LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* 2.6.19.2 oops after resume from ram (corruption?)
@ 2007-01-31 10:56 Mike Galbraith
2007-01-31 21:42 ` Nigel Cunningham
2007-02-04 15:43 ` Pavel Machek
0 siblings, 2 replies; 7+ messages in thread
From: Mike Galbraith @ 2007-01-31 10:56 UTC (permalink / raw)
To: LKML
[-- Attachment #1: Type: text/plain, Size: 1977 bytes --]
Greetings,
I received the below upon first poke of firefox icon after a resume.
See attachment (evolution refuses to inline it).
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000002
printing eip:
c109a7cf
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP
Modules linked in: xt_pkttype ipt_LOG xt_limit snd_pcm_oss snd_mixer_oss eeprom snd_seq_midi snd_seq_midi_event snd_seq edd button battery ac ip6t_REJECT xt_tcpudp ipt_REJECT xt_state iptable_mangle iptable_nat ip_nat iptable_filter ip6table_mangle ip_conntrack nfnetlink ip_tables ip6table_filter ip6_tables x_tables nls_iso8859_1 nls_cp437 nls_utf8 snd_mpu401 snd_mpu401_uart snd_rawmidi snd_seq_device ohci1394 ieee1394 prism54 snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd soundcore snd_page_alloc intel_agp agpgart i2c_i801 sd_mod fan thermal processor
CPU: 0
EIP: 0060:[<c109a7cf>] Not tainted VLI
EFLAGS: 00010246 (2.6.19.2-smp #90)
EIP is at inotify_inode_queue_event+0x51/0xd1
eax: c1599288 ebx: 00000fc6 ecx: 00000000 edx: 00000002
esi: c1599280 edi: fffffffa ebp: ef38bf58 esp: ef38bf28
ds: 007b es: 007b ss: 0068
Process klauncher (pid: 6283, ti=ef38b000 task=dff91030 task.ti=ef38b000)
Stack: dfc998c0 c1e4f1c0 ef38bf58 00000000 00000020 f346ac68 00000000 0000000c
f346ac60 dba1cd50 f346cf70 f346ab28 ef38bf80 c109aea9 dba1cdb4 ec421998
00000000 00000020 dba1cd58 00000020 ea829000 0000000c ef38bfa8 c1070f3b
Call Trace:
[<c109aea9>] inotify_dentry_parent_queue_event+0x69/0xa0
[<c1070f3b>] do_sys_open+0x83/0xc5
[<c1070fb5>] sys_open+0x1c/0x1e
[<c10030d9>] sysenter_past_esp+0x56/0x79
[<b7f9f410>] 0xb7f9f410
=======================
Code: 5e 5f 5d c3 8d 83 40 01 00 00 89 45 e4 e8 5a ee 2f 00 8b b3 38 01 00 00 83 ee 08 8b 56 08 8d 46 08 39 45 f0 74 69 8d 7a f8 eb 10 <8b> 57 08 8d 47 08 3b 45 f0 74 59 89 fe 8d 7a f8 8b 5e 20 85 5d
EIP: [<c109a7cf>] inotify_inode_queue_event+0x51/0xd1 SS:ESP 0068:ef38bf28
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 2.6.19.2-oops --]
[-- Type: text/plain; name=2.6.19.2-oops; charset=us-ascii, Size: 7511 bytes --]
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000002
printing eip:
c109a7cf
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP
Modules linked in: xt_pkttype ipt_LOG xt_limit snd_pcm_oss snd_mixer_oss eeprom snd_seq_midi snd_seq_midi_event snd_seq edd button battery ac ip6t_REJECT xt_tcpudp ipt_REJECT xt_state iptable_mangle iptable_nat ip_nat iptable_filter ip6table_mangle ip_conntrack nfnetlink ip_tables ip6table_filter ip6_tables x_tables nls_iso8859_1 nls_cp437 nls_utf8 snd_mpu401 snd_mpu401_uart snd_rawmidi snd_seq_device ohci1394 ieee1394 prism54 snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd soundcore snd_page_alloc intel_agp agpgart i2c_i801 sd_mod fan thermal processor
CPU: 0
EIP: 0060:[<c109a7cf>] Not tainted VLI
EFLAGS: 00010246 (2.6.19.2-smp #90)
EIP is at inotify_inode_queue_event+0x51/0xd1
eax: c1599288 ebx: 00000fc6 ecx: 00000000 edx: 00000002
esi: c1599280 edi: fffffffa ebp: ef38bf58 esp: ef38bf28
ds: 007b es: 007b ss: 0068
Process klauncher (pid: 6283, ti=ef38b000 task=dff91030 task.ti=ef38b000)
Stack: dfc998c0 c1e4f1c0 ef38bf58 00000000 00000020 f346ac68 00000000 0000000c
f346ac60 dba1cd50 f346cf70 f346ab28 ef38bf80 c109aea9 dba1cdb4 ec421998
00000000 00000020 dba1cd58 00000020 ea829000 0000000c ef38bfa8 c1070f3b
Call Trace:
[<c109aea9>] inotify_dentry_parent_queue_event+0x69/0xa0
[<c1070f3b>] do_sys_open+0x83/0xc5
[<c1070fb5>] sys_open+0x1c/0x1e
[<c10030d9>] sysenter_past_esp+0x56/0x79
[<b7f9f410>] 0xb7f9f410
=======================
Code: 5e 5f 5d c3 8d 83 40 01 00 00 89 45 e4 e8 5a ee 2f 00 8b b3 38 01 00 00 83 ee 08 8b 56 08 8d 46 08 39 45 f0 74 69 8d 7a f8 eb 10 <8b> 57 08 8d 47 08 3b 45 f0 74 59 89 fe 8d 7a f8 8b 5e 20 85 5d
EIP: [<c109a7cf>] inotify_inode_queue_event+0x51/0xd1 SS:ESP 0068:ef38bf28
gdb vmlinux -core /proc/kcore
(gdb) list *inotify_inode_queue_event+0x51
0xc109a7cf is in inotify_inode_queue_event (fs/inotify.c:294).
289
290 if (!inotify_inode_watched(inode))
291 return;
292
293 mutex_lock(&inode->inotify_mutex);
294 list_for_each_entry_safe(watch, next, &inode->inotify_watches, i_list) {
295 u32 watch_mask = watch->mask;
296 if (watch_mask & mask) {
297 struct inotify_handle *ih= watch->ih;
298 mutex_lock(&ih->mutex);
(gdb) x 0x8+0xc1599280
0xc1599288 <new_cpu_data+8>: 0x00000002
/me: new_cpu_data?
(gdb) x 0xc1599280+0x20
0xc15992a0 <new_cpu_data+32>: 0x00000fc6
(gdb) x 0xef38bf58
0xef38bf58: 0x00000000
(gdb) print new_cpu_data
$1 = {x86 = 15 '\017', x86_vendor = 151 '\227', x86_model = 2 '\002',
x86_mask = 9 '\t', wp_works_ok = 88 'X', hlt_works_ok = -110 '\222',
hard_math = 1 '\001', rfu = -63 '¿, cpuid_level = 2, x86_capability = {
3219913727, 1, 3844256384, 4081494824, 4, 4038, 4145066816},
x86_vendor_id = "GenuineIntelp\n¿,
x86_model_id = "\001\000\000\000\200\"¿\n¿002\000\000\000¿017\000\000", '¿ <repeats 44 times>, x86_cache_size = -858993460,
x86_cache_alignment = -858993460, fdiv_bug = -52 '¿, f00f_bug = -52 '¿,
coma_bug = -52 '¿, pad0 = -52 '¿, x86_power = -858993460,
loops_per_jiffy = 3435973836, llc_shared_map = {bits = {3435973836}},
x86_max_cores = 204 '¿, apicid = 204 '¿, booted_cores = 204 '¿,
phys_proc_id = 204 '¿, cpu_core_id = 204 '¿}
(gdb)
/me: ("G-e-n-u")... eject!
0000030e <inotify_inode_queue_event>:
30e: 55 push %ebp
30f: 89 e5 mov %esp,%ebp
311: 57 push %edi
312: 56 push %esi
313: 53 push %ebx
314: 83 ec 24 sub $0x24,%esp
317: 89 c3 mov %eax,%ebx
319: 89 55 e0 mov %edx,0xffffffe0(%ebp)
31c: 89 4d dc mov %ecx,0xffffffdc(%ebp)
31f: 8d 80 38 01 00 00 lea 0x138(%eax),%eax
325: 89 45 f0 mov %eax,0xfffffff0(%ebp)
328: 3b 83 38 01 00 00 cmp 0x138(%ebx),%eax
32e: 75 08 jne 338 <inotify_inode_queue_event+0x2a>
330: 83 c4 24 add $0x24,%esp
333: 5b pop %ebx
334: 5e pop %esi
335: 5f pop %edi
336: 5d pop %ebp
337: c3 ret
338: 8d 83 40 01 00 00 lea 0x140(%ebx),%eax
33e: 89 45 e4 mov %eax,0xffffffe4(%ebp)
341: e8 fc ff ff ff call 342 <inotify_inode_queue_event+0x34>
346: 8b b3 38 01 00 00 mov 0x138(%ebx),%esi
34c: 83 ee 08 sub $0x8,%esi
34f: 8b 56 08 mov 0x8(%esi),%edx
352: 8d 46 08 lea 0x8(%esi),%eax
355: 39 45 f0 cmp %eax,0xfffffff0(%ebp)
358: 74 69 je 3c3 <inotify_inode_queue_event+0xb5>
35a: 8d 7a f8 lea 0xfffffff8(%edx),%edi
35d: eb 10 jmp 36f <inotify_inode_queue_event+0x61>
35f: 8b 57 08 mov 0x8(%edi),%edx <=== boom
362: 8d 47 08 lea 0x8(%edi),%eax
365: 3b 45 f0 cmp 0xfffffff0(%ebp),%eax
368: 74 59 je 3c3 <inotify_inode_queue_event+0xb5>
36a: 89 fe mov %edi,%esi
36c: 8d 7a f8 lea 0xfffffff8(%edx),%edi
36f: 8b 5e 20 mov 0x20(%esi),%ebx
372: 85 5d e0 test %ebx,0xffffffe0(%ebp)
375: 74 e8 je 35f <inotify_inode_queue_event+0x51>
377: 8b 46 14 mov 0x14(%esi),%eax
37a: 89 45 ec mov %eax,0xffffffec(%ebp)
37d: 83 c0 18 add $0x18,%eax
380: 89 45 e8 mov %eax,0xffffffe8(%ebp)
383: e8 fc ff ff ff call 384 <inotify_inode_queue_event+0x76>
388: 85 db test %ebx,%ebx
38a: 78 47 js 3d3 <inotify_inode_queue_event+0xc5>
38c: 8b 45 ec mov 0xffffffec(%ebp),%eax
38f: 8b 58 3c mov 0x3c(%eax),%ebx
392: 8b 56 1c mov 0x1c(%esi),%edx
395: 8b 45 0c mov 0xc(%ebp),%eax
398: 89 44 24 08 mov %eax,0x8(%esp)
39c: 8b 45 08 mov 0x8(%ebp),%eax
39f: 89 44 24 04 mov %eax,0x4(%esp)
3a3: 8b 45 dc mov 0xffffffdc(%ebp),%eax
3a6: 89 04 24 mov %eax,(%esp)
3a9: 8b 4d e0 mov 0xffffffe0(%ebp),%ecx
3ac: 89 f0 mov %esi,%eax
3ae: ff 13 call *(%ebx)
3b0: 8b 45 e8 mov 0xffffffe8(%ebp),%eax
3b3: e8 fc ff ff ff call 3b4 <inotify_inode_queue_event+0xa6>
3b8: 8b 57 08 mov 0x8(%edi),%edx
3bb: 8d 47 08 lea 0x8(%edi),%eax
3be: 3b 45 f0 cmp 0xfffffff0(%ebp),%eax
3c1: 75 a7 jne 36a <inotify_inode_queue_event+0x5c>
3c3: 8b 45 e4 mov 0xffffffe4(%ebp),%eax
3c6: e8 fc ff ff ff call 3c7 <inotify_inode_queue_event+0xb9>
3cb: 83 c4 24 add $0x24,%esp
3ce: 5b pop %ebx
3cf: 5e pop %esi
3d0: 5f pop %edi
3d1: 5d pop %ebp
3d2: c3 ret
3d3: 8b 55 ec mov 0xffffffec(%ebp),%edx
3d6: 89 f0 mov %esi,%eax
3d8: e8 cd fe ff ff call 2aa <remove_watch_no_event>
3dd: eb ad jmp 38c <inotify_inode_queue_event+0x7e>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-01-31 10:56 2.6.19.2 oops after resume from ram (corruption?) Mike Galbraith
@ 2007-01-31 21:42 ` Nigel Cunningham
2007-02-01 5:30 ` Mike Galbraith
2007-02-04 15:43 ` Pavel Machek
1 sibling, 1 reply; 7+ messages in thread
From: Nigel Cunningham @ 2007-01-31 21:42 UTC (permalink / raw)
To: Mike Galbraith; +Cc: LKML
Hi.
On Wed, 2007-01-31 at 11:56 +0100, Mike Galbraith wrote:
> Greetings,
>
> I received the below upon first poke of firefox icon after a resume.
Are you able to reproduce it reliably? Failing that, could you try
enabling some the kernel configuration options that help with debugging
memory corruption (slab corruption checking in particular will probably
be the most useful thing here).
Regards,
Nigel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-01-31 21:42 ` Nigel Cunningham
@ 2007-02-01 5:30 ` Mike Galbraith
2007-02-01 5:39 ` Nigel Cunningham
2007-02-05 7:19 ` Luming Yu
0 siblings, 2 replies; 7+ messages in thread
From: Mike Galbraith @ 2007-02-01 5:30 UTC (permalink / raw)
To: nigel; +Cc: LKML
On Thu, 2007-02-01 at 08:42 +1100, Nigel Cunningham wrote:
> Hi.
>
> On Wed, 2007-01-31 at 11:56 +0100, Mike Galbraith wrote:
> > Greetings,
> >
> > I received the below upon first poke of firefox icon after a resume.
>
> Are you able to reproduce it reliably? Failing that, could you try
> enabling some the kernel configuration options that help with debugging
> memory corruption (slab corruption checking in particular will probably
> be the most useful thing here).
No, it's a never before seen event. That said, I have had a couple of
dead box after resume events with other kernels in the last few months,
so I may have had corruption of a more deadly variety. Unfortunately,
when I'm resuming, my serial console box is almost guaranteed to be off.
Rebuilding this particular kernel with slab debugging would probably be
a waste of time since stable kernels get very little runtime here, but
I'll re-add it to my config for test kernels just in case a survivable
event should happen.
-Mike
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-02-01 5:30 ` Mike Galbraith
@ 2007-02-01 5:39 ` Nigel Cunningham
2007-02-05 7:19 ` Luming Yu
1 sibling, 0 replies; 7+ messages in thread
From: Nigel Cunningham @ 2007-02-01 5:39 UTC (permalink / raw)
To: Mike Galbraith; +Cc: LKML
Hi.
On Thu, 2007-02-01 at 06:30 +0100, Mike Galbraith wrote:
> Rebuilding this particular kernel with slab debugging would probably be
> a waste of time since stable kernels get very little runtime here, but
> I'll re-add it to my config for test kernels just in case a survivable
> event should happen.
Thanks, Mike.
Regards,
Nigel
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-01-31 10:56 2.6.19.2 oops after resume from ram (corruption?) Mike Galbraith
2007-01-31 21:42 ` Nigel Cunningham
@ 2007-02-04 15:43 ` Pavel Machek
2007-02-05 6:55 ` Mike Galbraith
1 sibling, 1 reply; 7+ messages in thread
From: Pavel Machek @ 2007-02-04 15:43 UTC (permalink / raw)
To: Mike Galbraith; +Cc: LKML
Hi!
> I received the below upon first poke of firefox icon after a resume.
>
> See attachment (evolution refuses to inline it).
Is it repeatable? You may want to try with smaller set of
modules... prism54 is quite unusual...
Pavel
> BUG: unable to handle kernel NULL pointer dereference at virtual address 00000002
> printing eip:
> c109a7cf
> *pde = 00000000
> Oops: 0000 [#1]
> PREEMPT SMP
> Modules linked in: xt_pkttype ipt_LOG xt_limit snd_pcm_oss snd_mixer_oss eeprom snd_seq_midi snd_seq_midi_event snd_seq edd button battery ac ip6t_REJECT xt_tcpudp ipt_REJECT xt_state iptable_mangle iptable_nat ip_nat iptable_filter ip6table_mangle ip_conntrack nfnetlink ip_tables ip6table_filter ip6_tables x_tables nls_iso8859_1 nls_cp437 nls_utf8 snd_mpu401 snd_mpu401_uart snd_rawmidi snd_seq_device ohci1394 ieee1394 prism54 snd_intel8x0 snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd soundcore snd_page_alloc intel_agp agpgart i2c_i801 sd_mod fan thermal processor
> CPU: 0
--
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-02-04 15:43 ` Pavel Machek
@ 2007-02-05 6:55 ` Mike Galbraith
0 siblings, 0 replies; 7+ messages in thread
From: Mike Galbraith @ 2007-02-05 6:55 UTC (permalink / raw)
To: Pavel Machek; +Cc: LKML
On Sun, 2007-02-04 at 16:43 +0100, Pavel Machek wrote:
> Hi!
>
> > I received the below upon first poke of firefox icon after a resume.
> >
> > See attachment (evolution refuses to inline it).
>
> Is it repeatable? You may want to try with smaller set of
> modules... prism54 is quite unusual...
Nope, rogue event... so far. Prism54 is my wlan card. (useless dang
thing, can't convince it to do encryption)
-Mike
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 2.6.19.2 oops after resume from ram (corruption?)
2007-02-01 5:30 ` Mike Galbraith
2007-02-01 5:39 ` Nigel Cunningham
@ 2007-02-05 7:19 ` Luming Yu
1 sibling, 0 replies; 7+ messages in thread
From: Luming Yu @ 2007-02-05 7:19 UTC (permalink / raw)
To: Mike Galbraith; +Cc: nigel, LKML
On 2/1/07, Mike Galbraith <efault@gmx.de> wrote:
> On Thu, 2007-02-01 at 08:42 +1100, Nigel Cunningham wrote:
> > Hi.
> >
> > On Wed, 2007-01-31 at 11:56 +0100, Mike Galbraith wrote:
> > > Greetings,
> > >
> > > I received the below upon first poke of firefox icon after a resume.
> >
> > Are you able to reproduce it reliably? Failing that, could you try
> > enabling some the kernel configuration options that help with debugging
> > memory corruption (slab corruption checking in particular will probably
> > be the most useful thing here).
>
> No, it's a never before seen event. That said, I have had a couple of
> dead box after resume events with other kernels in the last few months,
> so I may have had corruption of a more deadly variety. Unfortunately,
> when I'm resuming, my serial console box is almost guaranteed to be off.
if you have dead serial console, or no serial console at all on you
laptop. Probably you can try the alternative of firewire with
http://www.suse.de/~bk/firewire/
Ah, linux S3 resume is still a problem.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2007-02-05 7:19 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2007-01-31 10:56 2.6.19.2 oops after resume from ram (corruption?) Mike Galbraith
2007-01-31 21:42 ` Nigel Cunningham
2007-02-01 5:30 ` Mike Galbraith
2007-02-01 5:39 ` Nigel Cunningham
2007-02-05 7:19 ` Luming Yu
2007-02-04 15:43 ` Pavel Machek
2007-02-05 6:55 ` Mike Galbraith
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).