From: Andrew Morton <akpm@osdl.org>
To: "Michal Piotrowski" <michal.k.k.piotrowski@gmail.com>
Cc: linux-kernel@vger.kernel.org
Subject: Re: 2.6.17-mm2
Date: Sun, 25 Jun 2006 04:40:13 -0700 [thread overview]
Message-ID: <20060625044013.09190fff.akpm@osdl.org> (raw)
In-Reply-To: <6bffcb0e0606250419p5e1fca1en5975f3d7a3c12ecd@mail.gmail.com>
On Sun, 25 Jun 2006 13:19:25 +0200
"Michal Piotrowski" <michal.k.k.piotrowski@gmail.com> wrote:
> On 24/06/06, Andrew Morton <akpm@osdl.org> wrote:
> >
> > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.17/2.6.17-mm2/
> >
>
> I found this in /var/log/messages.1
>
> Jun 24 22:29:52 ltg01-fedora kernel: BUG: unable to handle kernel
> paging request at virtual address 6b6b6b7b
> Jun 24 22:29:52 ltg01-fedora kernel: printing eip:
> Jun 24 22:29:52 ltg01-fedora kernel: c01174f2
> Jun 24 22:29:52 ltg01-fedora kernel: *pde = 00000000
> Jun 24 22:29:52 ltg01-fedora kernel: Oops: 0000 [#1]
> Jun 24 22:29:52 ltg01-fedora kernel: 4K_STACKS PREEMPT SMP
> Jun 24 22:29:52 ltg01-fedora kernel: last sysfs file:
> /devices/platform/i2c-9191/9191-0290/temp2_input
> Jun 24 22:29:52 ltg01-fedora kernel: Modules linked in: ipv6 w83627hf
> hwmon_vid hwmon i2c_isa af_packet ip_conntrack_netbios
> _ns ipt_REJECT xt_state ip_conntrack nfnetlink xt_tcpudp
> iptable_filter ip_tables x_tables p4_clockmod speedstep_lib binfmt_
> misc thermal processor fan container parport_pc parport nvram
> snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_seq_dummy snd_seq
> _oss snd_seq_midi_event evdev snd_seq snd_seq_device snd_pcm_oss
> snd_mixer_oss snd_pcm snd_timer snd soundcore ide_cd snd_pa
> ge_alloc intel_agp i2c_i801 sk98lin skge agpgart cdrom rtc unix
> Jun 24 22:29:52 ltg01-fedora kernel: CPU: 0
> Jun 24 22:29:52 ltg01-fedora kernel: EIP: 0060:[<c01174f2>] Not
> tainted VLI
> Jun 24 22:29:52 ltg01-fedora kernel: EFLAGS: 00010096 (2.6.17-mm2 #51)
> Jun 24 22:29:52 ltg01-fedora kernel: EIP is at task_rq_lock+0x1d/0x57
OK, thanks. I expect the below will fix that (I've since dropped the
offending patches)
Begin forwarded message:
Date: Sun, 25 Jun 2006 01:31:12 +0200
From: Ingo Molnar <mingo@elte.hu>
To: Andrew Morton <akpm@osdl.org>
Subject: Re: more -mm2 troubles ...
* Ingo Molnar <mingo@elte.hu> wrote:
> hm, look at the sched_exit() => task_rq_lock() use-after-free crash
> below.
>
> I bet it was p->real_parent that got freed. (because at the point we
> call sched_exit() we already unlink ourselves from the parent so it is
> free to exit)
>
> We moved sched_exit() within exit.c to an unsafe place in mm2 - what
> patch was that?
patch below seems to fix it for me. mm2 is now stable.
Ingo
--------------
Subject: move sched_exit() back to under the tasklist_lock umbrella
From: Ingo Molnar <mingo@elte.hu>
seems like sched_exit() cannot be moved to a later stage just yet.
Needs more investigation.
Signed-off-by: Ingo Molnar <mingo@elte.hu>
---
kernel/exit.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
Index: linux/kernel/exit.c
===================================================================
--- linux.orig/kernel/exit.c
+++ linux/kernel/exit.c
@@ -827,6 +827,7 @@ static void exit_notify(struct task_stru
state = EXIT_DEAD;
tsk->exit_state = state;
+ sched_exit(tsk);
write_unlock_irq(&tasklist_lock);
list_for_each_safe(_p, _n, &ptrace_dead) {
@@ -952,8 +953,6 @@ fastcall NORET_TYPE void do_exit(long co
if (tsk->splice_pipe)
__free_pipe_info(tsk->splice_pipe);
- sched_exit(tsk);
-
/* PF_DEAD causes final put_task_struct after we schedule. */
preempt_disable();
BUG_ON(tsk->flags & PF_DEAD);
next prev parent reply other threads:[~2006-06-25 11:40 UTC|newest]
Thread overview: 93+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-06-24 13:19 2.6.17-mm2 Andrew Morton
2006-06-24 15:53 ` 2.6.17-mm2 Rafael J. Wysocki
2006-06-24 17:20 ` 2.6.17-mm2 Dave Jones
2006-06-24 21:34 ` 2.6.17-mm2 Andrew Morton
2006-06-25 8:51 ` 2.6.17-mm2 Rafael J. Wysocki
2006-06-25 10:22 ` 2.6.17-mm2 Andrew Morton
2006-06-25 15:16 ` 2.6.17-mm2 Andrew Morton
2006-06-25 18:23 ` 2.6.17-mm2 Sam Ravnborg
2006-06-25 18:40 ` 2.6.17-mm2 Andrew Morton
2006-06-25 21:21 ` 2.6.17-mm2 Sam Ravnborg
2006-06-30 7:38 ` 2.6.17-mm2 Randy.Dunlap
2006-07-02 10:11 ` 2.6.17-mm2 Russell King
2006-07-02 18:42 ` 2.6.17-mm2 Randy.Dunlap
2006-07-02 18:47 ` 2.6.17-mm2 Arjan van de Ven
2006-07-02 18:47 ` 2.6.17-mm2 Sam Ravnborg
2006-07-03 5:50 ` 2.6.17-mm2 Randy.Dunlap
2006-07-03 13:49 ` 2.6.17-mm2 Russell King
2006-06-25 19:19 ` 2.6.17-mm2 Rafael J. Wysocki
2006-06-26 20:13 ` 2.6.17-mm2 Chandra Seetharaman
2006-06-24 19:41 ` 2.6.17-mm2 Dominik Karall
2006-06-24 21:43 ` 2.6.17-mm2 Andrew Morton
2006-06-25 6:06 ` 2.6.17-mm2 Reuben Farrelly
2006-06-25 9:37 ` 2.6.17-mm2 Barry K. Nathan
2006-06-25 10:29 ` 2.6.17-mm2 Reuben Farrelly
2006-06-25 11:19 ` 2.6.17-mm2 Michal Piotrowski
2006-06-25 11:40 ` Andrew Morton [this message]
2006-06-25 12:18 ` 2.6.17-mm2 Michal Piotrowski
2006-06-25 16:25 ` 2.6.17-mm2 (NULL pointer dereference) Dominik Karall
2006-06-25 17:18 ` Andrew Morton
2006-06-25 18:11 ` Dominik Karall
2006-06-25 16:47 ` 2.6.17-mm2: no QLA3YYY_NAPI help text Adrian Bunk
2006-06-25 19:32 ` 2.6.17-mm2: BLK_CPQ_CISS_DA=m error Adrian Bunk
2006-06-26 0:41 ` Vivek Goyal
2006-06-25 23:13 ` [-mm patch] make drivers/scsi/pata_it821x.c:it821x_passthru_dev_select() static Adrian Bunk
2006-06-25 23:27 ` Alan Cox
2006-06-27 1:03 ` Jeff Garzik
2006-06-25 23:13 ` [-mm patch] fs/cifs/cifsproto.h: remove #ifdef around small_smb_init_no_tc() prototype Adrian Bunk
2006-06-26 4:05 ` Steven French
2006-06-26 15:17 ` [-mm patch] drivers/scsi/arcmsr/: cleanups Adrian Bunk
2006-06-26 20:27 ` [-mm patch] drivers/md/raid5.c: remove an unused variable Adrian Bunk
2006-06-26 21:41 ` 2.6.17-mm2 hrtimer code wedges at boot? Valdis.Kletnieks
2006-06-26 22:50 ` Valdis.Kletnieks
2006-06-26 23:02 ` john stultz
2006-06-26 23:27 ` Thomas Gleixner
2006-06-27 2:12 ` Valdis.Kletnieks
2006-06-27 5:54 ` Thomas Gleixner
2006-06-27 10:16 ` Roman Zippel
2006-06-27 16:43 ` Valdis.Kletnieks
2006-06-27 17:10 ` Roman Zippel
2006-06-27 17:23 ` Roman Zippel
2006-06-27 19:07 ` Valdis.Kletnieks
2006-06-28 0:07 ` john stultz
2006-06-28 10:35 ` Roman Zippel
2006-06-28 11:44 ` Roman Zippel
2006-06-29 23:07 ` Valdis.Kletnieks
2006-06-30 19:26 ` john stultz
2006-06-30 21:04 ` Valdis.Kletnieks
2006-07-03 1:13 ` Roman Zippel
2006-07-03 1:56 ` Daniel Walker
2006-07-03 2:20 ` Valdis.Kletnieks
2006-07-03 20:08 ` john stultz
2006-07-03 19:59 ` john stultz
2006-07-04 22:21 ` Valdis.Kletnieks
2006-07-05 4:29 ` Valdis.Kletnieks
2006-07-06 0:37 ` Roman Zippel
2006-07-06 0:56 ` john stultz
2006-07-06 6:38 ` Valdis.Kletnieks
2006-07-06 0:51 ` john stultz
2006-07-06 1:12 ` john stultz
2006-07-06 5:43 ` john stultz
2006-07-06 20:33 ` Roman Zippel
2006-07-06 22:05 ` john stultz
2006-07-07 23:16 ` Roman Zippel
2006-07-08 20:02 ` [PATCH] adjust clock for lost ticks Roman Zippel
2006-07-09 21:25 ` john stultz
2006-06-28 23:41 ` 2.6.17-mm2 hrtimer code wedges at boot? john stultz
2006-06-29 11:24 ` Roman Zippel
2006-06-28 16:54 ` [-mm patch] include/asm-i386/acpi.h should #include <asm/processor.h> Adrian Bunk
2006-06-28 16:54 ` [-mm patch] fix sgivwfb compile Adrian Bunk
2006-06-28 16:54 ` [-mm patch] arch/i386/mach-visws/setup.c: remove dummy function calls Adrian Bunk
-- strict thread matches above, loose matches on Subject: below --
2006-06-24 15:41 2.6.17-mm2 Martin J. Bligh
2006-06-26 14:48 ` 2.6.17-mm2 Martin J. Bligh
2006-06-27 15:37 ` 2.6.17-mm2 Martin J. Bligh
2006-06-28 10:42 ` 2.6.17-mm2 Andrew Morton
2006-06-28 10:47 ` 2.6.17-mm2 Andrew Morton
2006-06-28 14:43 ` 2.6.17-mm2 Martin J. Bligh
2006-06-28 15:06 ` 2.6.17-mm2 Andy Whitcroft
2006-06-28 19:11 ` 2.6.17-mm2 Andrew Morton
2006-06-28 19:22 ` 2.6.17-mm2 Jeremy Fitzhardinge
2006-06-28 19:49 ` 2.6.17-mm2 Andrew Morton
2006-06-28 19:36 ` 2.6.17-mm2 Martin Bligh
2006-06-29 0:17 ` 2.6.17-mm2 Martin J. Bligh
2006-06-28 15:43 ` 2.6.17-mm2 Jeremy Fitzhardinge
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20060625044013.09190fff.akpm@osdl.org \
--to=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=michal.k.k.piotrowski@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox