open("/dev/ttyO2", O_RDONLY) never returns on the 2.6.38-1000-linaro-omap

Bug #728565 reported by Ken Werner
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-linaro (Ubuntu)
Undecided
Unassigned
linux-linaro-omap (Ubuntu)
Undecided
Unassigned

Bug Description

When using the 2.6.38-1000-linaro-omap kernel the process hangs as the open call never returns. Here is a small testcase:

#include <sys/stat.h>
#include <fcntl.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
int main (int argc, char **argv){
  int fd;
  fd = open("/dev/ttyO2", O_RDONLY);
  if (fd == -1) {
    perror ("open failed");
    exit(EXIT_FAILURE);
  }
  close(fd);
  return 0;
}

Here is the stack trace of this task:
[ 651.671020] open S c059b724 0 642 532 0x00000000
[ 651.671051] [<c059b724>] (schedule+0x3f4/0x778) from [<c0387678>] (tty_port_block_til_ready+0x138/0x2f4)
[ 651.671081] [<c0387678>] (tty_port_block_til_ready+0x138/0x2f4) from [<c0380aac>] (tty_open+0x178/0x420)
[ 651.671081] [<c0380aac>] (tty_open+0x178/0x420) from [<c016b2a8>] (chrdev_open+0x114/0x1ec)
[ 651.671112] [<c016b2a8>] (chrdev_open+0x114/0x1ec) from [<c0165918>] (__dentry_open+0x100/0x2b8)
[ 651.671142] [<c0165918>] (__dentry_open+0x100/0x2b8) from [<c01668fc>] (nameidata_to_filp+0x60/0x68)
[ 651.671142] [<c01668fc>] (nameidata_to_filp+0x60/0x68) from [<c0174688>] (finish_open+0xa0/0x174)
[ 651.671173] [<c0174688>] (finish_open+0xa0/0x174) from [<c0174bec>] (do_filp_open+0x18c/0x5f8)
[ 651.671173] [<c0174bec>] (do_filp_open+0x18c/0x5f8) from [<c0166960>] (do_sys_open+0x5c/0x138)
[ 651.671203] [<c0166960>] (do_sys_open+0x5c/0x138) from [<c0065c40>] (ret_fast_syscall+0x0/0x30)

Ken Werner (kwerner)
summary: - open("/dev/ttyO2", O_RDONLY) returns on the 2.6.38-1000-linaro-omap
+ open("/dev/ttyO2", O_RDONLY) never returns on the 2.6.38-1000-linaro-
+ omap
Revision history for this message
Dr. David Alan Gilbert (davidgil-uk) wrote :
Download full text (4.3 KiB)

I can confirm the same on my panda; note that when this hangs I did a ctrl-d in the serial console and got the following oops:

[20361.272521] Unable to handle kernel NULL pointer dereference at virtual address 0000009c
[20361.281005] pgd = d9d14000
[20361.283843] [0000009c] *pgd=8160c831, *pte=00000000, *ppte=00000000
[20361.290405] Internal error: Oops: 17 [#1] SMP
[20361.294921] last sysfs file: /sys/devices/system/cpu/cpu1/topology/core_siblings
[20361.302642] Modules linked in: smsc95xx usbnet omap_wdt omap2_mcspi leds_gpio twl4030_pwrbutton twl6030_usb usbhid usb_storage hid uas
[20361.315307] CPU: 0 Tainted: G W (2.6.38-1000-linaro-omap #1-Ubuntu)
[20361.322998] PC is at uart_update_termios+0xb0/0xc0
[20361.328033] LR is at tty_port_block_til_ready+0x170/0x2f4
[20361.333648] pc : [<c03973d8>] lr : [<c03876b0>] psr: 600f0013
[20361.333648] sp : da85dd70 ip : 00000000 fp : c1742800
[20361.345642] r10: 00000000 r9 : d9f89950 r8 : d9f8995c
[20361.351074] r7 : c1742800 r6 : da85c000 r5 : 00000000 r4 : c1403c00
[20361.357879] r3 : 00000000 r2 : 00000002 r1 : d9f89948 r0 : 00000002
[20361.364685] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[20361.372131] Control: 10c53c7d Table: 99d1404a DAC: 00000015
[20361.378112] Process a.out (pid: 1371, stack limit = 0xda85c2f8)
[20361.384277] Stack: (0xda85dd70 to 0xda85e000)
[20361.388824] dd60: d9f89948 c14888c0 da85c000 c03876b0
[20361.397369] dd80: c1742800 c015e720 80000013 d9f89948 00000002 00000000 c14ccf60 c00c6574
[20361.405883] dda0: da85dda0 da85dda0 00000000 0fc00002 c14888c0 00000000 da85c000 c1408060
[20361.414428] ddc0: c07e6b0c c0380aac 00000105 00000000 da0d9000 00000002 d9f6b788 d9f6b788
[20361.422943] dde0: 00000000 c1408060 00000000 c14888c0 da85c000 00000000 00000000 c016b2a8
[20361.431488] de00: c1408060 00000000 da85c000 c14888c0 da4ac800 c1488640 c1408060 00000000
[20361.440002] de20: da85c000 c016b194 00000000 c0165918 00000000 d9d4e700 00000000 c14888c0
[20361.448516] de40: da85ded4 00000024 da85c000 00000000 00000000 c01668fc d9d4e700 c01744f4
[20361.457061] de60: da85ded4 da85ded4 00000000 00000000 00000000 c0174688 da85ded4 00000000
[20361.465576] de80: 00000000 00000024 00000101 da85ded4 c16b4000 c0174bec 00100100 00200200
[20361.474121] dea0: 00000000 00000000 d9d15000 400effff c07ff960 ffffff9c 400f0000 da85df34
[20361.482635] dec0: c1729860 400e1000 d9c92318 da612d80 da612d70 c1488640 da4ac800 da612d70
[20361.491149] dee0: c6569a00 00000000 00000000 da5a6c00 00000000 c1408060 00000101 00000002
[20361.499694] df00: 00000001 00000000 400e0000 c005b4d4 00000010 c0168914 00000020 00000000
[20361.508209] df20: 400e1000 00000000 00000000 00000001 00000000 00000000 d9c92318 c07ababc
[20361.516754] df40: da82f380 da82f388 00000000 c16b4000 ffffff9c 00000003 00000005 00000000
[20361.525268] df60: da85c000 00000000 00000000 c0166960 00000000 400e1000 c1729860 beade91c
[20361.533813] df80: da85c000 00000000 beade7d8 000083a5 00000005 c0065e08 da85c000 00000000
[20361.542327] dfa0: 00000000 c0065c40 00000000 beade7d8 000084c0 00000000 beade91c 00008425
[20361.550872] dfc0: 00000000 beade7d8 0000...

Read more...

Revision history for this message
warmcat (andy-warmcat) wrote :

I could reproduce this with strace cat /dev/ttyO2, it hung at the open() but responded to ^C.

I couldn't reproduce the OOPS.

Revision history for this message
Ken Werner (kwerner) wrote :

I've got the Oops but only once. It looked very similar to what David posted.

John Rigby (jcrigby)
Changed in linux-linaro (Ubuntu):
status: New → Invalid
Revision history for this message
Chase Qi (chase-qi) wrote :
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.