Re: output of ksymoops for wabi bug ...

Bill Hawes (whawes@transmeta.com)
Sat, 08 Aug 1998 08:44:23 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: rshaper-1.01, for linux-2.0"
Previous message: Andrea Arcangeli: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"

Dave Airlie wrote:

> More information thanks to Bill's patch .. is attached ..
>
> I've also noticed that it only happens if the serial module is not loaded
> when wabi starts ... as in if I insmod the serial module by hand before
> running wabi I don't get the oops ..

Hi Dave,

The debug output and your observation about the serial module seem to indicate that the module loading has somehow
released the ldt. Everything looks normal until the module loads, and then the next entry written to the ldt triggers the
oops. The entry address is correct, but apparently the ldt memory has been freed.

> Aug 8 15:58:56 rowan kernel: write_ldt: ldt=c4a2f000, entry=119, slot=c4a2f3b8
> Aug 8 15:58:56 rowan kernel: Serial driver version 4.26 with no serial options enabled
> Aug 8 15:58:56 rowan kernel: ttyS00 at 0x03f8 (irq = 4) is a 16550A
> Aug 8 15:58:56 rowan kernel: ttyS01 at 0x02f8 (irq = 3) is a 16550A
> Aug 8 15:58:56 rowan kernel: write_ldt: ldt=c4a2f000, entry=120, slot=c4a2f3c0
> Aug 8 15:58:56 rowan kernel: Unable to handle kernel paging request at virtual address c4a2f3c0
> Aug 8 15:58:56 rowan kernel: current->tss.cr3 = 01241000, `r3 = 01241000
> Aug 8 15:58:56 rowan kernel: *pde = 00002063
> Aug 8 15:58:56 rowan kernel: *pte = 00000000
> Aug 8 15:58:56 rowan kernel: Oops: 0002
> Aug 8 15:58:56 rowan kernel: CPU: 0
> Aug 8 15:58:56 rowan kernel: EIP: 0010:[<c010d037>]
> Aug 8 15:58:56 rowan kernel: EFLAGS: 00010296
> Aug 8 15:58:56 rowan kernel: eax: 00000032 ebx: 60e001ff ecx: c4a2f3c0 edx: c01a60e0
> Aug 8 15:58:56 rowan kernel: esi: 00000078 edi: c4a2f000 ebp: 0800f238 esp: c192df6c
> Aug 8 15:58:56 rowan kernel: ds: 0018 es: 0018 ss: 0018
> Aug 8 15:58:56 rowan kernel: Process wabiprog (pid: 1291, process nr: 72, stackpage=c192d000)
> Aug 8 15:58:56 rowan kernel: Stack: 00000078 c4a2f3c0 bfffe334 bfffe334 000001ff bfffe344 c4a2f3c0 c010ef97
> Aug 8 15:58:56 rowan kernel: 00000000 c4a2f000 c192c000 c27084a0 00000078 083860e0 000001ff 00000000
> Aug 8 15:58:56 rowan kernel: c010d08d bfffe334 00000010 00000001 c192c000 c0109c1c 00000001 bfffe334
> Aug 8 15:58:56 rowan kernel: Call Trace: [<c4a2f3c0>] [<c4a2f3c0>] [<c010ef97>] [<c4a2f000>] [<c010d08d>] [<c0109c1c>]
> Aug 8 15:58:56 rowan kernel: Code: 89 19 8b 74 24 20 89 6e 04 31 ed 83 c4 10 89 e8 5b 5e 5f 5d
> Aug 8 15:58:56 rowan kernel: Trying to vfree() nonexistent vm area (c4a2f000)

The message from vfree() implies that the ldt has already been released when the wabi process is killed.

I'll look at the code some more and try to find the problem.

Regards,
Bill

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Andi Kleen: "Re: rshaper-1.01, for linux-2.0"
Previous message: Andrea Arcangeli: "Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds"