linux-avmb1:kernel crash during heavy load - capi ppp plugins - avm b1 - isa or pci

J.P.Steindlberger joerg at steindlberger.de
Fri Aug 27 21:20:02 CEST 2004 

... works great now with attached patch from e-mail "BUGFIX: several 
capi oops and strange messages in 2.6" by Calle
My kernel version is 2.6.8.1 -- I hope to read about the merging of this 
patch in Changelog to 2.6.9 ;-)

cd /usr/src/linux-version/drivers/isdn/
patch -p 2 < .../capi-oops.patch

Very much thanks to Calle!!!

> Hi,
> 
> in hope to find a kernel hacker (or someone who might forward my problem 
> to one) I'm switching to English now.
> 
> My problem is a reproducable kernel crash while uploading files > 16kB 
> via an active ISDN card by german manufacturer AVM (AVM B1 ISA or PCI) 
> using pppdcapiplugin and kernel 2.6.7.
> 
> Here my test system:
> // Debian 3.1
> // ppp 2.4.2+20040428-2
> // pppdcapiplugin 3.3.0.20040704-0.4
> # cat /proc/capi/driver
> b1isa                            1.1.2.3
> # cat /proc/capi/controller
> 1 b1isa      running  b1isa-150        B1 3.11-03 0x150 3 r2
> # ll /usr/lib/isdn/b1.t4
> -rw-r--r--  1 root root 254657 Sep 15  2003 /usr/lib/isdn/b1.t4
> # md5sum /usr/lib/isdn/b1.t4
> 5a4d2602f1477a11741695433de07de1  /usr/lib/isdn/b1.t4
> # uname -r
> 2.6.7
> 
> I tried to upload files with identical beginning but different size 
> using scp to an internet server:
> uploading files <= 16kB is okay
> uploading file = 24kB produces kernel hang (no automatic reboot) with 
> console message:
>  BUG: dst underflow 0: c024010c
> uploading file >= 32kB:
> Unable to handle kernel NULL pointer dereference at virtual address 
> 00000004
>  printing eip:
> c0241659
> *pde = 00000000
> Oops: 0002 [#1]
> Modules linked in: ppp_deflate zlib_deflate bsd_comp ppp_synctty 
> ipt_limit iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack 
> ip_tables hisax isdn sg floppy ppp_mppe ppp_generic slhc b1isa b1dma b1 
> capi kernelcapi capifs dummy ne 8390 crc32 nls_iso8859_15
> CPU:    0
> EIP:    0060:[<c0241659>]    Tainted: P
> EFLAGS: 00010003   (2.6.7-gw)
> EIP is at skb_dequeue+0x19/0x40
> eax: 00000000   ebx: 00000246   ecx: c13ae2c0   edx: c17dac98
> esi: c17dac58   edi: c21e45f6   ebp: 00000000   esp: c3fc1a54
> ds: 007b   es: 007b   ss: 0068
> Process events/0 (pid: 3, threadinfo=c3fc0000 task=c3fc8b30)
> Stack: c13aee00 c48e17fa c17dac98 c17dac98 00000000 000006a0 c13aee00 
> c21c4e48
>        c21e45f6 c17dac58 c48e26a4 c17dac58 c17dac98 c13aee00 c0be9ed8 
> 00000000
>        c3fc0000 c335f000 c4eb4a92 c335f000 00000000 c21c4868 000005e0 
> 00000000
> Call Trace:
>  [<c48e17fa>] handle_minor_send+0x3a/0x2b0 [capi]
>  [<c48e26a4>] capinc_tty_write+0xe4/0x1c0 [capi]
>  [<c4eb4a92>] ppp_sync_push+0xa2/0x140 [ppp_synctty]
>  [<c4eb49dd>] ppp_sync_send+0x3d/0x50 [ppp_synctty]
>  [<c48fa4bc>] ppp_push+0x6c/0xb0 [ppp_generic]
>  [<c48fa15c>] ppp_send_frame+0x28c/0x580 [ppp_generic]
>  [<c48f9e6d>] ppp_xmit_process+0x4d/0xb0 [ppp_generic]
>  [<c48f9b69>] ppp_start_xmit+0xd9/0x250 [ppp_generic]
>  [<c024ed7f>] qdisc_restart+0x3f/0xd0
>  [<c024423f>] dev_queue_xmit+0x16f/0x200
>  [<c025a03d>] ip_finish_output2+0xbd/0x190
>  [<c0259f80>] ip_finish_output2+0x0/0x190
>  [<c024c2e7>] nf_hook_slow+0x97/0xd0
>  [<c0259f50>] dst_output+0x0/0x30
>  [<c0257d8b>] ip_finish_output+0x1bb/0x1d0
>  [<c0259f80>] ip_finish_output2+0x0/0x190
>  [<c0259f50>] dst_output+0x0/0x30
>  [<c0259f60>] dst_output+0x10/0x30
>  [<c024c2e7>] nf_hook_slow+0x97/0xd0
>  [<c025827e>] ip_queue_xmit+0x30e/0x4f0
>  [<c0259f50>] dst_output+0x0/0x30
>  [<c0259f50>] dst_output+0x0/0x30
>  [<c01163ba>] update_process_times+0x2a/0x30
>  [<c011627b>] update_wall_time+0xb/0x40
>  [<c010cb26>] recalc_task_prio+0xa6/0x1d0
>  [<c010cca1>] activate_task+0x51/0x70
>  [<c026dacc>] tcp_v4_send_check+0x3c/0xf0
>  [<c0267d62>] tcp_transmit_skb+0x432/0x6f0
>  [<c0268af3>] tcp_write_xmit+0x153/0x2c0
>  [<c0265db1>] __tcp_data_snd_check+0xb1/0xc0
>  [<c0266346>] tcp_rcv_established+0x216/0x810
>  [<c4e8b2c3>] ipt_do_table+0x293/0x390 [ip_tables]
>  [<c026eb63>] tcp_v4_do_rcv+0xe3/0xf0
>  [<c026f087>] tcp_v4_rcv+0x517/0x6d0
>  [<c0255540>] ip_local_deliver_finish+0x0/0x130
>  [<c0255540>] ip_local_deliver_finish+0x0/0x130
>  [<c02555ea>] ip_local_deliver_finish+0xaa/0x130
>  [<c024c2e7>] nf_hook_slow+0x97/0xd0
>  [<c0255670>] ip_rcv_finish+0x0/0x1f0
>  [<c0255114>] ip_local_deliver+0x164/0x190
>  [<c0255540>] ip_local_deliver_finish+0x0/0x130
>  [<c02557f7>] ip_rcv_finish+0x187/0x1f0
>  [<c024c2e7>] nf_hook_slow+0x97/0xd0
>  [<c025548e>] ip_rcv+0x34e/0x400
>  [<c0255670>] ip_rcv_finish+0x0/0x1f0
>  [<c02446d0>] netif_receive_skb+0x150/0x180
>  [<c024476f>] process_backlog+0x6f/0x120
>  [<c024487f>] net_rx_action+0x5f/0xf0
>  [<c0113043>] __do_softirq+0x83/0x90
>  [<c0113076>] do_softirq+0x26/0x30
>  [<c4eb44c3>] ppp_sync_receive+0x43/0x70 [ppp_synctty]
>  [<c48e16e7>] handle_recv_skb+0xc7/0x150 [capi]
>  [<c48e179f>] handle_minor_recv+0x2f/0x50 [capi]
>  [<c48d7230>] recv_handler+0x0/0x80 [kernelcapi]
>  [<c48d728c>] recv_handler+0x5c/0x80 [kernelcapi]
>  [<c011bc1b>] worker_thread+0x18b/0x230
>  [<c010d570>] default_wake_function+0x0/0x20
>  [<c0287483>] schedule+0x273/0x440
>  [<c010d570>] default_wake_function+0x0/0x20
>  [<c011ba90>] worker_thread+0x0/0x230
>  [<c011e897>] kthread+0x97/0xa0
>  [<c011e800>] kthread+0x0/0xa0
>  [<c01020a5>] kernel_thread_helper+0x5/0x10
> 
> Code: 89 50 04 c7 01 00 00 00 00 c7 41 04 00 00 00 00 c7 41 08 00
>  <0>Kernel panic: Fatal exception in interrupt
> In interrupt handler - not syncing
>  <0>Rebooting in 1 seconds..
> 
> Thanks for helping and making linux kernel bug free.
> Joerg
> _______________________________________________
> linux-avmb1 mailing list
> linux-avmb1 at mlists.in-berlin.de
> https://mlists.in-berlin.de/mailman/listinfo/linux-avmb1

Works great now with attached patch from e-mail "BUGFIX: several capi 
oops and strange messages in 2.6" by Calle

Very much thanks to Calle!!!

More information about the linux-avmb1 mailing list