the following program reproducibly crashes pre-7 while trying to
generate a (large) core dump on an ext2 filesystem (53c7,8xx).
pre7-crash.c----------------------------------------
#include <stdlib.h>
main()
{
char *array = calloc(1,32000000); /* alloc and touch me */
array[36000000L] = 255; /* but --don't touch me here */
return 0; /* just pretent to be polite */
}
----------------------------------------------------
start: gcc -o pre7-crash pre7-crash.c; pre7-crash
The system is running in SMP (two 200PPro cpu) mode - no modules
loaded. See config below.
Alt-Scroll-Lock seems to indicate an endless loop in
grow_buffers(fs/buffer.c).
---loop-start---
0xc012a648 <grow_buffers+128>: testl %ecx,%ecx
0xc012a64a <grow_buffers+130>: je 0xc012a660 <grow_buffers+152>
0xc012a64c <grow_buffers+132>: movl 0x18(%ecx),%eax
0xc012a64f <grow_buffers+135>: movl %eax,0x18(%edx)
0xc012a652 <grow_buffers+138>: movl %ecx,0x3c(%edx)
0xc012a655 <grow_buffers+141>: movl 0x18(%ecx),%eax
0xc012a658 <grow_buffers+144>: movl %edx,0x3c(%eax)
0xc012a65b <grow_buffers+147>: movl %edx,0x18(%ecx)
0xc012a65e <grow_buffers+150>: jmp 0xc012a666 <grow_buffers+158>
0xc012a660 <grow_buffers+152>: movl %edx,0x3c(%edx)
0xc012a663 <grow_buffers+155>: movl %edx,0x18(%edx)
0xc012a666 <grow_buffers+158>: movl %edx,%ecx
0xc012a668 <grow_buffers+160>: incl 0xc01e8918
0xc012a66e <grow_buffers+166>: movl 0x10(%edx),%eax
0xc012a671 <grow_buffers+169>: testl %eax,%eax
0xc012a673 <grow_buffers+171>: je 0xc012a67c <grow_buffers+180>
0xc012a675 <grow_buffers+173>: movl %eax,%edx
0xc012a677 <grow_buffers+175>: jmp 0xc012a648 <grow_buffers+128>
---loop-end---
seems to be this
fs/buffer.c:1397
-------------------
while (1) {
if (insert_point) {
tmp->b_next_free = insert_point->b_next_free;
tmp->b_prev_free = insert_point;
insert_point->b_next_free->b_prev_free = tmp;
insert_point->b_next_free = tmp;
} else {
tmp->b_prev_free = tmp;
tmp->b_next_free = tmp;
}
insert_point = tmp;
++nr_buffers;
if (tmp->b_this_page)
tmp = tmp->b_this_page;
else
break;
}
--------------------
Config:
CONFIG_EXPERIMENTAL=y
CONFIG_MODULES=y
CONFIG_MODVERSIONS=y
CONFIG_KERNELD=y
CONFIG_NET=y
CONFIG_PCI=y
CONFIG_SYSVIPC=y
CONFIG_SYSCTL=y
CONFIG_BINFMT_AOUT=y
CONFIG_BINFMT_ELF=y
CONFIG_M686=y
CONFIG_BLK_DEV_FD=y
CONFIG_BLK_DEV_RAM=y
CONFIG_INET=y
CONFIG_IP_ACCT=y
CONFIG_PATH_MTU_DISCOVERY=y
CONFIG_IP_NOSR=y
CONFIG_SKB_LARGE=y
CONFIG_SCSI=y
CONFIG_BLK_DEV_SD=y
CONFIG_BLK_DEV_SR=y
CONFIG_SCSI_MULTI_LUN=y
CONFIG_SCSI_CONSTANTS=y
CONFIG_SCSI_NCR53C7xx=y
CONFIG_SCSI_NCR53C7xx_sync=y
CONFIG_SCSI_NCR53C7xx_FAST=y
CONFIG_SCSI_NCR53C7xx_DISCONNECT=y
CONFIG_NETDEVICES=y
CONFIG_NET_ETHERNET=y
CONFIG_NET_ISA=y
CONFIG_NE2000=y
CONFIG_NET_EISA=y
CONFIG_DE4X5=m
CONFIG_DEC_ELCP=m
CONFIG_MINIX_FS=y
CONFIG_EXT2_FS=y
CONFIG_FAT_FS=y
CONFIG_MSDOS_FS=y
CONFIG_PROC_FS=y
CONFIG_NFS_FS=y
CONFIG_SUNRPC=y
CONFIG_LOCKD=y
CONFIG_ISO9660_FS=y
CONFIG_VT=y
CONFIG_VT_CONSOLE=y
CONFIG_SERIAL=y
CONFIG_SERIAL_EXTENDED=y
CONFIG_SERIAL_CONSOLE=y
CONFIG_RTC=y
-- Versions installed: (if some fields are empty or looks
-- unusual then possibly you have very old versions)
Linux uhura.desy.de 2.1.37 #7 Mon May 12 16:21:49 MET DST 1997 i686 unknown
Kernel modules found
Gnu C 2.7.2.1
Binutils 2.8.0.3
Linux C Library 5.4.23
Dynamic Linker (ld.so) 1.8.10
Linux C++ Library 27.1.0
Procps 0.99
Mount 2.6g
Net-tools 1.41
Kbd 0.93
Sh-utils 1.16
-- _/ _/ _/ _/ _/_/_/ . Wolfgang Wander HERMES Collaboration _/ _/ _/ _/ _/ . DESY Hamburg Email: Wolfgang.Wander@desy.de _/_/_/ _/_/_/ _/ . Notkestr. 85 Tel: +49 40 8998 4638 Fax: -4034 _/_/_/ _/_/_/ _/_/_/ . 22603 Hamburg http://www-hermes.desy.de/wander.html