* kernel bug using 2.6.23-rc9
@ 2007-10-04 12:49 Giuseppe Sacco
2007-10-05 12:25 ` Ralf Baechle
0 siblings, 1 reply; 5+ messages in thread
From: Giuseppe Sacco @ 2007-10-04 12:49 UTC (permalink / raw)
To: linux-mips
Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like
this:
Kernel bug detected[#9]:
Cpu 0
$ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18
$ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff
$ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60
$12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000
$16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18
$20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60
$24 : 0000000000478284 000000002ac30580
$28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390
Hi : 000000000000f2d3
Lo : 00000000000050f1
epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D
ra : ffffffff8001b390 __flush_anon_page+0x70/0x90
Status: 9001fce3 KX SX UX KERNEL EXL IE
Cause : 00000034
PrId : 00002321
Modules linked in: ppp_deflate zlib_deflate bsd_comp iptable_filter ipt_MASQUERADE xt_tcpudp iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nfnetlink ppp_async crc_ccitt ip_tables x_tables ppp_generic slhc dm_snapshot dm_mirror dm_mod ehci_hcd ohci_hcd r8169 usbcore evdev
Process ps (pid: 30124, threadinfo=9800000006070000, task=98000000076c5908)
Stack : ffffffff80079dcc ffffffff80079b6c 0000000000000010 0000000000000000
0000000000000001 9800000006073d68 9800000006073d60 0000000000000000
9800000007898080 000000007f955f18 98000000015b0000 000000000000000f
9800000007898080 0000000000000000 9800000000581908 9800000006073d68
9800000000000000 ffffffff8007a11c 0000000000000000 980000000111b4b8
98000000078980e0 98000000015b0000 9800000007898080 98000000015b0000
000000000000000f 0000000000000000 9800000000581908 9800000006073e88
0000000000001000 0000000000000000 0000000000000040 ffffffff800e0098
98000000015b0000 9800000000581908 fffffffffffffff4 980000000164d6c0
00000000000007ff 9800000006073e88 000000007fd4cce8 ffffffff800e25dc
...
Call Trace:
[<ffffffff8001c800>] kmap_coherent+0x10/0x118
[<ffffffff8001b390>] __flush_anon_page+0x70/0x90
[<ffffffff80079dcc>] get_user_pages+0x2dc/0x510
[<ffffffff8007a11c>] access_process_vm+0x11c/0x218
[<ffffffff800e0098>] proc_pid_cmdline+0xa8/0x170
[<ffffffff800e25dc>] proc_info_read+0x13c/0x180
[<ffffffff80091220>] vfs_read+0xc0/0x160
[<ffffffff800916cc>] sys_read+0x4c/0x90
[<ffffffff8001a1d4>] handle_sys+0x114/0x130
Code: 0002127a 00021000 30420001 <00028036> 8f820024 3c038048 24420001 af820024 dc62f100
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9
2007-10-04 12:49 kernel bug using 2.6.23-rc9 Giuseppe Sacco
@ 2007-10-05 12:25 ` Ralf Baechle
2007-10-05 15:57 ` David Daney
2007-10-06 7:08 ` Giuseppe Sacco
0 siblings, 2 replies; 5+ messages in thread
From: Ralf Baechle @ 2007-10-05 12:25 UTC (permalink / raw)
To: Giuseppe Sacco; +Cc: linux-mips
On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote:
> Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like
> this:
>
> Kernel bug detected[#9]:
> Cpu 0
> $ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18
> $ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff
> $ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60
> $12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000
> $16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18
> $20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60
> $24 : 0000000000478284 000000002ac30580
> $28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390
> Hi : 000000000000f2d3
> Lo : 00000000000050f1
> epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D
> ra : ffffffff8001b390 __flush_anon_page+0x70/0x90
Very interesting. Can you describe me your setup or maybe even come up
with a test case for this?
Ralf
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9
2007-10-05 12:25 ` Ralf Baechle
@ 2007-10-05 15:57 ` David Daney
2007-10-06 7:08 ` Giuseppe Sacco
1 sibling, 0 replies; 5+ messages in thread
From: David Daney @ 2007-10-05 15:57 UTC (permalink / raw)
To: Ralf Baechle; +Cc: Giuseppe Sacco, linux-mips
Ralf Baechle wrote:
> On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote:
>
>> Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like
>> this:
>>
>> Kernel bug detected[#9]:
>> Cpu 0
>> $ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18
>> $ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff
>> $ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60
>> $12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000
>> $16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18
>> $20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60
>> $24 : 0000000000478284 000000002ac30580
>> $28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390
>> Hi : 000000000000f2d3
>> Lo : 00000000000050f1
>> epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D
>> ra : ffffffff8001b390 __flush_anon_page+0x70/0x90
>
> Very interesting. Can you describe me your setup or maybe even come up
> with a test case for this?
>
Perhaps: 'cat /proc/self/cmdline'
As we were hacking O_DIRECT support into 2.6.15, I found what seems like
a very similar situation.
It seems that all users of get_user_pages() *except*
/proc/*/[cmdline|environ] call get_user_pages() with addresses aligned
on page boundaries. I am not sure if that is the problem here, but it
seems similar.
David Daney.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9
2007-10-05 12:25 ` Ralf Baechle
2007-10-05 15:57 ` David Daney
@ 2007-10-06 7:08 ` Giuseppe Sacco
2007-10-06 23:54 ` Ralf Baechle
1 sibling, 1 reply; 5+ messages in thread
From: Giuseppe Sacco @ 2007-10-06 7:08 UTC (permalink / raw)
To: linux-mips
On Fri, 5 Oct 2007 13:25:43 +0100 Ralf Baechle <ralf@linux-mips.org> wrote:
> On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote:
>
> > Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like
> > this:
[...]
> Very interesting. Can you describe me your setup or maybe even come up
> with a test case for this?
I may reproduce it without problems. The failing command is "ps aux". Once the command starts, the kernel log the bug and the command stay blocked: no shell prompt, no control-c working. Since the ps command does not work, I cannot check the prosess status :-)
This is a new log:
Code: 0002127a 00021000 30420001 <00028036> 8f820024 00052b3a 24420001 af820024 3c0236db
Kernel bug detected[#2]:
Cpu 0
$ 0 : 0000000000000000 ffffffff804a0000 0000000000000001 0000000000002f18
$ 4 : 980000000101cff8 000000007f94bf18 000000007f94bf18 6800000000000000
$ 8 : 0000000000000849 000000007f94bf18 980000000461bd68 980000000461bd60
$12 : 0000000000000010 ffffffff80000008 ffffffff800a3810 0000000000000000
$16 : 980000000101cff8 98000000035a3dd0 000000000000000e 000000007f94bf18
$20 : 98000000005d4048 9800000000506360 980000000461bd68 980000000461bd60
$24 : 0000000000000000 000000002abcc580
$28 : 9800000004618000 980000000461bcd0 0000000000000000 ffffffff8001da30
Hi : 00000000000018db
Lo : 0000000000000849
epc : ffffffff8001f1e0 kmap_coherent+0x10/0x128 Tainted: G D
ra : ffffffff8001da30 __flush_anon_page+0x90/0xc0
Status: 9001fce3 KX SX UX KERNEL EXL IE
Cause : 00000034
PrId : 00002321
Modules linked in: parport_pc lp parport ppp_deflate zlib_deflate bsd_comp ppp_async crc_ccitt ip_tables x_table
s ipv6 ppp_generic slhc dm_snapshot dm_mirror dm_mod ehci_hcd ohci_hcd r8169 usbcore sg evdev
Process pidof (pid: 26867, threadinfo=9800000004618000, task=9800000001ea4cc8)
Stack : ffffffff80089844 ffffffff80089424 0000000000000010 0000000000000000
0000000000000001 980000000461bd68 980000000461bd60 0000000000000000
9800000000506360 000000007f94bf18 9800000005dfb000 000000000000000f
9800000000506360 0000000000000000 98000000005d4048 980000000461bd68
9800000000000000 ffffffff80089a0c 0000000000000000 980000000101cff8
98000000005063c0 9800000005dfb000 9800000000506360 9800000005dfb000
000000000000000f 0000000000000000 98000000005d4048 980000000461be88
0000000000001000 000000007ff77c40 000000007ff77b40 ffffffff800f82f8
9800000005dfb000 98000000005d4048 fffffffffffffff4 98000000078516d8
0000000000000400 980000000461be88 000000002aac0000 ffffffff800faaec
...
Call Trace:
[<ffffffff8001f1e0>] kmap_coherent+0x10/0x128
[<ffffffff8001da30>] __flush_anon_page+0x90/0xc0
[<ffffffff80089844>] get_user_pages+0x49c/0x538
[<ffffffff80089a0c>] access_process_vm+0x12c/0x228
[<ffffffff800f82f8>] proc_pid_cmdline+0xa8/0x170
[<ffffffff800faaec>] proc_info_read+0x13c/0x180
[<ffffffff800a33b0>] vfs_read+0xf0/0x190
[<ffffffff800a385c>] sys_read+0x4c/0x90
[<ffffffff8001c674>] handle_sys+0x134/0x150
Code: 0002127a 00021000 30420001 <00028036> 8f820024 00052b3a 24420001 af820024 3c0236db
In order to collect more information, I tried "strace ps aux". The last lines printed are:
stat("/proc/313", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/313/stat", O_RDONLY) = 6
read(6, "313 (kjournald) S 2 0 0 0 -1 328"..., 1023) = 157
close(6) = 0
open("/proc/313/status", O_RDONLY) = 6
read(6, "Name:\tkjournald\nState:\tS (sleepi"..., 1023) = 489
close(6) = 0
open("/proc/313/cmdline", O_RDONLY) = 6
read(6, "", 2047) = 0
close(6) = 0
stat64(0x2aca5318, 0x7fd6e228) = 0
write(1, "root 313 0.0 0.0 0 "..., 77root 313 0.0 0.0 0 0 ? S< Oct05 0:15 [kjournald]
) = 77
stat("/proc/422", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/422/stat", O_RDONLY) = 6
read(6, "422 (udevd) D 1 422 422 0 -1 420"..., 1023) = 217
close(6) = 0
open("/proc/422/status", O_RDONLY) = 6
read(6, "Name:\tudevd\nState:\tD (disk sleep"..., 1023) = 677
close(6) = 0
open("/proc/422/cmdline", O_RDONLY) = 6
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9
2007-10-06 7:08 ` Giuseppe Sacco
@ 2007-10-06 23:54 ` Ralf Baechle
0 siblings, 0 replies; 5+ messages in thread
From: Ralf Baechle @ 2007-10-06 23:54 UTC (permalink / raw)
To: Giuseppe Sacco; +Cc: linux-mips
On Sat, Oct 06, 2007 at 09:08:09AM +0200, Giuseppe Sacco wrote:
> I may reproduce it without problems. The failing command is "ps aux". Once the command starts, the kernel log the bug and the command stay blocked: no shell prompt, no control-c working. Since the ps command does not work, I cannot check the prosess status :-)
ps does a few very specific things in the memory managment. So that's
probably already all the information I need to deal with this one,
thanks!
Ralf
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-10-06 23:55 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-10-04 12:49 kernel bug using 2.6.23-rc9 Giuseppe Sacco
2007-10-05 12:25 ` Ralf Baechle
2007-10-05 15:57 ` David Daney
2007-10-06 7:08 ` Giuseppe Sacco
2007-10-06 23:54 ` Ralf Baechle
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox