From: Kieran G. <kie...@gm...> - 2012-12-25 01:28:06
|
Hey all, I just compiled uml of the linux-next tree (at commit 3979da72b0f2453dcf625e8ba4a8085e9562523b) using distcc, in case that shouldn't be using for kernel builds as well as 3.8.0-rc1 without distcc and I get a core file generated during boot process on host. config file for both versions and start up info for linux-next of uml processes attached. I'm booting with an image of Debian 6.0 (straight from debootstrap with stable, plus installed vim, and some other goodies on it, plus nginx), it creates a core file on host, uml keeps booting and shows no message at all about why the core file is generated. GDB says for linux-next: Core was generated by `./linux-3.8.0-rc1-next-20121224-uml mem=512M ubd0=./fs eth0=tuntap,tap0'. Program terminated with signal 11, Segmentation fault. #0 0x00000000600371e5 in sigsuspend (set=0x7f37df50) at kernel/signal.c:3329 3329 current->saved_sigmask = current->blocked; (gdb) bt full #0 0x00000000600371e5 in sigsuspend (set=0x7f37df50) at kernel/signal.c:3329 No locals. #1 0x0000000060015504 in winch_thread (arg=<optimised out>) at arch/um/drivers/chan_user.c:210 data = <optimised out> sigs = {__val = {18446744067132882943, 18446744073709551615 <repeats 15 times>}} pty_fd = 16 pipe_fd = 18 count = <optimised out> c = 1 '\001' #2 0x000000006027e599 in clone () No symbol table info available. #3 0x0000000000000000 in ?? () And for 3.8.0-rc1: Core was generated by `./linux-3.8.0-rc1-uml mem=512M ubd0=./fs eth0=tuntap,tap0'. Program terminated with signal 11, Segmentation fault. #0 0x0000000060047ba0 in sigsuspend (set=0x81291f40) at kernel/signal.c:3329 3329 current->saved_sigmask = current->blocked; (gdb) bt full #0 0x0000000060047ba0 in sigsuspend (set=0x81291f40) at kernel/signal.c:3329 No locals. #1 0x000000006001d86e in winch_thread (arg=<optimised out>) at arch/um/drivers/chan_user.c:210 data = <optimised out> sigs = {__val = {18446744067132882943, 18446744073709551615 <repeats 15 times>}} pty_fd = <optimised out> pipe_fd = 21 count = <optimised out> c = 1 '\001' #2 0x0000000060303939 in clone () No symbol table info available. #3 0x0000000000000000 in ?? () No symbol table info available. Any ideas? From, Kieran Grant |
From: Kieran G. <kie...@gm...> - 2012-12-26 01:13:46
Attachments:
linux-3.7-config.txt
|
Just a continuation of my previous email, I have since compiled UML with v3.7 from Linux-next, the bug appears there too. The dumped process still exists as a zombie process as long as the rest of the UML session is running. It doesn't have anything to do with my Debian based UML environment it was booting, it occurred even with a UML BusyBox file-system. My config for the v3.7 is attached, did I stuff up my config somewhere? Some more info Core was generated by `./Linux-3.7.0-uml mem=512M eth0=tuntap,tap0 ubd0=BusyBox-1.13.2-amd64-root_fs'. Program terminated with signal 11, Segmentation fault. #0 0x0000000060053b8a in sigsuspend (set=0x807bef28) at kernel/signal.c:3264 Registers: rax 0x0 0 rbx 0x10 16 rcx 0x6034a330 1614062384 rdx 0x0 0 rsi 0x807befb7 2155605943 rdi 0x807bef28 2155605800 rbp 0x807bef18 0x807bef18 rsp 0x807bef08 0x807bef08 r8 0x1e2d8 123608 r9 0x807befe8 2155605992 r10 0x807bee78 2155605624 r11 0x246 582 r12 0x6034a380 1614062464 r13 0x60053b60 1610955616 r14 0x603a196c 1614420332 r15 0x60f7c840 1626851392 rip 0x60053b8a 0x60053b8a <sigsuspend+42> eflags 0x10206 [ PF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x63 99 gs 0x0 0 Disassemble: 3264 current->saved_sigmask = current->blocked; 0x0000000060053b76 <+22>: 48 8b 10 mov (%rax),%rdx (rdx becomes zero, not a good sign) 0x0000000060053b87 <+39>: 48 8b 00 mov (%rax),%rax (the same zero gets loaded into rax) => 0x0000000060053b8a <+42>: 48 8b 80 38 07 00 00 mov 0x738(%rax),%rax (and we dereference it) 0x0000000060053b91 <+49>: 48 89 82 48 07 00 00 mov %rax,0x748(%rdx) Yay, a NULL pointer dereference bug :/ From, Kieran Grant |