Bug 186712 - kernel bug reported as "kernel BUG at kernel/workqueue.c:109!" in /var/log/messages
kernel bug reported as "kernel BUG at kernel/workqueue.c:109!" in /var/log/me...
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
5
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Kernel Maintainer List
Brian Brock
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-03-25 10:46 EST by George Avrunin
Modified: 2008-08-02 19:40 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-11-21 18:11:11 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
/var/log/messages, from the point where I plugged in the Treo (8.59 KB, text/plain)
2006-03-25 10:46 EST, George Avrunin
no flags Details

  None (edit)
Description George Avrunin 2006-03-25 10:46:37 EST
Description of problem:
I tried to backup my Treo 90 with pilot-xfer (both pilot-xfer and jpiot worked
fine in FC4 this way).  I got a complaint that a buffer overflow was detected
and pilot-xfer was killed.  My Treo was stuck.  I eventually reset it (removing
the USB cable from the computer's USB port has the same effect) and the system
hung for a while.  I got the report of the kernel bug in /var/log/messages and
on the various consoles that were open.  I have attached what seem to be the
relevant portions of /var/log/message. 

Version-Release number of selected component (if applicable):
2.6.15-1.2054_FC5

How reproducible:
Every time

Steps to Reproduce:
1. plug USB cable into Treo and computer
2. turn on Treo and push sync button
3. start pilot-xfer (or jpilot; gnome-pilotd is not running)
4. Treo will get stuck trying to sync.  Reset Treo, unplug cable, or (I think)
just wait for Treo to time-out
  
Actual results:
Backup of Treo fails.  pilot-xfer or jpilot is killed after buffer overflow is
detected.  Computer freezes temporarily and reports kernel bug in workqueue.c. 
Various USB things don't seem to work properly afterward (mounting a USB memory
key, for instance).  


Expected results:
backup of Treo, as worked in FC4.

Additional info:
Comment 1 George Avrunin 2006-03-25 10:46:37 EST
Created attachment 126730 [details]
/var/log/messages, from the point where I plugged in the Treo
Comment 2 JoSH Lehan 2006-05-03 03:40:06 EDT
I also get this crash, same exact symptoms.

I'm using an older Palm Vx, with the PalmConnect serial-to-USB adapter,
KL5KUSB105 (vendor ID 0x0830, device ID 0x0080).

/dev/ttyUSB0 created, and seems to have data coming from it.

/dev/ttyUSB1 also created, and does not work.  Kernel message about "Device lied
about number of ports".
Comment 3 David Huff 2006-07-13 17:42:29 EDT
Im gettind a something simular as well, also using an older device, form
messages file when I plug in the device:


Jul 13 17:40:45 dhcp59-164 kernel: usb 2-2: new full speed USB device using
uhci_hcd and address 2
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: configuration #1 chosen from 1 choice
Jul 13 17:40:46 dhcp59-164 kernel: usbcore: registered new driver usbserial
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/usb-serial.c: USB Serial
support registered for generic
Jul 13 17:40:46 dhcp59-164 kernel: usbcore: registered new driver usbserial_generic
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/usb-serial.c: USB Serial
Driver core
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/usb-serial.c: USB Serial
support registered for Handspring Visor / Palm OS
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/usb-serial.c: USB Serial
support registered for Sony Clie 3.5
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/usb-serial.c: USB Serial
support registered for Sony Clie 5.0
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: palm_os_4_probe - error -32 getting
connection info
Jul 13 17:40:46 dhcp59-164 kernel: visor 2-2:1.0: Handspring Visor / Palm OS
converter detected
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: Handspring Visor / Palm OS converter
now attached to ttyUSB0
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: Handspring Visor / Palm OS converter
now attached to ttyUSB1
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: palm_os_4_probe - error -32 getting
connection info
Jul 13 17:40:46 dhcp59-164 kernel: visor 2-2:1.1: Handspring Visor / Palm OS
converter detected
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: Handspring Visor / Palm OS converter
now attached to ttyUSB2
Jul 13 17:40:46 dhcp59-164 kernel: usb 2-2: Handspring Visor / Palm OS converter
now attached to ttyUSB3
Jul 13 17:40:46 dhcp59-164 kernel: usbcore: registered new driver visor
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/serial/visor.c: USB HandSpring
Visor / Palm OS driver
Jul 13 17:40:46 dhcp59-164 kernel: visor ttyUSB3: Device lied about number of
ports, please use a lower one.
Jul 13 17:40:46 dhcp59-164 kernel: usbcore: registered new driver cdc_acm
Jul 13 17:40:46 dhcp59-164 kernel: drivers/usb/class/cdc-acm.c: v0.25:USB
Abstract Control Model driver for USB modems and ISDN adapters
Jul 13 17:40:46 dhcp59-164 kernel: visor ttyUSB0: Device lied about number of
ports, please use a lower one.
Jul 13 17:40:46 dhcp59-164 kernel: visor ttyUSB1: Device lied about number of
ports, please use a lower one.


Here is something else interesting, If I press the hotsync button on the
handheld  irst I get a segfault:


Jul 13 17:42:02 dhcp59-164 kernel: usb 2-2: USB disconnect, address 2
Jul 13 17:42:02 dhcp59-164 kernel: ------------[ cut here ]------------
Jul 13 17:42:02 dhcp59-164 kernel: kernel BUG at kernel/workqueue.c:110!
Jul 13 17:42:02 dhcp59-164 kernel: invalid opcode: 0000 [#1]
Jul 13 17:42:02 dhcp59-164 kernel: last sysfs file:
/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
Jul 13 17:42:02 dhcp59-164 kernel: Modules linked in: cdc_acm visor usbserial
autofs4 hidp rfcomm l2cap bluetooth sunrpc video ibm_acpi button battery ac ipv6
lp parport_pc parport snd_intel8x0m ipw2200 joydev ieee80211 e1000
ieee80211_crypt snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_seq_dummy
snd_seq_oss snd_seq_midi_event snd_seq i2c_i801 i2c_core ehci_hcd floppy
uhci_hcd snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd
soundcore snd_page_alloc dm_snapshot dm_zero dm_mirror dm_mod ext3 jbd
Jul 13 17:42:02 dhcp59-164 kernel: CPU:    0
Jul 13 17:42:02 dhcp59-164 kernel: EIP:    0060:[<c0429430>]    Not tainted VLI
Jul 13 17:42:02 dhcp59-164 kernel: EFLAGS: 00210217   (2.6.17-1.2139_FC5 #1) 
Jul 13 17:42:02 dhcp59-164 kernel: EIP is at queue_work+0x17/0x2f
Jul 13 17:42:02 dhcp59-164 kernel: eax: ed11218c   ebx: f7e07240   ecx: 00000000
  edx: ed112188
Jul 13 17:42:02 dhcp59-164 kernel: esi: ed7a7b40   edi: e9e6dc14   ebp: e9e6dc14
  esp: f7e74eac
Jul 13 17:42:02 dhcp59-164 kernel: ds: 007b   es: 007b   ss: 0068
Jul 13 17:42:02 dhcp59-164 kernel: Process khubd (pid: 106, threadinfo=f7e74000
task=f7e73550)
Jul 13 17:42:02 dhcp59-164 kernel: Stack: 00000000 f8a708a8 c0600c8e c05773ad
e9e6dc00 e9e6dc00 f8a9a2c0 f8a9a2f4 
Jul 13 17:42:02 dhcp59-164 kernel:        c0578e3d e9e6dcbc e9e6dc14 c053d648
e9e6dc14 00000000 c06db160 c053d88e 
Jul 13 17:42:02 dhcp59-164 kernel:        e9e6dc14 c053cfb8 e9e6dc14 ee599458
00000000 c053c37b e9e6dc00 ee599400 
Jul 13 17:42:02 dhcp59-164 kernel: Call Trace:
Jul 13 17:42:02 dhcp59-164 kernel:  <f8a708a8> usb_serial_disconnect+0x5c/0xa4
[usbserial]  <c0600c8e> __mutex_unlock_slowpath+0x1e7/0x1ef
Jul 13 17:42:02 dhcp59-164 kernel:  <c05773ad> usb_disable_interface+0x22/0x2f 
<c0578e3d> usb_unbind_interface+0x34/0x6a
Jul 13 17:42:02 dhcp59-164 kernel:  <c053d648> __device_release_driver+0x60/0x78
 <c053d88e> device_release_driver+0x2a/0x38
Jul 13 17:42:02 dhcp59-164 kernel:  <c053cfb8> bus_remove_device+0x6d/0x7f 
<c053c37b> device_del+0x38/0x68
Jul 13 17:42:02 dhcp59-164 kernel:  <c05774c1> usb_disable_device+0x68/0xc9 
<c0573bf6> usb_disconnect+0x98/0xf7
Jul 13 17:42:02 dhcp59-164 kernel:  <c0574bdb> hub_thread+0x34b/0xa37 
<c042c174> autoremove_wake_function+0x0/0x35
Jul 13 17:42:02 dhcp59-164 kernel:  <c0574890> hub_thread+0x0/0xa37  <c042c0af>
kthread+0x91/0xbd
Jul 13 17:42:02 dhcp59-164 kernel:  <c042c01e> kthread+0x0/0xbd  <c0401005>
kernel_thread_helper+0x5/0xb
Jul 13 17:42:02 dhcp59-164 kernel: Code: 5e 5f 5d e9 2a 85 1d 00 8b 48 14 89 c2
8b 01 e9 6b ff ff ff 53 89 c3 0f ba 2a 00 19 c0 31 c9 85 c0 75 1c 8d 42 04 39 42
04 74 08 <0f> 0b 6e 00 ac 01 62 c0 8b 03 e8 45 ff ff ff b9 01 00 00 00 5b 
Jul 13 17:42:02 dhcp59-164 kernel: EIP: [<c0429430>] queue_work+0x17/0x2f SS:ESP
0068:f7e74eac


Comment 4 Ben Romer 2006-07-24 09:21:48 EDT
I also am getting a similar error in two situations - when attempting to sync my
Clie NR70, and also when trying to use a MicroVault USB memory. This happens on
2.6.17-1.2145_FC5, as well as 2.6.17-1.2139_FC5. The error occurs on the second
attempt to connect a device and it requires me to reboot to get rid of the
uninterruptable gpilotd process in the Clie's case.

The error text in in the Clie's case is

kernel BUG at kernel/workqueue.c:110!
invalid opcode: 0000 [#1]
last sysfs file: /class/tty/ttyUSB1/dev
Modules linked in: visor usbserial vfat fat sd_mod sg usb_storage scsi_mod r128
drm autofs4 hidp rfcomm l2cap sunrpc ip_conntrack_netbios_ns ipt_REJECT xt_state
ip_conntrack nfnetlink xt_tcpudp iptable_filter ip_tables x_tables ipv6 lp
parport_pc parport hci_usb bluetooth floppy uhci_hcd 3c59x mii snd_intel8x0
snd_ac97_codec snd_ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq
snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd soundcore
snd_page_alloc i2c_i801 i2c_core dm_snapshot dm_zero dm_mirror dm_mod ext3 jbd
CPU:    0
EIP:    0060:[<c0429430>]    Not tainted VLI
EFLAGS: 00210213   (2.6.17-1.2145_FC5 #1)
EIP is at queue_work+0x17/0x2f
eax: db49e18c   ebx: dfd86740   ecx: 00000000   edx: db49e188
esi: cff60dc0   edi: d07cb614   ebp: d07cb614   esp: dff36eac
ds: 007b   es: 007b   ss: 0068
Process khubd (pid: 11, threadinfo=dff36000 task=dff37550)
Stack: 00000001 e0ca18a8 c0600cae c05773d5 d07cb600 d07cb600 e0b7c2c0 e0b7c2f4
       c0578e65 d07cb6bc d07cb614 c053d670 d07cb614 00000000 c06db160 c053d8b6
       d07cb614 c053cfe0 d07cb614 cbcbe858 00000000 c053c3a3 d07cb600 cbcbe800
Call Trace:
 <e0ca18a8> usb_serial_disconnect+0x5c/0xa4 [usbserial]  <c0600cae>
__mutex_unlock_slowpath+0x1e7/0x1ef
 <c05773d5> usb_disable_interface+0x22/0x2f  <c0578e65>
usb_unbind_interface+0x34/0x6a
 <c053d670> __device_release_driver+0x60/0x78  <c053d8b6>
device_release_driver+0x2a/0x38
 <c053cfe0> bus_remove_device+0x6d/0x7f  <c053c3a3> device_del+0x38/0x68
 <c05774e9> usb_disable_device+0x68/0xc9  <c0573c1e> usb_disconnect+0x98/0xf7
 <c0574c03> hub_thread+0x34b/0xa37  <c042c174> autoremove_wake_function+0x0/0x35
<c05748b8> hub_thread+0x0/0xa37  <c042c0af> kthread+0x91/0xbd
 <c042c01e> kthread+0x0/0xbd  <c0401005> kernel_thread_helper+0x5/0xb
Code: 5e 5f 5d e9 4a 85 1d 00 8b 48 14 89 c2 8b 01 e9 6b ff ff ff 53 89 c3 0f ba
2a 00 19 c0 31 c9 85 c0 75 1c 8d 42 04 39 42 04 74 08 <0f> 0b 6e 00 ac 01 62 c0
8b 03 e8 45 ff ff ff b9 01 00 00 00 5b
EIP: [<c0429430>] queue_work+0x17/0x2f SS:ESP 0068:dff36eac
Comment 5 Ben Romer 2006-07-24 10:22:12 EDT
This also happens to me on  2.6.17-1.2157_FC5, but only on the Clie, the USB
memory seems to work okay.
Comment 6 Dave Jones 2006-10-16 15:46:48 EDT
A new kernel update has been released (Version: 2.6.18-1.2200.fc5)
based upon a new upstream kernel release.

Please retest against this new kernel, as a large number of patches
go into each upstream release, possibly including changes that
may address this problem.

This bug has been placed in NEEDINFO state.
Due to the large volume of inactive bugs in bugzilla, if this bug is
still in this state in two weeks time, it will be closed.

Should this bug still be relevant after this period, the reporter
can reopen the bug at any time. Any other users on the Cc: list
of this bug can request that the bug be reopened by adding a
comment to the bug.

In the last few updates, some users upgrading from FC4->FC5
have reported that installing a kernel update has left their
systems unbootable. If you have been affected by this problem
please check you only have one version of device-mapper & lvm2
installed.  See bug 207474 for further details.

If this bug is a problem preventing you from installing the
release this version is filed against, please see bug 169613.

If this bug has been fixed, but you are now experiencing a different
problem, please file a separate bug for the new problem.

Thank you.
Comment 7 Ben Romer 2006-10-29 14:07:30 EST
Works here! :)

Note You need to log in before you can comment on or make changes to this bug.