This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

RE: [Bug translator/1276] support more timer varieties

From: "Keshavamurthy, Anil S" <anil dot s dot keshavamurthy at intel dot com>
To: "Stone, Joshua I" <joshua dot i dot stone at intel dot com>, <systemtap at sources dot redhat dot com>
Date: Wed, 7 Dec 2005 21:34:55 -0800
Subject: RE: [Bug translator/1276] support more timer varieties

Josh,
	We fixed similar return probe bug in RHEL4-U3 kernel. So, Can
you please try the same 
test on  RHEL4-U3 Beta and get back to the mailing list.

Thanks,
Anil Keshavamurthy
>-----Original Message-----
>From: systemtap-owner@sourceware.org 
>[mailto:systemtap-owner@sourceware.org] On Behalf Of Stone, Joshua I
>Sent: Wednesday, December 07, 2005 6:40 PM
>To: systemtap@sources.redhat.com
>Subject: RE: [Bug translator/1276] support more timer varieties
>
>Stone, Joshua I wrote:
>> When I was writing the test script, I did find a couple of 
>probes that
>> failed, but it was unrelated to "current" dereferencing.  I will
>> follow up in another email...
>
>As promised, here they are.  I tried these with very simple 
>probe bodies
>(increment a global number), so I know the crashes have nothing to do
>with "current" dereferencing.
>
>The first one that failed on me was 'kernel.inline("get_current")'.  I
>figured this would be a dangerous one, but I wanted to try it.  This
>matched 2710 locations for me, and probably a lot of them are in
>critical locations.  When I ran this, I got "NMI Watchdog detected
>LOCKUP".  It probably isn't worth trying to make this one work, but if
>we have a blacklist, this should be on it.
>
>The second one that failed was 'kernel.function("__switch_to").return'.
>This one is a problem with kretprobes only, as all of my other 
>probes in
>__switch_to behaved just fine, even in the middle of the function.
>Running this gave "Kernel BUG at kprobes:449" (the full dump 
>is included
>below).  The line mentioned is in trampoline_probe_handler:
>
>    BUG_ON(!orig_ret_address || (orig_ret_address ==
>trampoline_address));
>
>It seems pretty obvious that the actions taken in __switch_to would
>conflict with the way the trampoline works.  I don't know if it's
>possible to make kretprobes work on this function - if not, it 
>should be
>blacklisted.
>
>
>Josh
>
>
>crashdump from kernel.function("__switch_to").return
>===================================================================
>Kernel BUG at kprobes:449
>invalid operand: 0000 [1] SMP
>CPU 1
>Modules linked in: stap_4037(U) nfsd exportfs lockd md5 ipv6
>parport_pc lp parport autofs4 i2c_dev i2c_core smbfs sunrpc ds
>yenta_socket pcmcia_core ipt_REJECT ipt_state ip_conntrack
>iptable_filter ip_tables dm_mirror dm_mod button battery ac
>joydev uhci_hcd ehci_hcd shpchp hw_random ata_piix snd_azx
>snd_hda_codec snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd
>soundcore snd_page_alloc sk98lin(U) floppy ext3 jbd ahci libata
>sd_mod scsi_mod
>Pid: 4006, comm: sshd Tainted: GF     2.6.9-22.ELsmp
>RIP: 0010:[<ffffffff80121809>]
><ffffffff80121809>{trampoline_probe_handler+130}
>RSP: 0018:0000010071d81b28  EFLAGS: 00010002
>RAX: 0000000000000001 RBX: 000001007f9d4600 RCX: ffffffffa0000000
>RDX: 0000000000000001 RSI: 0000010071d81bf8 RDI: 0000000000000000
>RBP: 0000000000000000 R08: 0000010037e14000 R09: 0000000000000003
>R10: 00000000000000ff R11: 0000000000000003 R12: 0000000000000000
>R13: 0000010071d81bf8 R14: 0000000000000000 R15: 0000010002c1a5e0
>FS:  0000002a96a33280(0000) GS:ffffffff804d3180(0000)
>knlGS:0000000000000000
>CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>CR2: 000000383c38f070 CR3: 0000000037e18000 CR4: 00000000000006e0
>Process sshd (pid: 4006, threadinfo 0000010071d80000, task
>0000010076dc3030)
>Stack: ffffffff803d16a0 ffffffff803d16a0 ffffffff80121785
>0000010071d81bf8
>       ffffffff80121786 ffffffff80121751 ffffffff803db140
>0000010071d81bb8
>       0000000000000002 0000010076dc3030
>Call Trace:
>       <ffffffff80121785>{kretprobe_trampoline+0}
>       <ffffffff80121786>{kretprobe_trampoline+1}
>       <ffffffff80121751>{kprobe_handler+559}
>       <ffffffff80121a27>{kprobe_exceptions_notify+40}
>       <ffffffff801432fb>{notifier_call_chain+31}
>       <ffffffff80112460>{do_int3+66}
>       <ffffffff80110aed>{error_exit+0}
>       <ffffffff80121786>{kretprobe_trampoline+1}
>       <ffffffff80121785>{kretprobe_trampoline+0}
>       <ffffffff80222bad>{tty_ldisc_try+60}
>       <ffffffff80303924>{schedule_timeout+101}
>       <ffffffff80222ce0>{tty_ldisc_deref+103}
>       <ffffffff8018902b>{do_select+939}
>       <ffffffff80188bc5>{__pollwait+0}
>       <ffffffff801893aa>{sys_select+820}
>       <ffffffff801908fc>{dnotify_parent+34}
>       <ffffffff80110052>{system_call+126}
>
>Code: 0f 0b 64 b8 31 80 ff ff ff ff c1 01 49 89 ad 80 00 00 00 e8
>RIP <ffffffff80121809>{trampoline_probe_handler+130} RSP
><0000010071d81b28>
>

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]