Bug 183942 - kernel 2.6.15-1.2008 ops when using Bluetooth connected mobile and kppp
kernel 2.6.15-1.2008 ops when using Bluetooth connected mobile and kppp
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
5
i686 Linux
medium Severity high
: ---
: ---
Assigned To: Dave Jones
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-03-03 18:08 EST by Tore H. Larsen
Modified: 2015-01-04 17:25 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-03-04 17:07:21 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Tore H. Larsen 2006-03-03 18:08:59 EST
Description of problem:

- Connecting via BlueTooth to my Nokia N70-1 and starting GPRS/EDGE/UMTS 
  internet session with kppp.
- When starting ppp session, ppp dies. Trace below.
- This worked fine on FC4 with 2.6.14 and some 2.6.15 kernels.
  Do not work on FC5test2  2.6.15-1.2008_FC5  nor  2.6.15-1.1996_FC5 nor  1955. 

Version-Release number of selected component (if applicable):

[root@no-torel ~]# rpm -qa | egrep -e "ppp|bluez|bluetooth"
gnome-bluetooth-libs-0.7.0-2
ppp-2.4.3-6.2.1
nautilus-sendto-bluetooth-0.4-7.2
bluez-utils-2.25-1
rp-pppoe-3.5-31
bluez-utils-cups-2.25-1
bluez-libs-devel-2.25-1
gnome-bluetooth-0.7.0-2
bluez-libs-2.25-1
gnome-bluetooth-devel-0.7.0-2
bluez-pin-0.24-3.2.1
bluez-hcidump-1.30-1

[root@no-torel ~]# rpm -qf /usr/sbin/kppp
kdenetwork-3.5.1-1.2


How reproducible:

- Every time

Steps to Reproduce:
1. Start bluetooth connection " rfcomm connect 3 00:XX:YY:ZZ:WW:PP 3"
2. Start kppp and configure rfcomm3 as serial port
3. Start Edge/GPRS connection to internet.

PS! kdebluetoothd do not work on FC5. Did work fine on FC4.
  

Actual results:

Slab corruption: (Tainted: P     ) start=e6cfe56c, len=2048
Redzone: 0x5a2cf071/0x5a2cf071.
Last user: [<c02080f5>](release_dev+0x5fd/0x649)
 [<c0150c33>] check_poison_obj+0x6a/0x154     [<c0150d3c>]
cache_alloc_debugcheck_after+0x1f/0xea
 [<c0285b02>] sock_alloc_send_skb+0x58/0x196     [<c0151dba>]
__kmalloc_track_caller+0xa8/0xb2
 [<c0285b02>] sock_alloc_send_skb+0x58/0x196     [<c02889d7>]
__alloc_skb+0x4d/0xf2 [<c0285b02>] sock_alloc_send_skb+0x58/0x196    
[<c0116ad8>] __wake_up+0x2a/0x3d
 [<c02d9703>] unix_stream_sendmsg+0x13a/0x314     [<c028360d>]
do_sock_write+0xa6/0xad
 [<c0285088>] sock_writev+0x9d/0xb6     [<c0129eb3>]
autoremove_wake_function+0x0/0x2d
 [<c0283afc>] sock_aio_read+0x53/0x61     [<c01540ff>] do_sync_read+0xb8/0xf3
 [<c0284feb>] sock_writev+0x0/0xb6     [<c0154670>] do_readv_writev+0x145/0x240
 [<c0286429>] sock_init_data+0x13a/0x219     [<c01385a9>]
audit_syscall_entry+0x118/0x13f
 [<c01547a2>] vfs_writev+0x37/0x43     [<c0154b45>] sys_writev+0x3c/0x96
 [<c0102bc1>] syscall_call+0x7/0xb    <3>0b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b ff ff ff ff
0c0: 00 00 00 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
Next obj: start=e6cfed78, len=2048
Redzone: 0x5a2cf071/0x5a2cf071.
Last user: [<c028876b>](kfree_skbmem+0x8/0x61)
000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
[root@no-torel ~]# tail -30 /var/log/messages
Mar  3 23:49:58 no-torel kernel:  [<c0283afc>] sock_aio_read+0x53/0x61    
[<c01540ff>] do_sync_read+0xb8/0xf3
Mar  3 23:49:58 no-torel kernel:  [<c0284feb>] sock_writev+0x0/0xb6    
[<c0154670>] do_readv_writev+0x145/0x240
Mar  3 23:49:58 no-torel kernel:  [<c0286429>] sock_init_data+0x13a/0x219    
[<c01385a9>] audit_syscall_entry+0x118/0x13f
Mar  3 23:49:58 no-torel kernel:  [<c01547a2>] vfs_writev+0x37/0x43    
[<c0154b45>] sys_writev+0x3c/0x96
Mar  3 23:49:58 no-torel kernel:  [<c0102bc1>] syscall_call+0x7/0xb    <3>0b0:
6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ff ff ff ff
Mar  3 23:49:58 no-torel kernel: 0c0: 00 00 00 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b
Mar  3 23:49:58 no-torel kernel: Next obj: start=e6cfed78, len=2048
Mar  3 23:49:58 no-torel kernel: Redzone: 0x5a2cf071/0x5a2cf071.
Mar  3 23:49:58 no-torel kernel: Last user: [<c028876b>](kfree_skbmem+0x8/0x61)
Mar  3 23:49:58 no-torel kernel: 000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b
Mar  3 23:49:58 no-torel kernel: 010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
6b 6b
Mar  3 23:50:11 no-torel hcid[1833]: link_key_request (sba=00:10:C6:57:04:E4,
dba=00:15:A0:7B:08:30)
Mar  3 23:50:22 no-torel pppd[5623]: pppd 2.4.3 started by root, uid 0
Mar  3 23:50:22 no-torel pppd[5623]: Using interface ppp0
Mar  3 23:50:22 no-torel pppd[5623]: Connect: ppp0 <--> /dev/rfcomm3
Mar  3 23:50:25 no-torel pppd[5623]: PAP authentication succeeded
Mar  3 23:50:41 no-torel pppd[5623]: Terminating on signal 15
Mar  3 23:50:41 no-torel pppd[5623]: Connection terminated.
Mar  3 23:50:41 no-torel pppd[5623]: Exit.


Expected results:

- Dial up connection to EDGE/GPRS(2.75G)/UMTS(3G) network 

Additional info:

On 2.6.15-1.1955_FC5 kernel.

PPP generic driver version 2.4.2
PPP Deflate Compression module registered
Slab corruption: (Not tainted) start=c5933604, len=2048
Redzone: 0x5a2cf071/0x5a2cf071.
Last user: [<c02080ab>](release_dev+0x5fd/0x649)
 [<c0150c07>] check_poison_obj+0x6a/0x154     [<c0116514>]
__wake_up_common+0x2f/0x53
 [<c0150d10>] cache_alloc_debugcheck_after+0x1f/0xea     [<c0285a82>]
sock_alloc_send_skb+0x58/0x196
 [<c0151d8e>] __kmalloc_track_caller+0xa8/0xb2     [<c0285a82>]
sock_alloc_send_skb+0x58/0x196
 [<c0288957>] __alloc_skb+0x4d/0xf2     [<c0285a82>]
sock_alloc_send_skb+0x58/0x196 [<c02d9234>] unix_stream_recvmsg+0x3be/0x4c1    
[<c02defec>] _spin_lock_irqsave+0x9/0xd
 [<c02d9683>] unix_stream_sendmsg+0x13a/0x314     [<c028358d>]
do_sock_write+0xa6/0xad
 [<c0283a1b>] sock_aio_write+0x53/0x61     [<c0153fe0>] do_sync_write+0xb8/0xf3
 [<c02defad>] _spin_unlock_irq+0x5/0x7     [<c0129eaf>]
autoremove_wake_function+0x0/0x2d
 [<c01385a5>] audit_syscall_entry+0x118/0x13f     [<c0154874>]
vfs_write+0xb2/0x140 [<c0154d6b>] sys_write+0x3c/0x63     [<c0102bc1>]
syscall_call+0x7/0xb
0b0: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b ff ff ff ff
0c0: 00 00 00 00 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
Prev obj: start=c5932df8, len=2048
Redzone: 0x5a2cf071/0x5a2cf071.
Last user: [<c02886eb>](kfree_skbmem+0x8/0x61)
000: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b
010: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b


Mar  2 22:55:04 no-torel pppd[3215]: Hangup (SIGHUP)
Mar  2 22:55:04 no-torel pppd[3215]: Modem hangup
Mar  2 22:55:04 no-torel pppd[3215]: Connect time 32.6 minutes.
Mar  2 22:55:04 no-torel pppd[3215]: Sent 827606 bytes, received 2328471
bytes.
Mar  2 22:55:04 no-torel pppd[3215]: Connection terminated.


NOTE!  ppp session via USB connection to N70-1 works fine.

--Tore
Comment 1 Tore H. Larsen 2006-03-04 16:58:48 EST
Seems to have been fixed in 2.6.15-1.2009.4.2_FC5.  The other updates installed
where:

[root@no-torel ~]# grep Package yum11a.txt
---> Package aspell-en.i386 50:6.0-2 set to be updated
---> Package cairo.i386 0:1.0.2-5 set to be updated
---> Package vnc-server.i386 0:4.1.1-36 set to be updated
---> Package libbeagle.i386 0:0.2.1-17 set to be updated
---> Package wine-capi.i386 0:0.9.9-1.fc5 set to be updated
---> Package pm-utils.i386 0:0.13-1 set to be updated
---> Package libsoup.i386 0:2.2.91-1 set to be updated
---> Package tcl.i386 0:8.4.12-4 set to be updated
---> Package binutils.i386 0:2.16.91.0.6-3 set to be updated
---> Package java-1.4.2-gcj-compat.i386 0:1.4.2.0-40jpp_83rh set to be updated
---> Package scim.i386 0:1.4.4-9 set to be updated
---> Package wine-jack.i386 0:0.9.9-1.fc5 set to be updated
---> Package openssh.i386 0:4.3p2-4 set to be updated
---> Package kernel-doc.noarch 0:2.6.15-1.2009.4.2_FC5 set to be updated
---> Package openssh-server.i386 0:4.3p2-4 set to be updated
---> Package hal-gnome.i386 0:0.5.7-3 set to be updated
---> Package scim-m17n.i386 0:0.2.0-2 set to be updated
---> Package ghostscript-gtk.i386 0:8.15.1-7 set to be updated
---> Package java-1.4.2-gcj-compat-javadoc.i386 0:1.4.2.0-40jpp_83rh set to be
updated
---> Package wpa_supplicant.i386 1:0.4.8-4 set to be updated
---> Package kernel.i686 0:2.6.15-1.2009.4.2_FC5 set to be installed
---> Package agg.i386 0:2.3-4 set to be updated
---> Package nautilus-cd-burner-devel.i386 0:2.13.92-2 set to be updated
---> Package gnome-mount.i386 0:0.4-5 set to be updated
---> Package scim-libs.i386 0:1.4.4-9 set to be updated
---> Package wine-docs.noarch 0:0.9.9-1.fc5 set to be updated
---> Package wine-esd.i386 0:0.9.9-1.fc5 set to be updated
---> Package xen.i386 0:3.0.1-0.20060301.fc5.3 set to be updated
---> Package dhcp-devel.i386 11:3.0.3-26 set to be updated
---> Package anaconda.i386 0:10.92.16-1 set to be updated
---> Package scim-doc.i386 0:1.4.4-9 set to be updated
---> Package gnome-utils.i386 1:2.13.95-1 set to be updated
---> Package wine.i386 0:0.9.9-1.fc5 set to be updated
---> Package cman.i386 0:1.0.5-0.FC5.1 set to be updated
---> Package java-1.4.2-gcj-compat-devel.i386 0:1.4.2.0-40jpp_83rh set to be updated
---> Package gdb.i386 0:6.3.0.0-1.114 set to be updated
---> Package alsa-utils.i386 0:1.0.11-3.rc2 set to be updated
---> Package openssh-askpass.i386 0:4.3p2-4 set to be updated
---> Package flex.i386 0:2.5.4a-37.3 set to be updated
---> Package wine-arts.i386 0:0.9.9-1.fc5 set to be updated
---> Package java-1.4.2-gcj-compat-src.i386 0:1.4.2.0-40jpp_83rh set to be updated
---> Package wine-ldap.i386 0:0.9.9-1.fc5 set to be updated
---> Package ghostscript.i386 0:8.15.1-7 set to be updated
---> Package system-config-display.noarch 0:1.0.36-3 set to be updated
---> Package screen.i386 0:4.0.2-12 set to be updated
---> Package wine-devel.i386 0:0.9.9-1.fc5 set to be updated
---> Package wine-tools.i386 0:0.9.9-1.fc5 set to be updated
---> Package squirrelmail.noarch 0:1.4.6-3.fc5 set to be updated
---> Package yum.noarch 0:2.5.3-5 set to be updated
---> Package gimp.i386 2:2.2.10-4 set to be updated
---> Package vconfig.i386 0:1.9-2 set to be updated
---> Package nautilus-cd-burner.i386 0:2.13.92-2 set to be updated
---> Package avahi.i386 0:0.6.8-1 set to be updated
---> Package ieee80211.i386 0:1.1.12-9.rhfc4.92.at set to be updated
---> Package gimp-devel.i386 2:2.2.10-4 set to be updated
---> Package tcl-devel.i386 0:8.4.12-4 set to be updated
---> Package avahi-glib.i386 0:0.6.8-1 set to be updated
---> Package cairo-devel.i386 0:1.0.2-5 set to be updated
---> Package wine-cms.i386 0:0.9.9-1.fc5 set to be updated
---> Package firstboot.noarch 0:1.4.6-1 set to be updated
---> Package wine-twain.i386 0:0.9.9-1.fc5 set to be updated
---> Package vnc.i386 0:4.1.1-36 set to be updated
---> Package aspell-devel.i386 12:0.60.3-5 set to be updated
---> Package scim-devel.i386 0:1.4.4-9 set to be updated
---> Package openssh-clients.i386 0:4.3p2-4 set to be updated
---> Package dhclient.i386 11:3.0.3-26 set to be updated
---> Package ghostscript-devel.i386 0:8.15.1-7 set to be updated
---> Package firstboot-tui.noarch 0:1.4.6-1 set to be updated
---> Package eog.i386 0:2.13.92-1 set to be updated
---> Package anaconda-runtime.i386 0:10.92.16-1 set to be updated
---> Package kernel-devel.i686 0:2.6.15-1.2009.4.2_FC5 set to be installed
---> Package sysreport.noarch 0:1.4.3-3 set to be updated
---> Package aspell.i386 12:0.60.3-5 set to be updated
---> Package gnome-terminal.i386 0:2.13.92-1 set to be updated
---> Package libsoup-devel.i386 0:2.2.91-1 set to be updated
---> Package wine-nas.i386 0:0.9.9-1.fc5 set to be updated
---> Package acpid.i386 0:1.0.4-2 set to be updated
---> Package avahi-devel.i386 0:0.6.8-1 set to be updated
---> Package dhcp.i386 11:3.0.3-26 set to be updated
---> Package hal.i386 0:0.5.7-3 set to be updated
---> Package hal-devel.i386 0:0.5.7-3 set to be updated
---> Package pirut.noarch 0:1.0.1-1 set to be updated

Please close.

--Tore
Comment 2 Dave Jones 2006-03-04 17:07:21 EST
Strange, there were no changes between the two builds that could explain this
being fixed.

If it reappears again, please try to make sure it's on an untainted kernel.

Note You need to log in before you can comment on or make changes to this bug.