Hi,
If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
2.6.22-rc5 and 2.6.22-rc6 have same result.
Signed-off-by: Dave Young <[email protected]>
---
diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
--- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
+++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
@@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
static void atkbd_cleanup(struct serio *serio)
{
+ static int flag;
+
+ if(flag)
+ return;
+ flag = 1;
struct atkbd *atkbd = serio_get_drvdata(serio);
ps2_command(&atkbd->ps2dev, NULL, ATKBD_CMD_RESET_BAT);
}
Regards
dave
2007/6/27, Dave Young <[email protected]>:
> Hi,
>
> If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
>
> 2.6.22-rc5 and 2.6.22-rc6 have same result.
>
> Signed-off-by: Dave Young <[email protected]>
> ---
> diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
>
> static void atkbd_cleanup(struct serio *serio)
> {
> + static int flag;
> +
> + if(flag)
> + return;
> + flag = 1;
> struct atkbd *atkbd = serio_get_drvdata(serio);
> ps2_command(&atkbd->ps2dev, NULL, ATKBD_CMD_RESET_BAT);
> }
>
> Regards
> dave
>
attached please find the oops screen image.
Hi Dave,
On Wednesday 27 June 2007 06:59, Dave Young wrote:
> Hi,
>
> If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
>
> 2.6.22-rc5 and 2.6.22-rc6 have same result.
>
> Signed-off-by: Dave Young <[email protected]>
> ---
> diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
>
> static void atkbd_cleanup(struct serio *serio)
> {
> + static int flag;
> +
> + if(flag)
> + return;
> + flag = 1;
Unfortunately this will prevent atkbd from resetting keyboard on 2nd
suspend attempt. It will also not work if you have an active MUX and
have a couple of keyboards connected.
Greg, now that you removed rwsem from subsystem (and subsystem itself
for that matter) there is nothing as far as I can see that stops
several threads from running device_shutdown() simultaneously. I also
do not see what would isolate device probing and shutting them down
at the same time. Am I missing something?
--
Dmitry
On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> Hi Dave,
>
> On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > Hi,
> >
> > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> >
> > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> >
> > Signed-off-by: Dave Young <[email protected]>
> > ---
> > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> >
> > static void atkbd_cleanup(struct serio *serio)
> > {
> > + static int flag;
> > +
> > + if(flag)
> > + return;
> > + flag = 1;
>
> Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> suspend attempt. It will also not work if you have an active MUX and
> have a couple of keyboards connected.
>
> Greg, now that you removed rwsem from subsystem (and subsystem itself
> for that matter) there is nothing as far as I can see that stops
> several threads from running device_shutdown() simultaneously. I also
> do not see what would isolate device probing and shutting them down
> at the same time. Am I missing something?
There was never anything stopping that from happening before. No driver
core code was using that rwsem, so it wasn't protecting anything,
despite people trying to use it as if it was :)
That's why I removed it.
So, if you need to have a lock for your subsystem to serialize this,
please do so, I have no objection to it.
thanks,
greg k-h
On Wednesday 27 June 2007 00:28, Greg KH wrote:
> On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > Hi Dave,
> >
> > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > Hi,
> > >
> > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > >
> > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > >
> > > Signed-off-by: Dave Young <[email protected]>
> > > ---
> > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > >
> > > static void atkbd_cleanup(struct serio *serio)
> > > {
> > > + static int flag;
> > > +
> > > + if(flag)
> > > + return;
> > > + flag = 1;
> >
> > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > suspend attempt. It will also not work if you have an active MUX and
> > have a couple of keyboards connected.
> >
> > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > for that matter) there is nothing as far as I can see that stops
> > several threads from running device_shutdown() simultaneously. I also
> > do not see what would isolate device probing and shutting them down
> > at the same time. Am I missing something?
>
> There was never anything stopping that from happening before. No driver
> core code was using that rwsem, so it wasn't protecting anything,
> despite people trying to use it as if it was :)
>
It did protect device_shutdown() from itself, didn't it?
--
Dmitry
2007/6/27, Dmitry Torokhov <[email protected]>:
> On Wednesday 27 June 2007 00:28, Greg KH wrote:
> > On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > > Hi Dave,
> > >
> > > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > > Hi,
> > > >
> > > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > > >
> > > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > > >
> > > > Signed-off-by: Dave Young <[email protected]>
> > > > ---
> > > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > > >
> > > > static void atkbd_cleanup(struct serio *serio)
> > > > {
> > > > + static int flag;
> > > > +
> > > > + if(flag)
> > > > + return;
> > > > + flag = 1;
> > >
> > > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > > suspend attempt. It will also not work if you have an active MUX and
> > > have a couple of keyboards connected.
> > >
> > > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > > for that matter) there is nothing as far as I can see that stops
> > > several threads from running device_shutdown() simultaneously. I also
> > > do not see what would isolate device probing and shutting them down
> > > at the same time. Am I missing something?
> >
> > There was never anything stopping that from happening before. No driver
> > core code was using that rwsem, so it wasn't protecting anything,
> > despite people trying to use it as if it was :)
> >
>
> It did protect device_shutdown() from itself, didn't it?
>
> --
> Dmitry
>
how about check ps2dev->serio in ps2_command before use it?
Regards
dave
On Wed, Jun 27, 2007 at 12:59:32AM -0400, Dmitry Torokhov wrote:
> On Wednesday 27 June 2007 00:28, Greg KH wrote:
> > On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > > Hi Dave,
> > >
> > > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > > Hi,
> > > >
> > > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > > >
> > > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > > >
> > > > Signed-off-by: Dave Young <[email protected]>
> > > > ---
> > > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > > >
> > > > static void atkbd_cleanup(struct serio *serio)
> > > > {
> > > > + static int flag;
> > > > +
> > > > + if(flag)
> > > > + return;
> > > > + flag = 1;
> > >
> > > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > > suspend attempt. It will also not work if you have an active MUX and
> > > have a couple of keyboards connected.
> > >
> > > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > > for that matter) there is nothing as far as I can see that stops
> > > several threads from running device_shutdown() simultaneously. I also
> > > do not see what would isolate device probing and shutting them down
> > > at the same time. Am I missing something?
> >
> > There was never anything stopping that from happening before. No driver
> > core code was using that rwsem, so it wasn't protecting anything,
> > despite people trying to use it as if it was :)
> >
>
> It did protect device_shutdown() from itself, didn't it?
Hm, yeah, it did, but that was it. If that was its goal, it sure wasn't
obvious at all.
Do you think the driver core needs to serialize this?
thanks,
greg k-h
On 6/27/07, Greg KH <[email protected]> wrote:
> On Wed, Jun 27, 2007 at 12:59:32AM -0400, Dmitry Torokhov wrote:
> > On Wednesday 27 June 2007 00:28, Greg KH wrote:
> > > On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > > > Hi Dave,
> > > >
> > > > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > > > Hi,
> > > > >
> > > > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > > > >
> > > > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > > > >
> > > > > Signed-off-by: Dave Young <[email protected]>
> > > > > ---
> > > > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > > > >
> > > > > static void atkbd_cleanup(struct serio *serio)
> > > > > {
> > > > > + static int flag;
> > > > > +
> > > > > + if(flag)
> > > > > + return;
> > > > > + flag = 1;
> > > >
> > > > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > > > suspend attempt. It will also not work if you have an active MUX and
> > > > have a couple of keyboards connected.
> > > >
> > > > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > > > for that matter) there is nothing as far as I can see that stops
> > > > several threads from running device_shutdown() simultaneously. I also
> > > > do not see what would isolate device probing and shutting them down
> > > > at the same time. Am I missing something?
> > >
> > > There was never anything stopping that from happening before. No driver
> > > core code was using that rwsem, so it wasn't protecting anything,
> > > despite people trying to use it as if it was :)
> > >
> >
> > It did protect device_shutdown() from itself, didn't it?
>
> Hm, yeah, it did, but that was it. If that was its goal, it sure wasn't
> obvious at all.
>
> Do you think the driver core needs to serialize this?
>
I think that we need to have device tree (or rather list) stable while
we performing system-wide state transitions, such as shutdown.
Otheriwse if device_shutdown runs simultaneously with device discovery
and new devices get added to the list we risk leaving them (and
potentially thier parents) running. I think we had something like that
before klist conversion - kobject_add was taking device_subsys.rwsem.
However there are dangers if some device goes offline on its own right
in the middle of shutdown process and bus code deadlocks... Maybe we
only need to disable adding new devices in suspend/shutdown path while
allowing removal... I am not sure.
Overall there is lack of consistent locking in suspend/shutdown area:
shutdown interface uses BKL, suspend (swsusp et all) uses pm_mutex and
C_A_D handler does not have any locking at all at the moment.
> thanks,
>
> greg k-h
>
--
Dmitry
On Wednesday 27 June 2007 01:02, dave young wrote:
> 2007/6/27, Dmitry Torokhov <[email protected]>:
> > On Wednesday 27 June 2007 00:28, Greg KH wrote:
> > > On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > > > Hi Dave,
> > > >
> > > > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > > > Hi,
> > > > >
> > > > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > > > >
> > > > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > > > >
> > > > > Signed-off-by: Dave Young <[email protected]>
> > > > > ---
> > > > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > > > >
> > > > > static void atkbd_cleanup(struct serio *serio)
> > > > > {
> > > > > + static int flag;
> > > > > +
> > > > > + if(flag)
> > > > > + return;
> > > > > + flag = 1;
> > > >
> > > > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > > > suspend attempt. It will also not work if you have an active MUX and
> > > > have a couple of keyboards connected.
> > > >
> > > > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > > > for that matter) there is nothing as far as I can see that stops
> > > > several threads from running device_shutdown() simultaneously. I also
> > > > do not see what would isolate device probing and shutting them down
> > > > at the same time. Am I missing something?
> > >
> > > There was never anything stopping that from happening before. No driver
> > > core code was using that rwsem, so it wasn't protecting anything,
> > > despite people trying to use it as if it was :)
> > >
> >
> > It did protect device_shutdown() from itself, didn't it?
> >
> > --
> > Dmitry
> >
> how about check ps2dev->serio in ps2_command before use it?
I don't think we ever set it to NULL. Does the patch below help any?
--
Dmitry
Signed-off-by: Dmitry Torokhov <[email protected]>
---
drivers/input/serio/serio.c | 2 ++
1 files changed, 2 insertions(+)
Index: work/drivers/input/serio/serio.c
===================================================================
--- work.orig/drivers/input/serio/serio.c
+++ work/drivers/input/serio/serio.c
@@ -769,8 +769,10 @@ static int serio_driver_remove(struct de
static void serio_cleanup(struct serio *serio)
{
+ mutex_lock(&serio->drv_mutex);
if (serio->drv && serio->drv->cleanup)
serio->drv->cleanup(serio);
+ mutex_unlock(&serio->drv_mutex);
}
static void serio_shutdown(struct device *dev)
>2007/6/28, Dmitry Torokhov <[email protected]>:
> On Wednesday 27 June 2007 01:02, dave young wrote:
> > 2007/6/27, Dmitry Torokhov <[email protected]>:
> > > On Wednesday 27 June 2007 00:28, Greg KH wrote:
> > > > On Wed, Jun 27, 2007 at 12:34:09AM -0400, Dmitry Torokhov wrote:
> > > > > Hi Dave,
> > > > >
> > > > > On Wednesday 27 June 2007 06:59, Dave Young wrote:
> > > > > > Hi,
> > > > > >
> > > > > > If you press ctrl+alt+del several times as kernel booting (before user level bootin), the kernel will oops. I found the ps2_command is called more than once, then the ps2dev->serio maybe NULL pointer.
> > > > > >
> > > > > > 2.6.22-rc5 and 2.6.22-rc6 have same result.
> > > > > >
> > > > > > Signed-off-by: Dave Young <[email protected]>
> > > > > > ---
> > > > > > diff -upr linux/drivers/input/keyboard/atkbd.c linux.new/drivers/input/keyboard/atkbd.c
> > > > > > --- linux/drivers/input/keyboard/atkbd.c 2007-06-27 10:38:37.000000000 +0000
> > > > > > +++ linux.new/drivers/input/keyboard/atkbd.c 2007-06-27 10:37:39.000000000 +0000
> > > > > > @@ -795,6 +795,11 @@ static int atkbd_activate(struct atkbd *
> > > > > >
> > > > > > static void atkbd_cleanup(struct serio *serio)
> > > > > > {
> > > > > > + static int flag;
> > > > > > +
> > > > > > + if(flag)
> > > > > > + return;
> > > > > > + flag = 1;
> > > > >
> > > > > Unfortunately this will prevent atkbd from resetting keyboard on 2nd
> > > > > suspend attempt. It will also not work if you have an active MUX and
> > > > > have a couple of keyboards connected.
> > > > >
> > > > > Greg, now that you removed rwsem from subsystem (and subsystem itself
> > > > > for that matter) there is nothing as far as I can see that stops
> > > > > several threads from running device_shutdown() simultaneously. I also
> > > > > do not see what would isolate device probing and shutting them down
> > > > > at the same time. Am I missing something?
> > > >
> > > > There was never anything stopping that from happening before. No driver
> > > > core code was using that rwsem, so it wasn't protecting anything,
> > > > despite people trying to use it as if it was :)
> > > >
> > >
> > > It did protect device_shutdown() from itself, didn't it?
> > >
> > > --
> > > Dmitry
> > >
> > how about check ps2dev->serio in ps2_command before use it?
>
> I don't think we ever set it to NULL. Does the patch below help any?
>
> --
> Dmitry
>
>
> Signed-off-by: Dmitry Torokhov <[email protected]>
> ---
>
> drivers/input/serio/serio.c | 2 ++
> 1 files changed, 2 insertions(+)
>
> Index: work/drivers/input/serio/serio.c
> ===================================================================
> --- work.orig/drivers/input/serio/serio.c
> +++ work/drivers/input/serio/serio.c
> @@ -769,8 +769,10 @@ static int serio_driver_remove(struct de
>
> static void serio_cleanup(struct serio *serio)
> {
> + mutex_lock(&serio->drv_mutex);
> if (serio->drv && serio->drv->cleanup)
> serio->drv->cleanup(serio);
> + mutex_unlock(&serio->drv_mutex);
> }
>
> static void serio_shutdown(struct device *dev)
>
Yes, l tested with this patch, looks good to me.
Regards
dave