1.3.69: kerneld unload of module -> oops

Henrik Storner (storner@osiris.ping.dk)
Wed, 28 Feb 1996 19:19:06 +0100 (MET)

Got an Oops in 1.3.69 when kerneld auto-unloaded the nfs-module
(no NFS mounts active at that time; the network connected - a CSLIP
connection - had been terminated):

Oops: 0000
CPU: 0
EIP: 0010:[<01824178>]
EFLAGS: 00010216
eax: 00f97018 ebx: 00000001 ecx: 00000000 edx: 00000000
esi: 08000aa8 edi: bffffc28 ebp: bffffe74 esp: 0124cf6c
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process kerneld (pid: 59, process nr: 6, stackpage=0124c000)
Stack: 00aba018 00113cb6 013b4810 bffffe3c bffffe30 0000000c 00000404 00000000
fffffffc 00000000 00000000 4001a104 00000023 00000202 bffffe30 0000002b
00000000 00000000 00000000 0010a519 00000000 00000000 40001fb0 08000aa8
Call Trace: [<00113cb6>] [<0010a519>]
Code: 8a 82 85 00 00 00 84 c0 74 1a 8d 42 6c 50 e8 c5 b9 94 fe a1

Using `/System.map-1.3.69' to map addresses to symbols.

Trace: 113cb6 <sys_delete_module+c6/f0>
Trace: 10a519 <system_call+59/a0>

Code: movb 0x85(%edx),%al
Code: testb %al,%al
Code: je 00000024 <_EIP+24>
Code: leal 0x6c(%edx),%eax
Code: pushl %eax
Code: call fe94b9d8 <_EIP+fe94b9d8>
Code: movl 0x90909000,%eax

Oddly enough, the nfs module was actually unloaded. However, the slip
module - which was also auto-loaded by kerneld - is no longer marked
for autoclean:

Module: #pages: Used by:
slip 2 0
slhc 2 [slip] 0 (autoclean)

Trying to unload the slip module manually causes another oops:

general protection: 0000
CPU: 0
EIP: 0010:[<0017bccf>]
EFLAGS: 00010097
eax: f000ff53 ebx: ffffffff ecx: f000ff53 edx: fffffffe
esi: ffffffff edi: 00198062 ebp: 00000000 esp: 00359f00
ds: 0018 es: 0018 fs: 002b gs: 002b ss: 0018
Process insmod (pid: 3321, process nr: 20, stackpage=00359000)
Stack: 00000006 0000006c 00000282 bffff9b0 00000000 00000000 00000000 ffffffff
0000001b 00000000 00112122 0019805b 00185b96 00359f58 00196a28 0000006c
00000282 bffff9b0 00000006 0016fb8c 00185b8e f000ff53 00000001 08023d29
Call Trace: [<00112122>] [<0016fb8c>] [<0182418b>] [<00113c75>] [<0010f9ef>] [<0010f8a0>] [<00111dca>]
[<0010a6cb>] [<0010a519>]
Code: 80 38 00 74 07 40 4a 83 fa ff 75 f4 29 c8 89 c6 f7 c5 10 00

Using `/System.map-1.3.69' to map addresses to symbols.

>>EIP: 17bccf <vsprintf+28f/430>
Trace: 112122 <printk+22/130>
Trace: 16fb8c <unregister_netdev+3c/d0>
Trace: 182418b
Trace: 113c75 <sys_delete_module+85/f0>
Trace: 10f9ef <do_page_fault+14f/2b0>
Trace: 10f9ef <do_page_fault+14f/2b0>
Trace: 111dca <sys_personality+1a/70>
Trace: 10a6cb <error_code+4b/60>
Trace: 10a519 <system_call+59/a0>

Code: 17bccf <vsprintf+28f/430> cmpb $0x0,(%eax)
Code: 17bcd2 <vsprintf+292/430> je 17bcdb <vsprintf+29b/430>
Code: 17bcd4 <vsprintf+294/430> incl %eax
Code: 17bcd5 <vsprintf+295/430> decl %edx
Code: 17bcd6 <vsprintf+296/430> cmpl $0xffffffff,%edx
Code: 17bcd9 <vsprintf+299/430> jne 17bccf <vsprintf+28f/430>
Code: 17bcdb <vsprintf+29b/430> subl %ecx,%eax
Code: 17bcdd <vsprintf+29d/430> movl %eax,%esi
Code: 17bcdf <vsprintf+29f/430> testl $0x90000010,%ebp
Code: 17bce5 <vsprintf+2a5/430> nop
Code: 17bce6 <vsprintf+2a6/430> nop

Guess it's time for a controlled reboot :-)

-- 
Henrik Storner           | "God was able to create the world in only 
(storner@osiris.ping.dk) |  seven days because he had no installed 
                         |  base to consider."
                         |           Andy Finkel, Commodore-Amiga Inc.