Re: kernel 2.6.9 freezes upon dereferencing invalid C++ ref in xxdiff.

From: Sami Farin
Date: Thu Nov 04 2004 - 06:15:49 EST

Next message: Stelian Pop: "[PATCH 1/12] meye: module related fixes"
Previous message: Stelian Pop: "[PATCH 0/12] meye driver update"
In reply to: Zwane Mwaikambo: "Re: kernel 2.6.9 freezes upon dereferencing invalid C++ ref inxxdiff."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 03, 2004 at 07:42:02PM -0700, Zwane Mwaikambo wrote:
> On Wed, 3 Nov 2004, Martin Blais wrote:
>
> > [1.] One line summary of the problem:
> >
> > kernel 2.6.9 freezes upon dereferenceing invalid C++ ref in xxdiff.
>
> Interesting, i could trigger it in 2.6.9 but not 2.6.10-rc1-mm2.
>
> ------------[ cut here ]------------
> kernel BUG at <bad filename>:25321!
hmm
> invalid operand: 0000 [#1]
> SMP DEBUG_PAGEALLOC
> Modules linked in: pcnet32
> CPU: 0
> EIP: 0060:[<c038a344>] Not tainted VLI
> EFLAGS: 00010246 (2.6.9-rtl)
> EIP is at tcp_transmit_skb+0x8f4/0x900
> eax: c19e9eb8 ebx: c2974f60 ecx: 00000020 edx: c2986f60
> esi: 00000020 edi: c21b1dc0 ebp: c2974f60 esp: c23cfd8c
> ds: 007b es: 007b ss: 0068
> Process xxdiff (pid: 2194, threadinfo=c23ce000 task=c19e2aa0)
> Stack: c013c879 c3e9b3c0 00000020 c2986000 c03616f7 00000246 c2974f60 00000020
> c2986f98 c21b1d28 c2974f60 00000020 c21b1bb0 c2974f60 c038c15a c21b1bb0
> c2986f60 c21b1dc0 c2970f60 c21b1bb0 00000218 c0388d23 c21b1bb0 c2970f60
> Call Trace:
> [<c013c879>] kmem_cache_alloc+0x69/0xa0
> [<c03616f7>] skb_clone+0x17/0x140
> [<c038c15a>] tcp_send_synack+0x14a/0x150
> [<c0388d23>] tcp_rcv_synsent_state_process+0x543/0x5a0
> [<c0389723>] tcp_rcv_state_process+0x9a3/0xab0
> [<c0391236>] tcp_v4_do_rcv+0x76/0x110
> [<c0360a72>] __release_sock+0x42/0x60
> [<c0361186>] release_sock+0x56/0x60
> [<c039e58f>] inet_wait_for_connect+0x7f/0xe0
> [<c0118d40>] autoremove_wake_function+0x0/0x40
> [<c0118d40>] autoremove_wake_function+0x0/0x40
> [<c039e693>] inet_stream_connect+0xa3/0x180
> [<c035eecd>] sys_connect+0x5d/0x80
> [<c035fbcc>] sock_setsockopt+0x9c/0x500
> [<c035dad2>] sock_map_fd+0x102/0x140
...

this looks familiar. probably fixed by this patch:
[NET]: Make sure to copy TSO fields in copy_skb_header().
http://linux.bkbits.net:8080/linux-2.6/gnupatch@4175f00ayR2dZynZ8yUWYSVkL6Z5og

--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Stelian Pop: "[PATCH 1/12] meye: module related fixes"
Previous message: Stelian Pop: "[PATCH 0/12] meye driver update"
In reply to: Zwane Mwaikambo: "Re: kernel 2.6.9 freezes upon dereferencing invalid C++ ref inxxdiff."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]