Bug 449874

Summary: kernel BUG at include/linux/tracehook.h:345!
Product: [Fedora] Fedora Reporter: Eric Harney <eharney>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: low    
Version: 9   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-06-06 00:57:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Eric Harney 2008-06-04 02:02:49 UTC 
Description of problem:
Kernel crash.  The only time I've seen this happen is when starting wine, but
there it does every single time.

System completely freezes, no network, no way to interact it at all.

Disclaimer: The dump was recorded using a camera and then transcribed to text by
hand.

If any additional troubleshooting is desired, let me know, as this seems easily
reproducible.

Version-Release number of selected component (if applicable):
Linux hypnotoad 2.6.25.3-18.fc9.x86_64 #1 SMP Tue May 13 04:54:47 EDT 2008
x86_64 x86_64 x86_64 GNU/Linux

How reproducible:
Every time

Steps to Reproduce:
1. Run "wine notepad.exe"
2. Kernel explodes
  
Additional info:


# ------------[ cut here ]------------
kernel BUG at include/linux/tracehook.h:345!
invalid opcode: 0000 [1] SMP
CPU 1
Modules linked in: w83627hf hwmon_vid eeprom sunrpc nf_conntrack_ipv4 ipt_REJECT
iptable_filter ip_tables nf_conntrack_netbios_ns nf_conntrack_ftp nf_conntrack_
ipv6 xt_state nf_conntrack xt_tcpudp ip6t_ipv6header ip6t_REJECT ip6table_filter
ip6_tables x_tables ipv6 powernow_k8 freq_table fuse vfat fat dm_multipath sr_m
od cdrom snd_intel8x0 pcspkr serio_raw k8temp hwmon forcedeth snd_ca0106
snd_rawmidi snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss snd_seq_midi_event
snd_se
q snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd soundcore
i2c_nforce2 snd_page_alloc i2c_core button sg pata_amd joydev dm_snapshot
dm_zero dm_
mirror dm_mod sata_nv ata_generic pata_acpi libata sd_mod scsi_mod raid456
async_xor async_memcpy async_tx xor raid0 ext3 jbd mbcache uhci_hcd ohci_hcd
ehci_hcd
 [last unloaded: scsi_wait_scan]
Pid: 3327, comm: spoolsv.exe Not tainted 2.6.25.3-18.fc9.x86_64 #1
RIP: 0010:[<ffffffff810369ee>]  [<ffffffff810369ee>] release_task+0x5c/0x384
RSP: 0018:ffff810061c8fce8  EFLAGS: 00010087
RAX: ffff81007e8ab600 RBX: ffff810061c28000 RCX: 0000000000000012
RDX: ffff81007e8ab600 RSI: ffff810061c8fcd8 RDI: ffffffff813f8000
RBP: ffff810061c8fd18 R08: 000000000000000c R09: 0000000000000000
R10: ffffffff8136b482 R11: ffff810061c8fca5 R12: ffff810061c28000
R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff814b6af8
FS:  000000007ffd4000(0000) GS:ffff81007f802680(0000) knlGS:00000000f7eea6c0
CS:  0010 DS: 002b ES: 002b CR0: 000000000005003b
CR2: 000000000004f480 CR3: 0000000061d12000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process spoolsv.exe (pid: 3327, threadinfo ffff810061c8e000, task ffff810061d2e000)
Stack:  ffff810061d2e808 0000000000000020 ffff810061d2e000 0000000000000000
 ffff810061d2dff0 0000000000000001 ffff810061c8fd68 ffffffff81037f8b
 ffff810061d2e260 ffff810061d2e260 0000000000000000 ffff810061c7d700
Call Trace:
 [<ffffffff81037f8b>] do_exit+0x5b0/0x656
 [<ffffffff810380ac>] do_group_exit+0x7b/0x96
 [<ffffffff81041708>] get_signal_to_deliver+0x25e/0x28e
 [<ffffffff8100b1ce>] do_notify_resume+0xc3/0x8d6
 [<ffffffff810b80df>] ? destroy_inode+0x4b/0x4f
 [<ffffffff810b8738>] ? generic_drop_inode+0x153/0x158
 [<ffffffff8106d33c>] ? audit_syscall_exit+0x331/0x353
 [<ffffffff8105332f>] ? compat_sys_futex+0xef/0x10d
 [<ffffffff8100c0ec>] int_signal+0x12/0x17


Code: 49 8b 84 24 30 04 00 00 f0 ff 48 04 4c 89 e7 e8 a8 f7 0a 00 48 c7 c7 00 80
3f 81 e8 e4 b9 25 00 41 83 bc 24 38 02 00 00 20 74 04 <0f> 0b eb fe 49 83 bc 24
 f0 07 00 00 00 74 29 49 8d 9c 24 08 08
RIP  [<ffffffff810369ee>] release_task+0x5c/0x384
 RSP <ffff810061c8fce8>
---[ end trace cb5bb6afd4886816 ]---
Fixing recursive fault but reboot is needed!
Comment 1 Eric Harney 2008-06-05 12:28:15 UTC 
static inline void tracehook_release_task_locked(struct task_struct *p)
{
        int bad = 0;
        BUG_ON(p->exit_state != EXIT_DEAD);
Comment 2 Chuck Ebbert 2008-06-06 00:57:38 UTC 
Bug just keeps coming back...

*** This bug has been marked as a duplicate of 249093 ***