Re: EIP: [<c012529d>] do_exit+0x40c/

To: debian-user@lists.debian.org
Subject: Re: EIP: [<c012529d>] do_exit+0x40c/
From: Florian Kriener <florian@kriener.org>
Date: Tue, 22 Sep 2009 10:38:21 +0200
Message-id: <[🔎] 200909221038.21986.florian@kriener.org>
In-reply-to: <[🔎] 200909211934.27290.ale@pcartwright.com>
References: <[🔎] 200909200804.34256.ale@pcartwright.com> <[🔎] 200909211722.47601.florian@kriener.org> <[🔎] 200909211934.27290.ale@pcartwright.com>

On Tuesday 22 September 2009 01:34:27 Paul Cartwright wrote:
> On Mon September 21 2009, Florian Kriener wrote:
> > Sounds like a kernel bug. Can you reproduce the bug? Please send
> > the output of dmesg.

> [165347.859562] ------------[ cut here ]------------
> [165347.859562] kernel BUG at kernel/exit.c:822!
> [165347.859562] invalid opcode: 0000 [#2] SMP
> [165347.859562] Modules linked in: ipt_MASQUERADE xt_DSCP
>  nf_conntrack_irc nf_conntrack_ftp aes_i586 aes_generic ecb
>  crypto_blkcipher ecryptfs xt_multiport nvidia(P) binfmt_misc rfcomm
>  l2cap bluetooth vboxnetadp vboxnetflt vboxdrv ppdev parport_pc lp
>  parport autofs4 battery nfsd auth_rpcgss exportfs nfs lockd nfs_acl
>  sunrpc ipt_REJECT ipt_LOG xt_limit xt_tcpudp xt_state iptable_filter
>  iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack
>  ip_tables x_tables quota_v1 fuse dm_snapshot dm_mirror dm_log dm_mod
>  coretemp loop snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm
>  snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi
>  snd_seq_midi_event snd_seq psmouse i2c_i801 snd_timer snd_seq_device
>  pcspkr serio_raw usblp i2c_core snd soundcore intel_agp
>  snd_page_alloc button agpgart evdev dcdbas ext3 jbd mbcache sg
>  usb_storage usbhid hid ff_memless sr_mod cdrom sd_mod ahci libata
>  scsi_mod dock ehci_hcd uhci_hcd usbcore e1000e thermal processor fan
>  thermal_sys [last unloaded: scsi_wait_scan]
> [165347.859562]
> [165347.859562] Pid: 4922, comm: chrome Tainted: P      D  
>  (2.6.26-2-686 #1) [165347.859562] EIP: 0060:[<c012529d>] EFLAGS:
>  00210206 CPU: 1 [165347.859562] EIP is at do_exit+0x40c/0x5bb
> [165347.859562] EAX: d851b2e0 EBX: d851b1b8 ECX: d851b2e0 EDX:
>  d851b29c [165347.859562] ESI: d851b1c0 EDI: d851b1b8 EBP: d851b1c0
>  ESP: d781ff80 [165347.859562]  DS: 007b ES: 007b FS: 00d8 GS: 0000
>  SS: 0068 [165347.859562] Process chrome (pid: 4922, ti=d781e000
>  task=d851b1c0 task.ti=d781e000)
> [165347.859562] Stack: 00000000 00000000 d781ff88 d781ff88 f6f3d440
>  f5bc7040 00000000 d781e000
> [165347.859562]        c01254b0 00000000 bf8c6e24 bf8c748b c01254e6
>  c0103853 00000000 00000000
> [165347.859562]        00000000 bf8c6e24 bf8c748b bf8c7258 000000fc
>  0000007b 0000007b 00000000
> [165347.859562] Call Trace:
> [165347.859562]  [<c01254b0>] do_group_exit+0x64/0x8d
> [165347.859562]  [<c01254e6>] sys_exit_group+0xd/0x10
> [165347.859562]  [<c0103853>] sysenter_past_esp+0x78/0xb1
> [165347.859562]  =======================
> [165347.859562] Code: dc 00 00 00 39 c2 75 ce f0 81 05 00 ea 36 c0 00
>  00 00 01 fb 0f 1f 84 00 00 00 00 00 90 8d 86 20 01 00 00 39 86 20 01
>  00 00 74 04 <0f> 0b eb fe 39 96 dc 00 00 00 74 04 0f 0b eb fe 8b 5c
>  24 08 81
> [165347.859562] EIP: [<c012529d>] do_exit+0x40c/0x5bb SS:ESP
>  0068:d781ff80 [165347.859562] ---[ end trace 9904bb7e61a3dc7b ]---
> [165347.859562] Fixing recursive fault but reboot is needed!
> [166701.421302] Inbound IN=eth0 OUT=
> MAC=00:16:76:bc:3f:af:00:22:6b:48:cf:73:08:00 SRC=83.204.240.115
> DST=192.168.10.2 LEN=108 TOS=0x00 PREC=0x00 TTL=47 ID=59152 DF
>  PROTO=TCP SPT=51413 DPT=32981 WINDOW=65535 RES=0x00 ACK PSH URGP=0
> [168880.729795] Not cloning cgroup for unused subsystem ns
> [188984.065049] Inbound IN=eth0 OUT=
> MAC=00:16:76:bc:3f:af:00:22:6b:48:cf:73:08:00 SRC=69.165.129.2
> DST=192.168.10.2 LEN=184 TOS=0x00 PREC=0x00 TTL=117 ID=51406
>  PROTO=TCP SPT=6346 DPT=53360 WINDOW=65467 RES=0x00 ACK PSH URGP=0
> [189083.291064] Inbound IN=eth0 OUT=
> MAC=00:16:76:bc:3f:af:00:22:6b:48:cf:73:08:00 SRC=69.165.129.2
> DST=192.168.10.2 LEN=188 TOS=0x00 PREC=0x00 TTL=117 ID=62648 DF
>  PROTO=TCP SPT=6346 DPT=53360 WINDOW=65467 RES=0x00 ACK PSH URGP=0
> [189182.431198] Inbound IN=eth0 OUT=
> MAC=00:16:76:bc:3f:af:00:22:6b:48:cf:73:08:00 SRC=69.165.129.2
> DST=192.168.10.2 LEN=192 TOS=0x00 PREC=0x00 TTL=117 ID=8012 DF
>  PROTO=TCP SPT=6346 DPT=53360 WINDOW=65467 RES=0x00 ACK PSH URGP=0
> [254324.293208] Not cloning cgroup for unused subsystem ns
> [256379.722444] ------------[ cut here ]------------
> [256379.722444] kernel BUG at kernel/exit.c:822!
> [256379.722444] invalid opcode: 0000 [#3] SMP
> [256379.722444] Modules linked in: ipt_MASQUERADE xt_DSCP
>  nf_conntrack_irc nf_conntrack_ftp aes_i586 aes_generic ecb
>  crypto_blkcipher ecryptfs xt_multiport nvidia(P) binfmt_misc rfcomm
>  l2cap bluetooth vboxnetadp vboxnetflt vboxdrv ppdev parport_pc lp
>  parport autofs4 battery nfsd auth_rpcgss exportfs nfs lockd nfs_acl
>  sunrpc ipt_REJECT ipt_LOG xt_limit xt_tcpudp xt_state iptable_filter
>  iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack
>  ip_tables x_tables quota_v1 fuse dm_snapshot dm_mirror dm_log dm_mod
>  coretemp loop snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm
>  snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi
>  snd_seq_midi_event snd_seq psmouse i2c_i801 snd_timer snd_seq_device
>  pcspkr serio_raw usblp i2c_core snd soundcore intel_agp
>  snd_page_alloc button agpgart evdev dcdbas ext3 jbd mbcache sg
>  usb_storage usbhid hid ff_memless sr_mod cdrom sd_mod ahci libata
>  scsi_mod dock ehci_hcd uhci_hcd usbcore e1000e thermal processor fan
>  thermal_sys [last unloaded: scsi_wait_scan]
> [256379.722444]
> [256379.722444] Pid: 5954, comm: chrome Tainted: P      D  
>  (2.6.26-2-686 #1) [256379.722444] EIP: 0060:[<c012529d>] EFLAGS:
>  00210202 CPU: 0 [256379.722444] EIP is at do_exit+0x40c/0x5bb
> [256379.722444] EAX: c248fa60 EBX: c248f938 ECX: c248fa60 EDX:
>  c248fa1c [256379.722444] ESI: c248f940 EDI: c248f938 EBP: c248f940
>  ESP: e4d2bf80 [256379.722444]  DS: 007b ES: 007b FS: 00d8 GS: 0000
>  SS: 0068 [256379.722444] Process chrome (pid: 5954, ti=e4d2a000
>  task=c248f940 task.ti=e4d2a000)
> [256379.722444] Stack: 00000000 00000000 e4d2bf88 e4d2bf88 f5a85080
>  e4e50580 00000000 e4d2a000
> [256379.722444]        c01254b0 00000000 bfb44094 bfb446fb c01254e6
>  c0103853 00000000 00000000
> [256379.722444]        00000000 bfb44094 bfb446fb bfb444c8 000000fc
>  0000007b 0000007b 00000000
> [256379.722444] Call Trace:
> [256379.722444]  [<c01254b0>] do_group_exit+0x64/0x8d
> [256379.722444]  [<c01254e6>] sys_exit_group+0xd/0x10
> [256379.722444]  [<c0103853>] sysenter_past_esp+0x78/0xb1
> [256379.722444]  =======================
> [256379.722444] Code: dc 00 00 00 39 c2 75 ce f0 81 05 00 ea 36 c0 00
>  00 00 01 fb 0f 1f 84 00 00 00 00 00 90 8d 86 20 01 00 00 39 86 20 01
>  00 00 74 04 <0f> 0b eb fe 39 96 dc 00 00 00 74 04 0f 0b eb fe 8b 5c
>  24 08 81
> [256379.722444] EIP: [<c012529d>] do_exit+0x40c/0x5bb SS:ESP
>  0068:e4d2bf80 [256379.722444] ---[ end trace 9904bb7e61a3dc7b ]---

That's a kernel bug and it is already reported in the debian bts as bug 
#542115 [1]. Can you reproduce it without the nvidia driver loaded?

[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542115

Reply to:

Follow-Ups:
- Re: EIP: [<c012529d>] do_exit+0x40c/
  - From: Paul Cartwright <ale@pcartwright.com>

References:
- EIP: [<c012529d>] do_exit+0x40c/
  - From: Paul Cartwright <ale@pcartwright.com>
- Re: EIP: [<c012529d>] do_exit+0x40c/
  - From: Florian Kriener <florian@kriener.org>
- Re: EIP: [<c012529d>] do_exit+0x40c/
  - From: Paul Cartwright <ale@pcartwright.com>

Prev by Date: Re: Size of a kernel module is different at build place and after installation
Next by Date: Re: Packaging gcc
Previous by thread: Re: EIP: [<c012529d>] do_exit+0x40c/
Next by thread: Re: EIP: [<c012529d>] do_exit+0x40c/
Index(es):
- Date
- Thread