Hi,
this is probably RTFM (where is this manual?), but how did I get a
callchain on a uniprocessor
system where there are two functions that cannot be a part of it,
because they don't call anything ? (kfree_skbmem and __kmalloc). Also
at the end one function call is there twice.
Seems like stack corruption, but I did try to close others out with
spin_lock_bh. This part of the code is called from kernel traps and
softirq for ethernet RX.
See here (I changed call names):
kernel BUG at mm/slab.c:1783!
invalid operand: 0000 [#1]
CPU: 0
EIP: 0060:[<c014a134>] Tainted: P U
EFLAGS: 00010006 (2.6.5-tsp1 )
EIP is at kfree+0x224/0x3b0
eax: 003c664f ebx: 00010c00 ecx: 0000040c edx: 000000a4
esi: c58bf9b0 edi: 00000000 ebp: c0795c5c esp: c0795c30
ds: 007b es: 007b ss: 0068
Process swapper (pid: 0, threadinfo=c0794000 task=c060aa40)
Stack: c58bf9b0 f46e0858 c0795c5c c0149b18 f8bcf836 f46e0858 c58bb360 00000286
f46e0b28 f381fc64 f46e085c c0795c6c f8bcf836 f46e085c f46e0af4 c0795cac
f8bce00c f46e085c 00000000 f8bd26bb 0014e6d0 a295af12 f381fc78 f381fc78
Call Trace:
[<c0149b18>] __kmalloc+0x178/0x230
[<f8bcf836>] myfree+0x11/0x17 [Y]
[<f8bcf836>] myfree+0x11/0x17 [Y]
[<f8bce00c>] func4+0x36e/0x376 [Y]
...
[<f898fef6>] func3+0xe6/0x220 [X]
[<c045a735>] kfree_skbmem+0x25/0x30
[<f898de61>] func2+0x561/0x6f0 [X]
[<c0149b77>] __kmalloc+0x1d7/0x230
[<f89a524f>] func1+0x5f/0xa0 [X]
[<c045f983>] netif_receive_skb+0x1c3/0x260
[<c02d1195>] e1000_clean_rx_irq+0x375/0x400
[<c02d0bca>] e1000_clean+0x4a/0xc0
[<c045fb92>] net_rx_action+0x72/0x100
[<c012a29c>] __do_softirq+0x8c/0x90
[<c012a2cb>] do_softirq+0x2b/0x30
[<c010b655>] do_IRQ+0xe5/0x120
[<c0109a6c>] common_interrupt+0x18/0x20
[<c0107066>] default_idle+0x26/0x40
[<c01070f4>] cpu_idle+0x34/0x40
[<c0796824>] start_kernel+0x184/0x1c0
[<c0796540>] unknown_bootoption+0x0/0x120
Thanks in advance, krajo
All,
I want to access kdb explicitly. For example, I could recognize the
special characters inside console driver. If the the special characters
are detected , then drop to kdb immediately. However, I don't know what
should I to do after the special characters received.
Thanks,
Gavin
On Fri, 1 Jun 2007, gshan wrote:
> I want to access kdb explicitly. For example, I could recognize the
> special characters inside console driver. If the the special characters
> are detected , then drop to kdb immediately. However, I don't know what
> should I to do after the special characters received.
See http://www.ibm.com/developerworks/linux/library/l-kdbug/ - section
"Activating KDB".
--
Jiri Kosina
Jiri Kosina wrote:
> On Fri, 1 Jun 2007, gshan wrote:
>
>
>> I want to access kdb explicitly. For example, I could recognize the
>> special characters inside console driver. If the the special characters
>> are detected , then drop to kdb immediately. However, I don't know what
>> should I to do after the special characters received.
>>
>
> See http://www.ibm.com/developerworks/linux/library/l-kdbug/ - section
> "Activating KDB".
>
>
Thanks a lot :-)
Hi Krajo,
> this is probably RTFM (where is this manual?), but how did I get a
> callchain on a uniprocessor
> system where there are two functions that cannot be a part of it,
> because they don't call anything ? (kfree_skbmem and __kmalloc). Also
> at the end one function call is there twice.
>
> Seems like stack corruption, but I did try to close others out with
> spin_lock_bh. This part of the code is called from kernel traps and
> softirq for ethernet RX.
I'm not an expert, but I think you basically have two options:
- Turn on CONFIG_FRAME_POINTER
- Gnaw through the stack trace (from bottom to top), matching up the
entry points with actual function calls in the assembly. That way
you'll see which of the entries are bogus, and which correspond to
a real call somewhere in the trace.
Miklos
"George Krajcsovits" <[email protected]> writes:
> this is probably RTFM (where is this manual?), but how did I get a
> callchain on a uniprocessor
> system where there are two functions that cannot be a part of it,
> because they don't call anything ? (kfree_skbmem and __kmalloc). Also
> at the end one function call is there twice.
Linux stack traces are not exact by default.
-Andi