Hi,
2.6.22-rc3 (with Reiser4 patch) oopses when watching videos with
mplayer using neofb console.
When mplayer starts I get these messages
(this is normal, repeating lines omitted):
neofb: no support for 32bpp
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
Ok, everything seems to work and I can watch the video.
However, when the mplayer stops I get these warnings:
release_dev: driver.table[3] not tty for (tty4)
Warning: dev (tty4) tty->count(3) != #fd's(2) in release_dev
release_dev: driver.table[3] not tty for (tty4)
When I try to repeat the previous step the kernel oopses:
neofb: no support for 32bpp
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000731
printing eip:
c021e50e
*pde = 00000000
Oops: 0000 [#1]
Modules linked in: binfmt_misc floppy loop xirc2ps_cs pcmcia usb_storage parport_pc parport yenta_socket rsrc_nonstatic pcmcia_core evdev uhci_hcd usbcore
CPU: 0
EIP: 0060:[<c021e50e>] Not tainted VLI
EFLAGS: 00010202 (2.6.22-rc3-atr #4)
EIP is at vt_ioctl+0xda8/0x1482
eax: 00000679 ebx: 00005600 ecx: c3d41200 edx: 00000000
esi: 0893159c edi: c0386a2f ebp: 00000003 esp: c26a5e28
ds: 007b es: 007b fs: 0000 gs: 0033 ss: 0068
Process mplayer (pid: 1502, ti=c26a5000 task=c3a22500 task.ti=c26a5000)
Stack: fffffffe c26a5f30 c0149fd9 c29fe400 c3d68600 00000001 4642f7b0 c3d0bcc0
c3c32464 00000101 00000001 00000000 4644793c 4642f7b0 00000002 00000005
0000001b 00000005 c34ad240 c3d0bcc0 c1386000 00000002 00000000 c021d766
Call Trace:
[<c0149fd9>] link_path_walk+0xa5/0xaf
[<c021d766>] vt_ioctl+0x0/0x1482
[<c021a395>] tty_ioctl+0xa01/0xa87
[<c0143c5a>] get_empty_filp+0x4f/0xc9
[<c01439bf>] put_filp+0x14/0x31
[<c014ab93>] __path_lookup_intent_open+0x6c/0x75
[<c014ac10>] path_lookup_open+0x20/0x25
[<c014acd9>] open_namei+0x6e/0x51d
[<c0141b0c>] do_filp_open+0x25/0x39
[<c0219994>] tty_ioctl+0x0/0xa87
[<c014ba8a>] do_ioctl+0x3e/0x4d
[<c014bc84>] vfs_ioctl+0x1eb/0x202
[<c014bcce>] sys_ioctl+0x33/0x4d
[<c01022c2>] sysenter_past_esp+0x5f/0x85
=======================
Code: 0f b7 c8 7f 04 85 c9 75 cd 8d 4e 04 89 d8 e8 aa 11 fd ff e9 20 f8 ff ff 8d 04 95 00 00 00 00 03 81 b8 00 00 00 8b 00 85 c0 74 16 <83> b8 b8 00 00 00 00 74 0d 42 83 fa 3f 75 de b0 ff e9 88 f7 ff
EIP: [<c021e50e>] vt_ioctl+0xda8/0x1482 SS:ESP 0068:c26a5e28
BUG: unable to handle kernel NULL pointer dereference at virtual address 0000072d
printing eip:
c021820c
*pde = 00000000
Oops: 0000 [#2]
Modules linked in: binfmt_misc floppy loop xirc2ps_cs pcmcia usb_storage parport_pc parport yenta_socket rsrc_nonstatic pcmcia_core evdev uhci_hcd usbcore
CPU: 0
EIP: 0060:[<c021820c>] Not tainted VLI
EFLAGS: 00210202 (2.6.22-rc3-atr #4)
EIP is at init_dev+0x38c/0x497
eax: c10ba40c ebx: c3d41200 ecx: c1f5fecc edx: 00000003
esi: 00000679 edi: 00400004 ebp: c3d41200 esp: c1f5fe7c
ds: 007b es: 007b fs: 0000 gs: 0033 ss: 0068
Process syslogd (pid: 1503, ti=c1f5f000 task=c3a22500 task.ti=c1f5f000)
Stack: 00000102 00000000 c1fe7aa0 c1f5fecc 00000003 ffffffe9 c1f5ff30 c014a217
c1386000 00000005 c3a5b95c 00002190 c01159ec c3d41200 c1fe7aa0 00400004
00000100 c021a519 00000101 00000003 c01ebea4 00000000 c3d41204 c3a5b95c
Call Trace:
[<c014a217>] do_path_lookup+0x131/0x14c
[<c01159ec>] __capable+0x8/0x1b
[<c021a519>] tty_open+0xfe/0x271
[<c01ebea4>] kobject_get+0xf/0x13
[<c0144ba6>] chrdev_open+0xc1/0xf6
[<c014aec5>] open_namei+0x25a/0x51d
[<c0144ae5>] chrdev_open+0x0/0xf6
[<c01419a8>] __dentry_open+0xb7/0x16d
[<c0141ad8>] nameidata_to_filp+0x24/0x33
[<c0141b19>] do_filp_open+0x32/0x39
[<c0141b62>] do_sys_open+0x42/0xc3
[<c0141c1c>] sys_open+0x1c/0x1e
[<c01022c2>] sysenter_past_esp+0x5f/0x85
=======================
Code: c0 89 c3 74 14 8b 56 20 85 d2 0f 84 de 00 00 00 89 f0 ff d2 e9 d5 00 00 00 8b 44 24 14 e8 eb f8 ff ff 89 f0 e8 e4 f8 ff ff eb 48 <8b> 86 b4 00 00 00 84 c0 78 4b 81 7d 78 04 00 01 00 75 15 83 be
EIP: [<c021820c>] init_dev+0x38c/0x497 SS:ESP 0068:c1f5fe7c
I have been busy and just upgraded from 2.6.19.2, so this bug may have
been introduced anytime since that kernel. Unfortunately, I have a slow
connection and therefore can't bisect this.
--
Tero Roponen
Hi Tero,
(I am cc'ing Alan as he's been working on tty code recently.)
On 5/27/07, Tero Roponen <[email protected]> wrote:
> 2.6.22-rc3 (with Reiser4 patch) oopses when watching videos with
> mplayer using neofb console.
[snip]
> Ok, everything seems to work and I can watch the video.
> However, when the mplayer stops I get these warnings:
>
> release_dev: driver.table[3] not tty for (tty4)
> Warning: dev (tty4) tty->count(3) != #fd's(2) in release_dev
> release_dev: driver.table[3] not tty for (tty4)
So sanity check for reference counting failed.
> When I try to repeat the previous step the kernel oopses:
>
> neofb: no support for 32bpp
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1024x1024) larger than the LCD panel (800x600)
> Mode (1280x1024) larger than the LCD panel (800x600)
> BUG: unable to handle kernel NULL pointer dereference at virtual address 00000731
> printing eip:
> c021e50e
> *pde = 00000000
> Oops: 0000 [#1]
> Modules linked in: binfmt_misc floppy loop xirc2ps_cs pcmcia usb_storage parport_pc parport yenta_socket rsrc_nonstatic pcmcia_core evdev uhci_hcd usbcore
> CPU: 0
> EIP: 0060:[<c021e50e>] Not tainted VLI
> EFLAGS: 00010202 (2.6.22-rc3-atr #4)
> EIP is at vt_ioctl+0xda8/0x1482
> eax: 00000679 ebx: 00005600 ecx: c3d41200 edx: 00000000
> esi: 0893159c edi: c0386a2f ebp: 00000003 esp: c26a5e28
> ds: 007b es: 007b fs: 0000 gs: 0033 ss: 0068
> Process mplayer (pid: 1502, ti=c26a5000 task=c3a22500 task.ti=c26a5000)
> Stack: fffffffe c26a5f30 c0149fd9 c29fe400 c3d68600 00000001 4642f7b0 c3d0bcc0
> c3c32464 00000101 00000001 00000000 4644793c 4642f7b0 00000002 00000005
> 0000001b 00000005 c34ad240 c3d0bcc0 c1386000 00000002 00000000 c021d766
> Call Trace:
> [<c0149fd9>] link_path_walk+0xa5/0xaf
> [<c021d766>] vt_ioctl+0x0/0x1482
> [<c021a395>] tty_ioctl+0xa01/0xa87
> [<c0143c5a>] get_empty_filp+0x4f/0xc9
> [<c01439bf>] put_filp+0x14/0x31
> [<c014ab93>] __path_lookup_intent_open+0x6c/0x75
> [<c014ac10>] path_lookup_open+0x20/0x25
> [<c014acd9>] open_namei+0x6e/0x51d
> [<c0141b0c>] do_filp_open+0x25/0x39
> [<c0219994>] tty_ioctl+0x0/0xa87
> [<c014ba8a>] do_ioctl+0x3e/0x4d
> [<c014bc84>] vfs_ioctl+0x1eb/0x202
> [<c014bcce>] sys_ioctl+0x33/0x4d
> [<c01022c2>] sysenter_past_esp+0x5f/0x85
> =======================
> Code: 0f b7 c8 7f 04 85 c9 75 cd 8d 4e 04 89 d8 e8 aa 11 fd ff e9 20 f8 ff ff 8d 04 95 00 00 00 00 03 81 b8 00 00 00 8b 00 85 c0 74 16 <83> b8 b8 00 00 00 00 74 0d 42 83 fa 3f 75 de b0 ff e9 88 f7 ff
> EIP: [<c021e50e>] vt_ioctl+0xda8/0x1482 SS:ESP 0068:c26a5e28
Can we have your .config please? Also, could you work out the file and
line number of vt_ioctl+0xda8/0x1482 like this:
gdb vmlinux
(gdb) l *0xc021e50e
Pekka
On 5/28/07, Pekka Enberg <[email protected]> wrote:
> Can we have your .config please? Also, could you work out the file and
> line number of vt_ioctl+0xda8/0x1482 like this:
>
> gdb vmlinux
> (gdb) l *0xc021e50e
Btw, this only works if you have CONFIG_DEBUG_INFO set. In case it
wasn't, please do:
- Enable CONFIG_DEBUG_INFO
- make vmlinux
- gdb vmlinux
(gdb) p vt_ioctl
(gdb) l *(0x<address of vt_ioctl> + 0xda8)
On Mon, 28 May 2007, Pekka Enberg wrote:
> Can we have your .config please? Also, could you work out the file and
> line number of vt_ioctl+0xda8/0x1482 like this:
>
> gdb vmlinux
> (gdb) l *0xc021e50e
>
My .config is appended. I don't have access to that computer right
now, but I'll try to do that later.
--
Tero Roponen
#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.22-rc3-atr
# Sun May 27 11:07:24 2007
#
CONFIG_X86_32=y
CONFIG_GENERIC_TIME=y
CONFIG_CLOCKSOURCE_WATCHDOG=y
CONFIG_GENERIC_CLOCKEVENTS=y
CONFIG_LOCKDEP_SUPPORT=y
CONFIG_STACKTRACE_SUPPORT=y
CONFIG_SEMAPHORE_SLEEPERS=y
CONFIG_X86=y
CONFIG_MMU=y
CONFIG_ZONE_DMA=y
CONFIG_QUICKLIST=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_IOMAP=y
CONFIG_GENERIC_BUG=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_DMI=y
CONFIG_DEFCONFIG_LIST="/lib/modules/$UNAME_RELEASE/.config"
#
# Code maturity level options
#
CONFIG_EXPERIMENTAL=y
CONFIG_BROKEN_ON_SMP=y
CONFIG_INIT_ENV_ARG_LIMIT=32
#
# General setup
#
CONFIG_LOCALVERSION=""
# CONFIG_LOCALVERSION_AUTO is not set
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
# CONFIG_IPC_NS is not set
CONFIG_SYSVIPC_SYSCTL=y
CONFIG_POSIX_MQUEUE=y
# CONFIG_BSD_PROCESS_ACCT is not set
# CONFIG_TASKSTATS is not set
# CONFIG_UTS_NS is not set
# CONFIG_AUDIT is not set
# CONFIG_IKCONFIG is not set
CONFIG_LOG_BUF_SHIFT=14
# CONFIG_SYSFS_DEPRECATED is not set
# CONFIG_RELAY is not set
CONFIG_BLK_DEV_INITRD=y
CONFIG_INITRAMFS_SOURCE=""
CONFIG_CC_OPTIMIZE_FOR_SIZE=y
CONFIG_SYSCTL=y
# CONFIG_EMBEDDED is not set
CONFIG_UID16=y
CONFIG_SYSCTL_SYSCALL=y
CONFIG_KALLSYMS=y
# CONFIG_KALLSYMS_ALL is not set
# CONFIG_KALLSYMS_EXTRA_PASS is not set
CONFIG_HOTPLUG=y
CONFIG_PRINTK=y
CONFIG_BUG=y
CONFIG_ELF_CORE=y
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
CONFIG_ANON_INODES=y
CONFIG_EPOLL=y
CONFIG_SIGNALFD=y
CONFIG_TIMERFD=y
CONFIG_EVENTFD=y
CONFIG_SHMEM=y
CONFIG_VM_EVENT_COUNTERS=y
CONFIG_SLUB_DEBUG=y
# CONFIG_SLAB is not set
CONFIG_SLUB=y
# CONFIG_SLOB is not set
CONFIG_RT_MUTEXES=y
# CONFIG_TINY_SHMEM is not set
CONFIG_BASE_SMALL=0
#
# Loadable module support
#
CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
CONFIG_MODULE_FORCE_UNLOAD=y
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
CONFIG_KMOD=y
#
# Block layer
#
CONFIG_BLOCK=y
# CONFIG_LBD is not set
# CONFIG_BLK_DEV_IO_TRACE is not set
# CONFIG_LSF is not set
#
# IO Schedulers
#
CONFIG_IOSCHED_NOOP=y
# CONFIG_IOSCHED_AS is not set
# CONFIG_IOSCHED_DEADLINE is not set
CONFIG_IOSCHED_CFQ=y
# CONFIG_DEFAULT_AS is not set
# CONFIG_DEFAULT_DEADLINE is not set
CONFIG_DEFAULT_CFQ=y
# CONFIG_DEFAULT_NOOP is not set
CONFIG_DEFAULT_IOSCHED="cfq"
#
# Processor type and features
#
# CONFIG_TICK_ONESHOT is not set
# CONFIG_NO_HZ is not set
# CONFIG_HIGH_RES_TIMERS is not set
# CONFIG_SMP is not set
CONFIG_X86_PC=y
# CONFIG_X86_ELAN is not set
# CONFIG_X86_VOYAGER is not set
# CONFIG_X86_NUMAQ is not set
# CONFIG_X86_SUMMIT is not set
# CONFIG_X86_BIGSMP is not set
# CONFIG_X86_VISWS is not set
# CONFIG_X86_GENERICARCH is not set
# CONFIG_X86_ES7000 is not set
# CONFIG_PARAVIRT is not set
# CONFIG_M386 is not set
# CONFIG_M486 is not set
# CONFIG_M586 is not set
# CONFIG_M586TSC is not set
# CONFIG_M586MMX is not set
# CONFIG_M686 is not set
CONFIG_MPENTIUMII=y
# CONFIG_MPENTIUMIII is not set
# CONFIG_MPENTIUMM is not set
# CONFIG_MCORE2 is not set
# CONFIG_MPENTIUM4 is not set
# CONFIG_MK6 is not set
# CONFIG_MK7 is not set
# CONFIG_MK8 is not set
# CONFIG_MCRUSOE is not set
# CONFIG_MEFFICEON is not set
# CONFIG_MWINCHIPC6 is not set
# CONFIG_MWINCHIP2 is not set
# CONFIG_MWINCHIP3D is not set
# CONFIG_MGEODEGX1 is not set
# CONFIG_MGEODE_LX is not set
# CONFIG_MCYRIXIII is not set
# CONFIG_MVIAC3_2 is not set
# CONFIG_MVIAC7 is not set
# CONFIG_X86_GENERIC is not set
CONFIG_X86_CMPXCHG=y
CONFIG_X86_L1_CACHE_SHIFT=5
CONFIG_X86_XADD=y
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
# CONFIG_ARCH_HAS_ILOG2_U32 is not set
# CONFIG_ARCH_HAS_ILOG2_U64 is not set
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_X86_WP_WORKS_OK=y
CONFIG_X86_INVLPG=y
CONFIG_X86_BSWAP=y
CONFIG_X86_POPAD_OK=y
CONFIG_X86_CMPXCHG64=y
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_X86_TSC=y
CONFIG_X86_CMOV=y
CONFIG_X86_MINIMUM_CPU_MODEL=4
# CONFIG_HPET_TIMER is not set
# CONFIG_PREEMPT_NONE is not set
CONFIG_PREEMPT_VOLUNTARY=y
# CONFIG_PREEMPT is not set
# CONFIG_X86_UP_APIC is not set
CONFIG_X86_MCE=y
# CONFIG_X86_MCE_NONFATAL is not set
CONFIG_VM86=y
# CONFIG_TOSHIBA is not set
# CONFIG_I8K is not set
# CONFIG_X86_REBOOTFIXUPS is not set
# CONFIG_MICROCODE is not set
CONFIG_X86_MSR=y
CONFIG_X86_CPUID=y
#
# Firmware Drivers
#
# CONFIG_EDD is not set
# CONFIG_DELL_RBU is not set
# CONFIG_DCDBAS is not set
CONFIG_NOHIGHMEM=y
# CONFIG_HIGHMEM4G is not set
# CONFIG_HIGHMEM64G is not set
CONFIG_PAGE_OFFSET=0xC0000000
CONFIG_ARCH_FLATMEM_ENABLE=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_ARCH_SELECT_MEMORY_MODEL=y
CONFIG_ARCH_POPULATES_NODE_MAP=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_FLATMEM_MANUAL=y
# CONFIG_DISCONTIGMEM_MANUAL is not set
# CONFIG_SPARSEMEM_MANUAL is not set
CONFIG_FLATMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_SPARSEMEM_STATIC=y
CONFIG_SPLIT_PTLOCK_CPUS=4
# CONFIG_RESOURCES_64BIT is not set
CONFIG_ZONE_DMA_FLAG=1
CONFIG_NR_QUICK=1
# CONFIG_MATH_EMULATION is not set
CONFIG_MTRR=y
# CONFIG_SECCOMP is not set
CONFIG_HZ_100=y
# CONFIG_HZ_250 is not set
# CONFIG_HZ_300 is not set
# CONFIG_HZ_1000 is not set
CONFIG_HZ=100
# CONFIG_KEXEC is not set
CONFIG_PHYSICAL_START=0x100000
# CONFIG_RELOCATABLE is not set
CONFIG_PHYSICAL_ALIGN=0x100000
CONFIG_COMPAT_VDSO=y
#
# Power management options (ACPI, APM)
#
CONFIG_PM=y
# CONFIG_PM_LEGACY is not set
# CONFIG_PM_DEBUG is not set
# CONFIG_PM_SYSFS_DEPRECATED is not set
# CONFIG_SOFTWARE_SUSPEND is not set
#
# ACPI (Advanced Configuration and Power Interface) Support
#
# CONFIG_ACPI is not set
CONFIG_APM=y
# CONFIG_APM_IGNORE_USER_SUSPEND is not set
CONFIG_APM_DO_ENABLE=y
CONFIG_APM_CPU_IDLE=y
# CONFIG_APM_DISPLAY_BLANK is not set
CONFIG_APM_ALLOW_INTS=y
# CONFIG_APM_REAL_MODE_POWER_OFF is not set
#
# CPU Frequency scaling
#
# CONFIG_CPU_FREQ is not set
#
# Bus options (PCI, PCMCIA, EISA, MCA, ISA)
#
CONFIG_PCI=y
# CONFIG_PCI_GOBIOS is not set
# CONFIG_PCI_GOMMCONFIG is not set
# CONFIG_PCI_GODIRECT is not set
CONFIG_PCI_GOANY=y
CONFIG_PCI_BIOS=y
CONFIG_PCI_DIRECT=y
# CONFIG_PCIEPORTBUS is not set
# CONFIG_ARCH_SUPPORTS_MSI is not set
# CONFIG_PCI_DEBUG is not set
CONFIG_ISA_DMA_API=y
CONFIG_ISA=y
# CONFIG_EISA is not set
# CONFIG_MCA is not set
# CONFIG_SCx200 is not set
#
# PCCARD (PCMCIA/CardBus) support
#
CONFIG_PCCARD=m
# CONFIG_PCMCIA_DEBUG is not set
CONFIG_PCMCIA=m
# CONFIG_PCMCIA_LOAD_CIS is not set
# CONFIG_PCMCIA_IOCTL is not set
CONFIG_CARDBUS=y
#
# PC-card bridges
#
CONFIG_YENTA=m
CONFIG_YENTA_O2=y
CONFIG_YENTA_RICOH=y
CONFIG_YENTA_TI=y
CONFIG_YENTA_ENE_TUNE=y
CONFIG_YENTA_TOSHIBA=y
# CONFIG_PD6729 is not set
# CONFIG_I82092 is not set
# CONFIG_I82365 is not set
# CONFIG_TCIC is not set
CONFIG_PCMCIA_PROBE=y
CONFIG_PCCARD_NONSTATIC=m
# CONFIG_HOTPLUG_PCI is not set
#
# Executable file formats
#
CONFIG_BINFMT_ELF=y
# CONFIG_BINFMT_AOUT is not set
CONFIG_BINFMT_MISC=m
#
# Networking
#
CONFIG_NET=y
#
# Networking options
#
CONFIG_PACKET=y
CONFIG_PACKET_MMAP=y
CONFIG_UNIX=y
CONFIG_XFRM=y
CONFIG_XFRM_USER=y
# CONFIG_XFRM_SUB_POLICY is not set
# CONFIG_XFRM_MIGRATE is not set
CONFIG_NET_KEY=y
# CONFIG_NET_KEY_MIGRATE is not set
CONFIG_INET=y
# CONFIG_IP_MULTICAST is not set
# CONFIG_IP_ADVANCED_ROUTER is not set
CONFIG_IP_FIB_HASH=y
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
CONFIG_INET_AH=y
CONFIG_INET_ESP=y
CONFIG_INET_IPCOMP=m
CONFIG_INET_XFRM_TUNNEL=m
CONFIG_INET_TUNNEL=m
# CONFIG_INET_XFRM_MODE_TRANSPORT is not set
# CONFIG_INET_XFRM_MODE_TUNNEL is not set
# CONFIG_INET_XFRM_MODE_BEET is not set
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
# CONFIG_TCP_CONG_ADVANCED is not set
CONFIG_TCP_CONG_CUBIC=y
CONFIG_DEFAULT_TCP_CONG="cubic"
# CONFIG_TCP_MD5SIG is not set
# CONFIG_IP_VS is not set
# CONFIG_IPV6 is not set
# CONFIG_INET6_XFRM_TUNNEL is not set
# CONFIG_INET6_TUNNEL is not set
# CONFIG_NETWORK_SECMARK is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set
#
# Core Netfilter Configuration
#
# CONFIG_NETFILTER_NETLINK is not set
# CONFIG_NF_CONNTRACK_ENABLED is not set
# CONFIG_NF_CONNTRACK is not set
# CONFIG_NETFILTER_XTABLES is not set
#
# IP: Netfilter Configuration
#
# CONFIG_IP_NF_QUEUE is not set
# CONFIG_IP_NF_IPTABLES is not set
# CONFIG_IP_NF_ARPTABLES is not set
# CONFIG_IP_DCCP is not set
# CONFIG_IP_SCTP is not set
# CONFIG_TIPC is not set
# CONFIG_ATM is not set
# CONFIG_BRIDGE is not set
# CONFIG_VLAN_8021Q is not set
# CONFIG_DECNET is not set
# CONFIG_LLC2 is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set
# CONFIG_X25 is not set
# CONFIG_LAPB is not set
# CONFIG_ECONET is not set
# CONFIG_WAN_ROUTER is not set
#
# QoS and/or fair queueing
#
# CONFIG_NET_SCHED is not set
#
# Network testing
#
# CONFIG_NET_PKTGEN is not set
# CONFIG_HAMRADIO is not set
# CONFIG_IRDA is not set
# CONFIG_BT is not set
# CONFIG_AF_RXRPC is not set
#
# Wireless
#
# CONFIG_CFG80211 is not set
# CONFIG_WIRELESS_EXT is not set
# CONFIG_MAC80211 is not set
# CONFIG_IEEE80211 is not set
# CONFIG_RFKILL is not set
#
# Device Drivers
#
#
# Generic Driver Options
#
CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
# CONFIG_FW_LOADER is not set
# CONFIG_DEBUG_DRIVER is not set
# CONFIG_DEBUG_DEVRES is not set
# CONFIG_SYS_HYPERVISOR is not set
#
# Connector - unified userspace <-> kernelspace linker
#
# CONFIG_CONNECTOR is not set
# CONFIG_MTD is not set
#
# Parallel port support
#
CONFIG_PARPORT=m
CONFIG_PARPORT_PC=m
# CONFIG_PARPORT_SERIAL is not set
# CONFIG_PARPORT_PC_FIFO is not set
# CONFIG_PARPORT_PC_SUPERIO is not set
# CONFIG_PARPORT_PC_PCMCIA is not set
# CONFIG_PARPORT_GSC is not set
# CONFIG_PARPORT_AX88796 is not set
CONFIG_PARPORT_1284=y
#
# Plug and Play support
#
CONFIG_PNP=y
# CONFIG_PNP_DEBUG is not set
#
# Protocols
#
# CONFIG_ISAPNP is not set
CONFIG_PNPBIOS=y
# CONFIG_PNPBIOS_PROC_FS is not set
# CONFIG_PNPACPI is not set
#
# Block devices
#
CONFIG_BLK_DEV_FD=m
# CONFIG_BLK_DEV_XD is not set
CONFIG_PARIDE=m
#
# Parallel IDE high-level drivers
#
# CONFIG_PARIDE_PD is not set
CONFIG_PARIDE_PCD=m
# CONFIG_PARIDE_PF is not set
# CONFIG_PARIDE_PT is not set
CONFIG_PARIDE_PG=m
#
# Parallel IDE protocol modules
#
# CONFIG_PARIDE_ATEN is not set
# CONFIG_PARIDE_BPCK is not set
# CONFIG_PARIDE_BPCK6 is not set
# CONFIG_PARIDE_COMM is not set
# CONFIG_PARIDE_DSTR is not set
# CONFIG_PARIDE_FIT2 is not set
# CONFIG_PARIDE_FIT3 is not set
CONFIG_PARIDE_EPAT=m
# CONFIG_PARIDE_EPATC8 is not set
# CONFIG_PARIDE_EPIA is not set
# CONFIG_PARIDE_FRIQ is not set
# CONFIG_PARIDE_FRPW is not set
# CONFIG_PARIDE_KBIC is not set
# CONFIG_PARIDE_KTTI is not set
# CONFIG_PARIDE_ON20 is not set
# CONFIG_PARIDE_ON26 is not set
# CONFIG_BLK_CPQ_DA is not set
# CONFIG_BLK_CPQ_CISS_DA is not set
# CONFIG_BLK_DEV_DAC960 is not set
# CONFIG_BLK_DEV_UMEM is not set
# CONFIG_BLK_DEV_COW_COMMON is not set
CONFIG_BLK_DEV_LOOP=m
# CONFIG_BLK_DEV_CRYPTOLOOP is not set
CONFIG_BLK_DEV_NBD=m
# CONFIG_BLK_DEV_SX8 is not set
# CONFIG_BLK_DEV_UB is not set
# CONFIG_BLK_DEV_RAM is not set
# CONFIG_CDROM_PKTCDVD is not set
# CONFIG_ATA_OVER_ETH is not set
#
# Misc devices
#
# CONFIG_IBM_ASM is not set
# CONFIG_PHANTOM is not set
# CONFIG_SGI_IOC4 is not set
# CONFIG_TIFM_CORE is not set
# CONFIG_BLINK is not set
# CONFIG_IDE is not set
#
# SCSI device support
#
# CONFIG_RAID_ATTRS is not set
CONFIG_SCSI=y
# CONFIG_SCSI_TGT is not set
# CONFIG_SCSI_NETLINK is not set
# CONFIG_SCSI_PROC_FS is not set
#
# SCSI support type (disk, tape, CD-ROM)
#
CONFIG_BLK_DEV_SD=y
# CONFIG_CHR_DEV_ST is not set
# CONFIG_CHR_DEV_OSST is not set
CONFIG_BLK_DEV_SR=y
# CONFIG_BLK_DEV_SR_VENDOR is not set
# CONFIG_CHR_DEV_SG is not set
# CONFIG_CHR_DEV_SCH is not set
#
# Some SCSI devices (e.g. CD jukebox) support multiple LUNs
#
# CONFIG_SCSI_MULTI_LUN is not set
# CONFIG_SCSI_CONSTANTS is not set
# CONFIG_SCSI_LOGGING is not set
# CONFIG_SCSI_SCAN_ASYNC is not set
CONFIG_SCSI_WAIT_SCAN=m
#
# SCSI Transports
#
# CONFIG_SCSI_SPI_ATTRS is not set
# CONFIG_SCSI_FC_ATTRS is not set
# CONFIG_SCSI_ISCSI_ATTRS is not set
# CONFIG_SCSI_SAS_ATTRS is not set
# CONFIG_SCSI_SAS_LIBSAS is not set
#
# SCSI low-level drivers
#
# CONFIG_ISCSI_TCP is not set
# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
# CONFIG_SCSI_3W_9XXX is not set
# CONFIG_SCSI_7000FASST is not set
# CONFIG_SCSI_ACARD is not set
# CONFIG_SCSI_AHA152X is not set
# CONFIG_SCSI_AHA1542 is not set
# CONFIG_SCSI_AACRAID is not set
# CONFIG_SCSI_AIC7XXX is not set
# CONFIG_SCSI_AIC7XXX_OLD is not set
# CONFIG_SCSI_AIC79XX is not set
# CONFIG_SCSI_AIC94XX is not set
# CONFIG_SCSI_DPT_I2O is not set
# CONFIG_SCSI_ADVANSYS is not set
# CONFIG_SCSI_IN2000 is not set
# CONFIG_SCSI_ARCMSR is not set
# CONFIG_MEGARAID_NEWGEN is not set
# CONFIG_MEGARAID_LEGACY is not set
# CONFIG_MEGARAID_SAS is not set
# CONFIG_SCSI_HPTIOP is not set
# CONFIG_SCSI_BUSLOGIC is not set
# CONFIG_SCSI_DMX3191D is not set
# CONFIG_SCSI_DTC3280 is not set
# CONFIG_SCSI_EATA is not set
# CONFIG_SCSI_FUTURE_DOMAIN is not set
# CONFIG_SCSI_GDTH is not set
# CONFIG_SCSI_GENERIC_NCR5380 is not set
# CONFIG_SCSI_GENERIC_NCR5380_MMIO is not set
# CONFIG_SCSI_IPS is not set
# CONFIG_SCSI_INITIO is not set
# CONFIG_SCSI_INIA100 is not set
# CONFIG_SCSI_PPA is not set
# CONFIG_SCSI_IMM is not set
# CONFIG_SCSI_NCR53C406A is not set
# CONFIG_SCSI_STEX is not set
# CONFIG_SCSI_SYM53C8XX_2 is not set
# CONFIG_SCSI_IPR is not set
# CONFIG_SCSI_PAS16 is not set
# CONFIG_SCSI_PSI240I is not set
# CONFIG_SCSI_QLOGIC_FAS is not set
# CONFIG_SCSI_QLOGIC_1280 is not set
# CONFIG_SCSI_QLA_FC is not set
# CONFIG_SCSI_QLA_ISCSI is not set
# CONFIG_SCSI_LPFC is not set
# CONFIG_SCSI_SEAGATE is not set
# CONFIG_SCSI_SYM53C416 is not set
# CONFIG_SCSI_DC395x is not set
# CONFIG_SCSI_DC390T is not set
# CONFIG_SCSI_T128 is not set
# CONFIG_SCSI_U14_34F is not set
# CONFIG_SCSI_ULTRASTOR is not set
# CONFIG_SCSI_NSP32 is not set
# CONFIG_SCSI_DEBUG is not set
# CONFIG_SCSI_ESP_CORE is not set
# CONFIG_SCSI_SRP is not set
#
# PCMCIA SCSI adapter support
#
# CONFIG_PCMCIA_AHA152X is not set
# CONFIG_PCMCIA_FDOMAIN is not set
# CONFIG_PCMCIA_NINJA_SCSI is not set
# CONFIG_PCMCIA_QLOGIC is not set
# CONFIG_PCMCIA_SYM53C500 is not set
CONFIG_ATA=y
# CONFIG_ATA_NONSTANDARD is not set
# CONFIG_SATA_AHCI is not set
# CONFIG_SATA_SVW is not set
CONFIG_ATA_PIIX=y
# CONFIG_SATA_MV is not set
# CONFIG_SATA_NV is not set
# CONFIG_PDC_ADMA is not set
# CONFIG_SATA_QSTOR is not set
# CONFIG_SATA_PROMISE is not set
# CONFIG_SATA_SX4 is not set
# CONFIG_SATA_SIL is not set
# CONFIG_SATA_SIL24 is not set
# CONFIG_SATA_SIS is not set
# CONFIG_SATA_ULI is not set
# CONFIG_SATA_VIA is not set
# CONFIG_SATA_VITESSE is not set
# CONFIG_SATA_INIC162X is not set
# CONFIG_PATA_ALI is not set
# CONFIG_PATA_AMD is not set
# CONFIG_PATA_ARTOP is not set
# CONFIG_PATA_ATIIXP is not set
# CONFIG_PATA_CMD640_PCI is not set
# CONFIG_PATA_CMD64X is not set
# CONFIG_PATA_CS5520 is not set
# CONFIG_PATA_CS5530 is not set
# CONFIG_PATA_CS5535 is not set
# CONFIG_PATA_CYPRESS is not set
# CONFIG_PATA_EFAR is not set
# CONFIG_ATA_GENERIC is not set
# CONFIG_PATA_HPT366 is not set
# CONFIG_PATA_HPT37X is not set
# CONFIG_PATA_HPT3X2N is not set
# CONFIG_PATA_HPT3X3 is not set
# CONFIG_PATA_IT821X is not set
# CONFIG_PATA_IT8213 is not set
# CONFIG_PATA_JMICRON is not set
# CONFIG_PATA_LEGACY is not set
# CONFIG_PATA_TRIFLEX is not set
# CONFIG_PATA_MARVELL is not set
# CONFIG_PATA_MPIIX is not set
# CONFIG_PATA_OLDPIIX is not set
# CONFIG_PATA_NETCELL is not set
# CONFIG_PATA_NS87410 is not set
# CONFIG_PATA_OPTI is not set
# CONFIG_PATA_OPTIDMA is not set
# CONFIG_PATA_PCMCIA is not set
# CONFIG_PATA_PDC_OLD is not set
# CONFIG_PATA_QDI is not set
# CONFIG_PATA_RADISYS is not set
# CONFIG_PATA_RZ1000 is not set
# CONFIG_PATA_SC1200 is not set
# CONFIG_PATA_SERVERWORKS is not set
# CONFIG_PATA_PDC2027X is not set
# CONFIG_PATA_SIL680 is not set
# CONFIG_PATA_SIS is not set
# CONFIG_PATA_VIA is not set
# CONFIG_PATA_WINBOND is not set
# CONFIG_PATA_WINBOND_VLB is not set
#
# Old CD-ROM drivers (not SCSI, not IDE)
#
# CONFIG_CD_NO_IDESCSI is not set
#
# Multi-device support (RAID and LVM)
#
# CONFIG_MD is not set
#
# Fusion MPT device support
#
# CONFIG_FUSION is not set
# CONFIG_FUSION_SPI is not set
# CONFIG_FUSION_FC is not set
# CONFIG_FUSION_SAS is not set
#
# IEEE 1394 (FireWire) support
#
# CONFIG_FIREWIRE is not set
# CONFIG_IEEE1394 is not set
#
# I2O device support
#
# CONFIG_I2O is not set
# CONFIG_MACINTOSH_DRIVERS is not set
#
# Network device support
#
CONFIG_NETDEVICES=y
# CONFIG_DUMMY is not set
# CONFIG_BONDING is not set
# CONFIG_EQUALIZER is not set
# CONFIG_TUN is not set
# CONFIG_NET_SB1000 is not set
# CONFIG_ARCNET is not set
# CONFIG_PHYLIB is not set
#
# Ethernet (10 or 100Mbit)
#
CONFIG_NET_ETHERNET=y
# CONFIG_MII is not set
# CONFIG_HAPPYMEAL is not set
# CONFIG_SUNGEM is not set
# CONFIG_CASSINI is not set
# CONFIG_NET_VENDOR_3COM is not set
# CONFIG_LANCE is not set
# CONFIG_NET_VENDOR_SMC is not set
# CONFIG_NET_VENDOR_RACAL is not set
#
# Tulip family network device support
#
# CONFIG_NET_TULIP is not set
# CONFIG_AT1700 is not set
# CONFIG_DEPCA is not set
# CONFIG_HP100 is not set
# CONFIG_NET_ISA is not set
# CONFIG_NET_PCI is not set
# CONFIG_NET_POCKET is not set
# CONFIG_NETDEV_1000 is not set
# CONFIG_NETDEV_10000 is not set
# CONFIG_TR is not set
#
# Wireless LAN
#
# CONFIG_WLAN_PRE80211 is not set
# CONFIG_WLAN_80211 is not set
#
# USB Network Adapters
#
# CONFIG_USB_CATC is not set
# CONFIG_USB_KAWETH is not set
# CONFIG_USB_PEGASUS is not set
# CONFIG_USB_RTL8150 is not set
# CONFIG_USB_USBNET_MII is not set
# CONFIG_USB_USBNET is not set
CONFIG_NET_PCMCIA=y
# CONFIG_PCMCIA_3C589 is not set
# CONFIG_PCMCIA_3C574 is not set
# CONFIG_PCMCIA_FMVJ18X is not set
# CONFIG_PCMCIA_PCNET is not set
# CONFIG_PCMCIA_NMCLAN is not set
# CONFIG_PCMCIA_SMC91C92 is not set
CONFIG_PCMCIA_XIRC2PS=m
# CONFIG_PCMCIA_AXNET is not set
# CONFIG_WAN is not set
# CONFIG_FDDI is not set
# CONFIG_HIPPI is not set
# CONFIG_PLIP is not set
# CONFIG_PPP is not set
# CONFIG_SLIP is not set
# CONFIG_NET_FC is not set
# CONFIG_SHAPER is not set
# CONFIG_NETCONSOLE is not set
# CONFIG_NETPOLL is not set
# CONFIG_NET_POLL_CONTROLLER is not set
#
# ISDN subsystem
#
# CONFIG_ISDN is not set
#
# Telephony Support
#
# CONFIG_PHONE is not set
#
# Input device support
#
CONFIG_INPUT=y
# CONFIG_INPUT_FF_MEMLESS is not set
#
# Userland interfaces
#
CONFIG_INPUT_MOUSEDEV=y
# CONFIG_INPUT_MOUSEDEV_PSAUX is not set
CONFIG_INPUT_MOUSEDEV_SCREEN_X=800
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=600
# CONFIG_INPUT_JOYDEV is not set
# CONFIG_INPUT_TSDEV is not set
CONFIG_INPUT_EVDEV=m
# CONFIG_INPUT_EVBUG is not set
#
# Input Device Drivers
#
CONFIG_INPUT_KEYBOARD=y
CONFIG_KEYBOARD_ATKBD=y
# CONFIG_KEYBOARD_SUNKBD is not set
# CONFIG_KEYBOARD_LKKBD is not set
# CONFIG_KEYBOARD_XTKBD is not set
# CONFIG_KEYBOARD_NEWTON is not set
# CONFIG_KEYBOARD_STOWAWAY is not set
CONFIG_INPUT_MOUSE=y
CONFIG_MOUSE_PS2=y
CONFIG_MOUSE_PS2_ALPS=y
CONFIG_MOUSE_PS2_LOGIPS2PP=y
CONFIG_MOUSE_PS2_SYNAPTICS=y
CONFIG_MOUSE_PS2_LIFEBOOK=y
CONFIG_MOUSE_PS2_TRACKPOINT=y
# CONFIG_MOUSE_PS2_TOUCHKIT is not set
# CONFIG_MOUSE_SERIAL is not set
# CONFIG_MOUSE_APPLETOUCH is not set
# CONFIG_MOUSE_INPORT is not set
# CONFIG_MOUSE_LOGIBM is not set
# CONFIG_MOUSE_PC110PAD is not set
# CONFIG_MOUSE_VSXXXAA is not set
# CONFIG_INPUT_JOYSTICK is not set
# CONFIG_INPUT_TABLET is not set
# CONFIG_INPUT_TOUCHSCREEN is not set
CONFIG_INPUT_MISC=y
CONFIG_INPUT_PCSPKR=y
# CONFIG_INPUT_WISTRON_BTNS is not set
# CONFIG_INPUT_ATI_REMOTE is not set
# CONFIG_INPUT_ATI_REMOTE2 is not set
# CONFIG_INPUT_KEYSPAN_REMOTE is not set
# CONFIG_INPUT_POWERMATE is not set
# CONFIG_INPUT_YEALINK is not set
CONFIG_INPUT_UINPUT=m
# CONFIG_INPUT_POLLDEV is not set
#
# Hardware I/O ports
#
CONFIG_SERIO=y
CONFIG_SERIO_I8042=y
# CONFIG_SERIO_SERPORT is not set
# CONFIG_SERIO_CT82C710 is not set
# CONFIG_SERIO_PARKBD is not set
# CONFIG_SERIO_PCIPS2 is not set
CONFIG_SERIO_LIBPS2=y
# CONFIG_SERIO_RAW is not set
# CONFIG_GAMEPORT is not set
#
# Character devices
#
CONFIG_VT=y
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y
# CONFIG_VT_HW_CONSOLE_BINDING is not set
# CONFIG_SERIAL_NONSTANDARD is not set
#
# Serial drivers
#
CONFIG_SERIAL_8250=y
CONFIG_SERIAL_8250_CONSOLE=y
CONFIG_SERIAL_8250_PCI=y
CONFIG_SERIAL_8250_PNP=y
# CONFIG_SERIAL_8250_CS is not set
CONFIG_SERIAL_8250_NR_UARTS=4
CONFIG_SERIAL_8250_RUNTIME_UARTS=4
# CONFIG_SERIAL_8250_EXTENDED is not set
#
# Non-8250 serial port support
#
CONFIG_SERIAL_CORE=y
CONFIG_SERIAL_CORE_CONSOLE=y
# CONFIG_SERIAL_JSM is not set
CONFIG_UNIX98_PTYS=y
CONFIG_LEGACY_PTYS=y
CONFIG_LEGACY_PTY_COUNT=64
# CONFIG_PRINTER is not set
# CONFIG_PPDEV is not set
# CONFIG_TIPAR is not set
#
# IPMI
#
# CONFIG_IPMI_HANDLER is not set
# CONFIG_WATCHDOG is not set
# CONFIG_HW_RANDOM is not set
# CONFIG_NVRAM is not set
CONFIG_RTC=y
# CONFIG_DTLK is not set
# CONFIG_R3964 is not set
# CONFIG_APPLICOM is not set
# CONFIG_SONYPI is not set
# CONFIG_AGP is not set
# CONFIG_DRM is not set
#
# PCMCIA character devices
#
# CONFIG_SYNCLINK_CS is not set
# CONFIG_CARDMAN_4000 is not set
# CONFIG_CARDMAN_4040 is not set
# CONFIG_MWAVE is not set
# CONFIG_PC8736x_GPIO is not set
# CONFIG_NSC_GPIO is not set
# CONFIG_CS5535_GPIO is not set
# CONFIG_RAW_DRIVER is not set
# CONFIG_HANGCHECK_TIMER is not set
#
# TPM devices
#
# CONFIG_TCG_TPM is not set
# CONFIG_TELCLOCK is not set
CONFIG_DEVPORT=y
# CONFIG_I2C is not set
#
# SPI support
#
# CONFIG_SPI is not set
# CONFIG_SPI_MASTER is not set
#
# Dallas's 1-wire bus
#
# CONFIG_W1 is not set
# CONFIG_HWMON is not set
#
# Multifunction device drivers
#
# CONFIG_MFD_SM501 is not set
#
# Multimedia devices
#
# CONFIG_VIDEO_DEV is not set
# CONFIG_DVB_CORE is not set
# CONFIG_DAB is not set
#
# Graphics support
#
# CONFIG_BACKLIGHT_LCD_SUPPORT is not set
#
# Display device support
#
# CONFIG_DISPLAY_SUPPORT is not set
CONFIG_VGASTATE=y
CONFIG_FB=y
# CONFIG_FIRMWARE_EDID is not set
# CONFIG_FB_DDC is not set
CONFIG_FB_CFB_FILLRECT=y
CONFIG_FB_CFB_COPYAREA=y
CONFIG_FB_CFB_IMAGEBLIT=y
# CONFIG_FB_SYS_FILLRECT is not set
# CONFIG_FB_SYS_COPYAREA is not set
# CONFIG_FB_SYS_IMAGEBLIT is not set
# CONFIG_FB_SYS_FOPS is not set
CONFIG_FB_DEFERRED_IO=y
# CONFIG_FB_SVGALIB is not set
# CONFIG_FB_MACMODES is not set
# CONFIG_FB_BACKLIGHT is not set
CONFIG_FB_MODE_HELPERS=y
# CONFIG_FB_TILEBLITTING is not set
#
# Frame buffer hardware drivers
#
# CONFIG_FB_CIRRUS is not set
# CONFIG_FB_PM2 is not set
# CONFIG_FB_CYBER2000 is not set
# CONFIG_FB_ARC is not set
# CONFIG_FB_ASILIANT is not set
# CONFIG_FB_IMSTT is not set
# CONFIG_FB_VGA16 is not set
# CONFIG_FB_VESA is not set
# CONFIG_FB_HECUBA is not set
# CONFIG_FB_HGA is not set
# CONFIG_FB_S1D13XXX is not set
# CONFIG_FB_NVIDIA is not set
# CONFIG_FB_RIVA is not set
# CONFIG_FB_I810 is not set
# CONFIG_FB_LE80578 is not set
# CONFIG_FB_INTEL is not set
# CONFIG_FB_MATROX is not set
# CONFIG_FB_RADEON is not set
# CONFIG_FB_ATY128 is not set
# CONFIG_FB_ATY is not set
# CONFIG_FB_S3 is not set
# CONFIG_FB_SAVAGE is not set
# CONFIG_FB_SIS is not set
CONFIG_FB_NEOMAGIC=y
# CONFIG_FB_KYRO is not set
# CONFIG_FB_3DFX is not set
# CONFIG_FB_VOODOO1 is not set
# CONFIG_FB_VT8623 is not set
# CONFIG_FB_CYBLA is not set
# CONFIG_FB_TRIDENT is not set
# CONFIG_FB_ARK is not set
# CONFIG_FB_PM3 is not set
# CONFIG_FB_GEODE is not set
# CONFIG_FB_VIRTUAL is not set
#
# Console display driver support
#
CONFIG_VGA_CONSOLE=y
# CONFIG_VGACON_SOFT_SCROLLBACK is not set
CONFIG_VIDEO_SELECT=y
# CONFIG_MDA_CONSOLE is not set
CONFIG_DUMMY_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE_ROTATION=y
# CONFIG_FONTS is not set
CONFIG_FONT_8x8=y
CONFIG_FONT_8x16=y
CONFIG_LOGO=y
# CONFIG_LOGO_LINUX_MONO is not set
# CONFIG_LOGO_LINUX_VGA16 is not set
CONFIG_LOGO_LINUX_CLUT224=y
#
# Sound
#
CONFIG_SOUND=m
#
# Advanced Linux Sound Architecture
#
CONFIG_SND=m
CONFIG_SND_TIMER=m
CONFIG_SND_PCM=m
CONFIG_SND_HWDEP=m
CONFIG_SND_RAWMIDI=m
CONFIG_SND_SEQUENCER=m
CONFIG_SND_SEQ_DUMMY=m
CONFIG_SND_OSSEMUL=y
CONFIG_SND_MIXER_OSS=m
CONFIG_SND_PCM_OSS=m
CONFIG_SND_PCM_OSS_PLUGINS=y
CONFIG_SND_SEQUENCER_OSS=y
CONFIG_SND_RTCTIMER=m
CONFIG_SND_SEQ_RTCTIMER_DEFAULT=y
# CONFIG_SND_DYNAMIC_MINORS is not set
CONFIG_SND_SUPPORT_OLD_API=y
# CONFIG_SND_VERBOSE_PROCFS is not set
# CONFIG_SND_VERBOSE_PRINTK is not set
# CONFIG_SND_DEBUG is not set
#
# Generic devices
#
CONFIG_SND_MPU401_UART=m
CONFIG_SND_OPL3_LIB=m
# CONFIG_SND_DUMMY is not set
# CONFIG_SND_VIRMIDI is not set
# CONFIG_SND_MTPAV is not set
# CONFIG_SND_MTS64 is not set
# CONFIG_SND_SERIAL_U16550 is not set
# CONFIG_SND_MPU401 is not set
# CONFIG_SND_PORTMAN2X4 is not set
#
# ISA devices
#
CONFIG_SND_CS4231_LIB=m
# CONFIG_SND_ADLIB is not set
# CONFIG_SND_AD1816A is not set
# CONFIG_SND_AD1848 is not set
# CONFIG_SND_ALS100 is not set
# CONFIG_SND_AZT2320 is not set
# CONFIG_SND_CMI8330 is not set
# CONFIG_SND_CS4231 is not set
# CONFIG_SND_CS4232 is not set
CONFIG_SND_CS4236=m
# CONFIG_SND_DT019X is not set
# CONFIG_SND_ES968 is not set
# CONFIG_SND_ES1688 is not set
# CONFIG_SND_ES18XX is not set
# CONFIG_SND_GUSCLASSIC is not set
# CONFIG_SND_GUSEXTREME is not set
# CONFIG_SND_GUSMAX is not set
# CONFIG_SND_INTERWAVE is not set
# CONFIG_SND_INTERWAVE_STB is not set
# CONFIG_SND_OPL3SA2 is not set
# CONFIG_SND_OPTI92X_AD1848 is not set
# CONFIG_SND_OPTI92X_CS4231 is not set
# CONFIG_SND_OPTI93X is not set
# CONFIG_SND_MIRO is not set
# CONFIG_SND_SB8 is not set
# CONFIG_SND_SB16 is not set
# CONFIG_SND_SBAWE is not set
# CONFIG_SND_SGALAXY is not set
# CONFIG_SND_SSCAPE is not set
# CONFIG_SND_WAVEFRONT is not set
#
# PCI devices
#
# CONFIG_SND_AD1889 is not set
# CONFIG_SND_ALS300 is not set
# CONFIG_SND_ALS4000 is not set
# CONFIG_SND_ALI5451 is not set
# CONFIG_SND_ATIIXP is not set
# CONFIG_SND_ATIIXP_MODEM is not set
# CONFIG_SND_AU8810 is not set
# CONFIG_SND_AU8820 is not set
# CONFIG_SND_AU8830 is not set
# CONFIG_SND_AZT3328 is not set
# CONFIG_SND_BT87X is not set
# CONFIG_SND_CA0106 is not set
# CONFIG_SND_CMIPCI is not set
# CONFIG_SND_CS4281 is not set
# CONFIG_SND_CS46XX is not set
# CONFIG_SND_CS5535AUDIO is not set
# CONFIG_SND_DARLA20 is not set
# CONFIG_SND_GINA20 is not set
# CONFIG_SND_LAYLA20 is not set
# CONFIG_SND_DARLA24 is not set
# CONFIG_SND_GINA24 is not set
# CONFIG_SND_LAYLA24 is not set
# CONFIG_SND_MONA is not set
# CONFIG_SND_MIA is not set
# CONFIG_SND_ECHO3G is not set
# CONFIG_SND_INDIGO is not set
# CONFIG_SND_INDIGOIO is not set
# CONFIG_SND_INDIGODJ is not set
# CONFIG_SND_EMU10K1 is not set
# CONFIG_SND_EMU10K1X is not set
# CONFIG_SND_ENS1370 is not set
# CONFIG_SND_ENS1371 is not set
# CONFIG_SND_ES1938 is not set
# CONFIG_SND_ES1968 is not set
# CONFIG_SND_FM801 is not set
# CONFIG_SND_HDA_INTEL is not set
# CONFIG_SND_HDSP is not set
# CONFIG_SND_HDSPM is not set
# CONFIG_SND_ICE1712 is not set
# CONFIG_SND_ICE1724 is not set
# CONFIG_SND_INTEL8X0 is not set
# CONFIG_SND_INTEL8X0M is not set
# CONFIG_SND_KORG1212 is not set
# CONFIG_SND_MAESTRO3 is not set
# CONFIG_SND_MIXART is not set
# CONFIG_SND_NM256 is not set
# CONFIG_SND_PCXHR is not set
# CONFIG_SND_RIPTIDE is not set
# CONFIG_SND_RME32 is not set
# CONFIG_SND_RME96 is not set
# CONFIG_SND_RME9652 is not set
# CONFIG_SND_SONICVIBES is not set
# CONFIG_SND_TRIDENT is not set
# CONFIG_SND_VIA82XX is not set
# CONFIG_SND_VIA82XX_MODEM is not set
# CONFIG_SND_VX222 is not set
# CONFIG_SND_YMFPCI is not set
#
# USB devices
#
# CONFIG_SND_USB_AUDIO is not set
# CONFIG_SND_USB_USX2Y is not set
# CONFIG_SND_USB_CAIAQ is not set
#
# PCMCIA devices
#
# CONFIG_SND_VXPOCKET is not set
# CONFIG_SND_PDAUDIOCF is not set
#
# System on Chip audio support
#
# CONFIG_SND_SOC is not set
#
# Open Sound System
#
# CONFIG_SOUND_PRIME is not set
#
# HID Devices
#
# CONFIG_HID is not set
#
# USB Input Devices
#
# CONFIG_USB_HID is not set
#
# USB HID Boot Protocol drivers
#
# CONFIG_USB_KBD is not set
# CONFIG_USB_MOUSE is not set
#
# USB support
#
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB_ARCH_HAS_EHCI=y
CONFIG_USB=m
# CONFIG_USB_DEBUG is not set
#
# Miscellaneous USB options
#
# CONFIG_USB_DEVICEFS is not set
# CONFIG_USB_DEVICE_CLASS is not set
# CONFIG_USB_DYNAMIC_MINORS is not set
# CONFIG_USB_SUSPEND is not set
# CONFIG_USB_OTG is not set
#
# USB Host Controller Drivers
#
# CONFIG_USB_EHCI_HCD is not set
# CONFIG_USB_ISP116X_HCD is not set
# CONFIG_USB_OHCI_HCD is not set
CONFIG_USB_UHCI_HCD=m
# CONFIG_USB_SL811_HCD is not set
#
# USB Device Class drivers
#
# CONFIG_USB_ACM is not set
# CONFIG_USB_PRINTER is not set
#
# NOTE: USB_STORAGE enables SCSI, and 'SCSI disk support'
#
#
# may also be needed; see USB_STORAGE Help for more information
#
CONFIG_USB_STORAGE=m
# CONFIG_USB_STORAGE_DEBUG is not set
# CONFIG_USB_STORAGE_DATAFAB is not set
# CONFIG_USB_STORAGE_FREECOM is not set
# CONFIG_USB_STORAGE_DPCM is not set
# CONFIG_USB_STORAGE_USBAT is not set
# CONFIG_USB_STORAGE_SDDR09 is not set
# CONFIG_USB_STORAGE_SDDR55 is not set
# CONFIG_USB_STORAGE_JUMPSHOT is not set
# CONFIG_USB_STORAGE_ALAUDA is not set
# CONFIG_USB_STORAGE_KARMA is not set
# CONFIG_USB_LIBUSUAL is not set
#
# USB Imaging devices
#
# CONFIG_USB_MDC800 is not set
# CONFIG_USB_MICROTEK is not set
# CONFIG_USB_MON is not set
#
# USB port drivers
#
# CONFIG_USB_USS720 is not set
#
# USB Serial Converter support
#
# CONFIG_USB_SERIAL is not set
#
# USB Miscellaneous drivers
#
# CONFIG_USB_EMI62 is not set
# CONFIG_USB_EMI26 is not set
# CONFIG_USB_ADUTUX is not set
# CONFIG_USB_AUERSWALD is not set
# CONFIG_USB_RIO500 is not set
# CONFIG_USB_LEGOTOWER is not set
# CONFIG_USB_LCD is not set
# CONFIG_USB_BERRY_CHARGE is not set
# CONFIG_USB_LED is not set
# CONFIG_USB_CYPRESS_CY7C63 is not set
# CONFIG_USB_CYTHERM is not set
# CONFIG_USB_PHIDGET is not set
# CONFIG_USB_IDMOUSE is not set
# CONFIG_USB_FTDI_ELAN is not set
# CONFIG_USB_APPLEDISPLAY is not set
# CONFIG_USB_LD is not set
# CONFIG_USB_TRANCEVIBRATOR is not set
# CONFIG_USB_IOWARRIOR is not set
#
# USB DSL modem support
#
#
# USB Gadget Support
#
# CONFIG_USB_GADGET is not set
# CONFIG_MMC is not set
#
# LED devices
#
# CONFIG_NEW_LEDS is not set
#
# LED drivers
#
#
# LED Triggers
#
#
# InfiniBand support
#
# CONFIG_INFINIBAND is not set
#
# EDAC - error detection and reporting (RAS) (EXPERIMENTAL)
#
# CONFIG_EDAC is not set
#
# Real Time Clock
#
# CONFIG_RTC_CLASS is not set
#
# DMA Engine support
#
# CONFIG_DMA_ENGINE is not set
#
# DMA Clients
#
#
# DMA Devices
#
#
# Auxiliary Display support
#
# CONFIG_KS0108 is not set
#
# Virtualization
#
# CONFIG_KVM is not set
#
# File systems
#
CONFIG_EXT2_FS=m
# CONFIG_EXT2_FS_XATTR is not set
# CONFIG_EXT2_FS_XIP is not set
CONFIG_EXT3_FS=y
# CONFIG_EXT3_FS_XATTR is not set
# CONFIG_EXT4DEV_FS is not set
CONFIG_JBD=y
# CONFIG_JBD_DEBUG is not set
CONFIG_REISER4_FS=y
# CONFIG_REISER4_DEBUG is not set
CONFIG_REISERFS_FS=y
# CONFIG_REISERFS_CHECK is not set
# CONFIG_REISERFS_PROC_INFO is not set
# CONFIG_REISERFS_FS_XATTR is not set
# CONFIG_JFS_FS is not set
# CONFIG_FS_POSIX_ACL is not set
# CONFIG_XFS_FS is not set
# CONFIG_GFS2_FS is not set
# CONFIG_OCFS2_FS is not set
# CONFIG_MINIX_FS is not set
# CONFIG_ROMFS_FS is not set
CONFIG_INOTIFY=y
CONFIG_INOTIFY_USER=y
# CONFIG_QUOTA is not set
CONFIG_DNOTIFY=y
# CONFIG_AUTOFS_FS is not set
# CONFIG_AUTOFS4_FS is not set
CONFIG_FUSE_FS=m
#
# CD-ROM/DVD Filesystems
#
CONFIG_ISO9660_FS=m
CONFIG_JOLIET=y
CONFIG_ZISOFS=y
CONFIG_UDF_FS=m
CONFIG_UDF_NLS=y
#
# DOS/FAT/NT Filesystems
#
CONFIG_FAT_FS=m
# CONFIG_MSDOS_FS is not set
CONFIG_VFAT_FS=m
CONFIG_FAT_DEFAULT_CODEPAGE=437
CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
# CONFIG_NTFS_FS is not set
#
# Pseudo filesystems
#
CONFIG_PROC_FS=y
CONFIG_PROC_KCORE=y
CONFIG_PROC_SYSCTL=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
# CONFIG_TMPFS_POSIX_ACL is not set
# CONFIG_HUGETLBFS is not set
# CONFIG_HUGETLB_PAGE is not set
CONFIG_RAMFS=y
# CONFIG_CONFIGFS_FS is not set
#
# Miscellaneous filesystems
#
# CONFIG_ADFS_FS is not set
# CONFIG_AFFS_FS is not set
# CONFIG_HFS_FS is not set
# CONFIG_HFSPLUS_FS is not set
# CONFIG_BEFS_FS is not set
# CONFIG_BFS_FS is not set
# CONFIG_EFS_FS is not set
# CONFIG_CRAMFS is not set
# CONFIG_VXFS_FS is not set
# CONFIG_HPFS_FS is not set
# CONFIG_QNX4FS_FS is not set
# CONFIG_SYSV_FS is not set
# CONFIG_UFS_FS is not set
#
# Network File Systems
#
CONFIG_NFS_FS=m
CONFIG_NFS_V3=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFS_V4 is not set
# CONFIG_NFS_DIRECTIO is not set
CONFIG_NFSD=m
CONFIG_NFSD_V3=y
# CONFIG_NFSD_V3_ACL is not set
# CONFIG_NFSD_V4 is not set
# CONFIG_NFSD_TCP is not set
CONFIG_LOCKD=m
CONFIG_LOCKD_V4=y
CONFIG_EXPORTFS=m
CONFIG_NFS_COMMON=y
CONFIG_SUNRPC=m
# CONFIG_SUNRPC_BIND34 is not set
# CONFIG_RPCSEC_GSS_KRB5 is not set
# CONFIG_RPCSEC_GSS_SPKM3 is not set
# CONFIG_SMB_FS is not set
CONFIG_CIFS=m
# CONFIG_CIFS_STATS is not set
# CONFIG_CIFS_WEAK_PW_HASH is not set
# CONFIG_CIFS_XATTR is not set
# CONFIG_CIFS_DEBUG2 is not set
# CONFIG_CIFS_EXPERIMENTAL is not set
# CONFIG_NCP_FS is not set
# CONFIG_CODA_FS is not set
# CONFIG_AFS_FS is not set
# CONFIG_9P_FS is not set
#
# Partition Types
#
# CONFIG_PARTITION_ADVANCED is not set
CONFIG_MSDOS_PARTITION=y
#
# Native Language Support
#
CONFIG_NLS=y
CONFIG_NLS_DEFAULT="iso8859-1"
CONFIG_NLS_CODEPAGE_437=m
# CONFIG_NLS_CODEPAGE_737 is not set
# CONFIG_NLS_CODEPAGE_775 is not set
CONFIG_NLS_CODEPAGE_850=m
# CONFIG_NLS_CODEPAGE_852 is not set
# CONFIG_NLS_CODEPAGE_855 is not set
# CONFIG_NLS_CODEPAGE_857 is not set
# CONFIG_NLS_CODEPAGE_860 is not set
# CONFIG_NLS_CODEPAGE_861 is not set
# CONFIG_NLS_CODEPAGE_862 is not set
# CONFIG_NLS_CODEPAGE_863 is not set
# CONFIG_NLS_CODEPAGE_864 is not set
# CONFIG_NLS_CODEPAGE_865 is not set
# CONFIG_NLS_CODEPAGE_866 is not set
# CONFIG_NLS_CODEPAGE_869 is not set
# CONFIG_NLS_CODEPAGE_936 is not set
# CONFIG_NLS_CODEPAGE_950 is not set
# CONFIG_NLS_CODEPAGE_932 is not set
# CONFIG_NLS_CODEPAGE_949 is not set
# CONFIG_NLS_CODEPAGE_874 is not set
# CONFIG_NLS_ISO8859_8 is not set
# CONFIG_NLS_CODEPAGE_1250 is not set
# CONFIG_NLS_CODEPAGE_1251 is not set
# CONFIG_NLS_ASCII is not set
CONFIG_NLS_ISO8859_1=m
# CONFIG_NLS_ISO8859_2 is not set
# CONFIG_NLS_ISO8859_3 is not set
# CONFIG_NLS_ISO8859_4 is not set
# CONFIG_NLS_ISO8859_5 is not set
# CONFIG_NLS_ISO8859_6 is not set
# CONFIG_NLS_ISO8859_7 is not set
# CONFIG_NLS_ISO8859_9 is not set
# CONFIG_NLS_ISO8859_13 is not set
# CONFIG_NLS_ISO8859_14 is not set
CONFIG_NLS_ISO8859_15=m
# CONFIG_NLS_KOI8_R is not set
# CONFIG_NLS_KOI8_U is not set
CONFIG_NLS_UTF8=m
#
# Distributed Lock Manager
#
# CONFIG_DLM is not set
#
# Instrumentation Support
#
# CONFIG_PROFILING is not set
# CONFIG_KPROBES is not set
#
# Kernel hacking
#
CONFIG_TRACE_IRQFLAGS_SUPPORT=y
# CONFIG_PRINTK_TIME is not set
CONFIG_ENABLE_MUST_CHECK=y
CONFIG_MAGIC_SYSRQ=y
# CONFIG_UNUSED_SYMBOLS is not set
# CONFIG_DEBUG_FS is not set
# CONFIG_HEADERS_CHECK is not set
CONFIG_DEBUG_KERNEL=y
# CONFIG_DEBUG_SHIRQ is not set
# CONFIG_DETECT_SOFTLOCKUP is not set
# CONFIG_SCHEDSTATS is not set
# CONFIG_TIMER_STATS is not set
# CONFIG_DEBUG_RT_MUTEXES is not set
# CONFIG_RT_MUTEX_TESTER is not set
# CONFIG_DEBUG_SPINLOCK is not set
# CONFIG_DEBUG_MUTEXES is not set
# CONFIG_DEBUG_LOCK_ALLOC is not set
# CONFIG_PROVE_LOCKING is not set
# CONFIG_DEBUG_SPINLOCK_SLEEP is not set
# CONFIG_DEBUG_LOCKING_API_SELFTESTS is not set
# CONFIG_DEBUG_KOBJECT is not set
CONFIG_DEBUG_BUGVERBOSE=y
# CONFIG_DEBUG_INFO is not set
# CONFIG_DEBUG_VM is not set
# CONFIG_DEBUG_LIST is not set
# CONFIG_FRAME_POINTER is not set
# CONFIG_FORCED_INLINING is not set
# CONFIG_RCU_TORTURE_TEST is not set
# CONFIG_FAULT_INJECTION is not set
CONFIG_EARLY_PRINTK=y
# CONFIG_DEBUG_STACKOVERFLOW is not set
# CONFIG_DEBUG_STACK_USAGE is not set
# CONFIG_DEBUG_PAGEALLOC is not set
# CONFIG_DEBUG_RODATA is not set
CONFIG_4KSTACKS=y
CONFIG_DOUBLEFAULT=y
#
# Security options
#
# CONFIG_KEYS is not set
# CONFIG_SECURITY is not set
#
# Cryptographic options
#
CONFIG_CRYPTO=y
CONFIG_CRYPTO_ALGAPI=y
CONFIG_CRYPTO_BLKCIPHER=y
CONFIG_CRYPTO_HASH=y
CONFIG_CRYPTO_MANAGER=y
CONFIG_CRYPTO_HMAC=y
# CONFIG_CRYPTO_XCBC is not set
# CONFIG_CRYPTO_NULL is not set
# CONFIG_CRYPTO_MD4 is not set
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_SHA1=y
# CONFIG_CRYPTO_SHA256 is not set
# CONFIG_CRYPTO_SHA512 is not set
# CONFIG_CRYPTO_WP512 is not set
# CONFIG_CRYPTO_TGR192 is not set
# CONFIG_CRYPTO_GF128MUL is not set
# CONFIG_CRYPTO_ECB is not set
CONFIG_CRYPTO_CBC=y
# CONFIG_CRYPTO_PCBC is not set
# CONFIG_CRYPTO_LRW is not set
# CONFIG_CRYPTO_CRYPTD is not set
CONFIG_CRYPTO_DES=y
# CONFIG_CRYPTO_FCRYPT is not set
# CONFIG_CRYPTO_BLOWFISH is not set
# CONFIG_CRYPTO_TWOFISH is not set
# CONFIG_CRYPTO_TWOFISH_586 is not set
# CONFIG_CRYPTO_SERPENT is not set
# CONFIG_CRYPTO_AES is not set
# CONFIG_CRYPTO_AES_586 is not set
# CONFIG_CRYPTO_CAST5 is not set
# CONFIG_CRYPTO_CAST6 is not set
# CONFIG_CRYPTO_TEA is not set
# CONFIG_CRYPTO_ARC4 is not set
# CONFIG_CRYPTO_KHAZAD is not set
# CONFIG_CRYPTO_ANUBIS is not set
CONFIG_CRYPTO_DEFLATE=m
# CONFIG_CRYPTO_MICHAEL_MIC is not set
# CONFIG_CRYPTO_CRC32C is not set
# CONFIG_CRYPTO_CAMELLIA is not set
# CONFIG_CRYPTO_TEST is not set
#
# Hardware crypto devices
#
# CONFIG_CRYPTO_DEV_PADLOCK is not set
# CONFIG_CRYPTO_DEV_GEODE is not set
#
# Library routines
#
CONFIG_BITREVERSE=y
CONFIG_CRC_CCITT=m
# CONFIG_CRC16 is not set
# CONFIG_CRC_ITU_T is not set
CONFIG_CRC32=y
# CONFIG_LIBCRC32C is not set
CONFIG_ZLIB_INFLATE=y
CONFIG_ZLIB_DEFLATE=y
CONFIG_PLIST=y
CONFIG_HAS_IOMEM=y
CONFIG_HAS_IOPORT=y
CONFIG_HAS_DMA=y
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_X86_BIOS_REBOOT=y
CONFIG_KTIME_SCALAR=y
On 5/28/07, Pekka Enberg <[email protected]> wrote:
> > BUG: unable to handle kernel NULL pointer dereference at virtual address 00000731
> > EIP is at vt_ioctl+0xda8/0x1482
[snip]
On 5/28/07, Pekka Enberg <[email protected]> wrote:
> > Call Trace:
> > [<c0149fd9>] link_path_walk+0xa5/0xaf
> > [<c021d766>] vt_ioctl+0x0/0x1482
> > [<c021a395>] tty_ioctl+0xa01/0xa87
I am getting this with your config:
(gdb) p vt_ioctl
$1 = {int (struct tty_struct *, struct file *, unsigned int, long
unsigned int)} 0xc01e404a <vt_ioctl>
(gdb) l *(0xc01e404a + 0xda8)
0xc01e4df2 is in vt_ioctl (drivers/char/vt_ioctl.c:720).
715 /*
716 * Returns the first available (non-opened) console.
717 */
718 case VT_OPENQRY:
719 for (i = 0; i < MAX_NR_CONSOLES; ++i)
720 if (! VT_IS_IN_USE(i))
721 break;
722 ucval = i < MAX_NR_CONSOLES ? (i+1) : -1;
723 goto setint;
724
Which seems to match the code dump in the OOPS as well. I am not sure
what %edx (which is zero and causes problems) should contain but I am
guessing tty_driver->ttys is corrupted which seems consistent with the
reference count sanity check failure. Unfortunately I am not familiar
enough with tty internals to immediately see why this is happening.
On Mon, 28 May 2007, Pekka Enberg wrote:
> I am getting this with your config:
>
> (gdb) p vt_ioctl
> $1 = {int (struct tty_struct *, struct file *, unsigned int, long
> unsigned int)} 0xc01e404a <vt_ioctl>
> (gdb) l *(0xc01e404a + 0xda8)
> 0xc01e4df2 is in vt_ioctl (drivers/char/vt_ioctl.c:720).
> 715 /*
> 716 * Returns the first available (non-opened) console.
> 717 */
> 718 case VT_OPENQRY:
> 719 for (i = 0; i < MAX_NR_CONSOLES; ++i)
> 720 if (! VT_IS_IN_USE(i))
> 721 break;
> 722 ucval = i < MAX_NR_CONSOLES ? (i+1) : -1;
> 723 goto setint;
> 724
>
> Which seems to match the code dump in the OOPS as well. I am not sure
> what %edx (which is zero and causes problems) should contain but I am
> guessing tty_driver->ttys is corrupted which seems consistent with the
> reference count sanity check failure. Unfortunately I am not familiar
> enough with tty internals to immediately see why this is happening.
>
FYI, I just tested 2.6.21.3. I couldn't reproduce the problem with
that kernel.
--
Tero Roponen
Hi Tero,
On 5/29/07, Tero Roponen <[email protected]> wrote:
> FYI, I just tested 2.6.21.3. I couldn't reproduce the problem with
> that kernel.
Well, I went through all tty related patches that went in after 2.6.21
and didn't really find anything interesting, except this:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=543691a6cd70b606dd9bed5e77b120c5d9c5c506
But it does seem correct. You could try reverting that from 2.6.22-rc3
and see if you can trigger the bug.
Looking at the original report again:
> release_dev: driver.table[3] not tty for (tty4)
So tty from filp->private_data does not match
tty->driver->ttys[tty->index] and release_dev bails out (thus messing
up reference count).
> Warning: dev (tty4) tty->count(3) != #fd's(2) in release_dev
> release_dev: driver.table[3] not tty for (tty4)
Presumably someone tries to close the file again which is why we get a
new complaint that reference counting has gone bad.
Unfortunately, I have no idea why drivers->tty does not match. It
could be a race with release_tty() or real use-after-free but I am
unable to find anything obvious in 2.6.21 -> 2.6.22-rc3 that would
break it. Doing the git bisect dance here would really help...
On Tue, 29 May 2007, Pekka Enberg wrote:
> Hi Tero,
>
> On 5/29/07, Tero Roponen <[email protected]> wrote:
> > FYI, I just tested 2.6.21.3. I couldn't reproduce the problem with
> > that kernel.
>
[snip]
> > Warning: dev (tty4) tty->count(3) != #fd's(2) in release_dev
> > release_dev: driver.table[3] not tty for (tty4)
>
> Presumably someone tries to close the file again which is why we get a
> new complaint that reference counting has gone bad.
>
> Unfortunately, I have no idea why drivers->tty does not match. It
> could be a race with release_tty() or real use-after-free but I am
> unable to find anything obvious in 2.6.21 -> 2.6.22-rc3 that would
> break it. Doing the git bisect dance here would really help...
Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
gets corrupted when I watch the video!
$ cp /sbin/init init.before
$ mplayer kiwi.flv
$ cp /sbin/init init.after
The sha1sums are here:
52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
It seems that something corrupts memory somewhere...
I attached those files in case someone can figure out
what is happening.
_
Tero Roponen
[resend, mailer didn't like unzipped applications]
On Tue, 29 May 2007, Pekka Enberg wrote:
> Hi Tero,
>
> On 5/29/07, Tero Roponen <[email protected]> wrote:
> > FYI, I just tested 2.6.21.3. I couldn't reproduce the problem with
> > that kernel.
>
[snip]
> > Warning: dev (tty4) tty->count(3) != #fd's(2) in release_dev
> > release_dev: driver.table[3] not tty for (tty4)
>
> Presumably someone tries to close the file again which is why we get a
> new complaint that reference counting has gone bad.
>
> Unfortunately, I have no idea why drivers->tty does not match. It
> could be a race with release_tty() or real use-after-free but I am
> unable to find anything obvious in 2.6.21 -> 2.6.22-rc3 that would
> break it. Doing the git bisect dance here would really help...
Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
gets corrupted when I watch the video!
$ cp /sbin/init init.before
$ mplayer kiwi.flv
$ cp /sbin/init init.after
The sha1sums are here:
52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
It seems that something corrupts memory somewhere...
I attached those files in case someone can figure out
what is happening.
--
Tero Roponen
On 5/30/07, Tero Roponen <[email protected]> wrote:
> Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> gets corrupted when I watch the video!
>
> $ cp /sbin/init init.before
> $ mplayer kiwi.flv
> $ cp /sbin/init init.after
>
> The sha1sums are here:
>
> 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
>
> It seems that something corrupts memory somewhere...
To debug this a bit further:
$ od -a -t x1 -v init.after > init.after.dump
$ od -a -t x1 -v init.before > init.before.dump
$ diff -u init.before.dump init.after.dump | less
-0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
- 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
+0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
+ 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
+0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
+ 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
+0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
+ 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
The file at offset 0010000 - 0011348 is overwritten with the byte
pattern 79 06 00 00.
Do you see anything in the logs or is this a silent corruption? Did
you see this corruption with 2.6.19 or 2.6.22-rc3?
On 5/30/07, Pekka Enberg <[email protected]> wrote:
> The file at offset 0010000 - 0011348 is overwritten with the byte
> pattern 79 06 00 00.
>
> Do you see anything in the logs or is this a silent corruption? Did
> you see this corruption with 2.6.19 or 2.6.22-rc3?
Btw, please send us a strace log of the mplayer run for 2.6.20.3 and
2.6.21-rc3 so that we can see what it's doing. Furthermore, if you can
bisect this, please treat the bugs as separate for now.
On Wed, 30 May 2007, Pekka Enberg wrote:
> On 5/30/07, Tero Roponen <[email protected]> wrote:
> > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > gets corrupted when I watch the video!
> >
> > $ cp /sbin/init init.before
> > $ mplayer kiwi.flv
> > $ cp /sbin/init init.after
> >
> > The sha1sums are here:
> >
> > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> >
> > It seems that something corrupts memory somewhere...
>
> To debug this a bit further:
>
> $ od -a -t x1 -v init.after > init.after.dump
> $ od -a -t x1 -v init.before > init.before.dump
> $ diff -u init.before.dump init.after.dump | less
>
> -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
>
> The file at offset 0010000 - 0011348 is overwritten with the byte
> pattern 79 06 00 00.
>
> Do you see anything in the logs or is this a silent corruption? Did
> you see this corruption with 2.6.19 or 2.6.22-rc3?
2.6.19.2 has been very stable for me.
2.6.21.3 has this silent corruption (nothing in logs)
2.6.22-rc3 oopses when watching videos.
--
Tero Roponen
On Wed, 30 May 2007, Pekka Enberg wrote:
> On 5/30/07, Tero Roponen <[email protected]> wrote:
> > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > gets corrupted when I watch the video!
> >
> > $ cp /sbin/init init.before
> > $ mplayer kiwi.flv
> > $ cp /sbin/init init.after
> >
> > The sha1sums are here:
> >
> > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> >
> > It seems that something corrupts memory somewhere...
>
> To debug this a bit further:
>
> $ od -a -t x1 -v init.after > init.after.dump
> $ od -a -t x1 -v init.before > init.before.dump
> $ diff -u init.before.dump init.after.dump | less
>
> -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
>
> The file at offset 0010000 - 0011348 is overwritten with the byte
> pattern 79 06 00 00.
>
> Do you see anything in the logs or is this a silent corruption? Did
> you see this corruption with 2.6.19 or 2.6.22-rc3?
>
I recompiled 2.6.22-rc3 and booted it with slub_debug. Now I can't oops
the kernel, but ./slab_info -v gives me a warning:
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
neofb: no support for 32bpp
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1024x768) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1152x864) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1024x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
Mode (1280x1024) larger than the LCD panel (800x600)
*** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
Object 0xc10be880: 10 00 00 00 00 00 00 00 0b 00 00 00 05 00 00 00 ................
Object 0xc10be890: 00 00 00 00 05 00 00 00 06 00 00 00 00 00 00 00 ................
Object 0xc10be8a0: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ................
Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
Redzone 0xc10bec60: 4d 6b 00 00 Mk..
FreePointer 0xc10bec64 -> 0x00006b4d
Last alloc: 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
Last free : 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
Filler 0xc10bec88: 4d 6b 00 00 4d 6b 00 00 Mk..Mk..
[<c013f717>] check_object+0x64/0x23d
[<c0141371>] validate_slab+0xff/0x12a
[<c01413aa>] validate_slab_slab+0xe/0x51
[<c0141488>] validate_store+0x9b/0xe8
[<c01343d1>] __handle_mm_fault+0x370/0x68b
[<c01413ed>] validate_store+0x0/0xe8
[<c013eaa6>] slab_attr_store+0x1e/0x22
[<c016e470>] sysfs_write_file+0xad/0xd6
[<c016e3c3>] sysfs_write_file+0x0/0xd6
[<c0143341>] vfs_write+0x8a/0x10c
[<c01437d7>] sys_write+0x41/0x67
[<c01022c2>] sysenter_past_esp+0x5f/0x85
=======================
@@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
--
Tero Roponen
On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> On Wed, 30 May 2007, Pekka Enberg wrote:
>
> > On 5/30/07, Tero Roponen <[email protected]> wrote:
> > > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > > gets corrupted when I watch the video!
> > >
> > > $ cp /sbin/init init.before
> > > $ mplayer kiwi.flv
> > > $ cp /sbin/init init.after
> > >
> > > The sha1sums are here:
> > >
> > > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> > >
> > > It seems that something corrupts memory somewhere...
> >
> > To debug this a bit further:
> >
> > $ od -a -t x1 -v init.after > init.after.dump
> > $ od -a -t x1 -v init.before > init.before.dump
> > $ diff -u init.before.dump init.after.dump | less
> >
> > -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> > - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> > +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> > + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
> >
> > The file at offset 0010000 - 0011348 is overwritten with the byte
> > pattern 79 06 00 00.
> >
> > Do you see anything in the logs or is this a silent corruption? Did
> > you see this corruption with 2.6.19 or 2.6.22-rc3?
> >
>
> I recompiled 2.6.22-rc3 and booted it with slub_debug. Now I can't oops
> the kernel, but ./slab_info -v gives me a warning:
>
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> neofb: no support for 32bpp
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1024x768) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1152x864) larger than the LCD panel (800x600)
> Mode (1024x1024) larger than the LCD panel (800x600)
> Mode (1024x1024) larger than the LCD panel (800x600)
> Mode (1024x1024) larger than the LCD panel (800x600)
> Mode (1024x1024) larger than the LCD panel (800x600)
> Mode (1280x1024) larger than the LCD panel (800x600)
> Mode (1280x1024) larger than the LCD panel (800x600)
> Mode (1280x1024) larger than the LCD panel (800x600)
> Mode (1280x1024) larger than the LCD panel (800x600)
> *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> Object 0xc10be880: 10 00 00 00 00 00 00 00 0b 00 00 00 05 00 00 00 ................
> Object 0xc10be890: 00 00 00 00 05 00 00 00 06 00 00 00 00 00 00 00 ................
> Object 0xc10be8a0: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ................
> Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> Redzone 0xc10bec60: 4d 6b 00 00 Mk..
> FreePointer 0xc10bec64 -> 0x00006b4d
> Last alloc: 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> Last free : 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> Filler 0xc10bec88: 4d 6b 00 00 4d 6b 00 00 Mk..Mk..
> [<c013f717>] check_object+0x64/0x23d
> [<c0141371>] validate_slab+0xff/0x12a
> [<c01413aa>] validate_slab_slab+0xe/0x51
> [<c0141488>] validate_store+0x9b/0xe8
> [<c01343d1>] __handle_mm_fault+0x370/0x68b
> [<c01413ed>] validate_store+0x0/0xe8
> [<c013eaa6>] slab_attr_store+0x1e/0x22
> [<c016e470>] sysfs_write_file+0xad/0xd6
> [<c016e3c3>] sysfs_write_file+0x0/0xd6
> [<c0143341>] vfs_write+0x8a/0x10c
> [<c01437d7>] sys_write+0x41/0x67
> [<c01022c2>] sysenter_past_esp+0x5f/0x85
> =======================
> @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
>
So something did an overwrite of a 1024-byte kmalloc. Unfortunately that
overwrite seems to have trashed our last-alloc info, so we don't know who
allocated that memory. Darn.
Does the problem go away if you disable CONFIG_SLUB and enable CONFIG_SLAB?
On Wed, 30 May 2007, Andrew Morton wrote:
> On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
>
> > On Wed, 30 May 2007, Pekka Enberg wrote:
> >
> > > On 5/30/07, Tero Roponen <[email protected]> wrote:
> > > > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > > > gets corrupted when I watch the video!
> > > >
> > > > $ cp /sbin/init init.before
> > > > $ mplayer kiwi.flv
> > > > $ cp /sbin/init init.after
> > > >
> > > > The sha1sums are here:
> > > >
> > > > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > > > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> > > >
> > > > It seems that something corrupts memory somewhere...
> > >
> > > To debug this a bit further:
> > >
> > > $ od -a -t x1 -v init.after > init.after.dump
> > > $ od -a -t x1 -v init.before > init.before.dump
> > > $ diff -u init.before.dump init.after.dump | less
> > >
> > > -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> > > - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> > > +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> > > + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
> > >
> > > The file at offset 0010000 - 0011348 is overwritten with the byte
> > > pattern 79 06 00 00.
> > >
> > > Do you see anything in the logs or is this a silent corruption? Did
> > > you see this corruption with 2.6.19 or 2.6.22-rc3?
> > >
> >
> > I recompiled 2.6.22-rc3 and booted it with slub_debug. Now I can't oops
> > the kernel, but ./slab_info -v gives me a warning:
> >
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > neofb: no support for 32bpp
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1024x768) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1152x864) larger than the LCD panel (800x600)
> > Mode (1024x1024) larger than the LCD panel (800x600)
> > Mode (1024x1024) larger than the LCD panel (800x600)
> > Mode (1024x1024) larger than the LCD panel (800x600)
> > Mode (1024x1024) larger than the LCD panel (800x600)
> > Mode (1280x1024) larger than the LCD panel (800x600)
> > Mode (1280x1024) larger than the LCD panel (800x600)
> > Mode (1280x1024) larger than the LCD panel (800x600)
> > Mode (1280x1024) larger than the LCD panel (800x600)
> > *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> > offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> > Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> > Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> > Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> > Object 0xc10be880: 10 00 00 00 00 00 00 00 0b 00 00 00 05 00 00 00 ................
> > Object 0xc10be890: 00 00 00 00 05 00 00 00 06 00 00 00 00 00 00 00 ................
> > Object 0xc10be8a0: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ................
> > Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> > Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> > Redzone 0xc10bec60: 4d 6b 00 00 Mk..
> > FreePointer 0xc10bec64 -> 0x00006b4d
> > Last alloc: 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > Last free : 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > Filler 0xc10bec88: 4d 6b 00 00 4d 6b 00 00 Mk..Mk..
> > [<c013f717>] check_object+0x64/0x23d
> > [<c0141371>] validate_slab+0xff/0x12a
> > [<c01413aa>] validate_slab_slab+0xe/0x51
> > [<c0141488>] validate_store+0x9b/0xe8
> > [<c01343d1>] __handle_mm_fault+0x370/0x68b
> > [<c01413ed>] validate_store+0x0/0xe8
> > [<c013eaa6>] slab_attr_store+0x1e/0x22
> > [<c016e470>] sysfs_write_file+0xad/0xd6
> > [<c016e3c3>] sysfs_write_file+0x0/0xd6
> > [<c0143341>] vfs_write+0x8a/0x10c
> > [<c01437d7>] sys_write+0x41/0x67
> > [<c01022c2>] sysenter_past_esp+0x5f/0x85
> > =======================
> > @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
> >
>
> So something did an overwrite of a 1024-byte kmalloc. Unfortunately that
> overwrite seems to have trashed our last-alloc info, so we don't know who
> allocated that memory. Darn.
>
> Does the problem go away if you disable CONFIG_SLUB and enable CONFIG_SLAB?
>
>
Hi,
after some trial and error I found a simple way to trigger the
corruption:
[root@terrop ~]# ./slabinfo -v
[root@terrop ~]# ./oops
[root@terrop ~]# ./slabinfo -v
*** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
Object 0xc10be880: 18 00 00 00 00 00 00 00 10 00 00 00 08 00 00 00 ................
Object 0xc10be890: 00 00 00 00 08 00 00 00 08 00 00 00 00 00 00 00 ................
Object 0xc10be8a0: 00 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 ................
Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
Redzone 0xc10bec60: 6b 6b 6b 00 kkk.
FreePointer 0xc10bec64 -> 0x006b6b6b
Last alloc: 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
Last free : 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
Filler 0xc10bec88: 6b 6b 6b 00 6b 6b 6b 00 kkk.kkk.
[<c013f717>] check_object+0x64/0x23d
[<c0141371>] validate_slab+0xff/0x12a
[<c01413aa>] validate_slab_slab+0xe/0x51
[<c0141488>] validate_store+0x9b/0xe8
[<c01343d1>] __handle_mm_fault+0x370/0x68b
[<c01413ed>] validate_store+0x0/0xe8
[<c013eaa6>] slab_attr_store+0x1e/0x22
[<c016e470>] sysfs_write_file+0xad/0xd6
[<c016e3c3>] sysfs_write_file+0x0/0xd6
[<c0143341>] vfs_write+0x8a/0x10c
[<c01437d7>] sys_write+0x41/0x67
[<c01022c2>] sysenter_past_esp+0x5f/0x85
=======================
@@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
[root@terrop ~]# cat oops.c
#include <sys/ioctl.h>
#include <stdio.h>
#include <linux/fb.h>
#include <fcntl.h>
int main(void)
{
struct fb_var_screeninfo fbinfo;
int fd = open("/dev/fb0", O_RDWR);
if (fd < 0)
return 1;
/* Get screeninfo */
ioctl(fd, FBIOGET_VSCREENINFO, &fbinfo);
/* Change depth from current 16 to 24. */
fbinfo.bits_per_pixel = 24;
ioctl(fd, FBIOPUT_VSCREENINFO, &fbinfo);
return 0;
}
So this seems to be a framebuffer error.
--
Tero Roponen
On Wed, 30 May 2007 19:01:09 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> On Wed, 30 May 2007, Andrew Morton wrote:
>
> > On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> >
> > > On Wed, 30 May 2007, Pekka Enberg wrote:
> > >
> > > > On 5/30/07, Tero Roponen <[email protected]> wrote:
> > > > > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > > > > gets corrupted when I watch the video!
> > > > >
> > > > > $ cp /sbin/init init.before
> > > > > $ mplayer kiwi.flv
> > > > > $ cp /sbin/init init.after
> > > > >
> > > > > The sha1sums are here:
> > > > >
> > > > > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > > > > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> > > > >
> > > > > It seems that something corrupts memory somewhere...
> > > >
> > > > To debug this a bit further:
> > > >
> > > > $ od -a -t x1 -v init.after > init.after.dump
> > > > $ od -a -t x1 -v init.before > init.before.dump
> > > > $ diff -u init.before.dump init.after.dump | less
> > > >
> > > > -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> > > > - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> > > > +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > > +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > > +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> > > > + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
> > > >
> > > > The file at offset 0010000 - 0011348 is overwritten with the byte
> > > > pattern 79 06 00 00.
> > > >
> > > > Do you see anything in the logs or is this a silent corruption? Did
> > > > you see this corruption with 2.6.19 or 2.6.22-rc3?
> > > >
> > >
> > > I recompiled 2.6.22-rc3 and booted it with slub_debug. Now I can't oops
> > > the kernel, but ./slab_info -v gives me a warning:
> > >
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > neofb: no support for 32bpp
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1024x768) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1152x864) larger than the LCD panel (800x600)
> > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> > > offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> > > Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> > > Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> > > Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> > > Object 0xc10be880: 10 00 00 00 00 00 00 00 0b 00 00 00 05 00 00 00 ................
> > > Object 0xc10be890: 00 00 00 00 05 00 00 00 06 00 00 00 00 00 00 00 ................
> > > Object 0xc10be8a0: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ................
> > > Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > > Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> > > Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> > > Redzone 0xc10bec60: 4d 6b 00 00 Mk..
> > > FreePointer 0xc10bec64 -> 0x00006b4d
> > > Last alloc: 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > > Last free : 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > > Filler 0xc10bec88: 4d 6b 00 00 4d 6b 00 00 Mk..Mk..
> > > [<c013f717>] check_object+0x64/0x23d
> > > [<c0141371>] validate_slab+0xff/0x12a
> > > [<c01413aa>] validate_slab_slab+0xe/0x51
> > > [<c0141488>] validate_store+0x9b/0xe8
> > > [<c01343d1>] __handle_mm_fault+0x370/0x68b
> > > [<c01413ed>] validate_store+0x0/0xe8
> > > [<c013eaa6>] slab_attr_store+0x1e/0x22
> > > [<c016e470>] sysfs_write_file+0xad/0xd6
> > > [<c016e3c3>] sysfs_write_file+0x0/0xd6
> > > [<c0143341>] vfs_write+0x8a/0x10c
> > > [<c01437d7>] sys_write+0x41/0x67
> > > [<c01022c2>] sysenter_past_esp+0x5f/0x85
> > > =======================
> > > @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
> > >
> >
> > So something did an overwrite of a 1024-byte kmalloc. Unfortunately that
> > overwrite seems to have trashed our last-alloc info, so we don't know who
> > allocated that memory. Darn.
> >
> > Does the problem go away if you disable CONFIG_SLUB and enable CONFIG_SLAB?
> >
> >
>
> Hi,
>
> after some trial and error I found a simple way to trigger the
> corruption:
>
> [root@terrop ~]# ./slabinfo -v
> [root@terrop ~]# ./oops
> [root@terrop ~]# ./slabinfo -v
Whoa. Impressed.
> *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> Object 0xc10be880: 18 00 00 00 00 00 00 00 10 00 00 00 08 00 00 00 ................
> Object 0xc10be890: 00 00 00 00 08 00 00 00 08 00 00 00 00 00 00 00 ................
> Object 0xc10be8a0: 00 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 ................
> Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> Redzone 0xc10bec60: 6b 6b 6b 00 kkk.
> FreePointer 0xc10bec64 -> 0x006b6b6b
> Last alloc: 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
> Last free : 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
> Filler 0xc10bec88: 6b 6b 6b 00 6b 6b 6b 00 kkk.kkk.
> [<c013f717>] check_object+0x64/0x23d
> [<c0141371>] validate_slab+0xff/0x12a
> [<c01413aa>] validate_slab_slab+0xe/0x51
> [<c0141488>] validate_store+0x9b/0xe8
> [<c01343d1>] __handle_mm_fault+0x370/0x68b
> [<c01413ed>] validate_store+0x0/0xe8
> [<c013eaa6>] slab_attr_store+0x1e/0x22
> [<c016e470>] sysfs_write_file+0xad/0xd6
> [<c016e3c3>] sysfs_write_file+0x0/0xd6
> [<c0143341>] vfs_write+0x8a/0x10c
> [<c01437d7>] sys_write+0x41/0x67
> [<c01022c2>] sysenter_past_esp+0x5f/0x85
> =======================
> @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
>
> [root@terrop ~]# cat oops.c
> #include <sys/ioctl.h>
> #include <stdio.h>
> #include <linux/fb.h>
> #include <fcntl.h>
>
> int main(void)
> {
> struct fb_var_screeninfo fbinfo;
> int fd = open("/dev/fb0", O_RDWR);
> if (fd < 0)
> return 1;
>
> /* Get screeninfo */
> ioctl(fd, FBIOGET_VSCREENINFO, &fbinfo);
>
> /* Change depth from current 16 to 24. */
> fbinfo.bits_per_pixel = 24;
> ioctl(fd, FBIOPUT_VSCREENINFO, &fbinfo);
>
> return 0;
> }
>
> So this seems to be a framebuffer error.
>
cc's added ;)
Thanks.
Tony, this is with SLUB enabled, which might be detecting a
hitherto-undetected bug.
Config is at http://userweb.kernel.org/~akpm/config-tero.txt
On Wed, May 30, 2007 at 09:09:45AM -0700, Andrew Morton wrote:
> On Wed, 30 May 2007 19:01:09 +0300 (EEST) Tero Roponen <[email protected]> wrote:
>
> > On Wed, 30 May 2007, Andrew Morton wrote:
> >
> > > On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> > >
> > > > On Wed, 30 May 2007, Pekka Enberg wrote:
> > > >
> > > > > On 5/30/07, Tero Roponen <[email protected]> wrote:
> > > > > > Hmmm, I just found something interesting. In 2.6.21.3 the /sbin/init
> > > > > > gets corrupted when I watch the video!
> > > > > >
> > > > > > $ cp /sbin/init init.before
> > > > > > $ mplayer kiwi.flv
> > > > > > $ cp /sbin/init init.after
> > > > > >
> > > > > > The sha1sums are here:
> > > > > >
> > > > > > 52c8d643057619cbe137b8e69d4709ce3bdd832d init.after
> > > > > > 8efc7864a5b535a9e336fa82e9d7f112f3d956c1 init.before
> > > > > >
> > > > > > It seems that something corrupts memory somewhere...
> > > > >
> > > > > To debug this a bit further:
> > > > >
> > > > > $ od -a -t x1 -v init.after > init.after.dump
> > > > > $ od -a -t x1 -v init.before > init.before.dump
> > > > > $ diff -u init.before.dump init.after.dump | less
> > > > >
> > > > > -0011340 nul nul nul e9 f0 fe ff ff ff % < soh enq bs h 80
> > > > > - 00 00 00 e9 f0 fe ff ff ff 25 3c 01 05 08 68 80
> > > > > +0010000 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > > > +0010020 y ack nul nul y ack nul nul y ack nul nul y ack nul nul
> > > > > + 79 06 00 00 79 06 00 00 79 06 00 00 79 06 00 00
> > > > > +0011340 y ack nul nul y ack nul nul ff % < soh enq bs h 80
> > > > > + 79 06 00 00 79 06 00 00 ff 25 3c 01 05 08 68 80
> > > > >
> > > > > The file at offset 0010000 - 0011348 is overwritten with the byte
> > > > > pattern 79 06 00 00.
> > > > >
> > > > > Do you see anything in the logs or is this a silent corruption? Did
> > > > > you see this corruption with 2.6.19 or 2.6.22-rc3?
> > > > >
> > > >
> > > > I recompiled 2.6.22-rc3 and booted it with slub_debug. Now I can't oops
> > > > the kernel, but ./slab_info -v gives me a warning:
> > > >
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > neofb: no support for 32bpp
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1024x768) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1152x864) larger than the LCD panel (800x600)
> > > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > > Mode (1024x1024) larger than the LCD panel (800x600)
> > > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > > Mode (1280x1024) larger than the LCD panel (800x600)
> > > > *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> > > > offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> > > > Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> > > > Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> > > > Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> > > > Object 0xc10be880: 10 00 00 00 00 00 00 00 0b 00 00 00 05 00 00 00 ................
> > > > Object 0xc10be890: 00 00 00 00 05 00 00 00 06 00 00 00 00 00 00 00 ................
> > > > Object 0xc10be8a0: 00 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 ................
> > > > Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > > > Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> > > > Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> > > > Redzone 0xc10bec60: 4d 6b 00 00 Mk..
> > > > FreePointer 0xc10bec64 -> 0x00006b4d
> > > > Last alloc: 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > > > Last free : 0x6b4d jiffies_ago=4294923792 cpu=27469 pid=27469
> > > > Filler 0xc10bec88: 4d 6b 00 00 4d 6b 00 00 Mk..Mk..
> > > > [<c013f717>] check_object+0x64/0x23d
> > > > [<c0141371>] validate_slab+0xff/0x12a
> > > > [<c01413aa>] validate_slab_slab+0xe/0x51
> > > > [<c0141488>] validate_store+0x9b/0xe8
> > > > [<c01343d1>] __handle_mm_fault+0x370/0x68b
> > > > [<c01413ed>] validate_store+0x0/0xe8
> > > > [<c013eaa6>] slab_attr_store+0x1e/0x22
> > > > [<c016e470>] sysfs_write_file+0xad/0xd6
> > > > [<c016e3c3>] sysfs_write_file+0x0/0xd6
> > > > [<c0143341>] vfs_write+0x8a/0x10c
> > > > [<c01437d7>] sys_write+0x41/0x67
> > > > [<c01022c2>] sysenter_past_esp+0x5f/0x85
> > > > =======================
> > > > @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
> > > >
> > >
> > > So something did an overwrite of a 1024-byte kmalloc. Unfortunately that
> > > overwrite seems to have trashed our last-alloc info, so we don't know who
> > > allocated that memory. Darn.
> > >
> > > Does the problem go away if you disable CONFIG_SLUB and enable CONFIG_SLAB?
> > >
> > >
> >
> > Hi,
> >
> > after some trial and error I found a simple way to trigger the
> > corruption:
> >
> > [root@terrop ~]# ./slabinfo -v
> > [root@terrop ~]# ./oops
> > [root@terrop ~]# ./slabinfo -v
>
> Whoa. Impressed.
>
> > *** SLUB kmalloc-1024: Redzone Active@0xc10be860 slab 0xc10217c0
> > offset=2144 flags=0x80004082 inuse=7 freelist=0x00000000
> > Bytes b4 0xc10be850: 00 00 00 00 00 00 00 00 5a 5a 5a 5a 5a 5a 5a 5a ........ZZZZZZZZ
> > Object 0xc10be860: 00 00 00 00 00 20 00 00 20 03 00 00 58 02 00 00 ............X...
> > Object 0xc10be870: 20 03 00 00 58 02 00 00 00 00 00 00 00 00 00 00 ....X...........
> > Object 0xc10be880: 18 00 00 00 00 00 00 00 10 00 00 00 08 00 00 00 ................
> > Object 0xc10be890: 00 00 00 00 08 00 00 00 08 00 00 00 00 00 00 00 ................
> > Object 0xc10be8a0: 00 00 00 00 08 00 00 00 00 00 00 00 00 00 00 00 ................
> > Object 0xc10be8b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
> > Object 0xc10be8c0: ff ff ff ff ff ff ff ff 00 00 00 00 a8 61 00 00 ????????....?a..
> > Object 0xc10be8d0: 58 00 00 00 28 00 00 00 17 00 00 00 01 00 00 00 X...(...........
> > Redzone 0xc10bec60: 6b 6b 6b 00 kkk.
> > FreePointer 0xc10bec64 -> 0x006b6b6b
> > Last alloc: 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
> > Last free : 0x6b6b6b jiffies_ago=4287907122 cpu=7039851 pid=7039851
> > Filler 0xc10bec88: 6b 6b 6b 00 6b 6b 6b 00 kkk.kkk.
> > [<c013f717>] check_object+0x64/0x23d
> > [<c0141371>] validate_slab+0xff/0x12a
> > [<c01413aa>] validate_slab_slab+0xe/0x51
> > [<c0141488>] validate_store+0x9b/0xe8
> > [<c01343d1>] __handle_mm_fault+0x370/0x68b
> > [<c01413ed>] validate_store+0x0/0xe8
> > [<c013eaa6>] slab_attr_store+0x1e/0x22
> > [<c016e470>] sysfs_write_file+0xad/0xd6
> > [<c016e3c3>] sysfs_write_file+0x0/0xd6
> > [<c0143341>] vfs_write+0x8a/0x10c
> > [<c01437d7>] sys_write+0x41/0x67
> > [<c01022c2>] sysenter_past_esp+0x5f/0x85
> > =======================
> > @@@ SLUB kmalloc-1024: Restoring redzone (0xcc) from 0xc10bec60-0xc10bec63
> >
> > [root@terrop ~]# cat oops.c
> > #include <sys/ioctl.h>
> > #include <stdio.h>
> > #include <linux/fb.h>
> > #include <fcntl.h>
> >
> > int main(void)
> > {
> > struct fb_var_screeninfo fbinfo;
> > int fd = open("/dev/fb0", O_RDWR);
> > if (fd < 0)
> > return 1;
> >
> > /* Get screeninfo */
> > ioctl(fd, FBIOGET_VSCREENINFO, &fbinfo);
> >
> > /* Change depth from current 16 to 24. */
> > fbinfo.bits_per_pixel = 24;
> > ioctl(fd, FBIOPUT_VSCREENINFO, &fbinfo);
> >
> > return 0;
> > }
> >
> > So this seems to be a framebuffer error.
> >
>
> cc's added ;)
>
> Thanks.
>
> Tony, this is with SLUB enabled, which might be detecting a
> hitherto-undetected bug.
>
> Config is at http://userweb.kernel.org/~akpm/config-tero.txt
Two suspicious things for me:
1)
--- a/drivers/video/neofb.c
+++ b/drivers/video/neofb.c
@@ -1295,7 +1295,7 @@ static int neofb_setcolreg(u_int regno,
outb(blue >> 10, 0x3c9);
break;
case 16:
- ((u32 *) fb->pseudo_palette)[regno] =
+ ((u16 *) fb->pseudo_palette)[regno] =
((red & 0xf800)) | ((green & 0xfc00) >> 5) |
((blue & 0xf800) >> 11);
break;
2) palette in neofb_par is "u32 palette[16];" which is 4x16 = 64 bytes.
struct fb_info::pseudo_palette is assigned to it in neo_alloc_fb_info().
Yet, we check at the beginning of neofb_setcolreg() for color map
length which neofb advertises as 256 which seems too many.
printk()s showing "regno" at the beginning of neofb_setcolreg()
welcome.
Alexey, who only knows how to spell framebuffer and a bit.
Tero Roponen wrote:
> after some trial and error I found a simple way to trigger the
> corruption:
Nice. This triggers on the file corruption on 2.6.21.3 also?
On Wed, 30 May 2007, Pekka Enberg wrote:
> Tero Roponen wrote:
> > after some trial and error I found a simple way to trigger the
> > corruption:
>
> Nice. This triggers on the file corruption on 2.6.21.3 also?
>
Yes:
[root@terrop ~]# init
Usage: init 0123456SsQqAaBbCcUu
[root@terrop ~]# ./oops
[root@terrop ~]# init
init: error while loading shared libraries: unexpected PLT reloc type 0xcc
--
Tero Roponen
On Wed, 2007-05-30 at 19:01 +0300, Tero Roponen wrote:
> On Wed, 30 May 2007, Andrew Morton wrote:
>
> > On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> >
> > > On Wed, 30 May 2007, Pekka Enberg wrote:
> > >
> > > > On 5/30/07, Tero Roponen <[email protected]> wrote:
> [root@terrop ~]# cat oops.c
> #include <sys/ioctl.h>
> #include <stdio.h>
> #include <linux/fb.h>
> #include <fcntl.h>
>
> int main(void)
> {
> struct fb_var_screeninfo fbinfo;
> int fd = open("/dev/fb0", O_RDWR);
> if (fd < 0)
> return 1;
>
> /* Get screeninfo */
> ioctl(fd, FBIOGET_VSCREENINFO, &fbinfo);
>
> /* Change depth from current 16 to 24. */
> fbinfo.bits_per_pixel = 24;
> ioctl(fd, FBIOPUT_VSCREENINFO, &fbinfo);
>
> return 0;
> }
>
> So this seems to be a framebuffer error.
It's a fb_setcolreg() bug in neofb. Try this patch?
Tony
On Wed, 2007-05-30 at 22:04 +0400, Alexey Dobriyan wrote:
> On Wed, May 30, 2007 at 09:09:45AM -0700, Andrew Morton wrote:
> > On Wed, 30 May 2007 19:01:09 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> >
> > > On Wed, 30 May 2007, Andrew Morton wrote:
> > >
> > > > On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> > > >
> > > > > On Wed, 30 May 2007, Pekka Enberg wrote:
> > > > >
> > > > > > On 5/30/07, Tero Roponen <[email protected]> wrote:
[snip]
> Two suspicious things for me:
>
> 1)
>
> --- a/drivers/video/neofb.c
> +++ b/drivers/video/neofb.c
> @@ -1295,7 +1295,7 @@ static int neofb_setcolreg(u_int regno,
> outb(blue >> 10, 0x3c9);
> break;
> case 16:
> - ((u32 *) fb->pseudo_palette)[regno] =
> + ((u16 *) fb->pseudo_palette)[regno] =
u32 is correct.
> ((red & 0xf800)) | ((green & 0xfc00) >> 5) |
> ((blue & 0xf800) >> 11);
> break;
>
>
>
> 2) palette in neofb_par is "u32 palette[16];" which is 4x16 = 64 bytes.
> struct fb_info::pseudo_palette is assigned to it in neo_alloc_fb_info().
> Yet, we check at the beginning of neofb_setcolreg() for color map
> length which neofb advertises as 256 which seems too many.
>
Yes, 256 is too many. the pseudo_palette is used for the 16-color
console only.
I'm impressed that this bug has escaped notice for this long. That bug
is present since the 2.5.x era.
Probably, the best thing to do is hide the pseudo_palette from the
drivers and move it to the console layer where it belongs to spare
future driver writers from palette usage confusion. That will be a
thankless job.
Tony
On Wed, 2007-05-30 at 19:01 +0300, Tero Roponen wrote:
> On Wed, 30 May 2007, Andrew Morton wrote:
>
> > On Wed, 30 May 2007 15:02:49 +0300 (EEST) Tero Roponen <[email protected]> wrote:
> >
> > > On Wed, 30 May 2007, Pekka Enberg wrote:
> > >
> > > > On 5/30/07, Tero Roponen <[email protected]> wrote:
>
> after some trial and error I found a simple way to trigger the
> corruption:
>
BTW, that was impressive. You exposed a long-standing bug in neofb,
thanks.
And just FYI, you can also trigger it by doing fbset -depth 24.
Tony
From: "Antonino A. Daplas" <[email protected]>
Date: Thu, 31 May 2007 07:14:46 +0800
> Yes, 256 is too many. the pseudo_palette is used for the 16-color
> console only.
Many many drivers allocate 256 entries, just FYI :-) They
all should be fixed up I guess.
On Wed, 2007-05-30 at 16:18 -0700, David Miller wrote:
> From: "Antonino A. Daplas" <[email protected]>
> Date: Thu, 31 May 2007 07:14:46 +0800
>
> > Yes, 256 is too many. the pseudo_palette is used for the 16-color
> > console only.
>
> Many many drivers allocate 256 entries, just FYI :-) They
> all should be fixed up I guess.
I did a pseudo_palette allocation audit before, it might be high time to
run one again :-(
Tony
On Thu, 31 May 2007, Antonino A. Daplas wrote:
> On Wed, 2007-05-30 at 22:04 +0400, Alexey Dobriyan wrote:
> > 2) palette in neofb_par is "u32 palette[16];" which is 4x16 = 64 bytes.
> > struct fb_info::pseudo_palette is assigned to it in neo_alloc_fb_info().
> > Yet, we check at the beginning of neofb_setcolreg() for color map
> > length which neofb advertises as 256 which seems too many.
> >
>
> Yes, 256 is too many. the pseudo_palette is used for the 16-color
> console only.
>
> I'm impressed that this bug has escaped notice for this long. That bug
> is present since the 2.5.x era.
>
> Probably, the best thing to do is hide the pseudo_palette from the
> drivers and move it to the console layer where it belongs to spare
> future driver writers from palette usage confusion. That will be a
> thankless job.
The console layer doesn't know how to fill in the pseudo palette in all
cases, that's why the driver have to do it.
Gr{oetje,eeting}s,
Geert
--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- [email protected]
In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
-- Linus Torvalds
On Thu, 2007-05-31 at 09:17 +0200, Geert Uytterhoeven wrote:
> On Thu, 31 May 2007, Antonino A. Daplas wrote:
> > On Wed, 2007-05-30 at 22:04 +0400, Alexey Dobriyan wrote:
> > > 2) palette in neofb_par is "u32 palette[16];" which is 4x16 = 64 bytes.
> > > struct fb_info::pseudo_palette is assigned to it in neo_alloc_fb_info().
> > > Yet, we check at the beginning of neofb_setcolreg() for color map
> > > length which neofb advertises as 256 which seems too many.
> > >
> >
> > Yes, 256 is too many. the pseudo_palette is used for the 16-color
> > console only.
> >
> > I'm impressed that this bug has escaped notice for this long. That bug
> > is present since the 2.5.x era.
> >
> > Probably, the best thing to do is hide the pseudo_palette from the
> > drivers and move it to the console layer where it belongs to spare
> > future driver writers from palette usage confusion. That will be a
> > thankless job.
>
> The console layer doesn't know how to fill in the pseudo palette in all
> cases, that's why the driver have to do it.
>
I have actually started working on that. It involves breaking down
fb_setcolreg() so it deals only with writing to the actual hardware
registers. The part of fb_setcolreg() that adds entries to the
pseudo_palette can be separated as a new method, fb_get_pixel(), which
given red, blue, green, transp, the driver returns a u32 pixel value
that can be written to the pseudo_palette.
So fbcon can hold a copy of the pseudo_palette and fills it up by
calling info->fbops->fb_get_pixel() successively.
This will touch the logo code, the drawing libraries, each driver, etc
so it's a lot of work. During the conversion period, we support having
info->pseudo_palette and fbcon->pseudo_palette at the same time. Once
all drivers are converted, we can remove info->pseudo_palette.
One use for having an fb_get_pixel() method is we can use this as an
rgb888-image-to-raw-framebuffer-format converter.
Currently, I have only converted vesafb. Once the core code is done,
I'll start converting the rest of the drivers one by one.
Tony