Bug 126454
| Summary: | cups and kernel BUG at mm/rmap.c:406 | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Oliver Paukstadt <pstadt> |
| Component: | kernel | Assignee: | Dave Jones <davej> |
| Status: | CLOSED NEXTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 2 | CC: | pfrields |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2005-04-16 04:32:51 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
I am getting the same problem when exiting X with 2.6.6-1.435
swap_free: Bad swap file entry 20397880
swap_free: Bad swap offset entry 003840c6
swap_free: Bad swap offset entry 00890d74
------------[ cut here ]------------
kernel BUG at mm/rmap.c:406!
invalid operand: 0000 [#1]
Modules linked in: parport_pc lp parport autofs4 nfs lockd sunrpc
via_rhine mii
floppy sg scsi_mod radeon ipv6 nls_utf8 nls_cp437 vfat fat dm_mod
uhci_hcd ehci_hcd button battery asus_acpi ac ext3 jbd
CPU: 0
EIP: 0060:[<c013b819>] Not tainted
EFLAGS: 00010246 (2.6.6-1.435)
EIP is at page_remove_rmap+0x18/0x56
eax: 00000000 ebx: c1000360 ecx: 00000000 edx: c1000360
esi: 00000000 edi: 00005000 ebp: 00000020 esp: cd31dc08
ds: 007b es: 007b ss: 0068
Process cpp (pid: 2386, threadinfo=cd31d000 task=cd5197d0)
Stack: c0136b43 cb8a6b64 00011000 00ad4000 c034f7b8 00ad4000 00ae5000
cd41100c
c034f7b8 c0136be7 00011000 00000000 00ad4000 cd41100c 00ae5000
c034f7b8
c0136c3e 00011000 00000000 cd31dcb4 00ad4000 cb56336c 003ff000
c0136d60
Call Trace:
[<c0136b43>] zap_pte_range+0x1ca/0x234
[<c0136be7>] zap_pmd_range+0x3a/0x55
[<c0136c3e>] unmap_page_range+0x3c/0x57
[<c0136d60>] unmap_vmas+0x107/0x1ec
[<c013a1eb>] exit_mmap+0x56/0x109
[<c0116d6e>] mmput+0x3d/0x51
[<c014a25f>] exec_mmap+0x9c/0xb6
[<c014a738>] flush_old_exec+0x4bf/0x64a
[<c01606b8>] load_elf_binary+0x486/0xad8
[<c0104d4d>] arch_align_stack+0x40/0x52
[<c010522c>] mmap_top+0x2e/0x3e
[<c012fc19>] __alloc_pages+0x2ab/0x2b5
[<c014aac7>] search_binary_handler+0x6f/0x199
[<c014ad78>] do_execve+0x187/0x219
[<c0104911>] sys_execve+0x2a/0x6f
[<c0288f87>] syscall_call+0x7/0xb
Code: 0f 0b 96 01 8e ce 29 c0 48 89 42 08 85 c0 75 2d 8b 02 a9 00
<6>note: cpp[2386] exited with preempt_count 1
Debug: sleeping function called from invalid context at
include/linux/rwsem.h:43in_atomic():1, irqs_disabled():0
[<c0116977>] __might_sleep+0x80/0x8a
[<c0119c8d>] do_exit+0xd6/0x2e3
[<c010623a>] do_divide_error+0x0/0xaa
[<c0106425>] do_invalid_op+0x0/0x95
[<c01064b4>] do_invalid_op+0x8f/0x95
[<c013b819>] page_remove_rmap+0x18/0x56
[<c01157b6>] activate_task+0x51/0x5c
[<c0115f0d>] __wake_up_common+0x32/0x54
[<c0115f40>] __wake_up+0x11/0x1a
[<c02891bf>] error_code+0x2f/0x40
[<c013b819>] page_remove_rmap+0x18/0x56
[<c0136b43>] zap_pte_range+0x1ca/0x234
[<c0136be7>] zap_pmd_range+0x3a/0x55
[<c0136c3e>] unmap_page_range+0x3c/0x57
[<c0136d60>] unmap_vmas+0x107/0x1ec
[<c013a1eb>] exit_mmap+0x56/0x109
[<c0116d6e>] mmput+0x3d/0x51
[<c014a25f>] exec_mmap+0x9c/0xb6
[<c014a738>] flush_old_exec+0x4bf/0x64a
[<c01606b8>] load_elf_binary+0x486/0xad8
[<c0104d4d>] arch_align_stack+0x40/0x52
[<c010522c>] mmap_top+0x2e/0x3e
[<c012fc19>] __alloc_pages+0x2ab/0x2b5
[<c014aac7>] search_binary_handler+0x6f/0x199
[<c014ad78>] do_execve+0x187/0x219
[<c0104911>] sys_execve+0x2a/0x6f
[<c0288f87>] syscall_call+0x7/0xb
Bad page state at prep_new_page (in process 'X', page c1000360)
flags:0x00000010 mapping:00000000 mapcount:0 count:0
Backtrace:
[<c012f1a7>] bad_page+0x56/0x80
[<c012f501>] prep_new_page+0x23/0x39
[<c012f94b>] buffered_rmqueue+0x124/0x147
[<c012fa0f>] __alloc_pages+0xa1/0x2b5
[<c012fc3b>] __get_free_pages+0x18/0x24
[<c01508f4>] __pollwait+0x2d/0x94
[<c0284b67>] unix_poll+0x12/0x70
[<c0236dd9>] sock_poll+0x12/0x14
[<c0150b6c>] do_select+0x164/0x277
[<c01508c7>] __pollwait+0x0/0x94
[<c0150f80>] sys_select+0x2ee/0x429
[<c011aa4b>] sys_gettimeofday+0x4c/0x9e
[<c0288f87>] syscall_call+0x7/0xb
Trying to fix it up, but a reboot is needed
how does this look in the latest 2.6.10 updates ? I replaced some of the memory modules in the box and since that it works without problems. For me its a duplicate of Bug 127903, because it was the same box and "NOTABUG" again. Fedora Core 2 has now reached end of life, and no further updates will be provided by Red Hat. The Fedora legacy project will be producing further kernel updates for security problems only. If this bug has not been fixed in the latest Fedora Core 2 update kernel, please try to reproduce it under Fedora Core 3, and reopen if necessary, changing the product version accordingly. Thank you. |
Description of problem: ------------[ cut here ]------------ kernel BUG at mm/rmap.c:406! invalid operand: 0000 [#5] Modules linked in: tun parport_pc lp parport ppp_synctty ppp_async ppp_generic slhc 3c59x smc_ultra 8390 ipv6 ipt_LOG ipt_multiport ipt_state iptable_filter ipt_MASQUERADE iptable_nat ip_conntrack_ftp ip_conntrack ip_tables sg sr_mod dm_mod ext3 jbd aic7xxx sd_mod scsi_mod CPU: 0 EIP: 0060:[<c013b819>] Not tainted EFLAGS: 00010246 (2.6.6-1.435) EIP is at page_remove_rmap+0x18/0x56 eax: 00000000 ebx: c1132cc0 ecx: c1135ca0 edx: c1132cc0 esi: 00000000 edi: 0000f000 ebp: 00000000 esp: c502dc08 ds: 007b es: 007b ss: 0068 Process cupsd (pid: 8433, threadinfo=c502d000 task=ca7c31b0) Stack: c0136b43 cad66774 000e1000 005ce000 c034f7b8 005ce000 006af000 c2655008 c034f7b8 c0136be7 000e1000 00000000 005ce000 c2655008 006af000 c034f7b8 c0136c3e 000e1000 00000000 c502dcb4 005ce000 c65d4af8 001df000 c0136d60 Call Trace: [<c0136b43>] zap_pte_range+0x1ca/0x234 [<c0136be7>] zap_pmd_range+0x3a/0x55 [<c0136c3e>] unmap_page_range+0x3c/0x57 [<c0136d60>] unmap_vmas+0x107/0x1ec [<c013a1eb>] exit_mmap+0x56/0x109 [<c0116d6e>] mmput+0x3d/0x51 [<c014a25f>] exec_mmap+0x9c/0xb6 [<c014a738>] flush_old_exec+0x4bf/0x64a [<c01606b8>] load_elf_binary+0x486/0xad8 [<c0104d4d>] arch_align_stack+0x40/0x52 [<c010522c>] mmap_top+0x2e/0x3e [<c014aac7>] search_binary_handler+0x6f/0x199 [<c014ad78>] do_execve+0x187/0x219 [<c0104911>] sys_execve+0x2a/0x6f [<c0288f87>] syscall_call+0x7/0xb Code: 0f 0b 96 01 8e ce 29 c0 48 89 42 08 85 c0 75 2d 8b 02 a9 00 <6>note: cupsd[8433] exited with preempt_count 1 Debug: sleeping function called from invalid context at include/linux/rwsem.h:43in_atomic():1, irqs_disabled():0 [<c0116977>] __might_sleep+0x80/0x8a [<c0119c8d>] do_exit+0xd6/0x2e3 [<c010623a>] do_divide_error+0x0/0xaa [<c0106425>] do_invalid_op+0x0/0x95 [<c01064b4>] do_invalid_op+0x8f/0x95 [<c013b819>] page_remove_rmap+0x18/0x56 [<c012d177>] do_generic_mapping_read+0x2a1/0x2a9 [<cc85b757>] __journal_file_buffer+0xcd/0x1a6 [jbd] [<c02891bf>] error_code+0x2f/0x40 [<c013b819>] page_remove_rmap+0x18/0x56 [<c0136b43>] zap_pte_range+0x1ca/0x234 [<c0136be7>] zap_pmd_range+0x3a/0x55 [<c0136c3e>] unmap_page_range+0x3c/0x57 [<c0136d60>] unmap_vmas+0x107/0x1ec [<c013a1eb>] exit_mmap+0x56/0x109 [<c0116d6e>] mmput+0x3d/0x51 [<c014a25f>] exec_mmap+0x9c/0xb6 [<c014a738>] flush_old_exec+0x4bf/0x64a [<c01606b8>] load_elf_binary+0x486/0xad8 [<c0104d4d>] arch_align_stack+0x40/0x52 [<c010522c>] mmap_top+0x2e/0x3e [<c014aac7>] search_binary_handler+0x6f/0x199 [<c014ad78>] do_execve+0x187/0x219 [<c0104911>] sys_execve+0x2a/0x6f [<c0288f87>] syscall_call+0x7/0xb