Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Ingo Molnar <mingo@elte.hu>
To: linux-kernel@vger.kernel.org
Cc: Linus Torvalds <torvalds@osdl.org>,
	stsp@aknet.ru, Andrew Morton <akpm@osdl.org>
Subject: Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC
Date: Tue, 5 Apr 2005 09:05:56 +0200	[thread overview]
Message-ID: <20050405070556.GA22562@elte.hu> (raw)
In-Reply-To: <20050405065544.GA21360@elte.hu>


* Ingo Molnar <mingo@elte.hu> wrote:

> it could be the ESP-16-bit-corruption patch causing this, or it could 
> be an already existing latent bug getting triggered now: normally only 
> iret accesses the OLDSS, and we fix any iret faults up, but now that 
> we explicitly access %esp the esp bug shows up.

update: it's a latent condition being exposed by the ESP-corruption-fix 
patch. I reverted the ESP patch from 2.6.12-rc2, and applied the patch 
below, and it produces the same sort of crashes (attached further 
below).

	Ingo

--- linux/arch/i386/kernel/entry.S.orig
+++ linux/arch/i386/kernel/entry.S
@@ -123,6 +123,7 @@ VM_MASK		= 0x00020000
 
 
 #define RESTORE_ALL	\
+	movl OLDSS(%esp), %eax; \
 	RESTORE_REGS	\
 	addl $4, %esp;	\
 1:	iret;		\

------------->
Freeing unused kernel memory: 188k freed
Unable to handle kernel paging request at virtual address f5bda000
 printing eip:
c0102874
*pde = 00517067
*pte = 35bda000
Oops: 0000 [#1]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000000   ecx: 00000000   edx: 00000001
esi: 00000000   edi: 009c0ffc   ebp: f5bd8000   esp: f5bd9fc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1124, threadinfo=f5bd8000 task=f5999b10)
Stack: 00000000 00000003 00000000 00000000 009c0ffc bf96dd58 000000dd 0000007b 
       0000007b ffffff00 c01027ba 00000060 00000246 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6 
 <1>Unable to handle kernel paging request at virtual address f50a8000
 printing eip:
c0102874
*pde = 00515067
*pte = 350a8000
Oops: 0000 [#2]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000003   ecx: 00000000   edx: 00000001
esi: 00000008   edi: 009c0ffc   ebp: f50a6000   esp: f50a7fc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1181, threadinfo=f50a6000 task=f55f9b10)
Stack: 00000003 bff9500c bff94f7c 00000008 009c0ffc bff94f60 000000ae 0000007b 
       0000007b ffffff00 c01027ba 00000060 00000286 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6 
 <1>Unable to handle kernel paging request at virtual address f553e000
 printing eip:
c0102874
*pde = 00516067
*pte = 3553e000
Oops: 0000 [#3]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000000   ecx: 00000000   edx: 00000001
esi: 00000008   edi: 009c0ffc   ebp: f553c000   esp: f553dfc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1113, threadinfo=f553c000 task=f5a75b10)
Stack: 00000000 00000000 080e1f3c 00000008 009c0ffc bf856de0 000000af 0000007b 
       0000007b ffffffef c01027ba 00000060 00000246 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6

next prev parent reply	other threads:[~2005-04-05  7:14 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-04-05  6:55 crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC Ingo Molnar
2005-04-05  7:03 ` Andrew Morton
2005-04-05  7:07   ` Ingo Molnar
2005-04-05  7:16   ` Ingo Molnar
2005-04-05  7:29     ` Ingo Molnar
2005-04-05  7:40       ` Ingo Molnar
2005-04-05  9:51         ` Mikael Pettersson
2005-04-05 18:09           ` Ingo Molnar
2005-04-05  7:05 ` Ingo Molnar [this message]
2005-04-05 19:11 ` Stas Sergeev
2005-04-05 19:19   ` Linus Torvalds
2005-04-05 19:41     ` Stas Sergeev
2005-04-05 19:53       ` Linus Torvalds
2005-04-05 20:44         ` Ingo Molnar
2005-04-05 21:04           ` Linus Torvalds
2005-04-06 15:44         ` Stas Sergeev
2005-04-07  8:00           ` Ingo Molnar
2005-04-07 11:10             ` Andrew Morton
2005-04-07 14:47               ` Linus Torvalds
2005-04-07 14:51                 ` Ingo Molnar
2005-04-07 16:47                 ` Dave Jones
2005-04-07 17:17                   ` Richard B. Johnson
2005-04-07 17:23                   ` Linus Torvalds
2005-04-07 16:11             ` Stas Sergeev
2005-04-07 16:35               ` Linus Torvalds
2005-04-07 16:46                 ` Stas Sergeev
2005-04-07 16:55                   ` Linus Torvalds
2005-04-07 18:10                     ` Stas Sergeev
2005-04-10 13:20                     ` Stas Sergeev
2005-04-10 22:32                       ` Andrew Morton
2005-04-11 17:15                         ` Stas Sergeev

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20050405070556.GA22562@elte.hu \
    --to=mingo@elte.hu \
    --cc=akpm@osdl.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stsp@aknet.ru \
    --cc=torvalds@osdl.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox