oops in mm/memory.c remap_page_range() in 2.2.20

oops in mm/memory.c remap_page_range() in 2.2.20

[Greg KH]

Running "cvs update" on a 2.2.20 kernel with 16Mb of real memory I got
the following oops:

Unable to handle kernel NULL pointer dereference at virtual address 00000002
current->tss.cr3 = 00f53000, %cr3 = 00f53000
*pde = 00000000
Oops: 0000
CPU:    0
EIP:    0010:[<c01194a0>]
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010296
eax: 00000002   ebx: c0fe4f50   ecx: 00000000   edx: c0229ff8
esi: 00000000   edi: c0fe4f50   ebp: 00000002   esp: c0805f04
ds: 0018   es: 0018   ss: 0018
Process cvs (pid: 21185, process nr: 44, stackpage=c0805000)
Stack: c0fe4f50 00000000 c0fe4fcc c011956f 00000002 00000000 c0804000 c0fe4f9c 
       c012247e c0fe4f50 00000000 00000000 c0fe4f50 00000243 c0ebd200 00000000 
       00000048 c0fe4f50 00000243 00000000 3c2367de 3c2367de 3c2367de 00000006 
Call Trace: [<c011956f>] [<c012247e>] [<c012aa62>] [<c0122ea4>] [<c01230ea>] [<c01079c4>] 
Code: 8b 4d 00 89 4c 24 10 8b 5d 04 8b 75 08 29 de 8b 55 2c 3b 54 

>>EIP; c01194a0 <remap_page_range+654/6f0>   <=====
Trace; c011956f <vmtruncate+33/558>
Trace; c012247e <__get_free_pages+1e3e/2820>
Trace; c012aa62 <open_namei+2be/2ec>
Trace; c0122ea4 <filp_open+44/f0>
Trace; c01230ea <get_unused_fd+19a/210>
Trace; c01079c4 <dump_thread+127c/22f0>
Code;  c01194a0 <remap_page_range+654/6f0>
00000000 <_EIP>:
Code;  c01194a0 <remap_page_range+654/6f0>   <=====
   0:   8b 4d 00                  mov    0x0(%ebp),%ecx   <=====
Code;  c01194a3 <remap_page_range+657/6f0>
   3:   89 4c 24 10               mov    %ecx,0x10(%esp,1)
Code;  c01194a7 <remap_page_range+65b/6f0>
   7:   8b 5d 04                  mov    0x4(%ebp),%ebx
Code;  c01194aa <remap_page_range+65e/6f0>
   a:   8b 75 08                  mov    0x8(%ebp),%esi
Code;  c01194ad <remap_page_range+661/6f0>
   d:   29 de                     sub    %ebx,%esi
Code;  c01194af <remap_page_range+663/6f0>
   f:   8b 55 2c                  mov    0x2c(%ebp),%edx
Code;  c01194b2 <remap_page_range+666/6f0>
  12:   3b 54 00 00               cmp    0x0(%eax,%eax,1),%edx

Any suggestions?

thanks,

greg k-h

Re: oops in mm/memory.c remap_page_range() in 2.2.20

[Greg KH]

On Fri, Dec 21, 2001 at 09:05:11AM -0800, Greg KH wrote:
> Running "cvs update" on a 2.2.20 kernel with 16Mb of real memory I got
> the following oops:

Sorry, had /boot/System.map pointing to the wrong place, this is the
correct symbols:

Warning (compare_maps): ksyms_base symbol module_list_R__ver_module_list not found in System.map.  Ignoring ksyms_base entry
Unable to handle kernel NULL pointer dereference at virtual address 00000002
current->tss.cr3 = 00f53000, %cr3 = 00f53000
*pde = 00000000
Oops: 0000
CPU:    0
EIP:    0010:[<c01194a0>]
Using defaults from ksymoops -t elf32-i386 -a i386
EFLAGS: 00010296
eax: 00000002   ebx: c0fe4f50   ecx: 00000000   edx: c0229ff8
esi: 00000000   edi: c0fe4f50   ebp: 00000002   esp: c0805f04
ds: 0018   es: 0018   ss: 0018
Process cvs (pid: 21185, process nr: 44, stackpage=c0805000)
Stack: c0fe4f50 00000000 c0fe4fcc c011956f 00000002 00000000 c0804000 c0fe4f9c 
       c012247e c0fe4f50 00000000 00000000 c0fe4f50 00000243 c0ebd200 00000000 
       00000048 c0fe4f50 00000243 00000000 3c2367de 3c2367de 3c2367de 00000006 
Call Trace: [<c011956f>] [<c012247e>] [<c012aa62>] [<c0122ea4>] [<c01230ea>] [<c01079c4>] 
Code: 8b 4d 00 89 4c 24 10 8b 5d 04 8b 75 08 29 de 8b 55 2c 3b 54 

>>EIP; c01194a0 <vmtruncate_list+c/a8>   <=====
Trace; c011956f <vmtruncate+33/3c>
Trace; c012247e <do_truncate+66/9c>
Trace; c012aa62 <open_namei+2be/2ec>
Trace; c0122ea4 <filp_open+44/f0>
Trace; c01230ea <sys_open+36/94>
Trace; c01079c4 <system_call+34/38>
Code;  c01194a0 <vmtruncate_list+c/a8>
00000000 <_EIP>:
Code;  c01194a0 <vmtruncate_list+c/a8>   <=====
   0:   8b 4d 00                  mov    0x0(%ebp),%ecx   <=====
Code;  c01194a3 <vmtruncate_list+f/a8>
   3:   89 4c 24 10               mov    %ecx,0x10(%esp,1)
Code;  c01194a7 <vmtruncate_list+13/a8>
   7:   8b 5d 04                  mov    0x4(%ebp),%ebx
Code;  c01194aa <vmtruncate_list+16/a8>
   a:   8b 75 08                  mov    0x8(%ebp),%esi
Code;  c01194ad <vmtruncate_list+19/a8>
   d:   29 de                     sub    %ebx,%esi
Code;  c01194af <vmtruncate_list+1b/a8>
   f:   8b 55 2c                  mov    0x2c(%ebp),%edx
Code;  c01194b2 <vmtruncate_list+1e/a8>
  12:   3b 54 00 00               cmp    0x0(%eax,%eax,1),%edx


greg k-h

Re: oops in mm/memory.c remap_page_range() in 2.2.20

[Rik van Riel]

On Fri, 21 Dec 2001, Greg KH wrote:
> On Fri, Dec 21, 2001 at 09:05:11AM -0800, Greg KH wrote:
> > Running "cvs update" on a 2.2.20 kernel with 16Mb of real memory I got
> > the following oops:
>
> Sorry, had /boot/System.map pointing to the wrong place, this is the
> correct symbols:

> >>EIP; c01194a0 <vmtruncate_list+c/a8>   <=====

OK, lets take a look at the code in memory.c, first at line 736:

static void vmtruncate_list(struct vm_area_struct *mpnt, unsigned long
offset)
{
        do {
                struct mm_struct *mm = mpnt->vm_mm;
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This is the line where the system oopses, so vmtruncate_list
is being called with mpnt==0x00000002

Time to take a step back and look in vmtruncate(), line 769:

        if (inode->i_mmap)
                vmtruncate_list(inode->i_mmap, offset);
        if (inode->i_mmap_shared)
                vmtruncate_list(inode->i_mmap_shared, offset);


This suggests that you have a single-bit error somewhere in RAM
and vmtruncate_list() simply should never have been called.

kind regards,

Rik
-- 
DMCA, SSSCA, W3C?  Who cares?  http://thefreeworld.net/

http://www.surriel.com/		http://distro.conectiva.com/