Description of problem: The sdhci module produces kernel oops while user quickly push and pop media card during mount/umount process. Version-Release number of selected component (if applicable): kernel-2.6.20-1.2962.fc6 and other previous Additional info: ============== dmesg info ===================: mmc0: Card removed during transfer! mmc0: Resetting controller. mmc0: Got command interrupt even though no command operation was in progress. mmc0: Please report this to <sdhci-devel.cx>. sdhci: ============== REGISTER DUMP ============== sdhci: Sys addr: 0x17ed3000 | Version: 0x00000200 sdhci: Blk size: 0x00007200 | Blk cnt: 0x00000000 sdhci: Argument: 0x00000000 | Trn mode: 0x00000033 sdhci: Present: 0x01f80001 | Host ctl: 0x00000003 sdhci: Power: 0x0000000e | Blk gap: 0x00000000 sdhci: Wake-up: 0x00000000 | Clock: 0x00008007 sdhci: Timeout: 0x00000009 | Int stat: 0x00038000 sdhci: Int enab: 0x00ff00fb | Sig enab: 0x00ff00fb sdhci: AC12 err: 0x00000000 | Slot int: 0x00000001 sdhci: Caps: 0x018021a1 | Max curr: 0x00000040 sdhci: =========================================== mmc0: Got command interrupt even though no command operation was in progress. mmc0: Please report this to <sdhci-devel.cx>. sdhci: ============== REGISTER DUMP ============== sdhci: Sys addr: 0x17ed3000 | Version: 0x00000200 sdhci: Blk size: 0x00007200 | Blk cnt: 0x00000000 sdhci: Argument: 0x00000000 | Trn mode: 0x00000033 sdhci: Present: 0x01f80001 | Host ctl: 0x00000003 sdhci: Power: 0x0000000e | Blk gap: 0x00000000 sdhci: Wake-up: 0x00000000 | Clock: 0x00008007 sdhci: Timeout: 0x00000009 | Int stat: 0x00000000 sdhci: Int enab: 0x00ff00fb | Sig enab: 0x00ff00fb sdhci: AC12 err: 0x00000000 | Slot int: 0x00000000 sdhci: Caps: 0x018021a1 | Max curr: 0x00000040 sdhci: =========================================== end_request: I/O error, dev mmcblk0, sector 990701 BUG: unable to handle kernel NULL pointer dereference at virtual address 00000030 printing eip: f8bd810e *pde = 3adce067 Oops: 0000 [#1] SMP last sysfs file: /block/mmcblk0/size Modules linked in: vfat fat mmc_block appletalk ipx p8023 nfs lockd nfs_acl ppp_async wlan_wep(U) i915 drm irnet ppp_ge neric slhc irtty_sir sir_dev ircomm_tty ircomm autofs4 hidp rfcomm l2cap bluetooth sunrpc nf_conntrack_netbios_ns ipt_R EJECT xt_state iptable_filter iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nfnetlink ip_tables ip6t_REJECT xt_tcpu dp ip6table_filter ip6_tables x_tables ipv6 cpufreq_ondemand fuse dm_mirror dm_multipath dm_mod video sbs ibm_acpi i2c_ ec dock button battery asus_acpi backlight ac parport_pc lp parport snd_hda_intel snd_hda_codec snd_seq_dummy snd_seq_o ss snd_seq_midi_event wlan_scan_sta(U) snd_seq ath_rate_sample(U) snd_seq_device snd_pcm_oss ath_pci(U) snd_mixer_oss o hci1394 sg wlan(U) nsc_ircc snd_pcm serio_raw irda snd_timer sdhci ieee1394 i2c_i801 snd iTCO_wdt pcspkr ata_piix mmc_c ore crc_ccitt iTCO_vendor_support e1000 ath_hal(P)(U) i2c_core soundcore snd_page_alloc ahci libata sd_mod scsi_mod ext 3 jbd ehci_hcd ohci_hcd uhci_hcd CPU: 1 EIP: 0060:[<f8bd810e>] Tainted: P VLI EFLAGS: 00010097 (2.6.20-1.2962.fc6 #1) EIP is at mmc_prep_request+0x25/0x4a [mmc_core] eax: 00000000 ebx: cf73b9c8 ecx: 00000000 edx: cf73b9c8 esi: f7de9414 edi: 00000000 ebp: 00000000 esp: dd871f88 ds: 007b es: 007b ss: 0068 Process mmcqd (pid: 29813, ti=dd871000 task=f6c3a1f0 task.ti=dd871000) Stack: cf73b9c8 c04dd06c f7f61880 3134604c c19fe200 00000001 ffffffff 00000246 cf73b9c8 c8d19e54 cf73b910 f7de9414 00000000 f8bd81ea c8d19e54 f70dad08 f8bd8189 c04376a3 ffffffff ffffffff c04375f3 00000000 00000000 c0404b33 Call Trace: [<c04dd06c>] elv_next_request+0xfe/0x1ac [<f8bd81ea>] mmc_queue_thread+0x61/0xda [mmc_core] [<f8bd8189>] mmc_queue_thread+0x0/0xda [mmc_core] [<c04376a3>] kthread+0xb0/0xd9 [<c04375f3>] kthread+0x0/0xd9 [<c0404b33>] kernel_thread_helper+0x7/0x10 ======================= Code: 00 00 00 5b 5e c3 53 8b 88 d0 00 00 00 89 d3 8b 42 18 83 f8 08 75 0c 30 c0 83 7a 70 00 75 28 0f 0b eb fe 48 83 f8 01 77 0b 89 c8 <ff> 51 30 85 c0 74 15 eb 1a 89 d8 ba 60 88 bd f8 e8 75 62 90 c7 EIP: [<f8bd810e>] mmc_prep_request+0x25/0x4a [mmc_core] SS:ESP 0068:dd871f88
Does this still happen with the new 2.6.22.x kernels?
No. In the 2.6.22.x the dbus and hal isn't sensivity to cardreader at all. I can only mount my SD cards by manual act. Now I'm using 2.6.22.2-42 kernel. [andy@localhost minihallib]$ dmesg | tail ACPI: Lid Switch [LID] input: Sleep Button (CM) as /class/input/input11 ACPI: Sleep Button (CM) [SLPB] ohci1394: fw-host0: OHCI-1394 1.0 (PCI): IRQ=[21] MMIO=[e4301000-e43017ff] Max Packet=[2048] IR/IT contexts=[4/4] Bluetooth: RFCOMM socket layer initialized Bluetooth: RFCOMM TTY layer initialized Bluetooth: RFCOMM ver 1.8 ieee1394: Host added: ID:BUS[0-00:1023] GUID[000ae4060015200a] mmcblk0: mmc0:c54d SD016 14400KiB mmcblk0: p1 But: lshal -t ... pci_8086_2448 pci_1180_476 pci_1180_552 pci_1180_822 pci_1180_822_mmc_host >>> No other devices here! pci_8086_27b9 ... P.S. I'm using the x60s thinkpad laptop with internal cardreader. External cardreared still works fine.
Fedora apologizes that these issues have not been resolved yet. We're sorry it's taken so long for your bug to be properly triaged and acted on. We appreciate the time you took to report this issue and want to make sure no important bugs slip through the cracks. If you're currently running a version of Fedora Core between 1 and 6, please note that Fedora no longer maintains these releases. We strongly encourage you to upgrade to a current Fedora release. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained and closing them. http://fedoraproject.org/wiki/LifeCycle/EOL If this bug is still open against Fedora Core 1 through 6, thirty days from now, it will be closed 'WONTFIX'. If you can reporduce this bug in the latest Fedora version, please change to the respective version. If you are unable to do this, please add a comment to this bug requesting the change. Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we are following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. And if you'd like to join the bug triage team to help make things better, check out http://fedoraproject.org/wiki/BugZappers
This bug is open for a Fedora version that is no longer maintained and will not be fixed by Fedora. Therefore we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen thus bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.