AFIK this was reproduced by Srihari on nohighmem so it must be that
somebody is calling pgd_free_fast on a pgd that cannot be re-used.
Can you try this patch on top of 2.4.20rc2aa1? (or jam0 after backing
out the fast-pte removal that would otherwise forbid the debugging check
to trigger)
--- 2.4.20rc2aa1/include/asm-i386/pgalloc.h.~1~ 2002-11-27 10:09:30.000000000 +0100
+++ 2.4.20rc2aa1/include/asm-i386/pgalloc.h 2002-11-30 18:43:29.000000000 +0100
@@ -97,6 +97,20 @@ static inline pgd_t *get_pgd_fast(void)
static inline void free_pgd_fast(pgd_t *pgd)
{
+ {
+ int i;
+ for (i = 0; i < USER_PTRS_PER_PGD; i++)
+ if (pgd_val(pgd[i])) {
+ printk("non zero idx %d\n", i);
+ BUG();
+ }
+ for (i = USER_PTRS_PER_PGD; i < PTRS_PER_PGD - USER_PTRS_PER_PGD -
+ ((-VMALLOC_START + PGDIR_SIZE - 1) >> PGDIR_SHIFT); i++)
+ if (pgd_val(pgd[i]) != pgd_val(swapper_pg_dir[i])) {
+ printk("corrupted idx %d\n", i);
+ BUG();
+ }
+ }
*(unsigned long *)pgd = (unsigned long) pgd_quicklist;
pgd_quicklist = (unsigned long *) pgd;
pgtable_cache_size++;
the stack trace should tell us who is freeing a not valid pgd.
without this check the crash happens in an innocent place and it's not
obvious why it breaks.
Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/