From: Dirk Gouders <gouders@et.bocholt.fh-gelsenkirchen.de>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: "linux-kernel\@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [Problem] kernel hangs at boot (bisected 892d208bcf)
Date: Thu, 19 Jan 2012 13:16:56 +0100 [thread overview]
Message-ID: <gi1uqvsx8n.fsf@karga.hank.lab> (raw)
In-Reply-To: <20120119110121.GC9268@arm.com> (Catalin Marinas's message of "Thu, 19 Jan 2012 11:01:21 +0000")
Hi Catalin,
Catalin Marinas <catalin.marinas@arm.com> writes:
> Hi Dirk,
>
> On Wed, Jan 18, 2012 at 07:32:59PM +0000, Dirk Gouders wrote:
>> I am not sure if you are the correct person to contact,
>
> I am for kmemleak :) but I'm not sure it's kmemleak's fault here.
>
>> but
>> I noticed a regression in Linus' master branch and bisected this to
>> commit 892d208bcf
>> "Merge tag 'kmemleak' of git://git.kernel.org/pub/scm/linux/kernel/git/cmarinas/linux".
> ...
>> Freeing unused kernel memory: 608k freed
>> kernel tried to execute NX-protected page - exploit attempt? (uid: 0)
>> BUG: unable to handle kernel paging request at ffffffff818b232b
>> IP: [<ffffffff818b232b>] kmemleak_late_init+0x8a/0x8a
>> PGD 17ed067 PUD 17f1063 PMD 3c6a9063 PTE 80000000018b2163
>> Oops: 0011 [#1] SMP
>> CPU 1
>> Modules linked in:
>>
>> Pid: 1, comm: swapper/0 Not tainted 3.2.0-09104-gccb19d2 #4 Bochs Bochs
>> RIP: 0010:[<ffffffff818b232b>] [<ffffffff818b232b>] kmemleak_late_init+0x8a/0x8a
>> RSP: 0018:ffff88003fd03e58 EFLAGS: 00010282
>> RAX: 0000000000000001 RBX: ffff88003dbd2600 RCX: 0000000000000000
>> RDX: 0000000000000000 RSI: ffff88003dbd2600 RDI: 0000000000000002
>> RBP: ffff88003e015488 R08: ffff88003fd0d5c0 R09: ffff88003fd122e0
>> R10: 0000000000000400 R11: ffffffff81572da5 R12: ffffea0000f6f480
>> R13: ffffffff810aa687 R14: 0000000000000000 R15: ffff88003e31dbc8
>> FS: 0000000000000000(0000) GS:ffff88003fd00000(0000) knlGS:0000000000000000
>> CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>> CR2: ffffffff818b232b CR3: 00000000017eb000 CR4: 00000000000006e0
>> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>> DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
>> Process swapper/0 (pid: 1, threadinfo ffff88003e272000, task ffff88003e278000)
>> Stack:
>> ffffffff810fed11 ffff88003dbd2680 ffff88003fd0d830 ffffffff81805980
>> ffff88003d48dd00 ffff88003fd0d860 ffffffff810aa687 ffff88003e2ad420
>> 0000000a3e2ad820 ffff88003e272000 ffff88003e278000 ffff88003fd03eb0
>> Call Trace:
>> <IRQ>
>> [<ffffffff810fed11>] ? kmem_cache_free+0x4f/0xd9
>> [<ffffffff810aa687>] ? __rcu_process_callbacks+0x1bf/0x2e2
>> [<ffffffff810aa7f4>] ? rcu_process_callbacks+0x4a/0x95
>> [<ffffffff8105cc1a>] ? __do_softirq+0xb6/0x171
>> [<ffffffff8155a58c>] ? call_softirq+0x1c/0x30
>> [<ffffffff81032d85>] ? do_softirq+0x31/0x68
>> [<ffffffff8105ce7f>] ? irq_exit+0x44/0x9e
>> [<ffffffff81047fd9>] ? smp_apic_timer_interrupt+0x85/0x95
>> [<ffffffff818d1000>] ? free_area_init_node+0x21f/0x2fb
>> [<ffffffff81559c4b>] ? apic_timer_interrupt+0x6b/0x70
>> <EOI>
>> [<ffffffff818d1000>] ? free_area_init_node+0x21f/0x2fb
>> [<ffffffff818d14b0>] ? __next_free_mem_range_rev+0x57/0x11e
>> [<ffffffff8104d31b>] ? free_init_pages+0xea/0x110
>> [<ffffffff810001c0>] ? init_post+0xe/0xbb
>> [<ffffffff81895b93>] ? kernel_init+0x10f/0x113
>> [<ffffffff8155a494>] ? kernel_thread_helper+0x4/0x10
>> [<ffffffff81895a84>] ? start_kernel+0x319/0x319
>> [<ffffffff8155a490>] ? gs_change+0xb/0xb
>> Code: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc <cc> cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
>> RIP [<ffffffff818b232b>] kmemleak_late_init+0x8a/0x8a
>> RSP <ffff88003fd03e58>
>> CR2: ffffffff818b232b
>
> I don't really see how kmemleak could cause such error (or any of the
> recent changes I have made). It looks like some of the code in the
> .init.text section is not executable.
>
> If you still have the vmlinux around, could you please run:
>
> addr2line -i -f -e vmlinux ffffffff818b232b
>
> The code shown shown in the oops message is also a bit weird (all 0xcc).
> Maybe you could do an objdump -d in that area, see if it looks like sane
> asm code.
I'll attach the information you asked for.
I mentioned that while bisecting there was another commit that gave me
hangs on boot. This was when about six candidates were left and I will
re-bisect with treating that commit bad and see where I get then.
Best regards,
Dirk
------------------------------------------------------------------------
$ addr2line -i -f -e vmlinux ffffffff818b232b
log_early
kmemleak.c:0
And here the requested part of objdump (maybe obvious: I searched for
the cc pattern as well but did not find any):
ffffffff818b232b <log_early>:
ffffffff818b232b: 55 push %rbp
ffffffff818b232c: 53 push %rbx
ffffffff818b232d: 48 83 ec 08 sub $0x8,%rsp
ffffffff818b2331: 8b 05 1d 32 13 00 mov 0x13321d(%rip),%eax # ffffffff819e5554 <kmemleak_error>
ffffffff818b2337: 85 c0 test %eax,%eax
ffffffff818b2339: 74 08 je ffffffff818b2343 <log_early+0x18>
ffffffff818b233b: ff 05 6f 2f 03 00 incl 0x32f6f(%rip) # ffffffff818e52b0 <crt_early_log>
ffffffff818b2341: eb 5c jmp ffffffff818b239f <log_early+0x74>
ffffffff818b2343: 81 3d 63 2f 03 00 8f cmpl $0x18f,0x32f63(%rip) # ffffffff818e52b0 <crt_early_log>
ffffffff818b234a: 01 00 00
ffffffff818b234d: 76 0b jbe ffffffff818b235a <log_early+0x2f>
ffffffff818b234f: 48 83 c4 08 add $0x8,%rsp
ffffffff818b2353: 5b pop %rbx
ffffffff818b2354: 5d pop %rbp
ffffffff818b2355: e9 68 0d 85 ff jmpq ffffffff811030c2 <kmemleak_disable>
ffffffff818b235a: 9c pushfq
ffffffff818b235b: 5d pop %rbp
ffffffff818b235c: fa cli
ffffffff818b235d: 48 63 1d 4c 2f 03 00 movslq 0x32f4c(%rip),%rbx # ffffffff818e52b0 <crt_early_log>
next prev parent reply other threads:[~2012-01-19 12:17 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-18 19:32 [Problem] kernel hangs at boot (bisected 892d208bcf) Dirk Gouders
2012-01-19 11:01 ` Catalin Marinas
2012-01-19 12:16 ` Dirk Gouders [this message]
2012-01-19 14:00 ` Catalin Marinas
2012-01-19 14:38 ` Dirk Gouders
2012-01-19 15:37 ` Catalin Marinas
2012-01-19 17:43 ` Dirk Gouders
2012-01-19 19:58 ` Dirk Gouders
2012-01-19 20:52 ` Dirk Gouders
2012-01-20 2:20 ` Josh Boyer
2012-01-20 9:22 ` Catalin Marinas
2012-01-20 11:01 ` Catalin Marinas
2012-01-20 12:14 ` Dirk Gouders
2012-01-20 14:16 ` Josh Boyer
2012-01-20 14:21 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=gi1uqvsx8n.fsf@karga.hank.lab \
--to=gouders@et.bocholt.fh-gelsenkirchen.de \
--cc=catalin.marinas@arm.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.