmap_vma_list+0xe/0x17 [<021507f3>] do_munmap+0x17e/0x18a [<0211c220>] do_page_fault+0x0/0x4b0 Code: 0f 0b 94 02 3a de 2d 02 8b 47 40 85 c0 75 09 89 f8 e8 0c ff This is ACPI information from dmesg: ACPI: S3 and PAE do not like each other for now, S3 disabled. ACPI: RSDP (v000 PTLTD ) @ 0x000f7190 ACPI: RSDT (v001 PTLTD RSDT 0x06040000 LTP 0x00000000) @ 0x1fefd123 ACPI: FADT (v001 AMD TECATE 0x06040000 PTL 0x000f4240) @ 0x1fefef2e ACPI: MADT (v001 PTLTD APIC 0x06040000 LTP 0x00000000) @ 0x1fefefa2ACPI: DSDT (v001 AMD AMDACPI 0x06040000 MSFT 0x0100000d) @ 0x00000000 ACPI: PM-Timer IO Port: 0x8008 ACPI: Local APIC address 0xfee00000 ACPI: LAPIC (acpi_id[0x00] lapic_id[0x01] enabled) ACPI: LAPIC (acpi_id[0x01] lapic_id[0x00] enabled) ACPI: LAPIC_NMI (acpi_id[0x00] high edge lint[0x1]) ACPI: LAPIC_NMI (acpi_id[0x01] high edge lint[0x1]) ACPI: IOAPIC (id[0x02] address[0xfec00000] global_irq_base[0x0]) ACPI: INT_SRC_OVR (bus 0 bus_irq 0 global_irq 2 high edge) Using ACPI (MADT) for SMP configuration information ACPI: Subsystem revision 20040326 ACPI: Interpreter enabled ACPI: Using IOAPIC for interrupt routing ACPI: PCI Root Bridge [PCI0] (00:00) ACPI: PCI Interrupt Routing Table [\_SB_.PCI0._PRT] ACPI: PCI Interrupt Routing Table [\_SB_.PCI0.AGP_._PRT] ACPI: PCI Interrupt Routing Table [\_SB_.PCI0.OP2P._PRT] ACPI: PCI Interrupt Link [LNKA] (IRQs 3 5 *10 11) ACPI: PCI Interrupt Link [LNKB] (IRQs 3 5 10 11) ACPI: PCI Interrupt Link [LNKC] (IRQs 3 5 *10 11) ACPI: PCI Interrupt Link [LNKD] (IRQs 3 *5 10 11) Yes, I know; "don't do it then". Still oops is not that nice. Version-Release number of selected component (if applicable): kernel 2.6.4-1.305smp How reproducible: 100%
Perhaps you can test the fix here: http://bugzilla.kernel.org/show_bug.cgi?id=2281
> Perhaps you can test the fix here: > http://bugzilla.kernel.org/show_bug.cgi?id=2281 A patch in this location is for 2.4 and not for 2.6. Still based on it I made something which seems to be an equivalent for 2.6.5-1.326smp (attached). Unfortunately this does not work. In the same location this is causing somewhat different oops: kernel BUG at fs/proc/generic.c:660! invalid operand: 0000 [#1] SMP CPU: 0 EIP: 0060:[<021884fc>] Not tainted EFLAGS: 00010206 (2.6.5-1.326smp) EIP is at remove_proc_entry+0xa6/0xf6 eax: 21ec3d30 ebx: 2284461d ecx: 00000000 edx: 21ec3d30 esi: 21ec3d30 edi: 21c7d400 ebp: 00000006 esp: 1f66ef50 ds: 007b es: 007b ss: 0068 Process rmmod (pid: 1170, threadinfo=1f66e000 task=1eaae870) Stack: 21ec3d00 2284461d 22845880 0231209c 00000000 1f66e000 228444d8 02133778 00000000 74747562 1d006e6f 1dc76080 f70e3000 0214a8b0 1e141a00 00000001 023d0000 02369000 02107c1f 1f66e000 02310238 1dc76080 1f66efc0 00000004 Call Trace: [<228444d8>] acpi_button_exit+0x40/0x41 [button] [<02133778>] sys_delete_module+0x124/0x166 [<0214a8b0>] unmap_vma_list+0xe/0x17 [<02107c1f>] do_IRQ+0x1c5/0x225 Code: 0f 0b 94 02 83 a6 2d 02 8b 47 40 85 c0 75 09 89 f8 e8 0c ff and after that a machine dies immediately or pretty soon. It is possible that my "port" is not really correct and/or sufficient.
Created attachment 99510 [details] A patch used in an attempt to fix "remove button
And how about the patch in http://bugzilla.kernel.org/show_bug.cgi? id=2457. It fixes similar issue for processor but it applied on Button driver as well. Thanks
Using the patch at bug id 2457 I was able to manually apply the patch to a 2.6.5-1.358 kernel but without any progress. I also downloaded and built a 2.6.6 tree from kernel.org using the .config from my 358 kernel. I'm still getting an oops removing battery, button, ac, et al.
still an issue in 2.6.9?
> still an issue in 2.6.9? It does not seem to be at least when using 2.6.9-1.650_devel.
Len, this is still an issue in mainline 2.6.9, as we carry a hack so that we never kfree the object that gets referenced later.. diff -urNp linux-1130/drivers/acpi/ec.c linux-10000/drivers/acpi/ec.c --- linux-1130/drivers/acpi/ec.c +++ linux-10000/drivers/acpi/ec.c @@ -600,7 +600,7 @@ acpi_ec_add ( acpi_remove_gpe_handler(NULL, ec_ecdt->gpe_bit, &acpi_ec_gpe_handler); - kfree(ec_ecdt); +// kfree(ec_ecdt); } /* Get GPE bit assignment (EC events). */ Obviously, this is a really ugly hack, but leaking a few bytes at rmmod time is favourable over crashing until this gets fixed properly.
An update has been released for Fedora Core 3 (kernel-2.6.12-1.1372_FC3) which may contain a fix for your problem. Please update to this new kernel, and report whether or not it fixes your problem. If you have updated to Fedora Core 4 since this bug was opened, and the problem still occurs with the latest updates for that release, please change the version field of this bug to 'fc4'. Thank you.