bug-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Kernel crash with rtl8139 while restarting pfinet

From: Ludovic Courtès
Subject: Kernel crash with rtl8139 while restarting pfinet
Date: Sun, 24 Oct 2021 15:47:36 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) 
Hello!

I stumbled upon a crash while running GNU/Hurd in QEMU with rtl8139
emulation along these lines:

  qemu-system-i386 -enable-kvm -m 1024 -hda 
/gnu/store/mkvai2a97w702yhayv66y62kd7r2j1ps-disk-image \
    -snapshot "--device" "rtl8139,netdev=net0" --netdev user,id=net0

The crash is pretty reproducible:

  1. Start an active pfinet with, say:

       settrans -fac /servers/socket/2 /hurd/pfinet --interface eth0 \
         --ipv6 /servers/socket/26 --address 10.0.2.15 \
         --netmask 255.255.255.0

  2. Forcefully terminate pfinet:

       settrans -fg /servers/socket/2

  3. Restart it as in #1.

After a couple of seconds, I get a kernel debugger prompt:

--8<---------------cut here---------------start------------->8---
Kernel page fault at address 0xc1000000, eip = 0xc10b1f5d                       
Kernel Page fault trap, eip 0xc10b1f5d                                          
kernel: Page fault (14), code=3                                                 
Stopped at  0xc10b1f5d: repe movsl      (%esi),%es:(%edi)
0xc10b1f5d(b,c11b1a20,c11bdf84,c1029841,7)
0xc105c6da(b)
0xc1046209(f59c7d00,ecea5880,12,8,0,ecc99a38,46,f9249034)
0xc1040d25(f59c7d54,ecea5880,12,8,0,ecc99a38,46,f9249034,f52175c8)
0xc104a7a5(ed077010,f9249010,eef9cf60,c1015b3d,ed077000)
0xc1022252(ed077000,f59ce990,f59b8750,0)
0xc1052ef9(3005de8,3,38,28,1b)
0xc10071f8()
--8<---------------cut here---------------end--------------->8---

… which corresponds to this backtrace:

--8<---------------cut here---------------start------------->8---
$ addr2line -e 
/gnu/store/acl9ffg0pjcj1hvzf8f5pz98xm0cqpps-gnumach-1.8-1.097f9cf/boot/gnumach 
0xc10b1f5d 0xc105c6da 0xc1046209 0xc1040d25 0xc104a7a5 0xc1022252 0xc1052ef9 
0xc10071f8
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/./linux/dev/include/asm/string.h:209
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/linux/dev/arch/i386/kernel/irq.c:110
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/i386/i386at/interrupt.S:38
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/device/ds_routines.c:198
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/device/device.server.c:280
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/kern/ipc_kobject.c:178
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/ipc/mach_msg.c:1301
/tmp/guix-build-gnumach-1.8-1.097f9cf.drv-0/source/i386/i386/locore.S:1109
--8<---------------cut here---------------end--------------->8---

This points at this bit of the old in-kernel Linux drivers:

--8<---------------cut here---------------start------------->8---
/*
 * Generic interrupt handler for Linux devices.
 * Set up a fake `struct pt_regs' then call the real handler.
 */
static void
linux_intr (int irq)
{
  struct pt_regs regs;
  struct linux_action *action = *(irq_action + irq);
  unsigned long flags;

  kstat.interrupts[irq]++;
  intr_count++;

  save_flags (flags);
  if (action && (action->flags & SA_INTERRUPT))
    cli ();

  while (action)
    {
      action->handler (irq, action->dev_id, &regs);
      action = action->next;   // <- irq.c:110
    }

  restore_flags (flags);

  intr_count--;
}
--8<---------------cut here---------------end--------------->8---

Maybe I should just be using netdde in the first place (better have
crashy code in user space :-)), but reporting just in case it rings a
bell or something.

Thoughts?

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]