Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
For bugs related to Red Hat Enterprise Linux 5 product line. The current stable release is 5.10. For Red Hat Enterprise Linux 6 and above, please visit Red Hat JIRA https://issues.redhat.com/secure/CreateIssue!default.jspa?pid=12332745 to report new issues.

Bug 279431

Summary: fscache BUG on low-memory conditions
Product: Red Hat Enterprise Linux 5 Reporter: Frank Ch. Eigler <fche>
Component: kernelAssignee: David Howells <dhowells>
Status: CLOSED WONTFIX QA Contact: Red Hat Kernel QE team <kernel-qe>
Severity: low Docs Contact:
Priority: medium    
Version: 5.1CC: corey, dhowells, jlayton, mark.preston, pasteur, richard.cunningham, staubach
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-02 20:02:07 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Frank Ch. Eigler 2007-09-05 21:08:25 UTC 
While running some I/O and memory-intensive code (the systemtap
"installcheck" test suite), fscache (operating on a read-only nfs3
mount) died thusly.  As the modules list in the BUG message does
not include any systemtap probes, it seems like the crash occurred
between probe runs - probably while the next one was being built/compiled.

Kernel version: 2.6.18-34.el5debug (brewbuilder.redhat.com)
(gcc version 4.1.1 20070105 (Red Hat 4.1.1-52)) #1 SMP Thu Jul 12 17:12:01 EDT 2007

All this is running under a qemu-kvm image, so I have the disk image.  Maybe
I can get hold of a memory dump too, to help debug further.

----------- [cut here ] --------- [please bite here ] ---------
Kernel BUG at fs/nfs/fscache.h:267
invalid opcode: 0000 [1] SMP 
last sysfs file: /module/uhci_hcd/sections/.text
CPU 0 
Modules linked in: xt_tcpudp iptable_nat ip_nat ip_conntrack nfnetlink ip_tables
x_tables ip
v6 hidp l2cap bluetooth nfs lockd nfs_acl sunrpc cachefiles fscache video sbs
backlight i2c_
ec i2c_core button battery asus_acpi acpi_memhotplug ac lp floppy ata_piix
libata pcspkr 813
9cp 8139too mii serio_raw parport_pc parport ide_cd cdrom dm_snapshot dm_zero
dm_mirror dm_m
od mptspi mptscsih scsi_transport_spi sd_mod scsi_mod mptbase ext3 jbd ehci_hcd
ohci_hcd uhc
i_hcd
Pid: 116, comm: kswapd0 Not tainted 2.6.18-34.el5debug #1
RIP: 0010:[<ffffffff88321ed4>]  [<ffffffff88321ed4>]
:nfs:nfs_fscache_release_page+0x1e/0x5e
RSP: 0000:ffff81002f54fc60  EFLAGS: 00010246
RAX: ffff81002cbc8b00 RBX: ffff8100052d5218 RCX: 0000000000000001
RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8100052d5218
RBP: ffff81002cbc8918 R08: 0000000000000001 R09: 0000000000000000
R10: ffffffff8832b947 R11: ffffffff88321f14 R12: 0000000000000000
R13: ffff81002cbc8b00 R14: 0000000000000000 R15: ffffffffffffffff
FS:  0000000000000000(0000) GS:ffffffff803fe000(0000) knlGS:0000000000000000
CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
CR2: 00002aaaad57a000 CR3: 000000001d30b000 CR4: 00000000000006e0
Process kswapd0 (pid: 116, threadinfo ffff81002f54e000, task ffff81002ff660c0)
Stack:  ffff81002cbc8b00 ffff8100052d5218 0000000000000000 ffffffff88321f51
 ffff81002cbc8b00 ffff8100052d5218 0000000000000001 ffffffff8004546f
 0000000000000001 0000000000000000 ffff8100052d5218 0000000000000246
Call Trace:
 [<ffffffff88321f51>] :nfs:nfs_release_page+0x3d/0x4d
 [<ffffffff8004546f>] invalidate_mapping_pages+0x90/0x15d
 [<ffffffff8002ecb5>] shrink_icache_memory+0xe6/0x1eb
 [<ffffffff80040c55>] shrink_slab+0xdc/0x153
 [<ffffffff80058387>] kswapd+0x35a/0x45e
 [<ffffffff800a017d>] autoremove_wake_function+0x0/0x2e
 [<ffffffff800a46bd>] trace_hardirqs_on+0x11b/0x13f
 [<ffffffff8005802d>] kswapd+0x0/0x45e
 [<ffffffff8009ffc9>] keventd_create_kthread+0x0/0x66
 [<ffffffff80034108>] kthread+0xfe/0x132
 [<ffffffff80066461>] trace_hardirqs_on_thunk+0x35/0x37
 [<ffffffff8005f079>] child_rip+0xa/0x11
 [<ffffffff80066b92>] _spin_unlock_irq+0x24/0x27
 [<ffffffff8005e6a8>] restore_args+0x0/0x30
 [<ffffffff8003400a>] kthread+0x0/0x132
 [<ffffffff8005f06f>] child_rip+0x0/0x11


Code: 0f 0b 68 ce 3d 34 88 c2 0b 01 8b 03 f6 c4 01 74 0d be 08 00 
RIP  [<ffffffff88321ed4>] :nfs:nfs_fscache_release_page+0x1e/0x5e
 RSP <ffff81002f54fc60>
Comment 1 David Mair 2008-01-09 00:01:49 UTC 
*** Bug 419821 has been marked as a duplicate of this bug. ***
Comment 5 Richard Cunningham 2008-07-16 15:04:25 UTC 
I'm also getting what I assume is also this bug. Is this the same or should I
file as a new bug...

------------[ cut here ]------------
kernel BUG at fs/cachefiles/cf-namei.c:53!
invalid opcode: 0000 [#1]
SMP
last sysfs file: /module/libata/version
Modules linked in: nfs lockd nfs_acl autofs4 hidp rfcomm l2cap bluetooth sunrpc
cachefiles fscache ip_conntrack_netbios_ns ipt_owner ipt_LOG ipt_REJECT xt_
conntrack ip_conntrack nfnetlink xt_multiport iptable_filter ip_tables
ip6t_REJECT xt_tcpudp ip6table_filter ip6_tables x_tables ipv6 xfrm_nalgo crypto_api
 ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr iscsi_tcp libiscsi
scsi_transport_iscsi dm_mirror dm_multipath dm_mod video sbs backlight i2c_ec
button battery asus_acpi ac lp snd_hda_intel snd_hda_codec snd_seq_dummy
snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss sn
d_pcm snd_timer snd soundcore sg floppy nvidia(PU) snd_page_alloc e1000e
i2c_i801 pcspkr ide_cd parport_pc parport i2c_core cdrom serio_raw usb_storage ata
_piix libata sd_mod scsi_mod ext3 jbd ehci_hcd ohci_hcd uhci_hcd
CPU:    0
EIP:    0060:[<f8cd55d2>]    Tainted: P      VLI
EFLAGS: 00010246   (2.6.18-92.1.1.el5PAE #1)
EIP is at cachefiles_walk_to_object+0x7a4/0xab2 [cachefiles]
eax: e74bc648   ebx: f55d0448   ecx: e74bc648   edx: f5aa8c50
esi: f55d0448   edi: e6cfed6e   ebp: f55d0888   esp: edd45e58
ds: 007b   es: 007b   ss: 0068
Process ksplash (pid: 3330, ti=edd45000 task=f7993550 task.ti=edd45000)
Stack: 00000000 e74bc680 f6d68cc0 00007f3a 00000067 5da5d023 00000029 e6cfed44
       f8db55a6 e4ba9000 e74bc680 00000018 f8cd248c e4ba9000 f4a7eed4 e74bce80
       e74bc680 e6cfed40 f8cdbc00 f6d68cc0 e74bce80 f4a7e458 f8cba259 f4a7eed4
Call Trace:
 [<f8db55a6>] nfs_fh_get_aux+0x0/0x6b [nfs]
 [<f8cd248c>] cachefiles_lookup_object+0x1f1/0x2da [cachefiles]
 [<f8cba259>] fscache_lookup_object+0xc9/0x147 [fscache]
 [<f8cba761>] __fscache_acquire_cookie+0x166/0x1b4 [fscache]
 [<f8d9b099>] nfs_open+0x1e2/0x22a [nfs]
 [<f8d99bb2>] nfs_file_open+0x0/0x6a [nfs]
 [<f8d99c0f>] nfs_file_open+0x5d/0x6a [nfs]
 [<c046e423>] __dentry_open+0xc7/0x1ab
 [<c046e56b>] nameidata_to_filp+0x19/0x28
 [<c046e5a5>] do_filp_open+0x2b/0x31
 [<c046e5e9>] do_sys_open+0x3e/0xae
 [<c046e686>] sys_open+0x16/0x18
 [<c0404eff>] syscall_call+0x7/0xb
 =======================
Code: 80 cd f8 8b 4c 24 04 8b 54 24 08 8b 59 1c 31 c9 83 c2 64 eb 1e 39 98 54 ff
ff ff 89 c1 76 05 8d 50 08 eb 0f 73 05 8d 50 04 eb 08 <0f> 0b 35 00 2f 80
cd f8 8b 02 85 c0 75 dc 8b 44 24 04 8b 5c 24
EIP: [<f8cd55d2>] cachefiles_walk_to_object+0x7a4/0xab2 [cachefiles] SS:ESP
0068:edd45e58
Comment 8 Corey Baldwin 2009-03-17 20:32:08 UTC 
Same issue with 2.6.18-92.1.22.el5 kernel and cachefilesd-0.8-5.el5.  Anybody actively working on this?