From: Richard Weinberger <richard@nod.at>
To: Michal Hocko <mhocko@suse.cz>
Cc: LKML <linux-kernel@vger.kernel.org>,
"linux-mm@kvack.org" <linux-mm@kvack.org>,
cgroups mailinglist <cgroups@vger.kernel.org>,
"kamezawa.hiroyu@jp.fujitsu.com" <kamezawa.hiroyu@jp.fujitsu.com>,
bsingharora@gmail.com, hannes@cmpxchg.org
Subject: Re: mem_cgroup_page_lruvec: BUG: unable to handle kernel NULL pointer dereference at 00000000000001a8
Date: Thu, 13 Jun 2013 14:06:20 +0200 [thread overview]
Message-ID: <51B9B5BC.4090702@nod.at> (raw)
In-Reply-To: <20130613120248.GB23070@dhcp22.suse.cz>
Am 13.06.2013 14:02, schrieb Michal Hocko:
> On Thu 13-06-13 13:48:27, richard -rw- weinberger wrote:
>> Hi!
>>
>> While playing with user namespaces my kernel crashed under heavy load.
>> Kernel is 3.9.0 plus some trivial patches.
>
> Could you post disassembly for mem_cgroup_page_lruvec?
Sure!
00000000000035e0 <mem_cgroup_page_lruvec>:
35e0: 55 push %rbp
35e1: 48 8d 86 c8 03 00 00 lea 0x3c8(%rsi),%rax
35e8: 48 89 e5 mov %rsp,%rbp
35eb: 48 83 ec 10 sub $0x10,%rsp
35ef: 48 89 5d f0 mov %rbx,-0x10(%rbp)
35f3: 48 89 f3 mov %rsi,%rbx
35f6: 8b 35 00 00 00 00 mov 0x0(%rip),%esi # 35fc <mem_cgroup_page_lruvec+0x1c>
35fc: 4c 89 65 f8 mov %r12,-0x8(%rbp)
3600: 85 f6 test %esi,%esi
3602: 75 55 jne 3659 <mem_cgroup_page_lruvec+0x79>
3604: 49 89 fc mov %rdi,%r12
3607: e8 00 00 00 00 callq 360c <mem_cgroup_page_lruvec+0x2c>
360c: 49 8b 14 24 mov (%r12),%rdx
3610: 48 8b 48 08 mov 0x8(%rax),%rcx
3614: 83 e2 20 and $0x20,%edx
3617: 75 1f jne 3638 <mem_cgroup_page_lruvec+0x58>
3619: 48 8b 10 mov (%rax),%rdx
361c: 83 e2 02 and $0x2,%edx
361f: 75 17 jne 3638 <mem_cgroup_page_lruvec+0x58>
3621: 48 8b 15 00 00 00 00 mov 0x0(%rip),%rdx # 3628 <mem_cgroup_page_lruvec+0x48>
3628: 48 39 d1 cmp %rdx,%rcx
362b: 74 0b je 3638 <mem_cgroup_page_lruvec+0x58>
362d: 48 89 50 08 mov %rdx,0x8(%rax)
3631: 48 89 d1 mov %rdx,%rcx
3634: 0f 1f 40 00 nopl 0x0(%rax)
3638: 49 8b 04 24 mov (%r12),%rax
363c: 48 89 c2 mov %rax,%rdx
363f: 48 c1 e8 38 shr $0x38,%rax
3643: 83 e0 03 and $0x3,%eax
3646: 48 c1 ea 3a shr $0x3a,%rdx
364a: 48 69 c0 38 01 00 00 imul $0x138,%rax,%rax
3651: 48 03 84 d1 e0 02 00 add 0x2e0(%rcx,%rdx,8),%rax
3658: 00
3659: 48 3b 58 70 cmp 0x70(%rax),%rbx
365d: 75 0a jne 3669 <mem_cgroup_page_lruvec+0x89>
365f: 48 8b 5d f0 mov -0x10(%rbp),%rbx
3663: 4c 8b 65 f8 mov -0x8(%rbp),%r12
3667: c9 leaveq
3668: c3 retq
3669: 48 89 58 70 mov %rbx,0x70(%rax)
366d: eb f0 jmp 365f <mem_cgroup_page_lruvec+0x7f>
366f: 90 nop
FWIW the ./scripts/decodecode output:
All code
========
0: 89 50 08 mov %edx,0x8(%rax)
3: 48 89 d1 mov %rdx,%rcx
6: 0f 1f 40 00 nopl 0x0(%rax)
a: 49 8b 04 24 mov (%r12),%rax
e: 48 89 c2 mov %rax,%rdx
11: 48 c1 e8 38 shr $0x38,%rax
15: 83 e0 03 and $0x3,%eax
18: 48 c1 ea 3a shr $0x3a,%rdx
1c: 48 69 c0 38 01 00 00 imul $0x138,%rax,%rax
23: 48 03 84 d1 e0 02 00 add 0x2e0(%rcx,%rdx,8),%rax
2a: 00
2b:* 48 3b 58 70 cmp 0x70(%rax),%rbx <-- trapping instruction
2f: 75 0a jne 0x3b
31: 48 8b 5d f0 mov -0x10(%rbp),%rbx
35: 4c 8b 65 f8 mov -0x8(%rbp),%r12
39: c9 leaveq
3a: c3 retq
3b: 48 89 58 70 mov %rbx,0x70(%rax)
3f: eb .byte 0xeb
Code starting with the faulting instruction
===========================================
0: 48 3b 58 70 cmp 0x70(%rax),%rbx
4: 75 0a jne 0x10
6: 48 8b 5d f0 mov -0x10(%rbp),%rbx
a: 4c 8b 65 f8 mov -0x8(%rbp),%r12
e: c9 leaveq
f: c3 retq
10: 48 89 58 70 mov %rbx,0x70(%rax)
14: eb .byte 0xeb
Thanks,
//richard
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2013-06-13 12:06 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-13 11:48 mem_cgroup_page_lruvec: BUG: unable to handle kernel NULL pointer dereference at 00000000000001a8 richard -rw- weinberger
2013-06-13 12:02 ` Michal Hocko
2013-06-13 12:06 ` Richard Weinberger [this message]
2013-06-13 13:29 ` Michal Hocko
2013-06-13 13:32 ` Michal Hocko
2013-06-13 13:34 ` Richard Weinberger
2013-06-13 14:39 ` Michal Hocko
2013-06-13 14:45 ` Richard Weinberger
2013-06-13 14:57 ` Richard Weinberger
2013-06-13 15:19 ` Michal Hocko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51B9B5BC.4090702@nod.at \
--to=richard@nod.at \
--cc=bsingharora@gmail.com \
--cc=cgroups@vger.kernel.org \
--cc=hannes@cmpxchg.org \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).