[BUG][2.6.8.1] Nevver dump core while /dev/men is mmaped

From: Peter Seiderer
Date: Tue Sep 21 2004 - 08:22:01 EST

Next message: Alan Cox: "Re: Kernel connector - userspace <-> kernelspace "linker"."
Previous message: Tomasz Kłoczko: "Re: RARP support disapeard in kernel 2.6.x ?"
Next in thread: Richard B. Johnson: "Re: [BUG][2.6.8.1] Nevver dump core while /dev/men is mmaped"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,
the following short program stops my computer immediately (no more
input, telnet etc. possible):

--- begin ---
#include <stdio.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <sys/mman.h>
#include <assert.h>

int main(int argc, char *argv[]) {
int fd;
assert((fd = open("/dev/mem", O_RDWR)) != (-1));

size_t s = 67108864;
void *m;
assert((m = mmap(NULL, s, PROT_READ|PROT_WRITE, MAP_SHARED, fd,
0xd0000000)) != NULL);

char *c = 0;
char a = *c;
return 0;
}
--- end ---

when run as root and writing core dumps enabled.

Minimal testrun:
boot 2.6.8.1 (config file attached, the computer has 1 GB of ram)
with init=/bin/sh

mount -o remount,rw /
ulimit -c unlimited
./test_program
(the computer hangs)

SysRq Output:
20040921 13:56:34.312: SysRq : Show Regs
20040921 13:56:34.312:
20040921 13:56:34.312: Pid: 21, comm: a.out
20040921 13:56:34.312: EIP: 0060:[<c014ae57>] CPU: 0
20040921 13:56:34.312: EIP is at get_user_pages+0xe1/0x40e
20040921 13:56:34.328: EFLAGS: 00000246 Not tainted (2.6.8.1)
20040921 13:56:34.328: EAX: 00000001 EBX: 00000000 ECX: df5b4a80 EDX:
00000000
20040921 13:56:34.328: ESI: c152c000 EDI: df5bec9c EBP: c152dd88 DS: 007b
ES: 007b
20040921 13:56:34.343: CR0: 8005003b CR2: 080c2eb8 CR3: 1f59b000 CR4:
000006d0
20040921 13:56:34.343: [<c0104264>] show_regs+0x145/0x16d
20040921 13:56:34.343: [<c0246004>] __handle_sysrq+0x71/0xed
20040921 13:56:34.359: [<c023fb6d>] kbd_event+0x30/0x5b
20040921 13:56:34.359: [<c02ad5f8>] input_event+0x164/0x3c0
20040921 13:56:34.375: [<c02af66f>] atkbd_report_key+0x3b/0x95
20040921 13:56:34.375: [<c02af9a6>] atkbd_interrupt+0x2dd/0x5c5
20040921 13:56:34.375: [<c02b38df>] serio_interrupt+0x75/0xa2
20040921 13:56:34.390: [<c02b41b6>] i8042_interrupt+0xcc/0x16e
20040921 13:56:34.390: [<c01083ad>] handle_IRQ_event+0x39/0x62
20040921 13:56:34.406: [<c0108764>] do_IRQ+0xbe/0x19b
20040921 13:56:34.406: [<c0106a50>] common_interrupt+0x18/0x20
20040921 13:56:34.406: [<c018ba1c>] elf_core_dump+0xa85/0xbad
20040921 13:56:34.406: [<c0168e88>] do_coredump+0x1dc/0x24c
20040921 13:56:34.421: [<c012b7b7>] get_signal_to_deliver+0x36a/0x430
20040921 13:56:34.421: [<c0105e21>] do_signal+0x68/0x10d
20040921 13:56:34.421: [<c0105f01>] do_notify_resume+0x3b/0x3d
20040921 13:56:34.437: [<c010612e>] work_notifysig+0x13/0x15
20040921 13:56:35.171: SysRq : Show Regs
20040921 13:56:35.187:
20040921 13:56:35.187: Pid: 21, comm: a.out
20040921 13:56:35.187: EIP: 0060:[<c014c715>] CPU: 0
20040921 13:56:35.187: EIP is at handle_mm_fault+0x4b/0x1e2
20040921 13:56:35.187: EFLAGS: 00000246 Not tainted (2.6.8.1)
20040921 13:56:35.203: EAX: 00000001 EBX: 00000206 ECX: c152c000 EDX:
df5b4ab0
20040921 13:56:35.203: ESI: df59b400 EDI: df5b4a80 EBP: c152dd50 DS: 007b
ES: 007b
20040921 13:56:35.203: CR0: 8005003b CR2: 080c2eb8 CR3: 1f59b000 CR4:
000006d0
20040921 13:56:35.218: [<c0104264>] show_regs+0x145/0x16d
20040921 13:56:35.218: [<c0246004>] __handle_sysrq+0x71/0xed
20040921 13:56:35.218: [<c023fb6d>] kbd_event+0x30/0x5b
20040921 13:56:35.234: [<c02ad5f8>] input_event+0x164/0x3c0
20040921 13:56:35.234: [<c02af66f>] atkbd_report_key+0x3b/0x95
20040921 13:56:35.250: [<c02af9a6>] atkbd_interrupt+0x2dd/0x5c5
20040921 13:56:35.250: [<c02b38df>] serio_interrupt+0x75/0xa2
20040921 13:56:35.250: [<c02b41b6>] i8042_interrupt+0xcc/0x16e
20040921 13:56:35.265: [<c01083ad>] handle_IRQ_event+0x39/0x62
20040921 13:56:35.265: [<c0108764>] do_IRQ+0xbe/0x19b
20040921 13:56:35.265: [<c0106a50>] common_interrupt+0x18/0x20
20040921 13:56:35.281: [<c014af42>] get_user_pages+0x1cc/0x40e
20040921 13:56:35.281: [<c018ba1c>] elf_core_dump+0xa85/0xbad
20040921 13:56:35.281: [<c0168e88>] do_coredump+0x1dc/0x24c
20040921 13:56:35.296: [<c012b7b7>] get_signal_to_deliver+0x36a/0x430
20040921 13:56:35.296: [<c0105e21>] do_signal+0x68/0x10d
20040921 13:56:35.296: [<c0105f01>] do_notify_resume+0x3b/0x3d
20040921 13:56:35.296: [<c010612e>] work_notifysig+0x13/0x15

The kernel seems to be stuck in elf_core_dump.

No problem occcurs if no core file is written (due to ulimit,
or readonly fs).

Can anyone reproduce this?

Thanks in advance for your help,
Peter

ps: Did post this to lkml some time ago
(http://www.ussg.iu.edu/hypermail/linux/kernel/0404.1/0804.html), but
the only answer was from Andrew, that he could not reproduce this...

--
GMX ProMail mit bestem Virenschutz http://www.gmx.net/de/go/mail
+++ Empfehlung der Redaktion +++ Internet Professionell 10/04 +++

Attachment: config-2.6.8.1
Description: Binary data

Next message: Alan Cox: "Re: Kernel connector - userspace <-> kernelspace "linker"."
Previous message: Tomasz Kłoczko: "Re: RARP support disapeard in kernel 2.6.x ?"
Next in thread: Richard B. Johnson: "Re: [BUG][2.6.8.1] Nevver dump core while /dev/men is mmaped"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]