All of lore.kernel.org
 help / color / mirror / Atom feed
* Kernel Oops in 2.6.0-test2-mm4
@ 2003-08-05 21:05 s0be
  2003-08-06  0:05 ` Matt Mackall
  0 siblings, 1 reply; 4+ messages in thread
From: s0be @ 2003-08-05 21:05 UTC (permalink / raw)
  To: linux-kernel

here's the oops from dmesg and the surrounding messages.  I'm guessing it was caused by smb, but I can't confirm it.  trying to recreate it.

SMB connection re-established (-5)
smb_errno: class ERRSRV, code 91 from command 0x80
SMB connection re-established (-5)
smb_errno: class ERRSRV, code 91 from command 0x80
SMB connection re-established (-5)
smb_errno: class ERRSRV, code 91 from command 0x80
SMB connection re-established (-5)
smb_errno: class ERRSRV, code 91 from command 0x80
Debug: sleeping function called from invalid context at include/asm/uaccess.h:512Call Trace:
 [<c011fd3c>] __might_sleep+0x5c/0x5e
 [<c010da1a>] save_v86_state+0x6a/0x200
 [<c010e565>] handle_vm86_fault+0xa5/0x8c0
 [<c0170a23>] dput+0x23/0x200
 [<c010c030>] do_general_protection+0x0/0xa0
 [<c032519f>] error_code+0x2f/0x38
 [<c0324733>] syscall_call+0x7/0xb

SMB connection re-established (-5)
smb_errno: class ERRSRV, code 91 from command 0x80
XFS mounting filesystem hda1

pat

-- 

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: Kernel Oops in 2.6.0-test2-mm4
  2003-08-05 21:05 Kernel Oops in 2.6.0-test2-mm4 s0be
@ 2003-08-06  0:05 ` Matt Mackall
  2003-08-06  0:10   ` s0be
  0 siblings, 1 reply; 4+ messages in thread
From: Matt Mackall @ 2003-08-06  0:05 UTC (permalink / raw)
  To: s0be; +Cc: linux-kernel

On Tue, Aug 05, 2003 at 05:05:58PM -0400, s0be wrote:
> here's the oops from dmesg and the surrounding messages.  I'm guessing it was caused by smb, but I can't confirm it.  trying to recreate it.
> 
> SMB connection re-established (-5)
> smb_errno: class ERRSRV, code 91 from command 0x80
> SMB connection re-established (-5)
> smb_errno: class ERRSRV, code 91 from command 0x80
> SMB connection re-established (-5)
> smb_errno: class ERRSRV, code 91 from command 0x80
> SMB connection re-established (-5)
> smb_errno: class ERRSRV, code 91 from command 0x80
> Debug: sleeping function called from invalid context at include/asm/uaccess.h:512Call Trace:
>  [<c011fd3c>] __might_sleep+0x5c/0x5e
>  [<c010da1a>] save_v86_state+0x6a/0x200
>  [<c010e565>] handle_vm86_fault+0xa5/0x8c0
>  [<c0170a23>] dput+0x23/0x200
>  [<c010c030>] do_general_protection+0x0/0xa0
>  [<c032519f>] error_code+0x2f/0x38
>  [<c0324733>] syscall_call+0x7/0xb
> 
> SMB connection re-established (-5)
> smb_errno: class ERRSRV, code 91 from command 0x80
> XFS mounting filesystem hda1

Actually, Samba seems unconnected.

This is not an oops, just a debug trace that says something tried to
do something unsafe (namely calling copy_from_user while in_atomic()
was true). 

Looks like we've got:

 do_general_protection
  handle_vm86_fault
   return_to_32bit
    save_v86_state
     copy_to_user   

and the destination of the copy is current->thread.vm86_info->regs,
which is labelled __user. Presuming this is actually in userspace,
this could be a problem.

-- 
Matt Mackall : http://www.selenic.com : of or relating to the moon

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: Kernel Oops in 2.6.0-test2-mm4
  2003-08-06  0:05 ` Matt Mackall
@ 2003-08-06  0:10   ` s0be
  2003-08-06  2:54     ` handle_vm86_fault may fault? was " Matt Mackall
  0 siblings, 1 reply; 4+ messages in thread
From: s0be @ 2003-08-06  0:10 UTC (permalink / raw)
  To: Matt Mackall; +Cc: linux-kernel

On Tue, 5 Aug 2003 19:05:24 -0500
Matt Mackall <mpm@selenic.com> wrote:

> On Tue, Aug 05, 2003 at 05:05:58PM -0400, s0be wrote:
> > here's the oops from dmesg and the surrounding messages.  I'm guessing it was caused by smb, but I can't confirm it.  trying to recreate it.
..snip..
> > Debug: sleeping function called from invalid context at include/asm/uaccess.h:512Call Trace:
> >  [<c011fd3c>] __might_sleep+0x5c/0x5e
> >  [<c010da1a>] save_v86_state+0x6a/0x200
> >  [<c010e565>] handle_vm86_fault+0xa5/0x8c0
> >  [<c0170a23>] dput+0x23/0x200
> >  [<c010c030>] do_general_protection+0x0/0xa0
> >  [<c032519f>] error_code+0x2f/0x38
> >  [<c0324733>] syscall_call+0x7/0xb
..snip..
> 
> Actually, Samba seems unconnected.
> 
> This is not an oops, just a debug trace that says something tried to
> do something unsafe (namely calling copy_from_user while in_atomic()
> was true). 
> 
> Looks like we've got:
> 
>  do_general_protection
>   handle_vm86_fault
>    return_to_32bit
>     save_v86_state
>      copy_to_user   
> 
> and the destination of the copy is current->thread.vm86_info->regs,
> which is labelled __user. Presuming this is actually in userspace,
> this could be a problem.
> 
> -- 
> Matt Mackall : http://www.selenic.com : of or relating to the moon
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

I'd have to agree.  I wrote a script that sits here mounting a samba mount, then, either writing to it, and unmount, write to it and no,unmount, just unmount it, or nothing, pseudo randomly, and it pissed off my windows machine it was connecting to, but could NOT reproduce this problem.  I can't seem to get it to happen again though.  I'm sort of at a loss.  I can provide any extra info that might help.

pat

-- 

^ permalink raw reply	[flat|nested] 4+ messages in thread
* handle_vm86_fault may fault? was Re: Kernel Oops in 2.6.0-test2-mm4
  2003-08-06  0:10   ` s0be
@ 2003-08-06  2:54     ` Matt Mackall
  0 siblings, 0 replies; 4+ messages in thread
From: Matt Mackall @ 2003-08-06  2:54 UTC (permalink / raw)
  To: linux-kernel; +Cc: s0be

On Tue, Aug 05, 2003 at 08:10:56PM -0400, s0be wrote:
> On Tue, 5 Aug 2003 19:05:24 -0500
> Matt Mackall <mpm@selenic.com> wrote:
> 
> > On Tue, Aug 05, 2003 at 05:05:58PM -0400, s0be wrote:
> > > here's the oops from dmesg and the surrounding messages.  I'm guessing it was caused by smb, but I can't confirm it.  trying to recreate it.
> ..snip..
> > > Debug: sleeping function called from invalid context at include/asm/uaccess.h:512Call Trace:
> > >  [<c011fd3c>] __might_sleep+0x5c/0x5e
> > >  [<c010da1a>] save_v86_state+0x6a/0x200
> > >  [<c010e565>] handle_vm86_fault+0xa5/0x8c0
> > >  [<c0170a23>] dput+0x23/0x200
> > >  [<c010c030>] do_general_protection+0x0/0xa0
> > >  [<c032519f>] error_code+0x2f/0x38
> > >  [<c0324733>] syscall_call+0x7/0xb
> ..snip..
> > 
> > This is not an oops, just a debug trace that says something tried to
> > do something unsafe (namely calling copy_from_user while in_atomic()
> > was true). 
> > 
> > Looks like we've got:
> > 
> >  do_general_protection
> >   handle_vm86_fault
> >    return_to_32bit
> >     save_v86_state
> >      copy_to_user   
> > 
> > and the destination of the copy is current->thread.vm86_info->regs,
> > which is labelled __user. Presuming this is actually in userspace,
> > this could be a problem.
> > 
> 
> I'd have to agree. I wrote a script that sits here mounting a samba
> mount, then, either writing to it, and unmount, write to it and
> no,unmount, just unmount it, or nothing, pseudo randomly, and it
> pissed off my windows machine it was connecting to, but could NOT
> reproduce this problem. I can't seem to get it to happen again
> though. I'm sort of at a loss. I can provide any extra info that
> might help.

This appears to be a video driver running a card's video BIOS in vm86
mode and hitting one of many possible faults. The fault handler saves
a subset of the state to userspace with copy_to_user. This could
potentially cause a second fault and I don't see any guarantees that
this page is locked or anything.

So a) is this safe, somehow? And b) if so, what check can might_sleep use
to avoid false positives?

-- 
Matt Mackall : http://www.selenic.com : of or relating to the moon

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-08-06  2:57 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-08-05 21:05 Kernel Oops in 2.6.0-test2-mm4 s0be
2003-08-06  0:05 ` Matt Mackall
2003-08-06  0:10   ` s0be
2003-08-06  2:54     ` handle_vm86_fault may fault? was " Matt Mackall

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.