Re: Threaded interrupt handlers broken?

[Michael Buesch]

On Friday 04 September 2009 20:55:52 Michael Buesch wrote:
> On Monday 17 August 2009 14:30:31 Michael Buesch wrote:
> > Also works. Thanks.
> > 
> > Tested-by: Michael Buesch <mb@xxxxxxxxx>
> 
> Hm, I've got a strange problem here related to threaded IRQs and rmmod.
> 
> If I do this sequence, it crashes the machine:
> request_threaded_irq();
> free_irq();
> rmmod module
> modprobe module
> request_threaded_irq();
> *boom*
> 
> Here are some oops messages. These are almost always different, so I
> guess it crashes in IRQ context at random places when the IRQ triggers.
> http://bu3sch.de/misc/irq_crash1.JPG
> http://bu3sch.de/misc/irq_crash2.JPG
> 
> It seems to be a NULL pointer dereference somewhere, but I can't locate it.
> Note that it does not happen, if I omit the rmmod.
> 

Ok, what I see now is that the IRQ thread that belongs to the driver is not
destroyed on free_irq(). So it is dangling and after rmmod/modprobe it will crash
on interrupt, because the module is relocated.
Bringing the device up and down several times (without reloading the module), which
does several request_threaded_irq(); free_irq() sequences in a row, creates a new
IRQ thread each time but does not destroy the old one.

-- 
Greetings, Michael.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/