From: Peter Zijlstra <a.p.zijlstra@chello.nl>
To: Ingo Molnar <mingo@elte.hu>
Cc: Steven Rostedt <rostedt@goodmis.org>,
Jason Baron <jbaron@redhat.com>,
LKML <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Frederic Weisbecker <fweisbec@gmail.com>,
Thomas Gleixner <tglx@linutronix.de>,
"H. Peter Anvin" <hpa@zytor.com>,
Arnaldo Carvalho de Melo <acme@redhat.com>,
masami.hiramatsu.pt@hitachi.com
Subject: Re: [PATCH][GIT PULL] tracing: Fix compile issue for trace_sched_wakeup.c
Date: Mon, 25 Oct 2010 14:18:23 +0200 [thread overview]
Message-ID: <1288009103.15336.58.camel@twins> (raw)
In-Reply-To: <20101025121059.GA3063@elte.hu>
On Mon, 2010-10-25 at 14:10 +0200, Ingo Molnar wrote:
> * Ingo Molnar <mingo@elte.hu> wrote:
>
> > and here's a new crash with a new config:
> >
> > [ 11.810471] Testing event timer_expire_exit: OK
> > [ 11.850475] Testing event timer_cancel: OK
> > [ 11.890508] Testing event hrtimer_init: OK
> > [ 11.930469] Testing event hrtimer_start: OK
> > [ 11.970475] Testing event hrtimer_expire_entry:
> > [ 11.980002] BUG: unable to handle kernel NULL pointer dereference at (null)
> > [ 11.980010] IP: [<(null)>] (null)
> > [ 11.980010] *pde = 00000000
> > [ 11.980010] Oops: 0000 [#1] SMP
> > [ 11.980010] last sysfs file:
> > [ 11.980010] Modules linked in:
> > [ 11.980010]
> > [ 11.980010] Pid: 0, comm: swapper Not tainted 2.6.36-tip-05833-g9db2fad-dirty #52316 A8N-E/System Product Name
> > [ 11.980010] EIP: 0060:[<00000000>] EFLAGS: 00010046 CPU: 0
> > [ 11.980010] EIP is at 0x0
> > [ 11.980010] EAX: f6806a94 EBX: f6806a94 ECX: 00010000 EDX: 00000096
> > [ 11.980010] ESI: f65bdf50 EDI: f6806a00 EBP: f6806a30 ESP: c13dff04
> > [ 11.980010] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> > [ 11.980010] Process swapper (pid: 0, ti=c13de000 task=c13e2f20 task.ti=c13de000)
> > [ 11.980010] Stack:
> > [ 11.980010] c103d297 00000000 c10460c1 c13dff4c ca105369 00000002 ffffffff 7fffffff
> > [ 11.980010] c103d52b ca105369 00000002 ca105369 0000002c f6806a00 00000000 f6806a04
> > [ 11.980010] ca105369 00000002 ca105369 00000002 00000000 f6805dac 00000000 c1420788
> > [ 11.980010] Call Trace:
> > [ 11.980010] [<c103d297>] ? __run_hrtimer+0x91/0x105
> > [ 11.980010] [<c10460c1>] ? tick_sched_timer+0x0/0x1a1
> > [ 11.980010] [<c103d52b>] ? hrtimer_interrupt+0x108/0x20a
> > [ 11.980010] [<c1012294>] ? smp_apic_timer_interrupt+0x66/0x75
> > [ 11.980010] [<c12c202a>] ? apic_timer_interrupt+0x36/0x3c
> > [ 11.980010] [<c10163f0>] ? native_safe_halt+0x2/0x3
> > [ 11.980010] [<c10072c6>] ? default_idle+0x66/0x91
> > [ 11.980010] [<c10020f6>] ? cpu_idle+0x98/0xda
> > [ 11.980010] [<c142280a>] ? start_kernel+0x2f7/0x2fc
> > [ 11.980010] Code: Bad EIP value.
> > [ 11.980010] EIP: [<00000000>] 0x0 SS:ESP 0068:c13dff04
> > [ 11.980010] CR2: 0000000000000000
> > [ 11.980010] ---[ end trace 74b10a949febd52e ]---
> Here's the disassembly of the crash site:
>
> c103d282: 89 da mov %ebx,%edx
> c103d284: 8b 4c 24 04 mov 0x4(%esp),%ecx
> c103d288: ff 16 call *(%esi)
> c103d28a: 83 c6 08 add $0x8,%esi
> c103d28d: 83 3e 00 cmpl $0x0,(%esi)
> c103d290: eb eb jmp c103d27d <__run_hrtimer+0x77>
> c103d292: 89 d8 mov %ebx,%eax
> c103d294: ff 14 24 call *(%esp)
> c103d297: 89 04 24 mov %eax,(%esp)
> c103d29a: e9 00 00 00 00 jmp c103d29f <__run_hrtimer+0x99>
> c103d29f: eb 19 jmp c103d2ba <__run_hrtimer+0xb4>
> c103d2a1: 8b 35 50 f1 40 c1 mov 0xc140f150,%esi
> c103d2a7: 85 f6 test %esi,%esi
> c103d2a9: 74 0f je c103d2ba <__run_hrtimer+0xb4>
> c103d2ab: 8b 46 04 mov 0x4(%esi),%eax
> c103d2ae: 89 da mov %ebx,%edx
> c103d2b0: ff 16 call *(%esi)
> c103d2b2: 83 c6 08 add $0x8,%esi
> c103d2b5: 83 3e 00 cmpl $0x0,(%esi)
> c103d2b8: eb ef jmp c103d2a9 <__run_hrtimer+0xa3>
> c103d2ba: 89 f8 mov %edi,%eax
> c103d2bc: e8 ea 43 28 00 call c12c16ab <_raw_spin_lock>
> c103d2c1: 83 3c 24 00 cmpl $0x0,(%esp)
>
> (gdb) list *0xc103d297
> 0xc103d297 is in __run_hrtimer (kernel/hrtimer.c:1227).
> 1222 * they get migrated to another cpu, therefore its safe to unlock
> 1223 * the timer base.
> 1224 */
> 1225 raw_spin_unlock(&cpu_base->lock);
> 1226 trace_hrtimer_expire_entry(timer, now);
> 1227 restart = fn(timer);
> 1228 trace_hrtimer_expire_exit(timer);
> 1229 raw_spin_lock(&cpu_base->lock);
> 1230
> 1231 /*
>
> i.e. the 'fn(timer)' call crashed.
Right, and its doing an indirect function call from the first stack
entry.. which would seem to suggest someone scribbled our stack..
next prev parent reply other threads:[~2010-10-25 12:18 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-19 17:11 [PATCH][GIT PULL] tracing: Fix compile issue for trace_sched_wakeup.c Steven Rostedt
2010-10-19 18:41 ` Ingo Molnar
2010-10-20 15:40 ` Ingo Molnar
2010-10-20 16:37 ` Steven Rostedt
2010-10-20 18:40 ` Ingo Molnar
2010-10-20 16:43 ` Jason Baron
2010-10-20 18:33 ` Ingo Molnar
2010-10-21 11:09 ` Ingo Molnar
2010-10-22 17:58 ` Jason Baron
2010-10-22 18:24 ` Ingo Molnar
2010-10-22 18:39 ` Jason Baron
2010-10-23 20:02 ` Ingo Molnar
2010-10-24 0:53 ` Steven Rostedt
2010-10-24 11:25 ` Ingo Molnar
2010-10-25 8:59 ` Ingo Molnar
2010-10-25 9:30 ` Ingo Molnar
2010-10-25 11:45 ` Ingo Molnar
2010-10-25 12:10 ` Ingo Molnar
2010-10-25 12:18 ` Peter Zijlstra [this message]
2010-10-25 12:32 ` Ingo Molnar
2010-10-25 15:47 ` Peter Zijlstra
2010-10-25 16:07 ` Peter Zijlstra
2010-10-25 17:25 ` Ingo Molnar
2010-10-25 17:32 ` Ingo Molnar
2010-10-25 17:45 ` Peter Zijlstra
2010-10-25 17:52 ` Jason Baron
2010-10-30 10:42 ` [tip:perf/urgent] jump label: Add work around to i386 gcc asm goto bug tip-bot for Steven Rostedt
2010-10-25 15:55 ` [PATCH][GIT PULL] tracing: Fix compile issue for trace_sched_wakeup.c Jason Baron
2010-10-25 16:09 ` Peter Zijlstra
2010-10-22 21:42 ` Jason Baron
2010-10-23 4:41 ` Steven Rostedt
2010-10-21 2:58 ` Masami Hiramatsu
2010-10-21 7:22 ` Peter Zijlstra
2010-10-21 11:01 ` Steven Rostedt
2010-10-21 11:03 ` Peter Zijlstra
2010-10-21 12:45 ` Steven Rostedt
2010-10-21 13:50 ` Jason Baron
2010-10-22 4:56 ` Masami Hiramatsu
2010-10-21 14:00 ` Jason Baron
2010-10-21 11:14 ` Steven Rostedt
2010-10-21 11:26 ` Ingo Molnar
2010-10-21 13:55 ` Jason Baron
2010-10-21 14:43 ` Ingo Molnar
2010-10-22 1:44 ` Jason Baron
2010-10-22 8:14 ` Peter Zijlstra
2010-10-22 14:13 ` Jason Baron
2010-10-22 14:23 ` Peter Zijlstra
2010-10-22 14:36 ` Steven Rostedt
2010-10-22 14:36 ` Jason Baron
2010-10-22 8:16 ` Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1288009103.15336.58.camel@twins \
--to=a.p.zijlstra@chello.nl \
--cc=acme@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=fweisbec@gmail.com \
--cc=hpa@zytor.com \
--cc=jbaron@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=masami.hiramatsu.pt@hitachi.com \
--cc=mingo@elte.hu \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox