439914 – OOPS IN __ALLOC_PAGES+0X24/0X2A9 ON MAINLINE 2.6.22-RC7

Bug 439914 - OOPS IN __ALLOC_PAGES+0X24/0X2A9 ON MAINLINE 2.6.22-RC7

Summary: OOPS IN __ALLOC_PAGES+0X24/0X2A9 ON MAINLINE 2.6.22-RC7

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	kernel
Sub Component:
Version:	5.3
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Larry Woodman
QA Contact:	Martin Jenner
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2008-03-31 23:07 UTC by Greg Marsden
Modified:	2008-09-04 14:27 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2008-09-04 14:27:32 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
patch to fix race in alloc_fresh_huge_page (1.09 KB, patch) 2008-03-31 23:07 UTC, Greg Marsden	no flags	Details \| Diff
View All

Description Greg Marsden 2008-03-31 23:07:47 UTC

Description of problem:

@ BUG: unable to handle kernel NULL pointer dereference at virtual address
@ 000008c8
@  printing eip:
@ c0460c8f
@ *pdpt = 000000003739b001
@ *pde = 0000000000000000
@ Oops: 0000 [#2]
@ SMP
@ Modules linked in: netconsole autofs4 hidp nfs lockd nfs_acl rfcomm l2cap
@ bluetooth sunrpc ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr
@ iscsi_tcp libiscsi scsi_transport_iscsi dm_mirror dm_multipath dm_mod video
@ sbs button battery ac ipv6 parport_pc lp parport i2c_piix4 i2c_core tg3 sg
@ floppy cfi_probe gen_probe e1000 scb2_flash serio_raw ide_cd mtdcore chipreg
@ cdrom aic7xxx scsi_transport_spi sd_mod scsi_mod ext3 jbd ehci_hcd ohci_hcd
@ uhci_hcd
@ CPU:    2
@ EIP:    0060:[<c0460c8f>]    Not tainted VLI
@ EFLAGS: 00010246   (2.6.22-rc7 #3)
@ EIP is at __alloc_pages+0x24/0x2a9
@ eax: 00000000   ebx: d4a51000   ecx: 000008c4   edx: f6b35000
@ esi: 000242d2   edi: 000008c4   ebp: f72e8130   esp: f6b35ef0
@ ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
@ Process bash (pid: 6361, ti=f6b35000 task=f72e8130 task.ti=f6b35000)
@ Stack: 00000044 30303030 c069000a f56b8ff2 00000009 000242d2 00000010
@ c3368000
@        00000000 c3368018 d4a51000 c06de058 f6df6f00 0000000e c04756b3
@ d4a51000
@        c04762b6 b7f1f000 f6b35f64 f6b35fa0 ffffffff c06de058 f6df6f00
@ 0000000e
@ Call Trace:
@  [<c04756b3>] alloc_fresh_huge_page+0x33/0xbe
@  [<c04762b6>] hugetlb_sysctl_handler+0x30/0x113
@  [<c04b5fec>] proc_sys_write+0x6b/0x87
@  [<c04b5f81>] proc_sys_write+0x0/0x87
@  [<c048232a>] vfs_write+0xa8/0x154
@  [<c0482939>] sys_write+0x41/0x67
@  [<c0404e20>] syscall_call+0x7/0xb
@  =======================
@ Code: 00 58 5b 5e 5f 5d c3 55 57 89 cf 56 89 c6 53 83 ec 28 64 8b 2d 00 f0 75
@ c0 83 e0 10 89 54 24 10 89 44 24 18 74 05 e8 4a d7 1c 00 <83> 7f 04 00 75 0d
@ c7 44 24 1c 00 00 00 00 e9 66 02 00 00 89 f2
@ EIP: [<c0460c8f>] __alloc_pages+0x24/0x2a9 SS:ESP 0068:f6b35ef0 
Version-Release number of selected component (if applicable):

Steps to Reproduce:
1.
2.
3.

 Linux ca-ostest186.us.oracle.com 2.6.22-rc7 #3 SMP Mon Jul 2 03:20:06 PD
 2007 i686 i686 i386 GNU/Linux
 .
 Run following command from two different shells.
 .
 while : ; do echo 1000000000000 > /proc/sys/vm/nr_hugepages ;echo 1 >
 /proc/sys/vm/nr_hugepages ;echo 10000000000000000000 >
 /proc/sys/vm/nr_hugepages ;echo 0 > /proc/sys/vm/nr_hugepages ; done

Comment 1 Greg Marsden 2008-03-31 23:07:47 UTC

Created attachment 299786 [details]
patch to fix race in alloc_fresh_huge_page

Comment 2 Larry Woodman 2008-04-16 16:43:35 UTC

Greg, I dont think this is a problem in RHEL5-U2.  alloc_fresh_huge_page() was
changed to fix hugepage allocation with memoryless nodes and that included
fixing this problem.

Can you verify RHEL5-U2 is OK?

Larry Woodman

Comment 3 Joe Jin 2008-09-04 00:51:30 UTC

Larry,  have verified rhel5u2 and worked fine.

Note You need to log in before you can comment on or make changes to this bug.