270141 – oops - unable to handle kernel paging request at virtual address 60001018

Bug 270141 - oops - unable to handle kernel paging request at virtual address 60001018

Summary: oops - unable to handle kernel paging request at virtual address 60001018

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	kernel
Sub Component:
Version:	7
Hardware:	i686
OS:	Linux
Priority:	medium
Severity:	high
Target Milestone:	---
Assignee:	Kernel Maintainer List
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2007-08-31 03:31 UTC by Christopher Beland
Modified:	2008-01-14 17:21 UTC (History)
CC List:	2 users (show)
Fixed In Version:	2.6.22.5-76.fc7
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2007-10-02 11:57:45 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Christopher Beland 2007-08-31 03:31:03 UTC

kernel-2.6.22.4-65.fc7

I was using pup when it stopped redrawing.  I found an oops on my
terminal and was able to save the output before the system seized up
entirely and I had to hard-reboot.  From my system logs:

Aug 30 19:03:29 localhost gconfd (root-23892): starting (version 2.18.0.1), pid
23892 user 'root'
Aug 30 19:03:29 localhost gconfd (root-23892): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.mandatory" to a read-only configuration
source at position 0
Aug 30 19:03:29 localhost gconfd (root-23892): Resolved address
"xml:readwrite:/root/.gconf" to a writable configuration source at position 1
Aug 30 19:03:29 localhost gconfd (root-23892): Resolved address
"xml:readonly:/etc/gconf/gconf.xml.defaults" to a read-only configuration source
at position 2
Aug 30 19:03:59 localhost gconfd (root-23892): GConf server is not in use,
shutting down.
Aug 30 19:04:00 localhost gconfd (root-23892): Exiting
Aug 30 19:04:38 localhost kernel: BUG: unable to handle kernel paging request at
virtual address 60001018
Aug 30 19:04:38 localhost kernel:  printing eip:
Aug 30 19:04:38 localhost kernel: ee92768a
Aug 30 19:04:38 localhost kernel: *pde = 00000000
Aug 30 19:04:39 localhost kernel: Oops: 0000 [#1]
Aug 30 19:04:39 localhost kernel: SMP 
Aug 30 19:04:39 localhost kernel: last sysfs file: /block/sda/sda1/stat
Aug 30 19:04:39 localhost kernel: Modules linked in: arc4 ecb blkcipher
rc80211_simple b43 ssb mac80211 cfg80211 i915 drm autofs4
nf_conntrack_netbios_ns nf_conntrack_ipv4 ipt_REJECT iptable_filter ip_tables
nf_conntrack_ipv6 xt_state nf_conntrack nfnetlink xt_tcpudp ip6t_REJECT
ip6table_filter ip6_tables x_tables dm_mirror dm_mod video sbs button dock
battery ac ipv6 snd_intel8x0 snd_seq_dummy snd_intel8x0m snd_ac97_codec ac97_bus
snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device 8139cp firewire_ohci
snd_pcm_oss firewire_core snd_mixer_oss crc_itu_t 8139too snd_pcm mii snd_timer
i2c_i801 snd iTCO_wdt serio_raw i2c_core rtc_cmos iTCO_vendor_support soundcore
snd_page_alloc joydev sr_mod cdrom sg ata_piix ata_generic libata sd_mod
scsi_mod ext3 jbd mbcache ehci_hcd ohci_hcd uhci_hcd
Aug 30 19:04:39 localhost kernel: CPU:    0
Aug 30 19:04:39 localhost kernel: EIP:    0060:[<ee92768a>]    Not tainted VLI
Aug 30 19:04:39 localhost kernel: EFLAGS: 00010206   (2.6.22.4-65.fc7 #1)
Aug 30 19:04:39 localhost kernel: EIP is at ext3_discard_reservation+0x1c/0x4e
[ext3]
Aug 30 19:04:40 localhost kernel: eax: edd70400   ebx: c1770000   ecx: edec1f08
  edx: ffffffff
Aug 30 19:04:40 localhost kernel: esi: 60001000   edi: c0007c38   ebp: 60001014
  esp: edec1ebc
Aug 30 19:04:40 localhost kernel: ds: 007b   es: 007b   fs: 00d8  gs: 0000  ss: 0068
Aug 30 19:04:40 localhost kernel: Process kswapd0 (pid: 163, ti=edec1000
task=c171f200 task.ti=edec1000)
Aug 30 19:04:40 localhost kernel: Stack: c0007ba0 c0007c38 60001000 edec1f08
ee9310b3 c0007c38 c0007d70 0000004f 
Aug 30 19:04:40 localhost kernel:        c0489a5b 0000004f c0007c38 c0007c40
c0489cff e93c8858 00000000 00000080 
Aug 30 19:04:40 localhost kernel:        00000080 c0489ef2 00000080 d00b2480
cbac6c40 000007d0 ededd060 00000081 
Aug 30 19:04:40 localhost kernel: Call Trace:
Aug 30 19:04:40 localhost kernel:  [<ee9310b3>] ext3_clear_inode+0x5d/0x76 [ext3]
Aug 30 19:04:40 localhost kernel:  [<c0489a5b>] clear_inode+0xcc/0x11a
Aug 30 19:04:40 localhost kernel:  [<c0489cff>] dispose_list+0x33/0xb1
Aug 30 19:04:40 localhost kernel:  [<c0489ef2>] shrink_icache_memory+0x175/0x19d
Aug 30 19:04:40 localhost kernel:  [<c04635ff>] shrink_slab+0xd5/0x134
Aug 30 19:04:40 localhost kernel:  [<c0463971>] kswapd+0x297/0x3f2
Aug 30 19:04:40 localhost kernel:  [<c04370e5>] autoremove_wake_function+0x0/0x35
Aug 30 19:04:40 localhost kernel:  [<c04636da>] kswapd+0x0/0x3f2
Aug 30 19:04:40 localhost kernel:  [<c043701e>] kthread+0x38/0x5e
Aug 30 19:04:40 localhost kernel:  [<c0436fe6>] kthread+0x0/0x5e
Aug 30 19:04:40 localhost kernel:  [<c0405b6b>] kernel_thread_helper+0x7/0x10
Aug 30 19:04:40 localhost kernel:  =======================
Aug 30 19:04:40 localhost kernel: Code: c0 f7 d0 83 e0 08 89 42 0c 89 56 bc 5b
5e c3 55 57 89 c7 56 53 8b 70 bc 8b 80 9c 00 00 00 85 f6 8b 98 64 01 00 00 74 2f
8d 6e 14 <83> 7d 04 00 74 26 8d 83 00 41 00 00 e8 b3 3f ce d1 83 7d 04 00 
Aug 30 19:04:40 localhost kernel: EIP: [<ee92768a>]
ext3_discard_reservation+0x1c/0x4e [ext3] SS:ESP 0068:edec1ebc

---

After this oops, I ran a fsck on this hard drive (which I just
installed a about a week ago, to replace a failing drive), and got:

fsck 1.39 (29-May-2006)
e2fsck 1.39 (29-May-2006)
/1: recovering journal
Clearing orphaned inode 65708 (uid=500, gid=500, mode=0100644, size=13186)
Clearing orphaned inode 317220 (uid=0, gid=0, mode=0100755, size=84916)
Clearing orphaned inode 313171 (uid=0, gid=0, mode=0100755, size=313848)
Clearing orphaned inode 262647 (uid=0, gid=0, mode=0100644, size=1564)
Clearing orphaned inode 7880818 (uid=0, gid=0, mode=0100644, size=5184268)
Clearing orphaned inode 314073 (uid=0, gid=0, mode=0100755, size=169984)
Clearing orphaned inode 415790 (uid=0, gid=0, mode=0100755, size=111132)
Clearing orphaned inode 415789 (uid=0, gid=0, mode=0100755, size=6612)
Clearing orphaned inode 319473 (uid=0, gid=0, mode=0100755, size=16392)
Clearing orphaned inode 4964435 (uid=0, gid=0, mode=0100644, size=4908032)
Clearing orphaned inode 100104 (uid=0, gid=0, mode=0100644, size=5453824)
Clearing orphaned inode 4966975 (uid=0, gid=0, mode=0100644, size=1704960)
Clearing orphaned inode 3195868 (uid=0, gid=0, mode=0100644, size=696320)
Clearing orphaned inode 99336 (uid=0, gid=0, mode=0100644, size=15584256)
Clearing orphaned inode 461082 (uid=0, gid=0, mode=0100755, size=115056)
Clearing orphaned inode 317110 (uid=0, gid=0, mode=0100755, size=470092)
Clearing orphaned inode 317329 (uid=0, gid=0, mode=0100755, size=1138020)
Clearing orphaned inode 317668 (uid=0, gid=0, mode=0100755, size=150068)
Clearing orphaned inode 317429 (uid=0, gid=0, mode=0100755, size=382888)
Clearing orphaned inode 315548 (uid=0, gid=0, mode=0100755, size=30488)
Clearing orphaned inode 508459 (uid=27, gid=27, mode=0100600, size=0)
Clearing orphaned inode 508457 (uid=27, gid=27, mode=0100600, size=0)
Clearing orphaned inode 508456 (uid=27, gid=27, mode=0100600, size=0)
Clearing orphaned inode 508455 (uid=27, gid=27, mode=0100600, size=0)
Clearing orphaned inode 508438 (uid=27, gid=27, mode=0100600, size=0)
/1: clean, 354532/12025856 files, 14916237/24045280 blocks

Comment 1 Chuck Ebbert 2007-09-01 00:04:22 UTC

void ext3_discard_reservation(struct inode *inode)
{
        struct ext3_inode_info *ei = EXT3_I(inode);
        struct ext3_block_alloc_info *block_i = ei->i_block_alloc_info;
        struct ext3_reserve_window_node *rsv;
        spinlock_t *rsv_lock = &EXT3_SB(inode->i_sb)->s_rsv_window_lock;

        if (!block_i)
                return;

        rsv = &block_i->rsv_window_node;         <=====| block_i == 0x60001000
        if (!rsv_is_empty(&rsv->rsv_window)) {   <=====| rsv == 0x60001014
                spin_lock(rsv_lock);
                if (!rsv_is_empty(&rsv->rsv_window))
                        rsv_window_remove(inode->i_sb, rsv);
                spin_unlock(rsv_lock);
        }
}

Comment 2 Christopher Brown 2007-10-01 14:32:08 UTC

Hello,

I'm reviewing this bug as part of the kernel bug triage project, an attempt to
isolate current bugs in the fedora kernel.

http://fedoraproject.org/wiki/KernelBugTriage

I am CC'ing myself to this bug and will try and assist you in resolving it if I can.

There hasn't been much activity on this bug for a while. Could you tell me if
you are still having problems with the latest kernel?

If the problem no longer exists then please close this bug or I'll do so in a
few days if there is no additional information lodged.

Comment 3 Christopher Beland 2007-10-01 18:59:45 UTC

I haven't experienced this problem again since, but given the sporadic nature of
this kind of problem, it's unclear to me that it was caused by a software bug
which has since been fixed.

Comment 4 Christopher Brown 2007-10-02 11:57:45 UTC

Okay Christopher, thanks for the update. I'll close then but please re-open if
it comes back.

Cheers
Chris

Comment 5 Eric Sandeen 2007-10-02 14:27:54 UTC

For posterity, I think it's possible that this patch might have addressed the
problem.  It's hard to tell without a bit more investigation, or heavy thought.

:)

http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=a6c15c2b0fbfd5c0a84f5f0e1e3f20f85d2b8692

-Eric

Comment 6 Christopher Beland 2008-01-14 17:21:20 UTC

Occurring again; see bug 428329.

Note You need to log in before you can comment on or make changes to this bug.