From: Helge Hafting <helge.hafting@aitel.hist.no>
To: Alan Stern <stern@rowland.harvard.edu>
Cc: Paolo Ornati <ornati@fastwebnet.it>,
Kernel development list <linux-kernel@vger.kernel.org>,
USB development list <linux-usb-devel@lists.sourceforge.net>
Subject: Re: [linux-usb-devel] 2.6.19-rc1-mm1 - locks when using "dd bs=1M" from card reader
Date: Thu, 19 Oct 2006 14:25:40 +0200 [thread overview]
Message-ID: <45376EC4.3080807@aitel.hist.no> (raw)
In-Reply-To: <Pine.LNX.4.44L0.0610181211050.7542-100000@iolanthe.rowland.org>
[-- Attachment #1: Type: text/plain, Size: 2202 bytes --]
Alan Stern wrote:
> On Wed, 18 Oct 2006, Helge Hafting wrote:
>
[...]
> That's why I asked for the USB debugging logs (which you forgot to include
> here).
>
Attached dmesg.gz with lots of usb messages.
>> To bring it down:
>>
>> dd if=/dev/sdc of=sdc.dump bs=1M
>>
This time, it seems to have crashed on the first megabyte.
I mounted the filesystem synchronously, and still I had 0 bytes
in the dumpfile. The crash also came with no delay after
pressing enter.
> It's possible that both of these are caused by something unrelated
> overwriting kernel memory.
>
something like a function pointer mistaken for a data pointer?
> By the way, what happens if you add a "skip=" argument to dd so that the
> copy begins near the end of the device? Does the oops then occur that
> much sooner?
>
No, it is random. May happen immediately, may happen after a while.
I even had "cfdisk /dev/sdc" crash on me fresh after a reboot.
> Oh, and the next time this happens, could you copy down all of the code
> bytes from the oops message? And also provide the section from "objdump
> -d drivers/usb/host/ehci-hcd.o" for the start_unlink_async routine?
>
objdump for start_unlink_async attached.
From the BUG:
Stack (All I got before it rebooted after 300s)
00000010 c0664dc8 dff84000 dffdbc00 dffdb600 00000296
df9244c0 c03248de c0664dc8
EIP: [<c031f823>] start_unlink_async+0x16/0xf2
SS:ESP:0068:c0664d58
Code (Complete) 5d e9 8e 31 ff ff f6 43 28 01 75 b8 c7 43 24 00 00 00 00
eb af
57 56 53 83 ec 10 89 c6 89 d3 8b 48 04 8b 39 8b 40 14 85 c0 74
6f <0f> 0b 39 5e 10 74 78 c6 43 68 02 8d 43 60 e8 9f 3c f1 ff 89 5e
I found this in the start_unlink_async dump - here it is with the
same line breaking as well as the differences:
{Before start_unlink_async}
5d
e9 8e 31 ff ff ; objdump has "e9 fc ff ff ff" here, it is a jump
f6 43 28 01
75 b8
c7 43 24 00 00 00 00
eb af
start_unlink_async
57
56
53
83 ec 10
89 c6
89 d3
8b 48 04
8b 39
8b 40 14
85 c0
74 6f
0f 0b
39 5e 10
74 78
c6 43 68 02
8d 43 60
e8 9f 3c f1 ff ; objdump has "e8 fc ff ff ff" here, a call
89 5e
Calls and jumps are different, but I guess that is just linking effects?
Hope this is useful,
Helge Hafting
[-- Attachment #2: dmesg.gz --]
[-- Type: application/gzip, Size: 10451 bytes --]
[-- Attachment #3: objdump.start_unlink_async --]
[-- Type: text/plain, Size: 5409 bytes --]
00000fed <start_unlink_async>:
fed: 57 push %edi
fee: 56 push %esi
fef: 53 push %ebx
ff0: 83 ec 10 sub $0x10,%esp
ff3: 89 c6 mov %eax,%esi
ff5: 89 d3 mov %edx,%ebx
ff7: 8b 48 04 mov 0x4(%eax),%ecx
ffa: 8b 39 mov (%ecx),%edi
ffc: 8b 40 14 mov 0x14(%eax),%eax
fff: 85 c0 test %eax,%eax
1001: 74 6f je 1072 <start_unlink_async+0x85>
1003: 0f 0b ud2a
1005: 39 5e 10 cmp %ebx,0x10(%esi)
1008: 74 78 je 1082 <start_unlink_async+0x95>
100a: c6 43 68 02 movb $0x2,0x68(%ebx)
100e: 8d 43 60 lea 0x60(%ebx),%eax
1011: e8 fc ff ff ff call 1012 <start_unlink_async+0x25>
1016: 89 5e 14 mov %ebx,0x14(%esi)
1019: 8b 4e 10 mov 0x10(%esi),%ecx
101c: 8b 41 48 mov 0x48(%ecx),%eax
101f: 39 c3 cmp %eax,%ebx
1021: 74 09 je 102c <start_unlink_async+0x3f>
1023: 89 c1 mov %eax,%ecx
1025: 8b 40 48 mov 0x48(%eax),%eax
1028: 39 c3 cmp %eax,%ebx
102a: 75 f7 jne 1023 <start_unlink_async+0x36>
102c: 8b 03 mov (%ebx),%eax
102e: 89 01 mov %eax,(%ecx)
1030: 8b 43 48 mov 0x48(%ebx),%eax
1033: 89 41 48 mov %eax,0x48(%ecx)
1036: 8b 46 fc mov 0xfffffffc(%esi),%eax
1039: 85 c0 test %eax,%eax
103b: 0f 84 83 00 00 00 je 10c4 <start_unlink_async+0xd7>
1041: 8b 46 04 mov 0x4(%esi),%eax
1044: 83 cf 40 or $0x40,%edi
1047: 89 38 mov %edi,(%eax)
1049: 8b 46 04 mov 0x4(%esi),%eax
104c: 8b 00 mov (%eax),%eax
104e: 8b 86 84 00 00 00 mov 0x84(%esi),%eax
1054: 85 c0 test %eax,%eax
1056: 75 41 jne 1099 <start_unlink_async+0xac>
1058: 8b 15 00 00 00 00 mov 0x0,%edx
105e: 8d 86 84 00 00 00 lea 0x84(%esi),%eax
1064: 83 c2 0a add $0xa,%edx
1067: 83 c4 10 add $0x10,%esp
106a: 5b pop %ebx
106b: 5e pop %esi
106c: 5f pop %edi
106d: e9 fc ff ff ff jmp 106e <start_unlink_async+0x81>
1072: 0f b6 52 68 movzbl 0x68(%edx),%edx
1076: 80 fa 01 cmp $0x1,%dl
1079: 74 8a je 1005 <start_unlink_async+0x18>
107b: 80 fa 04 cmp $0x4,%dl
107e: 75 83 jne 1003 <start_unlink_async+0x16>
1080: eb 83 jmp 1005 <start_unlink_async+0x18>
1082: 8b 56 fc mov 0xfffffffc(%esi),%edx
1085: 85 d2 test %edx,%edx
1087: 74 09 je 1092 <start_unlink_async+0xa5>
1089: 85 c0 test %eax,%eax
108b: 90 nop
108c: 8d 74 26 00 lea 0x0(%esi),%esi
1090: 74 3e je 10d0 <start_unlink_async+0xe3>
1092: 83 c4 10 add $0x10,%esp
1095: 5b pop %ebx
1096: 5e pop %esi
1097: 5f pop %edi
1098: c3 ret
1099: c7 44 24 0c 65 00 00 movl $0x65,0xc(%esp)
10a0: 00
10a1: c7 44 24 08 78 00 00 movl $0x78,0x8(%esp)
10a8: 00
10a9: c7 44 24 04 00 00 00 movl $0x0,0x4(%esp)
10b0: 00
10b1: c7 04 24 18 00 00 00 movl $0x18,(%esp)
10b8: e8 fc ff ff ff call 10b9 <start_unlink_async+0xcc>
10bd: e8 fc ff ff ff call 10be <start_unlink_async+0xd1>
10c2: eb 94 jmp 1058 <start_unlink_async+0x6b>
10c4: 31 d2 xor %edx,%edx
10c6: 89 f0 mov %esi,%eax
10c8: 83 c4 10 add $0x10,%esp
10cb: 5b pop %ebx
10cc: 5e pop %esi
10cd: 5f pop %edi
10ce: eb 0f jmp 10df <end_unlink_async>
10d0: 83 e7 df and $0xffffffdf,%edi
10d3: 89 39 mov %edi,(%ecx)
10d5: 0f ba b6 b4 00 00 00 btrl $0x2,0xb4(%esi)
10dc: 02
10dd: eb b3 jmp 1092 <start_unlink_async+0xa5>
next prev parent reply other threads:[~2006-10-19 12:29 UTC|newest]
Thread overview: 88+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-10-10 7:09 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 7:20 ` 2.6.19-rc1-mm1 Arjan van de Ven
2006-10-10 7:45 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 8:03 ` 2.6.19-rc1-mm1 Arjan van de Ven
2006-10-10 13:14 ` RSS accounting (was: Re: 2.6.19-rc1-mm1) Peter Zijlstra
2006-10-10 16:13 ` Arjan van de Ven
2006-10-10 23:54 ` Eric W. Biederman
2006-10-11 8:47 ` Arjan van de Ven
2006-10-11 12:07 ` Eric W. Biederman
2006-10-11 13:55 ` Arjan van de Ven
2006-10-11 17:15 ` Chen, Kenneth W
2006-10-11 22:36 ` Benjamin LaHaise
2006-10-10 7:31 ` 2.6.19-rc1-mm1 Miguel Ojeda
2006-10-10 8:10 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 9:57 ` 2.6.19-rc1-mm1 Miguel Ojeda
2006-10-10 18:25 ` 2.6.19-rc1-mm1 Jeremy Fitzhardinge
2006-10-10 12:19 ` 2.6.19-rc1-mm1 Theodore Tso
2006-10-10 12:26 ` 2.6.19-rc1-mm1 Arjan van de Ven
2006-10-10 16:21 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 13:10 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-10 14:04 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-11 5:35 ` 2.6.19-rc1-mm1 Neil Brown
2006-10-11 10:48 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-11 11:23 ` 2.6.19-rc1-mm1 Arjan van de Ven
2006-10-11 13:08 ` _cpu_down deadlock [was Re: 2.6.19-rc1-mm1] Neil Brown
2006-10-11 13:32 ` Rusty Russell
2006-10-11 16:39 ` Andrew Morton
2006-10-11 23:46 ` Neil Brown
2006-10-12 6:51 ` Arjan van de Ven
2006-10-12 7:53 ` SPAM: " Neil Brown
2006-10-12 8:04 ` Andrew Morton
2006-10-13 4:49 ` Neil Brown
2006-10-10 15:47 ` BUG in filp_close() (was: Re: 2.6.19-rc1-mm1) Dave Kleikamp
2006-10-10 22:07 ` Dave Kleikamp
2006-10-10 22:14 ` Vadim Lobanov
2006-10-10 22:38 ` Vadim Lobanov
2006-10-10 16:09 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-10 19:04 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 21:44 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-10 21:52 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-20 20:44 ` 2.6.19-rc1-mm1 Thomas Gleixner
2006-10-10 17:15 ` BUG() in copy_fdtable() with 64K pages (2.6.19-rc1-mm1) Olof Johansson
2006-10-10 19:34 ` Andrew Morton
2006-10-10 20:20 ` Linas Vepstas
2006-10-10 20:31 ` Vadim Lobanov
2006-10-10 23:05 ` Linas Vepstas
2006-10-10 18:09 ` 2.6.19-rc1-mm1 Jeremy Fitzhardinge
2006-10-10 19:25 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 19:41 ` 2.6.19-rc1-mm1 Jeremy Fitzhardinge
2006-10-10 23:10 ` 2.6.19-rc1-mm1 Paul Mackerras
2006-10-10 23:16 ` 2.6.19-rc1-mm1 Jeremy Fitzhardinge
2006-10-10 23:37 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-10 22:17 ` 2.6.19-rc1-mm1 Badari Pulavarty
2006-10-11 6:56 ` 2.6.19-rc1-mm1 Arjan van de Ven
2006-10-11 3:13 ` 2.6.19-rc1-mm1 Badari Pulavarty
2006-10-11 4:01 ` 2.6.19-rc1-mm1 Andrew Morton
[not found] ` <1160578934.1447.1.camel@dyn9047017100.beaverton.ibm.com>
2006-10-11 16:56 ` 2.6.19-rc1-mm1 (ext4 problem ?) Andrew Morton
2006-10-11 17:08 ` Badari Pulavarty
2006-10-11 12:51 ` 2.6.19-rc1-mm1 Theodore Tso
2006-10-11 19:54 ` 2.6.19-rc1-mm1 Martin J. Bligh
2006-10-11 21:58 ` 2.6.19-rc1-mm1 Badari Pulavarty
2006-10-16 15:56 ` 2.6.19-rc1-mm1 Andy Whitcroft
2006-10-11 19:59 ` 2.6.19-rc1-mm1 Martin J. Bligh
2006-10-11 20:10 ` 2.6.19-rc1-mm1 Michal Piotrowski
2006-10-11 21:47 ` 2.6.19-rc1-mm1 Andrew Morton
2006-10-12 10:22 ` 2.6.19-rc1-mm1 Andy Whitcroft
2006-10-12 18:09 ` 2.6.19-rc1-mm1 Badari Pulavarty
2006-10-12 18:52 ` 2.6.19-rc1-mm1 Vadim Lobanov
2006-10-12 19:01 ` 2.6.19-rc1-mm1 Badari Pulavarty
2006-10-11 21:19 ` 2.6.19-rc1-mm1 Michael Lothian
2006-10-12 12:18 ` 2.6.19-rc1-mm1 - locks when using "dd bs=1M" from card reader Helge Hafting
2006-10-12 18:29 ` Andrew Morton
2006-10-13 13:11 ` Helge Hafting
2006-10-13 16:29 ` Andrew Morton
2006-10-13 18:10 ` [linux-usb-devel] " Alan Stern
2006-10-18 9:31 ` Helge Hafting
2006-10-18 16:26 ` Alan Stern
2006-10-19 12:25 ` Helge Hafting [this message]
2006-10-19 18:40 ` Alan Stern
2006-10-19 18:57 ` Christopher "Monty" Montgomery
2006-10-20 11:44 ` Helge Hafting
2006-10-20 15:55 ` Alan Stern
2006-10-23 9:12 ` Helge Hafting
2006-10-23 14:13 ` Alan Stern
2006-10-23 20:36 ` Christopher "Monty" Montgomery
2006-10-24 10:16 ` Helge Hafting
2006-10-24 14:09 ` Alan Stern
2006-10-12 18:37 ` 2.6.19-rc1-mm1 Valdis.Kletnieks
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=45376EC4.3080807@aitel.hist.no \
--to=helge.hafting@aitel.hist.no \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-usb-devel@lists.sourceforge.net \
--cc=ornati@fastwebnet.it \
--cc=stern@rowland.harvard.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox