Hard lock under 2.1.40 SMP

David Woodhouse (dwmw2@cam.ac.uk)
Sat, 24 May 1997 17:46:48 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: voltage: "More 3c905.."
Previous message: Robert de Bath: "Re: Borland's TLINK"

Another crash on 2.1.40, under virtually no load.

c0110dde is in the lock_kernel at the beginning of do_page_fault in
arch/i386/mm/fault.c.

lock from interrupt context at c0110dde
Unable to handle kernel NULL pointer dereference at virtual address 00000010
current->tss.cr3 = 0010100, %cr3 = 0010100
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c016f398>]
EFLAGS: 00010246
eax: 0075fa21 ebx: c009d524 ecx: 00000006 edx: 00000000
esi: c009d460 edi: 000394ba ebp: 35e62816 esp: c0107e60
ds: 0018 es: 0018 ss: 0018
Process swapper (pid: 0, process nr: 0, stackpage=c0107000)
Stack: c009d460 c009d524 c3fba620 c3fba5f4 00000006 00000001 00000028 35e62798
c01704c3 c009d460 c3fba5fa 000394ba 35e62816 00000014 c009d460 00000000
e3fba620 c3fba5f4 000394ba c016fd33 00000000 c1b30014 c01747f8 c009d460
^^^^^^^^
This looks suspicious, like memory problems, but I got an almost identical
oops a few days ago, in the same place but without such an obvious problem,
so it's more likely just to be an error when I copied it down onto paper.
I'll look more carefully next time.
In fact, as soon as my exams are over I'll make the thing print oopses
itself, to save me the trouble.

Call Trace: [<c01704c3>] [<c016fd33>] [<c01747f8>] [<c0174a4a>] [<c0160014>] [<c01685d4>] [<c489262c>]
[<c0168774>] [<c0106008>] [<c0161ea8>] [<c489262c>] [<c0107f94>] [<c011a5ad>] [<c010b939>] [<c0107fdc>]
[<c0110880>] [<c010997c>] [<c0106000>] [<c0107fdc>] [<c010843d>] [<c0106000>] [<c01001d6>]
Code: 2b 42 10 8b 7b 30 29 c7 89 f8 80 bb fb 00 00 00 00 74 25 c7
Aiee, killing interrupt handler

Using `../System.map' to map addresses to symbols.

>>EIP: c016f398 <tcp_ack+3ac/450>
Trace: c01704c3 <tcp_rcv_state_process+4eb/80c>
Trace: c016fd33 <tcp_rcv_established+11f/3c4>
Trace: c01747f8 <tcp_v4_do_rcv+b8/f8>
Trace: c0174a4a <tcp_v4_rcv+212/26c>
Trace: c0160014 <skb_realloc_headroom+12c/178>
Trace: c01685d4 <ip_local_deliver+124/178>
Trace: c489262c
Trace: c0168774 <ip_rcv+14c/178>
Trace: c0106008 <this_must_match_init_task+8/2000>
Trace: c0161ea8 <net_bh+130/160>
Trace: c489262c
Trace: c0107f94 <this_must_match_init_task+1f94/2000>
Trace: c011a5ad <do_bottom_half+85/a4>
Trace: c010b939 <do_IRQ+18d/198>
Trace: c0107fdc <this_must_match_init_task+1fdc/2000>
Trace: c0110880 <smp_apic_timer_interrupt+20/24>
Trace: c010997c <ret_from_intr>
Trace: c0106000 <init_task_union>
Trace: c0107fdc <this_must_match_init_task+1fdc/2000>
Trace: c010843d <cpu_idle+3d/11c>
Trace: c0106000 <init_task_union>
Trace: c01001d6 <L6>

Code: c016f398 <tcp_ack+3ac/450>

ksymoops doesn't give me a disassembly. Should it?

0xc016f398 <tcp_ack+940>: subl 0x10(%edx),%eax
0xc016f39b <tcp_ack+943>: movl 0x30(%ebx),%edi
0xc016f39e <tcp_ack+946>: subl %eax,%edi
0xc016f3a0 <tcp_ack+948>: movl %edi,%eax
0xc016f3a2 <tcp_ack+950>: cmpb $0x0,0xfb(%ebx)
0xc016f3a9 <tcp_ack+957>: je 0xc016f3d0 <tcp_ack+996>
0xc016f3ab <tcp_ack+959>: movl $0x0,0x118(%ebx)
0xc016f3b5 <tcp_ack+969>: pushl $0x0
0xc016f3b7 <tcp_ack+971>: pushl %esi
0xc016f3b8 <tcp_ack+972>: call 0xc01713d8 <tcp_do_retransmit>

The code is in net/ipv4/tcp_input.c, about line 924:

if (tp->retransmits) {
tp->retrans_head = NULL;

/* This is tricky. We are retransmiting a
* segment of a window when congestion occured.
*/
tcp_do_retransmit(sk, 0);

System is Dual P120, 64Mb on a Tyan Tomcat II, ipv4 and IPX, using a 3Com
3c509. Kernel is standard 2.1.40+dynamic console on MDA+awedrv-0.3.3e

CONFIG_EXPERIMENTAL=y CONFIG_MODULES=y CONFIG_MODVERSIONS=y CONFIG_KERNELD=y CONFIG_NET=y CONFIG_PCI=y CONFIG_PCI_OPTIMIZE=y CONFIG_SYSVIPC=y CONFIG_SYSCTL=y CONFIG_BINFMT_AOUT=m CONFIG_BINFMT_ELF=y CONFIG_BINFMT_JAVA=m CONFIG_M586=y CONFIG_PNP_PARPORT=m CONFIG_PNP=y CONFIG_PNP_PARPORT_AUTOPROBE=y CONFIG_BLK_DEV_FD=m CONFIG_BLK_DEV_IDE=y CONFIG_BLK_DEV_IDEDISK=y CONFIG_BLK_DEV_IDECD=m CONFIG_BLK_DEV_TRITON=y CONFIG_BLK_DEV_LOOP=m CONFIG_NETLINK=y CONFIG_RTNETLINK=y CONFIG_INET=y CONFIG_NET_IPIP=m CONFIG_PATH_MTU_DISCOVERY=y CONFIG_IP_NOSR=y CONFIG_SKB_LARGE=y CONFIG_IPX=m CONFIG_IPX_INTERN=y CONFIG_IPX_PPROP_ROUTING=y CONFIG_SCSI=m CONFIG_BLK_DEV_SD=m CONFIG_SCSI_PPA=m CONFIG_NETDEVICES=y CONFIG_NET_ETHERNET=y CONFIG_NET_VENDOR_3COM=y CONFIG_EL3=m CONFIG_NET_ISA=y CONFIG_NE2000=y CONFIG_PLIP=m CONFIG_PPP=m CONFIG_QUOTA=y CONFIG_EXT2_FS=y CONFIG_FAT_FS=y CONFIG_VFAT_FS=y CONFIG_PROC_FS=y CONFIG_NFS_FS=m CONFIG_NFSD=y CONFIG_SUNRPC=y CONFIG_LOCKD=y CONFIG_SMB_FS=m CONFIG_SMB_WIN95=y CON
FIG_NCP_FS=m CONFIG_ISO9660_FS=m CONFIG_AUTOFS_FS=y CONFIG_VT=y CONFIG_VT_CONSOLE=y CONFIG_SERIAL=m CONFIG_PRINTER=m CONFIG_PRINTER_READBACK=y CONFIG_MOUSE=y CONFIG_PSMOUSE=y CONFIG_WATCHDOG=y CONFIG_SOFT_WATCHDOG=y CONFIG_RTC=y CONFIG_SOUND=y CONFIG_SB=y CONFIG_LOWLEVEL_SOUND=y CONFIG_AWE32_SYNTH=y

---- ------------------------------------------------ ----
David Woodhouse, WWW: http://dwmw2.robinson.cam.ac.uk/
Robinson College, Email: dwmw2@cam.ac.uk
Cambridge, Tel: +44 (0) 976 658355
CB3 9AN, (n)talk: dwmw2@dwmw2.robinson.cam.ac.uk
England. PGP KEY: finger pgp@dwmw2.robinson.cam.ac.uk
---- ------------------------------------------------ ----

Next message: voltage: "More 3c905.."
Previous message: Robert de Bath: "Re: Borland's TLINK"