Bug 126238

Summary: fsck.ext2 exiting with sig 11 and a bad EIP.
Product: [Fedora] Fedora Reporter: Phil Bostley <bostley>
Component: kernelAssignee: Dave Jones <davej>
Status: CLOSED NEXTRELEASE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 2CC: alan, pfrields
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-16 05:14:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
dmesg output none

Description Phil Bostley 2004-06-17 21:26:08 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7)
Gecko/20040608

Description of problem:

[root@dhcp-boulder-e-f-12-1 root]# e2fsck -n /dev/hda1
e2fsck 1.35 (28-Feb-2004)
Warning!  /dev/hda1 is mounted.
Warning: skipping journal recovery because doing a read-only
filesystem check.
 <3>Debug: sleeping function called from invalid context at
include/linux/rwsem.h:43
in_atomic():0, irqs_disabled():1
 [<c0116977>] __might_sleep+0x80/0x8a
 [<c0114467>] do_page_fault+0x71/0x460
 [<c01143f6>] do_page_fault+0x0/0x460
 [<c02891bf>] error_code+0x2f/0x40

Unable to handle kernel paging request at virtual address 00006e9c
 printing eip:
00003c48
*pde = 00000000
Oops: 0002 [#15]
Modules linked in: snd_mixer_oss snd soundcore ipv6 parport_pc lp
parport autofs4 ds yenta_socket pcmcia_core sunrpc xircom_cb floppy sg
scsi_mod dm_mod ext3 jbd
CPU:    0
EIP:    00c0:[<00003c48>]    Not tainted
EFLAGS: 00210017   (2.6.6-1.435)
EIP is at 0x3c48
eax: 00000000   ebx: 00000001   ecx: 00000000   edx: 00000000
esi: 0000530a   edi: 00000014   ebp: c6316e9e   esp: c6316e9a
ds: 00c8   es: 0000   ss: 0068
Process e2fsck (pid: 4558, threadinfo=c6316000 task=c29aa750)
Stack: 6f68c111 3ed56ea8 6ea84040 00c80000 00000000 00c0530a 00016ebc
00000000
       0016530a 40900020 000000b8 00000000 227f0000 0060c011 00000000
00000000
       007b0000 007b0000 edc00000 a3c0c1d7 0286c568 00000020 0000c568
6f4ec1d7
Call Trace:

Code:  Bad EIP value.
Segmentation fault

[root@dhcp-boulder-e-f-12-1 root]# cat /proc/version
Linux version 2.6.6-1.435 (bhcompile.redhat.com) (gcc
version 3.3.3 20040412 (Red Hat Linux 3.3.3-7)) #1 Mon Jun 14 09:09:05
EDT 2004
[root@dhcp-boulder-e-f-12-1 root]# lspci -v
00:00.0 Host bridge: Integrated Technology Express, Inc. IT8330G (rev 03)
        Flags: bus master, medium devsel, latency 0

00:10.0 VGA compatible controller: Neomagic Corporation NM2160
[MagicGraph 128XD] (rev 01) (prog-if 00 [VGA])
        Flags: bus master, medium devsel, latency 128, IRQ 10
        Memory at fd000000 (32-bit, prefetchable)
        Memory at fea00000 (32-bit, non-prefetchable) [size=2M]
        Memory at fed00000 (32-bit, non-prefetchable) [size=1M]

00:12.0 ISA bridge: Integrated Technology Express, Inc. IT8330G (rev c1)
        Flags: bus master, medium devsel, latency 0

00:12.1 IDE interface: Integrated Technology Express, Inc. IT8330G
(rev 11) (prog-if 0a [SecP PriP])
        Flags: medium devsel
        I/O ports at <ignored>
        I/O ports at <ignored>
        I/O ports at <ignored>
        I/O ports at <ignored>
        I/O ports at fcf0 [size=16]

00:18.0 CardBus bridge: Texas Instruments PCI1131 (rev 01)
        Flags: bus master, medium devsel, latency 168, IRQ 10
        Memory at 10000000 (32-bit, non-prefetchable)
        Bus: primary=00, secondary=01, subordinate=04, sec-latency=176
        Memory window 0: 10400000-107ff000 (prefetchable)
        Memory window 1: 10800000-10bff000
        I/O window 0: 00004000-000040ff
        I/O window 1: 00004400-000044ff
        16-bit legacy interface ports at 0001

00:18.1 CardBus bridge: Texas Instruments PCI1131 (rev 01)
        Flags: bus master, medium devsel, latency 168, IRQ 10
        Memory at 10001000 (32-bit, non-prefetchable)
        Bus: primary=00, secondary=05, subordinate=08, sec-latency=176
        Memory window 0: 10c00000-10fff000 (prefetchable)
        Memory window 1: 11000000-113ff000
        I/O window 0: 00004800-000048ff
        I/O window 1: 00004c00-00004cff
        16-bit legacy interface ports at 0001

01:00.0 Ethernet controller: Xircom Cardbus Ethernet 10/100 (rev 03)
        Subsystem: Xircom Cardbus Ethernet 10/100
        Flags: bus master, medium devsel, latency 64, IRQ 10
        I/O ports at 4000 [size=260M]
        Memory at 10800000 (32-bit, non-prefetchable) [size=2K]
        Memory at 10800800 (32-bit, non-prefetchable) [size=2K]
        Expansion ROM at 00004000 [disabled]
        Capabilities: [dc] Power Management version 1




Version-Release number of selected component (if applicable):
e2fsprogs-1.35-7.1

How reproducible:
Always

Steps to Reproduce:
1. boot
2. type root password (when e2fsck fails)
3. e2fsck /dev/hda1

Really... 

1. boot 

will do it, as the startup scripts run fsck, and it dies there also..
    

Actual Results:  Segmentation fault... bad things..  I think most of
it is in the description..

Expected Results:  /boot: clean, xx/yyyy files, aaaa/bbbbb blocks
obviously with real numbers in there, not a,b,x etc...

Additional info:

This is on a K6-3 laptop.  It has done it with atleast 3 different
harddrives..  Redhat 9 (stock) worked just fine..  If I hack up the
boot scripts to NOT fsck the machine, everything else works just fine.

It did it with the stock 2.6.5 i586 kernel, and with the patch 2.6.6
kernel.  I have not built my own kernel, as I don't know what is
causing this to turn it off.. 

Like I said earlier this does this on the initial / check also.  At
that time only the jdb, ext3, and dm_mod modules are loaded.

Comment 1 Alan Cox 2004-06-19 02:46:09 UTC
Can you attach a dmesg of the boot if possible ?
I'm especially interested in the IDE messages


Comment 2 Phil Bostley 2004-06-21 17:18:40 UTC
Created attachment 101301 [details]
dmesg output

Attached is the output from dmesg.  (with apm turned on)

booting with apm=off solves the problem for me, so at this point I am guessing
that the APM bios is fubar..  (and for some reason its trying to sleep while
fscking..)

Comment 3 Alan Cox 2004-06-21 23:01:58 UTC
Thanks. If you get a moment can you grab dmidecode.c from
people.redhat.com/arjanv compile it (gcc -o dmidecode dmidecode.c) and
run it ./dmidecode then attach the results to the bug. That way we can
disable apm automatically for your machine


Comment 4 Dave Jones 2005-04-16 05:14:32 UTC
Fedora Core 2 has now reached end of life, and no further updates will be
provided by Red Hat.  The Fedora legacy project will be producing further kernel
updates for security problems only.

If this bug has not been fixed in the latest Fedora Core 2 update kernel, please
try to reproduce it under Fedora Core 3, and reopen if necessary, changing the
product version accordingly.

Thank you.