Description of problem: Platform: Dual opteron, Tyan After upgrade to 2.6.15-1.1830_FC4smp and finally 2.6.15-1.1831_FC4smp server started crashing, even several times per day. Version-Release number of selected component (if applicable): kernel 2.6.15-1.1830_FC4smp Additional info: It seems that the bug was hit by "EnableMMAP" in apache, but I'm not sure. I have disabled apache's MMAP feature for now. Here's netconsole log: Feb 20 11:48:33 someserver printk: 1 messages suppressed. Feb 20 11:48:33 someserver kernel: printk: 1 messages suppressed. Feb 20 11:48:42 someserver Eeek! page_mapcount(page) went negative! (-1) Feb 20 11:48:42 someserver page->flags = 400 Feb 20 11:48:42 someserver page->count = 1 Feb 20 11:48:42 someserver page->mapping = 0000000000000000 Feb 20 11:48:42 someserver ----------- [cut here ] --------- [please bite here ] --------- Feb 20 11:48:42 someserver Kernel BUG at mm/rmap.c:493 Feb 20 11:48:42 someserver invalid operand: 0000 [1] SMP Feb 20 11:48:42 someserver last sysfs file: /devices/system/cpu/cpu0/cpufreq/scaling_setspeed Feb 20 11:48:42 someserver CPU 0 Feb 20 11:48:42 someserver Modules linked in: ipt_comment netconsole netdump loop nfsd exportfs lockd nfs_acl ipv6 w83627hf eeprom lm85 w83781d hwmon_vid hwmon i2c_isa i2c_amd756 sunrpc pcmcia yenta_socket rsrc_nonstatic pcmcia_core ip_conntrack_ftp iptable_mangle ipt_owner i t_LOG ipt_limit ipt_state iptable_filter iptable_nat ip_nat ip_conntrack nfnetlink ip_tables video button battery ac i2o_config ohci_hcd i2c_ md8111 i2c_core hw_random eepro100 e100 mii tg3 ext3 jbd dm_mod i2o_block i2o_core sata_sil libata sd_mod scsi_mod Feb 20 11:48:42 someserver Pid: 10267, comm: httpd Not tainted 2.6.15-1.1831_FC4smp #1 Feb 20 11:48:42 someserver RIP: 0010:[<ffffffff8017dd87>] <ffffffff8017dd87>{page_remove_rmap+129} Feb 20 11:48:42 someserver RSP: 0018:ffff810073613db8 EFLAGS: 00010286 Feb 20 11:48:42 someserver RAX: 00000000ffffffff RBX: ffff810001000000 RCX: 00000000005a0000 Feb 20 11:48:42 someserver RDX: 0000000000000000 RSI: 0000000000000246 RDI: ffffffff8044cf70 Feb 20 11:48:42 someserver RBP: 00002aaab2c72000 R08: 00000000005a0004 R09: 0000000000000000 Feb 20 11:48:42 someserver R10: 0000000000000000 R11: 0000000000000000 R12: ffff8100005fa390 Feb 20 11:48:42 someserver R13: 00002aaab2e00000 R14: ffff810001000000 R15: 00002aaac0000000 Feb 20 11:48:42 someserver FS: 00002aaaac9ebfc0(0000) GS:ffffffff8059b000(0000) knlGS:00000000f7eb16c0 Feb 20 11:48:42 someserver CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b Feb 20 11:48:42 someserver CR2: 00002aaac3cc0830 CR3: 0000000000101000 CR4: 00000000000006e0 Feb 20 11:48:42 someserver Process httpd (pid: 10267, threadinfo ffff810073612000, task ffff810068b067a0) Feb 20 11:48:42 someserver Stack: 0000000000000000 ffffffff801767c0 0000000000000000 ffff810073613eb8 Feb 20 11:48:42 someserver ffffffffffffffff 0000000000000000 ffff810064fa0250 ffff810073613ec0 Feb 20 11:48:42 someserver 000000000016006d 0000000100000001 Feb 20 11:48:42 someserver Call Trace:<ffffffff801767c0>{unmap_vmas+1071} <ffffffff80179938>{exit_mmap+124} Feb 20 11:48:42 someserver <ffffffff80139f66>{mmput+37} <ffffffff8013f1c4>{do_exit+584} Feb 20 11:48:42 someserver <ffffffff8013fcc1>{sys_exit_group+0} <ffffffff8010fc60>{tracesys+209} Feb 20 11:48:42 someserver Feb 20 11:48:42 someserver
This bug has been around for a while. We've not got an answer for why this happens yet. It has upstream puzzled too.
[This comment added as part of a mass-update to all open FC4 kernel bugs] FC4 has now transitioned to the Fedora legacy project, which will continue to release security related updates for the kernel. As this bug is not security related, it is unlikely to be fixed in an update for FC4, and has been migrated to FC5. Please retest with Fedora Core 5. Thank you.
A new kernel update has been released (Version: 2.6.18-1.2200.fc5) based upon a new upstream kernel release. Please retest against this new kernel, as a large number of patches go into each upstream release, possibly including changes that may address this problem. This bug has been placed in NEEDINFO state. Due to the large volume of inactive bugs in bugzilla, if this bug is still in this state in two weeks time, it will be closed. Should this bug still be relevant after this period, the reporter can reopen the bug at any time. Any other users on the Cc: list of this bug can request that the bug be reopened by adding a comment to the bug. In the last few updates, some users upgrading from FC4->FC5 have reported that installing a kernel update has left their systems unbootable. If you have been affected by this problem please check you only have one version of device-mapper & lvm2 installed. See bug 207474 for further details. If this bug is a problem preventing you from installing the release this version is filed against, please see bug 169613. If this bug has been fixed, but you are now experiencing a different problem, please file a separate bug for the new problem. Thank you.
This bug has been mass-closed along with all other bugs that have been in NEEDINFO state for several months. Due to the large volume of inactive bugs in bugzilla, this is the only method we have of cleaning out stale bug reports where the reporter has disappeared. If you can reproduce this bug after installing all the current updates, please reopen this bug. If you are not the reporter, you can add a comment requesting it be reopened, and someone will get to it asap. Thank you.