Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC

* Ingo Molnar <[email protected]> wrote:

> it could be the ESP-16-bit-corruption patch causing this, or it could 
> be an already existing latent bug getting triggered now: normally only 
> iret accesses the OLDSS, and we fix any iret faults up, but now that 
> we explicitly access %esp the esp bug shows up.

update: it's a latent condition being exposed by the ESP-corruption-fix 
patch. I reverted the ESP patch from 2.6.12-rc2, and applied the patch 
below, and it produces the same sort of crashes (attached further 
below).

	Ingo

--- linux/arch/i386/kernel/entry.S.orig
+++ linux/arch/i386/kernel/entry.S
@@ -123,6 +123,7 @@ VM_MASK		= 0x00020000
 
 
 #define RESTORE_ALL	\
+	movl OLDSS(%esp), %eax; \
 	RESTORE_REGS	\
 	addl $4, %esp;	\
 1:	iret;		\

------------->
Freeing unused kernel memory: 188k freed
Unable to handle kernel paging request at virtual address f5bda000
 printing eip:
c0102874
*pde = 00517067
*pte = 35bda000
Oops: 0000 [#1]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000000   ecx: 00000000   edx: 00000001
esi: 00000000   edi: 009c0ffc   ebp: f5bd8000   esp: f5bd9fc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1124, threadinfo=f5bd8000 task=f5999b10)
Stack: 00000000 00000003 00000000 00000000 009c0ffc bf96dd58 000000dd 0000007b 
       0000007b ffffff00 c01027ba 00000060 00000246 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6 
 <1>Unable to handle kernel paging request at virtual address f50a8000
 printing eip:
c0102874
*pde = 00515067
*pte = 350a8000
Oops: 0000 [#2]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000003   ecx: 00000000   edx: 00000001
esi: 00000008   edi: 009c0ffc   ebp: f50a6000   esp: f50a7fc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1181, threadinfo=f50a6000 task=f55f9b10)
Stack: 00000003 bff9500c bff94f7c 00000008 009c0ffc bff94f60 000000ae 0000007b 
       0000007b ffffff00 c01027ba 00000060 00000286 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6 
 <1>Unable to handle kernel paging request at virtual address f553e000
 printing eip:
c0102874
*pde = 00516067
*pte = 3553e000
Oops: 0000 [#3]
PREEMPT DEBUG_PAGEALLOC
Modules linked in:
CPU:    0
EIP:    0060:[<c0102874>]    Not tainted VLI
EFLAGS: 00010046   (2.6.12-rc2) 
EIP is at restore_all+0x0/0x14
eax: 00000260   ebx: 00000000   ecx: 00000000   edx: 00000001
esi: 00000008   edi: 009c0ffc   ebp: f553c000   esp: f553dfc8
ds: 007b   es: 007b   ss: 0068
Process default.hotplug (pid: 1113, threadinfo=f553c000 task=f5a75b10)
Stack: 00000000 00000000 080e1f3c 00000008 009c0ffc bf856de0 000000af 0000007b 
       0000007b ffffffef c01027ba 00000060 00000246 0000007b 
Call Trace:
 [<c01035dc>] show_stack+0x7a/0x90
 [<c0103758>] show_registers+0x14d/0x1c5
 [<c0103956>] die+0xf4/0x186
 [<c010f15d>] do_page_fault+0x430/0x649
 [<c0103283>] error_code+0x2b/0x30
Code: 45 08 81 01 75 7d 3d 21 01 00 00 0f 83 da 00 00 00 ff 14 85 00 39 40 c0 89 44 24 18 fa 8b 4d 08 66 f7 c1 ff fe 0f 85 80 00 00 00 <8b> 44 24 38 5b 59 5a 5e 5f 5d 58 1f 07 83 c4 04 cf 8d 76 00 f6 
 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• References:
  • crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC
    • From: Ingo Molnar <[email protected]>

• Prev by Date: 2.6.12-rc2-mm1
• Next by Date: Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC
• Previous by thread: Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC
• Next by thread: Re: crash in entry.S restore_all, 2.6.12-rc2, x86, PAGEALLOC
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]