Another Oops messages for FPU restore are as below: <snip> IP: [<c100bcbe>] __math_state_restore+0x5e/0x80 Oops: 0000 [#1] SMP last sysfs file: /sys/module/serpent/initstate
<0> Call Trace: ? do_device_not_available+0x0/0x20 match_state_restore+0x39/0x50 do_device_not_available+0x10/0x20 error_code+0x67/0x6c ?flush_thread+0x3f/0x70 flush_old_exec+0x419/0x590 load_elf_binary+0x25c/0x1290 ?default_spin_lock_flags+0x8/0x10 ?_raw_spin_lock_flags+0x2f/0x50 ?page_address+0xd3/0xe0 ?default_spin_lock_flags+0x8/0x10 ?_raw_spin_lock_flags+0x2f/0x50 ?page_address+0xd3/0xe0 ?kunmap_high+0x6f/0xa0 ?_copy_from_user+0x44/0x70 search_binary_handler+0xb2/0x2b0 ?load_elf_binary+0x0/0x1290 do_execve+0x37/0x70 ptregs_execve+0x12/0x18 ?sysenter_do_call+0x12/0x28 </snip> decodes <snip> 0xc100bcbe in fxrstor_checking () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:198 198 alternative_input( (gdb) bt #0 0xc100bcbe in fxrstor_checking () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:198 #1 fpu_fxrstor_checking () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:267 #2 fpu_restore_checking () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:275 #3 restore_fpu_checking () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:280 #4 __math_state_restore () at arch/x86/kernel/traps.c:826 #5 0xc100bd19 in math_state_restore () at arch/x86/kernel/traps.c:868 #6 0xc1523640 in do_device_not_available (regs=0xf0097e24, error_code=<value optimized out>) at arch/x86/kernel/traps.c:886 #7 <signal handler called> #8 __clear_fpu () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:302 #9 clear_fpu () at /linux-source-2.6.38/arch/x86/include/asm/i387.h:386 #10 flush_thread () at arch/x86/kernel/process.c:132 #11 0xc1132229 in flush_old_exec (bprm=0xf018d600) at fs/exec.c:1048 #12 0xc116bf1c in load_elf_binary (bprm=0xf018d600, regs=0xf0097fb4) at fs/binfmt_elf.c:711 #13 0xc11317d2 in search_binary_handler (bprm=0xf018d600, regs=0xf0097fb4) at fs/exec.c:1329 #14 0xc1132d2f in do_execve (filename=<value optimized out>, argv=0xbfef4074, envp=0xbfef407c, regs=0xf0097fb4) at fs/exec.c:1450 #15 0xc10128e7 in sys_execve (name=<value optimized out>, argv=0xbfef4074, envp=0xbfef407c, regs=0xf0097fb4) at arch/x86/kernel/process.c:320 #16 0xc100aaee in ?? () at arch/x86/kernel/entry_32.S:729 #17 <signal handler called> #18 0xb78da424 in ?? () Cannot access memory at address 0xbfef3f64 (gdb) Code: 2f 85 c9 75 2b 83 4b 0c 01 80 86 80 01 00 00 01 8b 1c 24 8b 74 24 04 8b 7c 24 08 89 ec 5d c3 8d b6 00 00 00 00 8b 86 4c 03 00 00 <0f> ae 08 eb d5 e8 38 76 02 00 90 83 c8 08 e8 3f 76 02 00 90 b8 root@dnsubuntu:/linux-source-2.6.38# echo "Code: 2f 85 c9 75 2b 83 4b 0c 01 80 86 80 01 00 00 01 8b 1c 24 8b 74 24 04 8b 7c 24 08 89 ec 5d c3 8d b6 00 00 00 00 8b 86 4c 03 00 00 <0f> ae 08 eb d5 e8 38 76 02 00 90 83 c8 08 e8 3f 76 02 00 90 b8" | ./scripts/decodecode Code: 2f 85 c9 75 2b 83 4b 0c 01 80 86 80 01 00 00 01 8b 1c 24 8b 74 24 04 8b 7c 24 08 89 ec 5d c3 8d b6 00 00 00 00 8b 86 4c 03 00 00 <0f> ae 08 eb d5 e8 38 76 02 00 90 83 c8 08 e8 3f 76 02 00 90 b8 All code ======== 0: 2f das 1: 85 c9 test %ecx,%ecx 3: 75 2b jne 0x30 5: 83 4b 0c 01 orl $0x1,0xc(%ebx) 9: 80 86 80 01 00 00 01 addb $0x1,0x180(%esi) 10: 8b 1c 24 mov (%esp),%ebx 13: 8b 74 24 04 mov 0x4(%esp),%esi 17: 8b 7c 24 08 mov 0x8(%esp),%edi 1b: 89 ec mov %ebp,%esp 1d: 5d pop %ebp 1e: c3 ret 1f: 8d b6 00 00 00 00 lea 0x0(%esi),%esi 25: 8b 86 4c 03 00 00 mov 0x34c(%esi),%eax 2b:* 0f ae 08 fxrstor (%eax) <-- trapping instruction 2e: eb d5 jmp 0x5 30: e8 38 76 02 00 call 0x2766d 35: 90 nop 36: 83 c8 08 or $0x8,%eax 39: e8 3f 76 02 00 call 0x2767d 3e: 90 nop 3f: b8 .byte 0xb8 Code starting with the faulting instruction =========================================== 0: 0f ae 08 fxrstor (%eax) 3: eb d5 jmp 0xffffffda 5: e8 38 76 02 00 call 0x27642 a: 90 nop b: 83 c8 08 or $0x8,%eax e: e8 3f 76 02 00 call 0x27652 13: 90 nop 14: b8 .byte 0xb8 </snip> Thanks & Regards TimLee
