Re: Unhandled kernel unaligned access on IP32 w/ network I/O && 3.7.1?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12/28/2012 4:52 PM, Ralf Baechle wrote:
> On Thu, Dec 27, 2012 at 11:27:37PM -0500, Joshua Kinard wrote:
> 
>> Has anyone run into an unhandled kernel unaligned access under 3.7.1?  I've
>> triggered it twice w/ network I/O on an SGI IP32 machine, however, the stack
>> trace does not appear to be specific to any of IP32's own drivers.  3.6.7
>> was very stable, and the two oopses I've triggered so far both happened
>> under 3.7.1.
>>
>> It looks like the culprit is in sk_stream_alloc_skb or tcp_sendmsg, however,
>> I have little experience in the higher-level networking stack within Linux
>> and wanted to see if anyone else has triggered this on other MIPS systems.
>>
>> Seems to happen when I am logged in via SSH (on IPv6) and generating a burst
>> of console output.
>>
>> Unhandled kernel unaligned access[#3]:
>> Cpu 0
>> $ 0   : 0000000000000000 0000000000000010 0000000000000000 bfffff005671271c
>> $ 4   : 0000000000000000 0000000000000000 0000000000000000 0000000000000000
>> $ 8   : 980000005c24e000 0000000000000000 980000005c24e000 00000000000000cc
>> $12   : ffffffff9001fce1 000000001000001e fffffffffffff000 000000000000001f
>> $16   : 980000005c00fa40 ffffffffde0300b8 ffffff0000000000 0000000000000005
>> $20   : 000000007f875700 00000000000005a8 0000000000000008 0000000000000005
>> $24   : 0000000000000001 00000000000003f0
>> $28   : 980000005c00c000 980000005c00fa10 0000000000000000 ffffffff800059a0
>> Hi    : 0000000007a11c93
>> Lo    : b645a1cac992645e
>> epc   : ffffffff8000b700 do_ade+0x1b0/0x480
>>     Tainted: G      D
>                      ^^^
> 
> This kernel has already oopsed before.  Which means this oops message is
> pretty much worthless.

Here's an untainted oops from IP32.  Triggered by logging in over SSH on
IPv6 and running 'dmesg':

Unhandled kernel unaligned access[#1]:
Cpu 0
$ 0   : 0000000000000000 0000000000000010 0000000000000000 bfffff005e17aac4
$ 4   : 0000000000000000 0000000000000000 0000000000000000 0000000000000000
$ 8   : 980000005e00e000 0000000000000000 980000005e00e000 0000000000000410
$12   : ffffffff9001fce1 000000001000001e fffffffffffff000 000000000000001f
$16   : 980000005e03fa40 ffffffffde0300b8 ffffff0000000000 0000000000000034
$20   : 00000000006532d8 0000000000000594 00000000004a1134 00000000004a0000
$24   : 0000000000000001 00000000000003f0
$28   : 980000005e03c000 980000005e03fa10 0000000000000000 ffffffff800059a0
Hi    : 000000000011a02a
Lo    : 000000000005e00e
epc   : ffffffff8000b700 do_ade+0x1b0/0x480
    Not tainted
ra    : ffffffff800059a0 ret_from_exception+0x0/0x24
Status: 9001fce3    KX SX UX KERNEL EXL IE
Cause : 00000010
BadVA : bfffff005e17aac4
PrId  : 00002733 (RM7000)
Process sshd (pid: 1323, threadinfo=980000005e03c000, task=980000005fe76000,
tls=0000000077010490)
Stack : 980000005e00e6a0 980000005e17aa0c 980000005faef000 0000000000000594
        0000000000000034 ffffffff800059a0 0000000000000000 0000000000000010
        00000000000000d0 0000000000000000 980000005faef000 00000000000008a0
        0000000000000000 0000000000000000 980000005e00e000 0000000000000000
        980000005e00e000 0000000000000410 0000000000000020 ffffffff80223b6c
        fffffffffffff000 000000000000001f 980000005e17aa0c 980000005faef000
        0000000000000594 0000000000000034 00000000006532d8 0000000000000594
        00000000004a1134 00000000004a0000 0000000000000001 00000000000003f0
        0000000000000014 ffffffff802de0d0 980000005e03c000 980000005e03fb70
        0000000000000000 ffffffff80334ef8 ffffffff9001fce3 000000000011a02a
        ...
Call Trace:
[<ffffffff8000b700>] do_ade+0x1b0/0x480
[<ffffffff800059a0>] ret_from_exception+0x0/0x24
[<ffffffff80334f24>] sk_stream_alloc_skb+0x6c/0x118
[<ffffffff80335e8c>] tcp_sendmsg+0x6fc/0xe90
[<ffffffff802d3744>] sock_aio_write+0x10c/0x150
[<ffffffff800b48c4>] do_sync_write+0x9c/0x108
[<ffffffff800b4a98>] vfs_write+0x168/0x180
[<ffffffff800b4bbc>] SyS_write+0x54/0xb8
[<ffffffff80013538>] handle_sys+0x118/0x13c


Code: 00441024  5440ffe6  de030100 <68730000> 6c730007  24030000  14600040
00000000  8e020124
---[ end trace 8127ff095caa30f9 ]---


Turns out it is non-fatal.  The serial console is still alive, but sshd was
terminated as a result (it's in the 'Ds' state under ps ux output).


-- 
Joshua Kinard
Gentoo/MIPS
kumba@xxxxxxxxxx
4096R/D25D95E3 2011-03-28

"The past tempts us, the present confuses us, the future frightens us.  And
our lives slip away, moment by moment, lost in that vast, terrible in-between."

--Emperor Turhan, Centauri Republic

Attachment: signature.asc
Description: OpenPGP digital signature

[Index of Archives]     [Linux MIPS Home]     [LKML Archive]     [Linux ARM Kernel]     [Linux ARM]     [Linux]     [Git]     [Yosemite News]     [Linux SCSI]     [Linux Hams]

  Powered by Linux