[Bug uprobes/13539] New: occasional oops, kernel SEGV, RHEL5, :uprobes:uprobe_free_process+0xba/0x131

public inbox for systemtap@sourceware.org
 help / color / mirror / Atom feed

From: "fche at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: systemtap@sourceware.org
Subject: [Bug uprobes/13539] New: occasional oops, kernel SEGV, RHEL5, :uprobes:uprobe_free_process+0xba/0x131
Date: Wed, 21 Dec 2011 22:38:00 -0000	[thread overview]
Message-ID: <bug-13539-6586@http.sourceware.org/bugzilla/> (raw)

http://sourceware.org/bugzilla/show_bug.cgi?id=13539

             Bug #: 13539
           Summary: occasional oops, kernel SEGV, RHEL5,
                    :uprobes:uprobe_free_process+0xba/0x131
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: uprobes
        AssignedTo: systemtap@sourceware.org
        ReportedBy: fche@redhat.com
    Classification: Unclassified


Similar to bug #10332, the following Oops can sometimes be seen:

stap_f851e90ddc08f1485de5ede118eb805a_2165: systemtap: 1.7/0.152, base:
ffffffff88744000, memory: 93data/24text/4ctx/2058net/3
3alloc kb, probes: 2, unpriv-uid: 0
stap_d28d88f749ad814bb6852f92fe4169d7_3448: systemtap: 1.7/0.152, base:
ffffffff88744000, memory: 130data/24text/4ctx/2058net/
33alloc kb, probes: 7, unpriv-uid: 0
Unable to handle kernel paging request at 0000000000200200 RIP: 
 [<ffffffff88702f09>] :uprobes:uprobe_free_process+0xba/0x131
PGD 27bb0067 PUD 22076067 PMD 0 
Oops: 0002 [1] SMP 
last sysfs file: /module/zlib_deflate/sections/__versions
CPU 0 
Modules linked in: stap_d28d88f749ad814bb6852f92fe4169d7_3448(U) uprobes(U)
stap_332da8e4c59a2a43e9adc53782bbd601_594(U) zlib_
deflate mtdcore virtio_pci virtio_ring virtio_balloon virtio xt_tcpudp
iptable_nat ip_nat ip_conntrack nfnetlink ip_tables x_t
ables netconsole hidp nfs nfs_acl rfcomm l2cap bluetooth lockd sunrpc be2iscsi
ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_cor
e ib_addr iscsi_tcp bnx2i cnic ipv6 xfrm_nalgo crypto_api uio cxgb3i libcxgbi
cxgb3 8021q libiscsi_tcp libiscsi2 scsi_transpor
t_iscsi2 scsi_transport_iscsi loop dm_multipath scsi_dh video backlight sbs
power_meter hwmon i2c_ec dell_wmi wmi button batte
ry asus_acpi acpi_memhotplug ac lp floppy tpm_tis 8139too 8139cp ide_cd
parport_pc tpm cdrom pcspkr mii i2c_piix4 parport tpm_
bios serio_raw i2c_core dm_raid45 dm_message dm_region_hash dm_mem_cache
dm_snapshot dm_zero dm_mirror dm_log dm_mod ata_piix 
libata sd_mod scsi_mod ext3 jbd uhci_hcd ohci_hcd ehci_hcd
Pid: 15624, comm: loop Tainted: GF    ---- 2.6.18-300.el5 #1
RIP: 0010:[<ffffffff88702f09>]  [<ffffffff88702f09>]
:uprobes:uprobe_free_process+0xba/0x131
RSP: 0018:ffff81000e4e3e78  EFLAGS: 00010206
RAX: 0000000000100100 RBX: ffff81000dc11e00 RCX: ffff81000dc11f48
RDX: 0000000000200200 RSI: 00000000006e34a0 RDI: 0000000000000000
RBP: ffff81000dc11e00 R08: ffff81002d9a7000 R09: 0000000000000000
R10: 00000000419379e0 R11: 0000000000000246 R12: 00007fff2bc01000
R13: ffff81000dc11f78 R14: ffff81002b61d640 R15: ffff81000e4e3f30
FS:  0000000041937940(0063) GS:ffffffff8042f000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000200200 CR3: 000000003a86d000 CR4: 00000000000006e0
Stack:  ffff81000dc11e00 ffff810034023680 0000000000000000 ffffffff88702fd6
 ffff81000dc11e00 ffffffff887049a1 0000000000000000 ffff81001ab87e80
 0000000000000000 ffff81001d812080 0000000000000003 ffffffff800c5088
Call Trace:
 [<ffffffff88702fd6>] :uprobes:uprobe_put_process+0x56/0xa0
 [<ffffffff887049a1>] :uprobes:uprobe_report_exit+0x141/0x14f
 [<ffffffff800c5088>] utrace_report_exit+0x57/0x17d
 [<ffffffff800156a8>] do_exit+0xdb/0x955
 [<ffffffff8009557b>] complete_and_exit+0x0/0x16
 [<ffffffff8005d28d>] tracesys+0xd5/0xe0


Code: 48 89 02 74 04 48 89 50 08 48 c7 85 48 01 00 00 00 01 10 00 
RIP  [<ffffffff88702f09>] :uprobes:uprobe_free_process+0xba/0x131
 RSP <ffff81000e4e3e78>

     eea:       e8 00 00 00 00          callq  eef <uprobe_free_process+0xa0>
                        eeb: R_X86_64_PC32      kfree+0xfffffffffffffffc
     eef:       48 8d 8d 48 01 00 00    lea    0x148(%rbp),%rcx
     ef6:       48 8b 51 08             mov    0x8(%rcx),%rdx
     efa:       48 85 d2                test   %rdx,%rdx
     efd:       74 26                   je     f25 <uprobe_free_process+0xd6>
     eff:       48 8b 85 48 01 00 00    mov    0x148(%rbp),%rax
     f06:       48 85 c0                test   %rax,%rax
>>>  f09:       48 89 02                mov    %rax,(%rdx)

This appears to be an inlined copy of __hlist_del:

static inline void __hlist_del(struct hlist_node *n)
{
        struct hlist_node *next = n->next;
     eff:       48 8b 85 48 01 00 00    mov    0x148(%rbp),%rax
        struct hlist_node **pprev = n->pprev;
        *pprev = next;
        if (next)
     f06:       48 85 c0                test   %rax,%rax
     f09:       48 89 02                mov    %rax,(%rdx)
     f0c:       74 04                   je     f12 <uprobe_free_process+0xc3>
                next->pprev = pprev;
     f0e:       48 89 50 08             mov    %rdx,0x8(%rax)
}

in particular the *pprev = next; statement.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

next             reply	other threads:[~2011-12-21 21:22 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-12-21 22:38 fche at redhat dot com [this message]
2011-12-21 22:59 ` [Bug uprobes/13539] " fche at redhat dot com
2011-12-22  1:38 ` fche at redhat dot com
2011-12-22 12:20 ` fche at redhat dot com
2011-12-31 14:27 ` fche at redhat dot com
2012-01-02 22:31 ` fche at redhat dot com
2012-01-06 12:25   ` Srikar Dronamraju
2012-01-06 17:01     ` David Smith
2012-01-06 16:57 ` dsmith at redhat dot com
2012-01-06 17:01 ` dsmith at redhat dot com
2012-01-26 16:10 ` fche at redhat dot com
2012-01-26 22:35 ` dsmith at redhat dot com
2012-01-26 22:58 ` jistone at redhat dot com
2012-01-27 14:52 ` dsmith at redhat dot com
2012-01-27 15:10 ` dsmith at redhat dot com
2012-01-27 16:20 ` jistone at redhat dot com
2012-01-30 22:05 ` fche at redhat dot com

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=bug-13539-6586@http.sourceware.org/bugzilla/ \
    --to=sourceware-bugzilla@sourceware.org \
    --cc=systemtap@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).