lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Wed, 24 Dec 2008 01:16:56 +0100
From:	"Zdenek Kabelac" <zdenek.kabelac@...il.com>
To:	"Linux Kernel Mailing List" <linux-kernel@...r.kernel.org>
Cc:	pzijlstr@...hat.com
Subject: BUG: general protection fault: 0000 [#1] SMP

Hi

I've been just doing exit in rather 'large' firefox run and got this oops.
Machine - T61, 64bit, C2D, 2GB, - kernel relatively fresh 2.6.28-rc9

it looks like casting in __set_page_dirty() is the place where this
fault happens: (0xe8e)
int (*spd)(struct page *) = mapping->a_ops->set_page_dirty;

Maybe it was already invalid during process destruction ??

--
	if (likely(mapping)) {
     e89:	48 85 c0             	test   %rax,%rax
     e8c:	74 3a                	je     ec8 <set_page_dirty+0x68>
		int (*spd)(struct page *) = mapping->a_ops->set_page_dirty;
     e8e:	48 8b 80 c8 00 00 00 	mov    0xc8(%rax),%rax
#ifdef CONFIG_BLOCK
		if (!spd)
     e95:	48 c7 c2 00 00 00 00 	mov    $0x0,%rdx
static int __set_page_dirty(struct page *page)
--

general protection fault: 0000 [#1] SMP
last sysfs file:
/sys/devices/pci0000:00/0000:00:1c.1/0000:03:00.0/rfkill/rfkill1/state
Dumping ftrace buffer:
   (ftrace buffer empty)
CPU 0
Modules linked in: fuse ipt_MASQUERADE iptable_nat nf_nat
nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT
xt_tcpudp iptable_filter ip_ta
bles x_tables bridge stp llc bluetooth autofs4 sunrpc ipv6 binfmt_misc
dm_mirror dm_region_hash dm_log dm_mod rtc_cmos rtc_core rtc_lib
kvm_intel kvm i915 drm uinput snd
_hda_intel snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device arc4
snd_pcm_oss ecb cryptomgr snd_mixer_oss snd_pcm aead crypto_blkcipher
crypto_algapi thinkpad_acpi i
wl3945 sdhci_pci snd_timer sdhci snd e1000e button backlight led_class
evdev sr_mod cdrom i2c_i801 soundcore rfkill mac80211 intel_agp
i2c_core mmc_core nvram psmouse cf
g80211 ac battery iTCO_wdt iTCO_vendor_support snd_page_alloc
serio_raw uhci_hcd ohci_hcd ehci_hcd usbcore [last unloaded:
microcode]
Pid: 4081, comm: firefox Not tainted 2.6.28-rc9 #99
RIP: 0010:[<ffffffff802ac32e>]  [<ffffffff802ac32e>] set_page_dirty+0x2e/0x100
RSP: 0018:ffff88005b31faa8  EFLAGS: 00010206
RAX: 683c1508e07cd70c RBX: ffffe200015b04c0 RCX: ffff8800042034e0
RDX: 8000000039d62067 RSI: 0000000000000007 RDI: ffffe200015b04c0
RBP: ffff88005b31fac8 R08: 0000000000000067 R09: ffff880001101200
R10: 0000000000000000 R11: 0000000000000000 R12: ffffe200015b04c0
R13: 00007f7a6f976000 R14: ffff88005b28fbb0 R15: 00000000001c3dcc
FS:  00007f7a70aff950(0000) GS:ffffffff80705640(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f7a78698c08 CR3: 000000004aac7000 CR4: 00000000000026e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process firefox (pid: 4081, threadinfo ffff88005b31e000, task ffff88005b1a8000)
Stack:
 ffff88005b31fac8 00007f7a6fa00000 ffffe200015b04c0 00007f7a6f976000
 ffff88005b31fbc8 ffffffff802b7627 0000000000000067 00007f7a701fffff
 0000000000000000 ffff88005b31fbe0 ffffffffffffffff 0000000000000000
Call Trace:
 [<ffffffff802b7627>] unmap_vmas+0x6f7/0x920
 [<ffffffff802bbf36>] exit_mmap+0xa6/0x170
 [<ffffffff80241ff8>] mmput+0x48/0xe0
 [<ffffffff802464e8>] exit_mm+0x108/0x140
 [<ffffffff802482b7>] do_exit+0x177/0xa00
 [<ffffffff80213853>] ? native_sched_clock+0x13/0x60
 [<ffffffff80254295>] ? get_signal_to_deliver+0x245/0x3c0
 [<ffffffff8052db02>] ? _spin_unlock_irq+0x32/0x50
 [<ffffffff80248b85>] do_group_exit+0x45/0xc0
 [<ffffffff802542db>] get_signal_to_deliver+0x28b/0x3c0
 [<ffffffff8020bbea>] do_notify_resume+0xba/0x920
 [<ffffffff80213853>] ? native_sched_clock+0x13/0x60
 [<ffffffff8025c926>] ? remove_wait_queue+0x46/0x60
 [<ffffffff8026de33>] ? trace_hardirqs_on_caller+0x133/0x190
 [<ffffffff8026de9d>] ? trace_hardirqs_on+0xd/0x10
 [<ffffffff8025c926>] ? remove_wait_queue+0x46/0x60
 [<ffffffff8023e3f0>] ? default_wake_function+0x0/0x10
 [<ffffffff8020c601>] ? sysret_signal+0x5/0x2f
 [<ffffffff8026de33>] ? trace_hardirqs_on_caller+0x133/0x190
 [<ffffffff8020c61b>] ? sysret_signal+0x1f/0x2f
 [<ffffffff8020c977>] ptregscall_common+0x67/0xb0
Code: e5 48 83 ec 20 48 89 5d e8 4c 89 65 f0 4c 89 6d f8 48 89 fb 48
8b 47 18 66 83 3f 00 0f 88 c8 00 00 00 a8 01 75 3f 48 85 c0 74 3a <48>
8b 80 c8 00 00
 00 48 c7 c2 20 a0 2f 80 48 8b 40 20 48 89 df
RIP  [<ffffffff802ac32e>] set_page_dirty+0x2e/0x100
 RSP <ffff88005b31faa8>
---[ end trace 0aff50e6830fbc8a ]---


Zdenek
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists