Return-path: Received: from mtiwmhc12.worldnet.att.net ([204.127.131.116]:51523 "EHLO mtiwmhc12.worldnet.att.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756029AbXK1PFf (ORCPT ); Wed, 28 Nov 2007 10:05:35 -0500 Message-ID: <474D83BF.7000102@lwfinger.net> (sfid-20071128_150540_477524_244EF702) Date: Wed, 28 Nov 2007 09:05:35 -0600 From: Larry Finger MIME-Version: 1.0 To: Michael Buesch CC: bcm43xx-dev@lists.berlios.de, linux-wireless@vger.kernel.org Subject: Re: [RFC/T V2] b43: Fix Radio On/Off LED action References: <474c3fed.AWsUCELaFNf32i8C%Larry.Finger@lwfinger.net> <200711272120.44575.mb@bu3sch.de> <474C8A8E.6070404@lwfinger.net> <200711281511.22788.mb@bu3sch.de> In-Reply-To: <200711281511.22788.mb@bu3sch.de> Content-Type: text/plain; charset=ISO-8859-1 Sender: linux-wireless-owner@vger.kernel.org List-ID: Michael Buesch wrote: > > So it's a lock dependency between rfkill->mutex and wl->mutex? > So, now comes the question that really matters. Who is the caller > of rfkill_toggle_radio, in the case where it crashes? > Here is the full dump. It looks to me as if b43_rfkill_soft_toggle() calls rfkill_handler(), which calls rfkill_toggle_radio() and it is calling b43_rfkill_soft_toggle(). I'd call that a loop. kernel: kernel: ======================================================= kernel: [ INFO: possible circular locking dependency detected ] kernel: 2.6.24-rc3-L2.6-g65d438bf-dirty #24 kernel: ------------------------------------------------------- kernel: events/0/9 is trying to acquire lock: kernel: (&wl->mutex){--..}, at: [] b43_rfkill_soft_toggle+0x33/0xb2 [b43] kernel: kernel: but task is already holding lock: kernel: (&rfkill->mutex){--..}, at: [] rfkill_toggle_radio+0x1f/0x7d kernel: kernel: which lock already depends on the new lock. kernel: kernel: kernel: the existing dependency chain (in reverse order) is: kernel: kernel: -> #2 (&rfkill->mutex){--..}: kernel: [] __lock_acquire+0xb34/0xd47 kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] lock_acquire+0x85/0xa9 kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] mutex_lock_interruptible_nested+0x113/0x31e kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] rfkill_register+0x9b/0x107 kernel: [] b43_rfkill_init+0x15e/0x1cb [b43] kernel: [] b43_wireless_core_init+0x682/0x784 [b43] kernel: [] b43_op_start+0x33/0x74 [b43] kernel: [] ieee80211_open+0x1c7/0x3dd [mac80211] kernel: [] dev_open+0x4e/0x88 kernel: [] dev_change_flags+0xaf/0x16b kernel: [] do_setlink+0x27a/0x346 kernel: [] _read_unlock+0x26/0x2b kernel: [] rtnl_setlink+0xf9/0x11c kernel: [] rtnetlink_rcv_msg+0x1b6/0x1d5 kernel: [] rtnetlink_rcv_msg+0x0/0x1d5 kernel: [] netlink_rcv_skb+0x3e/0xaa kernel: [] rtnetlink_rcv+0x20/0x29 kernel: [] netlink_unicast+0x1d9/0x23a kernel: [] __alloc_skb+0x8a/0x138 kernel: [] netlink_sendmsg+0x2aa/0x2bd kernel: [] sock_sendmsg+0xdf/0xf8 kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] __lock_acquire+0xd26/0xd47 kernel: [] move_addr_to_kernel+0x40/0x49 kernel: [] verify_iovec+0x4f/0x8e kernel: [] sys_sendmsg+0x1e1/0x253 kernel: [] up_read+0x26/0x2a kernel: [] do_page_fault+0x3bf/0x764 kernel: [] sys_getsockname+0x66/0x8c kernel: [] trace_hardirqs_on+0x11c/0x147 kernel: [] trace_hardirqs_on_thunk+0x35/0x3a kernel: [] system_call+0x7e/0x83 kernel: [] 0xffffffffffffffff kernel: kernel: -> #1 (rfkill_mutex){--..}: kernel: [] __lock_acquire+0xb34/0xd47 kernel: [] rfkill_register+0x87/0x107 kernel: [] lock_acquire+0x85/0xa9 kernel: [] rfkill_register+0x87/0x107 kernel: [] rfkill_register+0x87/0x107 kernel: [] mutex_lock_nested+0x10e/0x2b6 kernel: [] rfkill_register+0x87/0x107 kernel: [] b43_rfkill_init+0x15e/0x1cb [b43] kernel: [] b43_wireless_core_init+0x682/0x784 [b43] kernel: [] b43_op_start+0x33/0x74 [b43] kernel: [] ieee80211_open+0x1c7/0x3dd [mac80211] kernel: [] dev_open+0x4e/0x88 kernel: [] dev_change_flags+0xaf/0x16b kernel: [] do_setlink+0x27a/0x346 kernel: [] _read_unlock+0x26/0x2b kernel: [] rtnl_setlink+0xf9/0x11c kernel: [] rtnetlink_rcv_msg+0x1b6/0x1d5 kernel: [] rtnetlink_rcv_msg+0x0/0x1d5 kernel: [] netlink_rcv_skb+0x3e/0xaa kernel: [] rtnetlink_rcv+0x20/0x29 kernel: [] netlink_unicast+0x1d9/0x23a kernel: [] __alloc_skb+0x8a/0x138 kernel: [] netlink_sendmsg+0x2aa/0x2bd kernel: [] sock_sendmsg+0xdf/0xf8 kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] __lock_acquire+0xd26/0xd47 kernel: [] move_addr_to_kernel+0x40/0x49 kernel: [] verify_iovec+0x4f/0x8e kernel: [] sys_sendmsg+0x1e1/0x253 kernel: [] up_read+0x26/0x2a kernel: [] do_page_fault+0x3bf/0x764 kernel: [] sys_getsockname+0x66/0x8c kernel: [] trace_hardirqs_on+0x11c/0x147 kernel: [] trace_hardirqs_on_thunk+0x35/0x3a kernel: [] system_call+0x7e/0x83 kernel: [] 0xffffffffffffffff kernel: kernel: -> #0 (&wl->mutex){--..}: kernel: [] print_circular_bug_entry+0x48/0x4f kernel: [] __lock_acquire+0xa36/0xd47 kernel: [] b43_rfkill_soft_toggle+0x33/0xb2 [b43] kernel: [] lock_acquire+0x85/0xa9 kernel: [] b43_rfkill_soft_toggle+0x33/0xb2 [b43] kernel: [] b43_rfkill_soft_toggle+0x33/0xb2 [b43] kernel: [] mutex_lock_nested+0x10e/0x2b6 kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] rfkill_task_handler+0x0/0x54 kernel: [] b43_rfkill_soft_toggle+0x33/0xb2 [b43] kernel: [] rfkill_toggle_radio+0x3c/0x7d kernel: [] rfkill_switch_all+0x3e/0x78 kernel: [] rfkill_task_handler+0x3c/0x54 kernel: [] run_workqueue+0xeb/0x200 kernel: [] worker_thread+0xed/0xfe kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] worker_thread+0x0/0xfe kernel: [] kthread+0x49/0x77 kernel: [] child_rip+0xa/0x12 kernel: [] restore_args+0x0/0x30 kernel: [] kthread+0x0/0x77 kernel: [] child_rip+0x0/0x12 kernel: [] 0xffffffffffffffff kernel: kernel: other info that might help us debug this: kernel: kernel: 5 locks held by events/0/9: kernel: #0: (events){--..}, at: [] run_workqueue+0xa0/0x200 kernel: #1: (rfkill_wlan.work){--..}, at: [] run_workqueue+0xa0/0x200 kernel: #2: (rfkill_wlan.mutex){--..}, at: [] rfkill_task_handler+0x1e/0x54 kernel: #3: (rfkill_mutex){--..}, at: [] rfkill_switch_all+0x1c/0x78 kernel: #4: (&rfkill->mutex){--..}, at: [] rfkill_toggle_radio+0x1f/0x7d kernel: kernel: stack backtrace: kernel: kernel: Call Trace: kernel: [] print_circular_bug_tail+0x70/0x7b kernel: [] print_circular_bug_entry+0x48/0x4f kernel: [] __lock_acquire+0xa36/0xd47 kernel: [] :b43:b43_rfkill_soft_toggle+0x33/0xb2 kernel: [] lock_acquire+0x85/0xa9 kernel: [] :b43:b43_rfkill_soft_toggle+0x33/0xb2 kernel: [] :b43:b43_rfkill_soft_toggle+0x33/0xb2 kernel: [] mutex_lock_nested+0x10e/0x2b6 kernel: [] rfkill_toggle_radio+0x1f/0x7d kernel: [] rfkill_task_handler+0x0/0x54 kernel: [] :b43:b43_rfkill_soft_toggle+0x33/0xb2 kernel: [] rfkill_toggle_radio+0x3c/0x7d kernel: [] rfkill_switch_all+0x3e/0x78 kernel: [] rfkill_task_handler+0x3c/0x54 kernel: [] run_workqueue+0xeb/0x200 kernel: [] worker_thread+0xed/0xfe kernel: [] autoremove_wake_function+0x0/0x38 kernel: [] worker_thread+0x0/0xfe kernel: [] kthread+0x49/0x77 kernel: [] child_rip+0xa/0x12 kernel: [] restore_args+0x0/0x30 kernel: [] kthread+0x0/0x77 kernel: [] child_rip+0x0/0x12