Hmm, some oops's....

Bryn Paul Arnold Jones (bpaj@gytha.demon.co.uk)
Mon, 28 Apr 1997 17:22:04 +0100 (BST)

Well a little seen setting first. I booted my box ages ago (13:30ish),
and went off leaving it up to do some work, came back (16:30ish), and
started to use it. I was going to read some mail from the kernel list, so
I took down my default route (other the ethernet, here at university) so
ppp could install it's own, and ran ppp (I only just got the ethernet
connection; it's a pilot scheme after IT services had a bad experience last
year, so it's kind of dead men's boots; and that's what I used before, and
what I use when I'm at home).

Anyway, ppp was fine, mail came in (I think it all did, but...), I
switched VT's (to a root prompt), and got an oops (I think the it was the
second, but ...) couldn't change VT's, or type at the idle prompt, but
oddly gpm was still working. I couldn't see much else to do, so I tried
the three finger salute, which worked after a fashion; it killed all the
thing's it's supposed to (redhat install), and locked up at sending
everything a SIGKILL, with the beeper giving out a continious tone. I hit
the any key to continue, and the box came up fine after a fsck ((1.09,
14-Apr-97) which did nothing, not even a dtime=0 fix? Y).

Ok, here are the oopses (with syslog stuff cliped):

Apr 28 16:30:41 gytha pppd[1147]: remote IP address 158.152.1.222
Apr 28 16:31:19 gytha kernel: Unable to handle kernel NULL pointer dereference at virtual address 0000004e
current->tss.cr3 = 00101000, ,r3 = 00101000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c014f605>]
EFLAGS: 00010202
eax: 00000020 ebx: c1c51038 ecx: 00000028 edx: c1c51098
esi: 00000000 edi: c1c51038 ebp: c1c51038 esp: c0193204
ds: 0018 es: 0018 ss: 0018
Process swapper (pid: 0, process nr: 0, stackpage=c0191358)
Stack: c1c5104c c1c51098 c1e68b80 c1e68c44 00000000 c1c5104c c1c51098 c1c51038
00000028 00000000 c22a9d98 c1e68b80 c0156681 c1c51098 c1e68b80 00000001
00000000 000000fc 00002000 c0156cac c1e68b80 c0198ed8 00000001 ffffffff
Call Trace:
Code: 0f b7 6e 4e 39 e8 7d 47 83 be d4 00 00 00 00 74 3e 8d 45 0f
kfree of non-kmalloced memory: c01933a0, next= 00000000, order=125
kfree of non-kmalloced memory: c0193390, next= 00000000, order=125
kfree of non-kmalloced memory: c01944a4, next= 00000000, order=0
idle task may not sleep
Apr 28 15:31:19 gytha last message repeated 4 times
Apr 28 15:31:19 gytha kerneld: error: exit: Identifier removed
Apr 28 16:31:19 gytha init: Switching to runlevel: 6
Unable to handle kernel NULL pointer dereference at virtual address 0000004e
current->tss.cr3 = 00101000, ,r3 = 00101000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c014f605>]
EFLAGS: 00010202
eax: 00000020 ebx: c1ec662c ecx: 00000014 edx: c1d04504
esi: 00000000 edi: c1ec662c ebp: c1ec662c esp: c207cebc
ds: 0018 es: 0018 ss: 0018
Process zephyrd (pid: 301, process nr: 21, stackpage=c207c000)
Stack: c1ec667c c1ec6640 c1e68b80 c1e68c44 c014532f 00000094 00000003 c1ec662c
00000014 00000000 c22a9d98 c1e68b80 c0155e5c c1d04504 c1e68b80 c1e68bf8
00000000 00000000 00000282 c1e68de0 c0152bde c1e68b80 c1e68b80 c1b8e5c8
Call Trace:
Code: 0f b7 6e 4e 39 e8 7d 47 83 be d4 00 00 00 00 74 3e 8d 45 0f

they _BOTH_ decode to (ksymoops cores here if given the System.map):

c014f544 T ip_send_check
c014f588 T ip_queue_xmit <--<<
c014f7ec T ip_build_xmit
c0150184 T ip_fragment

Code: 00000000 <_EIP> movzwl 0x4e(%esi),%ebp
Code: 00000004 <_EIP+4> cmpl %ebp,%eax
Code: 00000006 <_EIP+6> jnl 0000004f <_EIP+4f>
Code: 00000008 <_EIP+8> cmpl $0x0,0xd4(%esi)
Code: 0000000f <_EIP+f> je 0000004f <_EIP+4f>
Code: 00000011 <_EIP+11> leal 0xf(%ebp),%eax
Code: 00000014 <_EIP+14>

Bryn

--
PGP key pass phrase forgotten,   \ Overload -- core meltdown sequence 
again :( and I don't care ;)      |            initiated.
                                 / This space is intentionally left   
                                |  blank, apart from this text ;-)
                                 \____________________________________