Hi,
I have added some printk's.
Here my modified tty_port_close_start():
int tty_port_close_start(struct tty_port *port, struct tty_struct *tty, struct file *filp)
{
unsigned long flags;
printk(KERN_WARNING "1\n");
spin_lock_irqsave(&port->lock, flags);
printk(KERN_WARNING "2\n");
if (tty_hung_up_p(filp)) {
printk(KERN_WARNING "3\n");
spin_unlock_irqrestore(&port->lock, flags);
printk(KERN_WARNING "4\n");
return 0;
}
printk(KERN_WARNING "5\n");
if( tty->count == 1 && port->count != 1) {
printk(KERN_WARNING
"tty_port_close_start: tty->count = 1 port count = %d.\n",
port->count);
port->count = 1;
printk(KERN_WARNING "6\n");
}
printk(KERN_WARNING "7\n");
if (--port->count < 0) {
printk(KERN_WARNING "tty_port_close_start: count = %d\n",
port->count);
port->count = 0;
printk(KERN_WARNING "8\n");
}
printk(KERN_WARNING "9\n");
if (port->count) {
printk(KERN_WARNING "10\n");
spin_unlock_irqrestore(&port->lock, flags);
printk(KERN_WARNING "11\n");
if (port->ops->drop)
{
printk(KERN_WARNING "12\n");
port->ops->drop(port);
printk(KERN_WARNING "13\n");
}
printk(KERN_WARNING "14\n");
return 0;
}
printk(KERN_WARNING "15\n");
set_bit(ASYNC_CLOSING, &port->flags);
printk(KERN_WARNING "16\n");
tty->closing = 1;
printk(KERN_WARNING "17\n");
spin_unlock_irqrestore(&port->lock, flags);
printk(KERN_WARNING "18\n");
/* Don't block on a stalled port, just pull the chain */
if (tty->flow_stopped)
{
printk(KERN_WARNING "19\n");
tty_driver_flush_buffer(tty);
printk(KERN_WARNING "20\n");
}
printk(KERN_WARNING "21\n");
if (test_bit(ASYNCB_INITIALIZED, &port->flags) &&
port->closing_wait != ASYNC_CLOSING_WAIT_NONE)
{
printk(KERN_WARNING "22\n");
tty_wait_until_sent(tty, port->closing_wait);
printk(KERN_WARNING "23\n");
}
printk(KERN_WARNING "24\n");
if (port->drain_delay) {
unsigned int bps = tty_get_baud_rate(tty);
long timeout;
printk(KERN_WARNING "25\n");
if (bps > 1200)
{
printk(KERN_WARNING "26\n");
timeout = max_t(long, (HZ * 10 * port->drain_delay) / bps,
HZ / 10);
printk(KERN_WARNING "27\n");
}
else
{
printk(KERN_WARNING "28\n");
timeout = 2 * HZ;
printk(KERN_WARNING "29\n");
}
printk(KERN_WARNING "30\n");
schedule_timeout_interruptible(timeout);
printk(KERN_WARNING "31\n");
}
/* Don't call port->drop for the last reference. Callers will want
to drop the last active reference in ->shutdown() or the tty
shutdown path */
printk(KERN_WARNING "32\n");
return 1;
}
EXPORT_SYMBOL(tty_port_close_start);
This gives me: 1 2 5 7 9 15 before crashing, so it seems to be set_bit(ASYNC_CLOSING, &port->flags); which is causing the crash.
Bye,
David Arendt
Alan Stern wrote:
> On Wed, 7 Oct 2009, David Arendt wrote:
>
>
>> With kernel 2.6.31.2 I get the following error when I ending apcupsd:
>>
>> Oct 6 21:00:46 server apcupsd[5238]: apcupsd exiting, signal 15
>> Oct 6 21:00:46 server BUG: unable to handle kernel paging request at
>> ffff880130a6d858
>> Oct 6 21:00:46 server IP: [<ffffffff8124ba55>]
>> tty_port_close_start+0xc5/0x1d0
>>
>
>
>>>> This looks like tty_port_close_start() is called with port == NULL
>>>> And the new tty code went in with .2. I have to defer this to the Alans.
>>>>
>
> I don't have access to the 64-bit object code or a disassembler, but it
> seems likely that if port were NULL then the exception would occur a
> lot closer to the beginning of tty_port_close_start(). That routine
> dereferences port all over the place.
>
> David, can you do the disassembly or add printk statements throughout
> tty_port_close_start() so as to track down where the invalid address
> comes from?
>
> Alan Stern
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
