* kernel bug using 2.6.23-rc9
@ 2007-10-04 12:49 Giuseppe Sacco
2007-10-05 12:25 ` Ralf Baechle
0 siblings, 1 reply; 5+ messages in thread
From: Giuseppe Sacco @ 2007-10-04 12:49 UTC (permalink / raw)
To: linux-mips
Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like
this:
Kernel bug detected[#9]:
Cpu 0
$ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18
$ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff
$ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60
$12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000
$16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18
$20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60
$24 : 0000000000478284 000000002ac30580
$28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390
Hi : 000000000000f2d3
Lo : 00000000000050f1
epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D
ra : ffffffff8001b390 __flush_anon_page+0x70/0x90
Status: 9001fce3 KX SX UX KERNEL EXL IE
Cause : 00000034
PrId : 00002321
Modules linked in: ppp_deflate zlib_deflate bsd_comp iptable_filter ipt_MASQUERADE xt_tcpudp iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nfnetlink ppp_async crc_ccitt ip_tables x_tables ppp_generic slhc dm_snapshot dm_mirror dm_mod ehci_hcd ohci_hcd r8169 usbcore evdev
Process ps (pid: 30124, threadinfo=9800000006070000, task=98000000076c5908)
Stack : ffffffff80079dcc ffffffff80079b6c 0000000000000010 0000000000000000
0000000000000001 9800000006073d68 9800000006073d60 0000000000000000
9800000007898080 000000007f955f18 98000000015b0000 000000000000000f
9800000007898080 0000000000000000 9800000000581908 9800000006073d68
9800000000000000 ffffffff8007a11c 0000000000000000 980000000111b4b8
98000000078980e0 98000000015b0000 9800000007898080 98000000015b0000
000000000000000f 0000000000000000 9800000000581908 9800000006073e88
0000000000001000 0000000000000000 0000000000000040 ffffffff800e0098
98000000015b0000 9800000000581908 fffffffffffffff4 980000000164d6c0
00000000000007ff 9800000006073e88 000000007fd4cce8 ffffffff800e25dc
...
Call Trace:
[<ffffffff8001c800>] kmap_coherent+0x10/0x118
[<ffffffff8001b390>] __flush_anon_page+0x70/0x90
[<ffffffff80079dcc>] get_user_pages+0x2dc/0x510
[<ffffffff8007a11c>] access_process_vm+0x11c/0x218
[<ffffffff800e0098>] proc_pid_cmdline+0xa8/0x170
[<ffffffff800e25dc>] proc_info_read+0x13c/0x180
[<ffffffff80091220>] vfs_read+0xc0/0x160
[<ffffffff800916cc>] sys_read+0x4c/0x90
[<ffffffff8001a1d4>] handle_sys+0x114/0x130
Code: 0002127a 00021000 30420001 <00028036> 8f820024 3c038048 24420001 af820024 dc62f100
^ permalink raw reply [flat|nested] 5+ messages in thread* Re: kernel bug using 2.6.23-rc9 2007-10-04 12:49 kernel bug using 2.6.23-rc9 Giuseppe Sacco @ 2007-10-05 12:25 ` Ralf Baechle 2007-10-05 15:57 ` David Daney 2007-10-06 7:08 ` Giuseppe Sacco 0 siblings, 2 replies; 5+ messages in thread From: Ralf Baechle @ 2007-10-05 12:25 UTC (permalink / raw) To: Giuseppe Sacco; +Cc: linux-mips On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote: > Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like > this: > > Kernel bug detected[#9]: > Cpu 0 > $ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18 > $ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff > $ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60 > $12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000 > $16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18 > $20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60 > $24 : 0000000000478284 000000002ac30580 > $28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390 > Hi : 000000000000f2d3 > Lo : 00000000000050f1 > epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D > ra : ffffffff8001b390 __flush_anon_page+0x70/0x90 Very interesting. Can you describe me your setup or maybe even come up with a test case for this? Ralf ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9 2007-10-05 12:25 ` Ralf Baechle @ 2007-10-05 15:57 ` David Daney 2007-10-06 7:08 ` Giuseppe Sacco 1 sibling, 0 replies; 5+ messages in thread From: David Daney @ 2007-10-05 15:57 UTC (permalink / raw) To: Ralf Baechle; +Cc: Giuseppe Sacco, linux-mips Ralf Baechle wrote: > On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote: > >> Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like >> this: >> >> Kernel bug detected[#9]: >> Cpu 0 >> $ 0 : 0000000000000000 ffffffff9001fce0 0000000000000001 0000000000000f18 >> $ 4 : 980000000111b4b8 000000007f955f18 ffffffff80400000 0000000000003fff >> $ 8 : 00000000000050f1 000000007f955f18 9800000006073d68 9800000006073d60 >> $12 : 0000000000000010 ffffffff80000008 ffffffff80091680 0000000000000000 >> $16 : 980000000111b4b8 980000000768ddd0 000000000000000e 000000007f955f18 >> $20 : 9800000000581908 9800000007898080 9800000006073d68 9800000006073d60 >> $24 : 0000000000478284 000000002ac30580 >> $28 : 9800000006070000 9800000006073cd0 0000000000000000 ffffffff8001b390 >> Hi : 000000000000f2d3 >> Lo : 00000000000050f1 >> epc : ffffffff8001c800 kmap_coherent+0x10/0x118 Tainted: G D >> ra : ffffffff8001b390 __flush_anon_page+0x70/0x90 > > Very interesting. Can you describe me your setup or maybe even come up > with a test case for this? > Perhaps: 'cat /proc/self/cmdline' As we were hacking O_DIRECT support into 2.6.15, I found what seems like a very similar situation. It seems that all users of get_user_pages() *except* /proc/*/[cmdline|environ] call get_user_pages() with addresses aligned on page boundaries. I am not sure if that is the problem here, but it seems similar. David Daney. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9 2007-10-05 12:25 ` Ralf Baechle 2007-10-05 15:57 ` David Daney @ 2007-10-06 7:08 ` Giuseppe Sacco 2007-10-06 23:54 ` Ralf Baechle 1 sibling, 1 reply; 5+ messages in thread From: Giuseppe Sacco @ 2007-10-06 7:08 UTC (permalink / raw) To: linux-mips On Fri, 5 Oct 2007 13:25:43 +0100 Ralf Baechle <ralf@linux-mips.org> wrote: > On Thu, Oct 04, 2007 at 02:49:13PM +0200, Giuseppe Sacco wrote: > > > Hi, while testing the latest kernel on SGI O2 I got may kernel bugs like > > this: [...] > Very interesting. Can you describe me your setup or maybe even come up > with a test case for this? I may reproduce it without problems. The failing command is "ps aux". Once the command starts, the kernel log the bug and the command stay blocked: no shell prompt, no control-c working. Since the ps command does not work, I cannot check the prosess status :-) This is a new log: Code: 0002127a 00021000 30420001 <00028036> 8f820024 00052b3a 24420001 af820024 3c0236db Kernel bug detected[#2]: Cpu 0 $ 0 : 0000000000000000 ffffffff804a0000 0000000000000001 0000000000002f18 $ 4 : 980000000101cff8 000000007f94bf18 000000007f94bf18 6800000000000000 $ 8 : 0000000000000849 000000007f94bf18 980000000461bd68 980000000461bd60 $12 : 0000000000000010 ffffffff80000008 ffffffff800a3810 0000000000000000 $16 : 980000000101cff8 98000000035a3dd0 000000000000000e 000000007f94bf18 $20 : 98000000005d4048 9800000000506360 980000000461bd68 980000000461bd60 $24 : 0000000000000000 000000002abcc580 $28 : 9800000004618000 980000000461bcd0 0000000000000000 ffffffff8001da30 Hi : 00000000000018db Lo : 0000000000000849 epc : ffffffff8001f1e0 kmap_coherent+0x10/0x128 Tainted: G D ra : ffffffff8001da30 __flush_anon_page+0x90/0xc0 Status: 9001fce3 KX SX UX KERNEL EXL IE Cause : 00000034 PrId : 00002321 Modules linked in: parport_pc lp parport ppp_deflate zlib_deflate bsd_comp ppp_async crc_ccitt ip_tables x_table s ipv6 ppp_generic slhc dm_snapshot dm_mirror dm_mod ehci_hcd ohci_hcd r8169 usbcore sg evdev Process pidof (pid: 26867, threadinfo=9800000004618000, task=9800000001ea4cc8) Stack : ffffffff80089844 ffffffff80089424 0000000000000010 0000000000000000 0000000000000001 980000000461bd68 980000000461bd60 0000000000000000 9800000000506360 000000007f94bf18 9800000005dfb000 000000000000000f 9800000000506360 0000000000000000 98000000005d4048 980000000461bd68 9800000000000000 ffffffff80089a0c 0000000000000000 980000000101cff8 98000000005063c0 9800000005dfb000 9800000000506360 9800000005dfb000 000000000000000f 0000000000000000 98000000005d4048 980000000461be88 0000000000001000 000000007ff77c40 000000007ff77b40 ffffffff800f82f8 9800000005dfb000 98000000005d4048 fffffffffffffff4 98000000078516d8 0000000000000400 980000000461be88 000000002aac0000 ffffffff800faaec ... Call Trace: [<ffffffff8001f1e0>] kmap_coherent+0x10/0x128 [<ffffffff8001da30>] __flush_anon_page+0x90/0xc0 [<ffffffff80089844>] get_user_pages+0x49c/0x538 [<ffffffff80089a0c>] access_process_vm+0x12c/0x228 [<ffffffff800f82f8>] proc_pid_cmdline+0xa8/0x170 [<ffffffff800faaec>] proc_info_read+0x13c/0x180 [<ffffffff800a33b0>] vfs_read+0xf0/0x190 [<ffffffff800a385c>] sys_read+0x4c/0x90 [<ffffffff8001c674>] handle_sys+0x134/0x150 Code: 0002127a 00021000 30420001 <00028036> 8f820024 00052b3a 24420001 af820024 3c0236db In order to collect more information, I tried "strace ps aux". The last lines printed are: stat("/proc/313", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 open("/proc/313/stat", O_RDONLY) = 6 read(6, "313 (kjournald) S 2 0 0 0 -1 328"..., 1023) = 157 close(6) = 0 open("/proc/313/status", O_RDONLY) = 6 read(6, "Name:\tkjournald\nState:\tS (sleepi"..., 1023) = 489 close(6) = 0 open("/proc/313/cmdline", O_RDONLY) = 6 read(6, "", 2047) = 0 close(6) = 0 stat64(0x2aca5318, 0x7fd6e228) = 0 write(1, "root 313 0.0 0.0 0 "..., 77root 313 0.0 0.0 0 0 ? S< Oct05 0:15 [kjournald] ) = 77 stat("/proc/422", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0 open("/proc/422/stat", O_RDONLY) = 6 read(6, "422 (udevd) D 1 422 422 0 -1 420"..., 1023) = 217 close(6) = 0 open("/proc/422/status", O_RDONLY) = 6 read(6, "Name:\tudevd\nState:\tD (disk sleep"..., 1023) = 677 close(6) = 0 open("/proc/422/cmdline", O_RDONLY) = 6 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: kernel bug using 2.6.23-rc9 2007-10-06 7:08 ` Giuseppe Sacco @ 2007-10-06 23:54 ` Ralf Baechle 0 siblings, 0 replies; 5+ messages in thread From: Ralf Baechle @ 2007-10-06 23:54 UTC (permalink / raw) To: Giuseppe Sacco; +Cc: linux-mips On Sat, Oct 06, 2007 at 09:08:09AM +0200, Giuseppe Sacco wrote: > I may reproduce it without problems. The failing command is "ps aux". Once the command starts, the kernel log the bug and the command stay blocked: no shell prompt, no control-c working. Since the ps command does not work, I cannot check the prosess status :-) ps does a few very specific things in the memory managment. So that's probably already all the information I need to deal with this one, thanks! Ralf ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2007-10-06 23:55 UTC | newest] Thread overview: 5+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2007-10-04 12:49 kernel bug using 2.6.23-rc9 Giuseppe Sacco 2007-10-05 12:25 ` Ralf Baechle 2007-10-05 15:57 ` David Daney 2007-10-06 7:08 ` Giuseppe Sacco 2007-10-06 23:54 ` Ralf Baechle
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox