kfree: Bad obj 5a5a5a5a

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Steven N. Hirsch: "Re: [Call For Wartectomy] CRLF conversion out of kernel"
• Previous message: Rick Hohensee: "tangential question"
• Next in thread: Douglas Gilbert: "Re: kfree: Bad obj 5a5a5a5a"
• Maybe reply: Douglas Gilbert: "Re: kfree: Bad obj 5a5a5a5a"

The command

ls /cdrom

caused autofs to kick in for mounting my SCSI CDROM. The following
modules where automatically loaded:

nls_iso8859-1 2052 1 (autoclean)
sr_mod 18236 1 (autoclean)
cdrom 13432 0 (autoclean) [sr_mod]
isofs 17720 1 (autoclean)

The mount expired and I did the following:

japetus ~# rmmod sr_mod
Segmentation fault
japetus ~# lsmod
Module Size Used by
nls_iso8859-1 2052 0 (autoclean)
lsmod: QM_INFO: No such file or directory
japetus ~#

The rmmod triggered the kernel oops, causing a segmentation fault. Here's
the log (Sorry for the long lines if it's inconvenient):

Jul 13 23:27:47 japetus kernel: Loaded 5709 symbols from /boot/System.map.
Jul 13 23:27:47 japetus kernel: Symbols match kernel version 2.2.10.
Jul 13 23:27:47 japetus kernel: Loaded 75 symbols from 8 modules.
Jul 13 23:27:47 japetus kernel: Linux version 2.2.10-ac8 (root@japetus.localdomain) (gcc version egcs-2.91.66 19990314/Linux (egcs-1.1.2 release)) #1 Mon Jul 5 00:28:32 MEST 1999
...
Jul 13 23:29:46 japetus kernel: Detected scsi CD-ROM sr0 at scsi0, channel 0, id 6, lun 0
Jul 13 23:29:46 japetus kernel: Uniform CDROM driver Revision: 2.55
Jul 13 23:29:46 japetus kernel: sr0: CDROM (ioctl) reports ILLEGAL REQUEST.
Jul 13 23:30:50 japetus automount[687]: expired /misc/cd
Jul 13 23:32:22 japetus kernel: kfree: Bad obj 5a5a5a5a
Jul 13 23:32:22 japetus kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000
Jul 13 23:32:22 japetus kernel: current->tss.cr3 = 00856000, %cr3 = 00856000
Jul 13 23:32:22 japetus kernel: *pde = 00000000
Jul 13 23:32:22 japetus kernel: Oops: 0002
Jul 13 23:32:22 japetus kernel: CPU: 0
Jul 13 23:32:22 japetus kernel: EIP: 0010:[kfree+655/688]
Jul 13 23:32:22 japetus kernel: EFLAGS: 00010296
Jul 13 23:32:22 japetus kernel: eax: 0000001b ebx: 5a5a5a5a ecx: 00000018 edx: 00000023
Jul 13 23:32:22 japetus kernel: esi: c0007ea0 edi: 5a5a5a5a ebp: c28544a0 esp: c05c9f3c
Jul 13 23:32:22 japetus kernel: ds: 0018 es: 0018 ss: 0018
Jul 13 23:32:22 japetus kernel: Process rmmod (pid: 694, process nr: 45, stackpage=c05c9000)
Jul 13 23:32:22 japetus kernel: Stack: 5a5a5a5a c0007ea0 c0088000 c28544a0 a5c32f2b 000008b2 00000246 c0185036
Jul 13 23:32:22 japetus kernel: 5a5a5a5a 5a5a5a5a c018640b 5a5a5a5a 00000118 c2850000 c2850000 00000000
Jul 13 23:32:22 japetus kernel: bffffac8 c01864f6 c28544a0 c2851bcc 00000004 c28544a0 c0114690 c2850000
Jul 13 23:32:22 japetus kernel: Call Trace: [st:st_template+111296/62948801] [scsi_init_free+54/64] [scsi_unregister_device+91/176] [st:st_template+93728/62966369] [st:st_template+93728/62966369] [scsi_unregister_module+54/64] [st:st_template+111296/62948801]
Jul 13 23:32:22 japetus kernel: [st:st_template+100844/62959253] [st:st_template+111296/62948801] [free_module+32/160] [st:st_template+93728/62966369] [sys_delete_module+308/480] [st:st_template+93728/62966369] [system_call+52/56]
Jul 13 23:32:22 japetus kernel: Code: c7 05 00 00 00 00 00 00 00 00 83 c4 08 5b 5e 5f 5d 83 c4 0c

The whole problem is very reproducable.
I've tried to use ksymoops but it didn't add any info. See attachments (they were
made after a reboot).

-- 
Frank

--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="ksymoops.out"

Options used: -V (default)
              -o /lib/modules/2.2.10-ac8/ (default)
              -k /proc/ksyms (default)
              -l /proc/modules (default)
              -m /boot/System.map (specified)
              -c 1 (default)

Warning in compare_ksyms_lsmod, module bsd_comp is in lsmod but not in ksyms, probably no symbols exported
Warning in compare_ksyms_lsmod, module umsdos is in lsmod but not in ksyms, probably no symbols exported
Jul 13 23:32:22 japetus kernel: Unable to handle kernel NULL pointer dereference at virtual address 00000000 
Jul 13 23:32:22 japetus kernel: current->tss.cr3 = 00856000, %cr3 = 00856000 
Jul 13 23:32:22 japetus kernel: *pde = 00000000 
Jul 13 23:32:22 japetus kernel: Oops: 0002 
Jul 13 23:32:22 japetus kernel: CPU:    0 
Jul 13 23:32:22 japetus kernel: EIP:    0010:[kfree+655/688] 
Jul 13 23:32:22 japetus kernel: EFLAGS: 00010296 
Jul 13 23:32:22 japetus kernel: eax: 0000001b   ebx: 5a5a5a5a   ecx: 00000018   edx: 00000023 
Jul 13 23:32:22 japetus kernel: esi: c0007ea0   edi: 5a5a5a5a   ebp: c28544a0   esp: c05c9f3c 
Jul 13 23:32:22 japetus kernel: ds: 0018   es: 0018   ss: 0018 
Jul 13 23:32:22 japetus kernel: Process rmmod (pid: 694, process nr: 45, stackpage=c05c9000) 
Jul 13 23:32:22 japetus kernel: Stack: 5a5a5a5a c0007ea0 c0088000 c28544a0 a5c32f2b 000008b2 00000246 c0185036  
Jul 13 23:32:22 japetus kernel:        5a5a5a5a 5a5a5a5a c018640b 5a5a5a5a 00000118 c2850000 c2850000 00000000  
Jul 13 23:32:22 japetus kernel:        bffffac8 c01864f6 c28544a0 c2851bcc 00000004 c28544a0 c0114690 c2850000  
Jul 13 23:32:22 japetus kernel: Call Trace: [st:st_template+111296/62948801] [scsi_init_free+54/64] [scsi_unregister_device+91/176] [st:st_template+93728/62966369] [st:st_template+93728/62966369] [scsi_unregister_module+54/64] [st:st_template+111296/62948801]  
Jul 13 23:32:22 japetus kernel: Code: c7 05 00 00 00 00 00 00 00 00 83 c4 08 5b 5e 5f 5d 83 c4 0c

Code:  00000000 Before first symbol            00000000 <_IP>: <===
Code:  00000000 Before first symbol               0:	c7 05 00 00 00 00 00 	movl   $0x0,0x0 <===
Code:  00000007 Before first symbol               7:	00 00 00 
Code:  0000000a Before first symbol               a:	83 c4 08             	addl   $0x8,%esp
Code:  0000000d Before first symbol               d:	5b                   	popl   %ebx
Code:  0000000e Before first symbol               e:	5e                   	popl   %esi
Code:  0000000f Before first symbol               f:	5f                   	popl   %edi
Code:  00000010 Before first symbol              10:	5d                   	popl   %ebp
Code:  00000011 Before first symbol              11:	83 c4 0c             	addl   $0xc,%esp


2 warnings issued.  Results may not be reliable.

--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="lsmod.out"

Module                  Size  Used by
ppp_deflate            41060   0  (autoclean)
bsd_comp                3728   0  (autoclean)
ppp                    20492   2  (autoclean) [ppp_deflate bsd_comp]
slhc                    4424   1  (autoclean) [ppp]
wd                      4596   1  (autoclean)
8390                    6340   0  (autoclean) [wd]
autofs                  9316   1  (autoclean)
st                     25248   0  (unused)
nls_cp437               3580   1  (autoclean)
umsdos                 24792   1  (autoclean)
msdos                   5372   1  (autoclean) [umsdos]
fat                    30880   1  (autoclean) [umsdos msdos]

--jI8keyz6grp/JLjh--

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Steven N. Hirsch: "Re: [Call For Wartectomy] CRLF conversion out of kernel"
• Previous message: Rick Hohensee: "tangential question"
• Next in thread: Douglas Gilbert: "Re: kfree: Bad obj 5a5a5a5a"
• Maybe reply: Douglas Gilbert: "Re: kfree: Bad obj 5a5a5a5a"