crashes in clear_user_page

Olaf Hering olh at suse.de
Thu Mar 4 20:26:43 EST 2004 

 On Thu, Mar 04, Anton Blanchard wrote:

>
> Hi,
>
> > I get crashes in clear_user_page() while building rpms on a p660.
> > gcc is 3.2.2, config is arch/ppc64/configs/pseries, plain ameslab tree.
> >
> > there is lot of IO, 8 processes do unpack rpms in parallel on a reiserfs
> > filesystem.
>
> It turns out you got a kernel segment with ks set. Shouldnt ever happen.
>
> We werent zeroing the old contents of the segment table entry before
> inserting the new one, if we overwrote a user segment with a kernel one
> the ks bit would remain set. Its a POWER3/RS64 only bug.
>
> Give this patch a go. While I was there I modified our vsid calculation
> code to match reality (we only use 13 bits of the EA).

does not help, unless we can not blame reiserfs.

5:mon> d c0000000fffeb010
c0000000fffeb010 **************** ****************  |                |
5:mon>


papaya:~ # cpu 3: Vector: 300 (Data Access) at [c00000012079f2d0]
    pc: c000000000087ec4 ()
    lr: c000000000087dac ()
    sp: c00000012079f550
   msr: a000000000009032
   dar: c0000000fffeb010
 dsisr: a000000
  current = 0xc0000001650bdb50
  paca    = 0xc000000000532000
    pid   = 27307, comm = rpm
cresprs e?sVoecrto:r :300  3(00 Da(tDaa3t:a mAcceon>s s) at [c00000012b75f390]
    pc: c000000000088494 ()
    lr: c00000000008830c ()
    sp: c00000012b75f610
   msr: a000000000001032
   dar: c0000000fff87008
 dsisr: a000000
  current = 0xc000000167cd2d30
  paca    = 0xc000000000534000
    pid   = 27174, comm = rpm
cpu 5: Vector: 300 (Data Access) at [c00000011f72b700]
    pc: c0000000000d88ac ()
    lr: c0000000000d8900 ()
    sp: c00000011f72b980
   msr: a000000000009032
   dar: c0000000ffd863e8
 dsisr: a000000
  current = 0xc000000174f5db50
  paca    = 0xc000000000536000
    pid   = 27227, comm = rpm

3:mon> E
cpu 3: Vector: 300 (Data Access) at [c00000012079f2d0]
    pc: c000000000087ec4 (.cache_grow+0x254/0x4f4)
    lr: c000000000087dac (.cache_grow+0x13c/0x4f4)
    sp: c00000012079f550
   msr: a000000000009032
   dar: c0000000fffeb010
 dsisr: a000000
  current = 0xc0000001650bdb50
  paca    = 0xc000000000532000
    pid   = 27307, comm = rpm
3:mon> t
c00000012079f550  c000000000087dac
c00000012079f610  c00000000008830c
c00000012079f6b0  c00000000008884c
c00000012079f730  c0000000000b1198
c00000012079f7b0  c0000000000acde8
c00000012079f860  c0000000000aded8
c00000012079f8e0  c00000000010d6e0
c00000012079fab0  c00000000010dd0c
c00000012079fcf0  c0000000000a9564
c00000012079fd90  c0000000000a96a0
c00000012079fe30  c000000000011a44  ret_from_syscall_1
exception: c00 (System Call) regs c00000012079fea0
                  000000800033a3fc
<Stack drops into userspace 000001ffffffb6a0>
3:mon> T
c00000012079f550  c000000000087dac  .cache_grow+0x13c/0x4f4
c00000012079f610  c00000000008830c  .cache_alloc_refill+0x1a8/0x35c
c00000012079f6b0  c00000000008884c  .kmem_cache_alloc+0x70/0x74
c00000012079f730  c0000000000b1198  .alloc_buffer_head+0x28/0x78
c00000012079f7b0  c0000000000acde8  .create_buffers+0x58/0x108
c00000012079f860  c0000000000aded8  .create_empty_buffers+0x24/0x15c
c00000012079f8e0  c00000000010d6e0  .reiserfs_prepare_file_region_for_write+0x984/0x9ac
c00000012079fab0  c00000000010dd0c  .reiserfs_file_write+0x604/0x820
c00000012079fcf0  c0000000000a9564  .vfs_write+0x10c/0x164
c00000012079fd90  c0000000000a96a0  .sys_write+0x50/0x94
c00000012079fe30  c000000000011a44  ret_from_syscall_1
exception: c00 (System Call) regs c00000012079fea0
                  000000800033a3fc  0x800033a3fc
<Stack drops into userspace 000001ffffffb6a0>
3:mon> c
cpus stopped: 3* 4 5
3:mon> c4
press ? for help 4:mon> E
cpu 4: Vector: 300 (Data Access) at [c00000012b75f390]
    pc: c000000000088494 (.cache_alloc_refill+0x330/0x35c)
    lr: c00000000008830c (.cache_alloc_refill+0x1a8/0x35c)
    sp: c00000012b75f610
   msr: a000000000001032
   dar: c0000000fff87008
 dsisr: a000000
  current = 0xc000000167cd2d30
  paca    = 0xc000000000534000
    pid   = 27174, comm = rpm
4:mon> T
c00000012b75f610  c00000000008830c  .cache_alloc_refill+0x1a8/0x35c
c00000012b75f6b0  c00000000008884c  .kmem_cache_alloc+0x70/0x74
c00000012b75f730  c0000000000b1198  .alloc_buffer_head+0x28/0x78
c00000012b75f7b0  c0000000000acde8  .create_buffers+0x58/0x108
c00000012b75f860  c0000000000aded8  .create_empty_buffers+0x24/0x15c
c00000012b75f8e0  c00000000010d6e0  .reiserfs_prepare_file_region_for_write+0x984/0x9ac
c00000012b75fab0  c00000000010dd0c  .reiserfs_file_write+0x604/0x820
c00000012b75fcf0  c0000000000a9564  .vfs_write+0x10c/0x164
c00000012b75fd90  c0000000000a96a0  .sys_write+0x50/0x94
c00000012b75fe30  c000000000011a44  ret_from_syscall_1
exception: c00 (System Call) regs c00000012b75fea0
                  000000800033a3fc  0x800033a3fc
<Stack drops into userspace 000001ffffffb6a0>
4:mon> c5
press ? for help 5:mon> E
cpu 5: Vector: 300 (Data Access) at [c00000011f72b700]
    pc: c0000000000d88ac (.__mark_inode_dirty+0x148/0x1a4)
    lr: c0000000000d8900 (.__mark_inode_dirty+0x19c/0x1a4)
    sp: c00000011f72b980
   msr: a000000000009032
   dar: c0000000ffd863e8
 dsisr: a000000
  current = 0xc000000174f5db50
  paca    = 0xc000000000536000
    pid   = 27227, comm = rpm
5:mon> T
c00000011f72b980  c0000000000d8900  .__mark_inode_dirty+0x19c/0x1a4
c00000011f72ba10  c0000000000cfd28  .inode_update_time+0xb8/0xe4
c00000011f72bab0  c00000000010db08  .reiserfs_file_write+0x400/0x820
c00000011f72bcf0  c0000000000a9564  .vfs_write+0x10c/0x164
c00000011f72bd90  c0000000000a96a0  .sys_write+0x50/0x94
c00000011f72be30  c000000000011a44  ret_from_syscall_1
exception: c00 (System Call) regs c00000011f72bea0
                  000000800033a3fc  0x800033a3fc
<Stack drops into userspace 000001ffffffb7f0>


--
USB is for mice, FireWire is for men!

sUse lINUX ag, nÜRNBERG

** Sent via the linuxppc64-dev mail list. See http://lists.linuxppc.org/

More information about the Linuxppc64-dev mailing list