Re: 2.6.17-rc5-mm1

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Chuck Ebbert <[email protected]> wrote:
>
> In-Reply-To: <[email protected]>
> 
> On Wed, 31 May 2006 19:39:31 +0200, Laurent Riffard wrote:
> 
> > pktcdvd: writer pktcdvd0 mapped to hdc
> > BUG: unable to handle kernel NULL pointer dereference at virtual address 00000084
> >  printing eip:
> > c01118f1
> > *pde = 00000000
> > Oops: 0000 [#1]
> > last sysfs file: /block/pktcdvd0/removable
> > Modules linked in: pktcdvd lp parport_pc parport snd_pcm_oss snd_mixer_oss snd_ens1371 gameport snd_rawmidi snd_seq_device snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd_page_alloc snd soundcore af_packet floppy ide_cd cdrom loop aes dm_crypt nl
> > CPU:    0
> > EIP:    0060:[<c01118f1>]    Not tainted VLI
> > EFLAGS: 00010006   (2.6.17-rc5-mm1 #11) 
> > EIP is at do_page_fault+0xb4/0x5bc
> > eax: d6750084   ebx: d6750000   ecx: 0000007b   edx: 00000000
> > esi: d6758000   edi: c011183d   ebp: d675007c   esp: d6750044
> > ds: 007b   es: 007b   ss: 0068
> > Process  (pid: 0, threadinfo=d674f000 task=d657c000)
> > Stack: 00000000 d6750084 00000000 00000049 00000084 00000000 00001e2e 02001120 
> >        00000027 00000022 00000055 d6750000 d6758000 c011183d d67500f0 c010340d 
> >        d6750000 0000007b 00000000 d6758000 c011183d d67500f0 d67500f8 0000007b 
> > Call Trace:
> >  [<c010340d>] error_code+0x39/0x40
> > Code: 00 00 c0 81 0f 84 12 02 00 00 e9 1c 05 00 00 8b 45 cc f7 40 30 00 02 02 00 74 06 e8 68 af 01 00 fb f7 43 14 ff ff ff ef 8b 55 d0 <8b> b2 84 00 00 00 0f 85 e5 01 00 00 85 f6 0f 84 dd 01 00 00 8d 
> > EIP: [<c01118f1>] do_page_fault+0xb4/0x5bc SS:ESP 0068:d6750044
> 
> arch/i386/mm/fault.c::do_page_fault():
> 
>   12:   f7 40 30 00 02 02 00      testl  $0x20200,0x30(%eax)
>   19:   74 06                     je     21 <_EIP+0x21>
>         if (regs->eflags & (X86_EFLAGS_IF|VM_MASK))
> 
>   1b:   e8 68 af 01 00            call   1af88 <_EIP+0x1af88>
>   20:   fb                        sti
>                 local_irq_enable();
> 
> local_irq_enable() should only be doing an sti; your code has an extra
> function call. Do you have any extra patches applied?

This is all the lockdep stuff - it adds instrumentation to local_irq_foo().

>   21:   f7 43 14 ff ff ff ef      testl  $0xefffffff,0x14(%ebx)
> if (in_atomic()...
> 
>   28:   8b 55 d0                  mov    0xffffffd0(%ebp),%edx
> Get tsk from local storage and put it in edx.
> 
> 00000000 <_EIP>:
>    0:   8b b2 84 00 00 00         mov    0x84(%edx),%esi   <=====
>         mm = tsk->mm;
> 
> tsk was zero here, implying that current was 0 when the page fault happened.
> 
> 
>    6:   0f 85 e5 01 00 00         jne    1f1 <_EIP+0x1f1>
>    c:   85 f6                     test   %esi,%esi
>    e:   0f 84 dd 01 00 00         je     1f1 <_EIP+0x1f1>
> 
> 
> 
> Andrew, should we add debug code to the fault handler to test for current == 0?

`current == 0' implies a scrogged thread_info.  I'm not sure what debugging
we could usefully add to the pagefault handler to detect that.  Apart from
getting a good backtrace.  Which the x86_64 guys have broken.

Laurent, please disable CONFIG_STACK_UNWIND and try again - that way we
should be able to see whereabouts the thread-info got corrupted.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux