Bug 212952 - usbdev_open() linked list corruption
Summary: usbdev_open() linked list corruption
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 6
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-10-30 10:09 UTC by Trond Danielsen
Modified: 2008-01-08 00:26 UTC (History)
3 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2008-01-08 00:26:08 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
dmesg output (26.71 KB, text/plain)
2006-10-30 10:09 UTC, Trond Danielsen
no flags Details

Description Trond Danielsen 2006-10-30 10:09:22 UTC
Description of problem:
Kernel ops on amd64. See included dmesg for more info.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Trond Danielsen 2006-10-30 10:09:22 UTC
Created attachment 139706 [details]
dmesg output

Comment 2 Shantanu Goel 2006-11-05 04:36:51 UTC
I see this on my Mac Mini Core Duo i386 as well.


list_add corruption. next->prev should be c575fd40, but was dd8f2eac
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:26!
invalid opcode: 0000 [#1]
SMP 
last sysfs file: /devices/pci0000:00/0000:00:00.0/class
Modules linked in: nfs lockd fscache nfs_acl i915 drm hci_usb autofs4 hidp
rfcomm l2cap bluetooth sunrpc ip_conntrack_netbios_ns ipt_REJECT xt_state
ip_conntrack nfnetlink iptable_filter ip_tables ip6t_REJECT xt_tcpudp
ip6table_filter ip6_tables x_tables cpufreq_ondemand dm_multipath video sbs
i2c_ec button battery asus_acpi ac ipv6 parport_pc lp parport snd_hda_intel
snd_hda_codec snd_seq_dummy snd_seq_oss snd_seq_midi_event intel_rng snd_seq
snd_seq_device snd_pcm_oss snd_mixer_oss sg snd_pcm snd_timer ide_cd snd
soundcore cdrom sky2 snd_page_alloc ohci1394 pcspkr i2c_i801 ieee1394 i2c_core
dm_snapshot dm_zero dm_mirror dm_mod ata_piix libata sd_mod scsi_mod ext3 jbd
ehci_hcd ohci_hcd uhci_hcd
CPU:    1
EIP:    0060:[<c04e95b3>]    Not tainted VLI
EFLAGS: 00010296   (2.6.18-1.2798.fc6 #1) 
EIP is at __list_add+0x27/0x62
eax: 00000048   ebx: dd8f2eac   ecx: c067e1d0   edx: 00000082
esi: c575fd40   edi: ddb258c0   ebp: dc639124   esp: d3befeb4
ds: 007b   es: 007b   ss: 0068
Process pcscd (pid: 2244, ti=d3bef000 task=ddebb9f0 task.ti=d3bef000)
Stack: c0641c9f c575fd40 dd8f2eac 00000000 ddb258c0 dd8f2c00 c05878c2 cd888140 
       00000000 c06a1f60 dc639124 cd888140 c0476c0a ddda80a8 cd888140 dc639124 
       00000000 c0476b0f c046dbc6 c145b340 ddd5f084 cd888140 00000002 d3beff34 
Call Trace:
 [<c05878c2>] usbdev_open+0x16d/0x183
 [<c0476c0a>] chrdev_open+0xfb/0x12f
 [<c046dbc6>] __dentry_open+0xc7/0x1ab
 [<c046dd24>] nameidata_to_filp+0x24/0x33
 [<c046dd65>] do_filp_open+0x32/0x39
 [<c046ddae>] do_sys_open+0x42/0xbe
 [<c046de63>] sys_open+0x1c/0x1e
 [<c0404013>] syscall_call+0x7/0xb
DWARF2 unwinder stuck at syscall_call+0x7/0xb
Leftover inexact backtrace:
 =======================
Code: c4 0c 5b c3 57 89 c7 56 89 d6 53 89 cb 83 ec 0c 8b 41 04 39 d0 74 1c 89 54
24 04 89 44 24 08 c7 04 24 9f 1c 64 c0 e8 db c1 f3 ff <0f> 0b 1a 00 51 1c 64 c0
8b 06 39 d8 74 1c 89 5c 24 04 89 44 24 
EIP: [<c04e95b3>] __list_add+0x27/0x62 SS:ESP 0068:d3befeb4


Comment 3 Jon Stanley 2007-12-31 06:45:19 UTC
Hello,

I'm reviewing this bug as part of the kernel bug triage project, an attempt to
isolate current bugs in the Fedora kernel.

http://fedoraproject.org/wiki/KernelBugTriage

I am CC'ing myself to this bug, however this version of Fedora is no longer
maintained.

Please attempt to reproduce this bug with a current version of Fedora (presently
Fedora 8). If the bug no longer exists, please close the bug or I'll do so in a
few days if there is no further information lodged.

Thanks for using Fedora!

Comment 4 Jon Stanley 2008-01-08 00:26:08 UTC
Closing per previous comment.  If you can provide the requested information,
please feel free to re-open this bug.


Note You need to log in before you can comment on or make changes to this bug.