Hi. I have a problem with a bluetooth BCM2033-based device. I've seen it for a while now in 2.4 (not sure exactly how long). I've recently tested this in 2.4.22-pre5 and 2.4.22-pre7.
It is fairly simple to reproduce:
1. boot the machine (using uhci)
2. insert a PCI BCM2033-based bluetooth adapter, observe the firmware
getting loaded, don't actually bring the hci0 interface up,
3. remove the adapter, everything looks fine
4. try to rmmod uhci and get:
kmem_cache_destroy: Can't free all objects c12c7b40
uhci: not all urb_priv's were freed
[...]
usb.c: USB bus 1 deregistered
kmem_cache_destroy: Can't free all objects c12c7b40
uhci: not all urb_priv's were freed
This in itself wouldn't be such a problem (although all corruption
problems are scary), but it completely breaks swsusp (software
suspend). At resume time, I get:
kernel BUG at slab.c:815!
invalid operand: 0000
CPU: 0
EIP: 0010:[<c01328ed>] Tainted: P Z
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010246
eax: 00000000 ebx: c12c7bb0 ecx: c12c7c18 edx: c12c7ba8
esi: c12c7ba2 edi: d0826d1a ebp: 0000003c esp: c8fe3ef0
ds: 0018 es: 0018 ss: 0018
Process modprobe (pid: 8977, stackpage=c8fe3000)
Stack: fffffff4 00000001 00000001 ffffffea c8fe3f0c c12c7bd0 00000004 0000001c
d08257c0 d0826d0c 0000003c 00000020 00020000 00000000 00000000 d0821000
c01173dd c8fe2000 00000000 00000013 bfffc178 00005d48 c8c09000 00000060
Call Trace: [<d08257c0>] [<d0826d0c>] [<c01173dd>] [<d0821060>] [<c01086df>]
Code: 0f 0b 2f 03 60 1e 25 c0 8b 12 8b 02 0f 18 00 81 fa a8 55 29
>>EIP; c01328ed <kmem_cache_create+2f9/344> <=====
>>ebx; c12c7bb0 <_end+fbb4d8/10500988>
>>ecx; c12c7c18 <_end+fbb540/10500988>
>>edx; c12c7ba8 <_end+fbb4d0/10500988>
>>esi; c12c7ba2 <_end+fbb4ca/10500988>
>>edi; d0826d1a <[uhci]__module_pci_device_size+72/9f>
>>esp; c8fe3ef0 <_end+8cd7818/10500988>
Trace; d08257c0 <[uhci]uhci_hcd_init+70/f4>
Trace; d0826d0c <[uhci]__module_pci_device_size+64/9f>
Trace; c01173dd <sys_init_module+555/600>
Trace; d0821060 <[uhci]uhci_show_td+0/1c8>
Trace; c01086df <system_call+33/38>
Code; c01328ed <kmem_cache_create+2f9/344>
00000000 <_EIP>:
Code; c01328ed <kmem_cache_create+2f9/344> <=====
0: 0f 0b ud2a <=====
Code; c01328ef <kmem_cache_create+2fb/344>
2: 2f das
Code; c01328f0 <kmem_cache_create+2fc/344>
3: 03 60 1e add 0x1e(%eax),%esp
Code; c01328f3 <kmem_cache_create+2ff/344>
6: 25 c0 8b 12 8b and $0x8b128bc0,%eax
Code; c01328f8 <kmem_cache_create+304/344>
b: 02 0f add (%edi),%cl
Code; c01328fa <kmem_cache_create+306/344>
d: 18 00 sbb %al,(%eax)
Code; c01328fc <kmem_cache_create+308/344>
f: 81 fa a8 55 29 00 cmp $0x2955a8,%edx
--J.
pgp00000.pgp
Description: PGP signature
