netdev
[Top] [All Lists]

Re: 2.6.9-rc1-mm5: TCP oopses

To: Andrew Morton <akpm@xxxxxxxx>
Subject: Re: 2.6.9-rc1-mm5: TCP oopses
From: James Morris <jmorris@xxxxxxxxxx>
Date: Mon, 13 Sep 2004 20:25:38 -0400 (EDT)
Cc: linux-kernel@xxxxxxxxxxxxxxx, <netdev@xxxxxxxxxxx>, "David S. Miller" <davem@xxxxxxxxxxxxx>
In-reply-to: <20040913015003.5406abae.akpm@xxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
I'm experiencing TCP related oopses with this kernel (not seen in -mm4), 
.config file attached.

Here are two backtraces, the first happened a few seconds after logging 
in via ssh, the second happened soon after boot (using selinux=0, just to 
make sure).

Oops #1:
-----------

KERNEL: assertion (!skb_queue_empty(&sk->sk_write_queue)) failed at 
net/ipv4/tcp_timer.c (322)
Unable to handle kernel NULL pointer dereference at virtual address 00000048
 printing eip:
c03022c2
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP 
Modules linked in: ipv6 e1000 3c59x ac
CPU:    0
EIP:    0060:[<c03022c2>]    Not tainted VLI
EFLAGS: 00010246   (2.6.9-rc1-mm5) 
EIP is at tcp_retransmit_skb+0x89/0x340
eax: 00000000   ebx: 00000000   ecx: f7718960   edx: 00000000
esi: f740c2a0   edi: f740c0a8   ebp: c0460f64   esp: c0460f48
ds: 007b   es: 007b   ss: 0068
Process swapper (pid: 0, threadinfo=c0460000 task=c039dac0)
Stack: f740c0a8 00000000 0000056e f740c2a0 f740c0a8 f740c2a0 f740c10c c0460fa0 
       c03044b2 c0387ed4 c038901c c038615b 00000142 c0460fb8 f888bb2f f709a778 
       f70791c0 c181110c 00000001 f740c0a8 f740c2a0 f740c0c8 c0460fb8 c03048af 
Call Trace:
 [<c0106b21>] show_stack+0x7a/0x90
 [<c0106ca2>] show_registers+0x152/0x1ca
 [<c0106ea9>] die+0x100/0x186
 [<c0115809>] do_page_fault+0x2dc/0x5d0
 [<c0106765>] error_code+0x2d/0x38
 [<c03044b2>] tcp_retransmit_timer+0xe9/0x434
 [<c03048af>] tcp_write_timer+0xb2/0xcd
 [<c01249c0>] run_timer_softirq+0xbf/0x17f
 [<c0120f24>] __do_softirq+0x64/0xd2
 [<c01091aa>] do_softirq+0x47/0x4f
 [<c0112535>] smp_apic_timer_interrupt+0xf2/0xf4
 [<c01066ca>] apic_timer_interrupt+0x1a/0x20
 [<c0103e97>] cpu_idle+0x38/0x5a
 [<c042f85a>] start_kernel+0x196/0x1d5
 [<c0100211>] 0xc0100211
 =======================
 [<c0106b21>] show_stack+0x7a/0x90
 [<c0106ca2>] show_registers+0x152/0x1ca
 [<c0106ea9>] die+0x100/0x186
 [<c0115809>] do_page_fault+0x2dc/0x5d0
 [<c0106765>] error_code+0x2d/0x38
 [<c03044b2>] tcp_retransmit_timer+0xe9/0x434
 [<c03048af>] tcp_write_timer+0xb2/0xcd
 [<c01249c0>] run_timer_softirq+0xbf/0x17f
 [<c0120f24>] __do_softirq+0x64/0xd2
 [<c01091aa>] do_softirq+0x47/0x4f
 [<c0112535>] smp_apic_timer_interrupt+0xf2/0xf4
 [<c01066ca>] apic_timer_interrupt+0x1a/0x20
 [<c0103e97>] cpu_idle+0x38/0x5a
 [<c042f85a>] start_kernel+0x196/0x1d5
 [<c0100211>] 0xc0100211
Code: 89 45 ec 8b 47 78 be f5 ff ff ff 89 c2 c1 fa 02 01 d0 8b 97 84 00 00 00 
39 c2 0f 4f d0 8b 47 60 39 d0 0f 8f b3 01 00 00 8b 75 f0 <8b> 53 48 8b 4e 10 39 
ca 79 5c 39 4b 4c 79 08 0f 0b c3 03 14 61 
 <0>Kernel panic - not syncing: Fatal exception in interrupt



Oops #2:
-----------

gdb) l *0xc02fac2c
0xc02fac2c is in tcp_time_to_recover (net/ipv4/tcp_input.c:1352).

1350    static inline int tcp_skb_timedout(struct tcp_opt *tp, struct sk_buff 
*skb)
1351    {
1352            return (tcp_time_stamp - TCP_SKB_CB(skb)->when > tp->rto);
1353    }
1354


Unable to handle kernel NULL pointer dereference at virtual address 00000050
 printing eip:
c02fac2c
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP 
Modules linked in: ipv6 e1000 3c59x ac
CPU:    0
EIP:    0060:[<c02fac2c>]    Not tainted VLI
EFLAGS: 00010246   (2.6.9-rc1-mm5) 
EIP is at tcp_time_to_recover+0x1d0/0x214
eax: fffcc289   ebx: f77a6320   ecx: 00000002   edx: 00000000
esi: 00000003   edi: f77a6128   ebp: c0460ddc   esp: c0460dc4
ds: 007b   es: 007b   ss: 0068
Process swapper (pid: 0, threadinfo=c0460000 task=c039dac0)
Stack: 00000246 fffcc3b1 00000001 f77a6320 00000000 49a2fa4f c0460e20 c02fb752 
       c0460e20 c02fc1b1 00000000 00010800 49a2fa4f 037a6320 00000001 00000000 
       00000106 00000004 49a2f4d3 f77a6128 00000003 f77a6320 49a2fa4f c0460e60 
Call Trace:
 [<c0106b21>] show_stack+0x7a/0x90
 [<c0106ca2>] show_registers+0x152/0x1ca
 [<c0106ea9>] die+0x100/0x186
 [<c0115809>] do_page_fault+0x2dc/0x5d0
 [<c0106765>] error_code+0x2d/0x38
 [<c02fb752>] tcp_fastretrans_alert+0x146/0x6ed
 [<c02fca42>] tcp_ack+0x260/0x5df
 [<c02ff67e>] tcp_rcv_established+0x5d0/0x868
 [<c0308265>] tcp_v4_do_rcv+0x101/0x103
 [<c0308a73>] tcp_v4_rcv+0x80c/0x920
 [<c02ed407>] ip_local_deliver+0xa0/0x26d
 [<c02edb43>] ip_rcv+0x381/0x4f9
 [<c02da8e3>] netif_receive_skb+0x1f7/0x224
 [<c02da995>] process_backlog+0x85/0x135
 [<c02daacb>] net_rx_action+0x86/0x136
 [<c0120f24>] __do_softirq+0x64/0xd2
 [<c01091aa>] do_softirq+0x47/0x4f
 [<c01089ed>] do_IRQ+0x185/0x1cf
 [<c0106648>] common_interrupt+0x18/0x20
 [<c0103e97>] cpu_idle+0x38/0x5a
 [<c042f85a>] start_kernel+0x196/0x1d5
 [<c0100211>] 0xc0100211
 =======================
 [<c0106b21>] show_stack+0x7a/0x90
 [<c0106ca2>] show_registers+0x152/0x1ca
 [<c0106ea9>] die+0x100/0x186
 [<c0115809>] do_page_fault+0x2dc/0x5d0
 [<c0106765>] error_code+0x2d/0x38
 [<c02fb752>] tcp_fastretrans_alert+0x146/0x6ed
 [<c02fca42>] tcp_ack+0x260/0x5df
 [<c02ff67e>] tcp_rcv_established+0x5d0/0x868
 [<c0308265>] tcp_v4_do_rcv+0x101/0x103
 [<c0308a73>] tcp_v4_rcv+0x80c/0x920
 [<c02ed407>] ip_local_deliver+0xa0/0x26d
 [<c02edb43>] ip_rcv+0x381/0x4f9
 [<c02da8e3>] netif_receive_skb+0x1f7/0x224
 [<c02da995>] process_backlog+0x85/0x135
 [<c02daacb>] net_rx_action+0x86/0x136
 [<c0120f24>] __do_softirq+0x64/0xd2
 [<c01091aa>] do_softirq+0x47/0x4f
 [<c01089ed>] do_IRQ+0x185/0x1cf
 [<c0106648>] common_interrupt+0x18/0x20
 [<c0103e97>] cpu_idle+0x38/0x5a
 [<c042f85a>] start_kernel+0x196/0x1d5
 [<c0100211>] 0xc0100211
Code: 83 c4 0c 5b 5e 5f 5d c3 8b 92 7c 01 00 00 83 c2 01 e9 7a fe ff ff 8d 47 
64 8b 57 64 39 c2 b8 00 00 00 00 0f 44 d0 a1 a0 f5 39 c0 <2b> 42 50 3b 83 94 00 
00 00 77 c7 e9 7b fe ff ff c7 45 f0 00 00 
 <0>Kernel panic - not syncing: Fatal exception in interrupt


-- 
James Morris
<jmorris@xxxxxxxxxx>

Attachment: config.txt
Description: Text document

<Prev in Thread] Current Thread [Next in Thread>