Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 154672 - Kernel Oopses Since Upgrade to 2.6.11-1.14_FC3
Summary: Kernel Oopses Since Upgrade to 2.6.11-1.14_FC3
Keywords:
Status: CLOSED DUPLICATE of bug 155472
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 3
Hardware: x86_64
OS: Linux
medium
high
Target Milestone: ---
Assignee: Dave Jones
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-04-13 13:52 UTC by Thornton Prime
Modified: 2015-01-04 22:18 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-05-26 23:56:49 UTC


Attachments (Terms of Use)

Description Thornton Prime 2005-04-13 13:52:01 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050323 Firefox/1.0.2 Fedora/1.0.2-1.3.1

Description of problem:
Kernel oopses. Seems to happen during heavy IO, but still not sure. It is happening with rather great frequency (about 3/hour)

Version-Release number of selected component (if applicable):
kernel-smp-2.6.11-1.14_FC3

How reproducible:
Sometimes

Steps to Reproduce:
Not sure how to reproduce.  

Actual Results:  invalid operand: 0000 [2] SMP
CPU 0
Modules linked in: nls_utf8 loop nfs nfsd exportfs lockd md5 ipv6 lp parport audPid: 6360, comm: bash Tainted: P      2.6.11-1.14_FC3smp
RIP: 0010:[<ffffffff80347ea0>] <ffffffff80347ea0>{_spin_lock+32}
RSP: 0018:ffff8100bb5bfe98  EFLAGS: 00010096
RAX: 0000000000000016 RBX: ffff8100bb620834 RCX: ffffffff80417f08
RDX: ffffffff80417f08 RSI: 0000000000000086 RDI: ffffffff80417f00
RBP: ffff810111ed6000 R08: ffff810037c404c0 R09: 000000000000000f
R10: 0000000000000000 R11: ffffffff80211910 R12: ffff8100ad3b6550
R13: ffff8100ad3b6568 R14: ffff8100c522e618 R15: 0000000000000286
FS:  00002aaaaaadf3e0(0000) GS:ffffffff804e8980(0000) knlGS:0000000055587de0
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 000000312f32d710 CR3: 000000017ac6e000 CR4: 00000000000006e0
Process bash (pid: 6360, threadinfo ffff8100bb5be000, task ffff8100bc6da7d0)
Stack: ffff8101202734c0 ffffffff80283dd4 ffff8100bc9834e8 ffff8100daeecac0
       0000000000000000 ffff8100bc6da7d0 0000000000000000 0000000000000000
       0000000000000000 ffffffff8027bd3d
Call Trace:<ffffffff80283dd4>{cfq_exit_io_context+164} <ffffffff8027bd3d>{exit_
       <ffffffff8013acc5>{do_exit+117} <ffffffff80201451>{__up_write+49}
       <ffffffff8013b8ff>{do_group_exit+239} <ffffffff8010e51a>{system_call+126


Code: 0f 0b 77 83 36 80 ff ff ff ff 79 00 f0 fe 0b 0f 88 b2 04 00
RIP <ffffffff80347ea0>{_spin_lock+32} RSP <ffff8100bb5bfe98>

Fedora Core release 3 (Heidelberg)
Kernel 2.6.11-1.14_FC3smp on an x86_64

prajna.anatman.org login: eip: ffffffff80283d9e
----------- [cut here ] --------- [please bite here ] ---------
Kernel BUG at spinlock:121
invalid operand: 0000 [3] SMP
CPU 1
Modules linked in: nls_utf8 loop nfs nfsd exportfs lockd md5 ipv6 lp parport audPid: 189, comm: pdflush Tainted: P      2.6.11-1.14_FC3smp
RIP: 0010:[<ffffffff80347ea0>] <ffffffff80347ea0>{_spin_lock+32}
RSP: 0000:ffff8100bfc01e88  EFLAGS: 00010092
RAX: 0000000000000016 RBX: ffff8100bb620834 RCX: ffffffff80417f08
RDX: ffffffff80417f08 RSI: 0000000000000086 RDI: ffffffff80417f00
RBP: ffff810111ed6000 R08: ffff810037c404c0 R09: 000000000000000f
R10: 0000000000000000 R11: ffffffff80211910 R12: ffff8100daeea730
R13: ffff8100daeea748 R14: ffff8100daeebec8 R15: 0000000000000286
FS:  00002aaaaaadf3a0(0000) GS:ffffffff804e8a00(0000) knlGS:0000000055587de0
CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
CR2: 000000312f166670 CR3: 000000011d9a4000 CR4: 00000000000006e0
Process pdflush (pid: 189, threadinfo ffff8100bfc00000, task ffff8100dae177d0)
Stack: ffff8100ad3b6be0 ffffffff80283d9e 0000000000000403 ffff8100daeec7c0
       ffff810003a51d70 ffff8100dae177d0 0000000000000000 ffff810003a51dd8
       ffffffff8014e8c0 ffffffff8027bd3d
Call Trace:<ffffffff80283d9e>{cfq_exit_io_context+110} <ffffffff8014e8c0>{keven
       <ffffffff8027bd3d>{exit_io_context+93} <ffffffff8013acc5>{do_exit+117}
       <ffffffff80163ea0>{pdflush+0} <ffffffff8014e8c0>{keventd_create_kthread+
       <ffffffff8010f1ff>{child_rip+16} <ffffffff8014e8c0>{keventd_create_kthre
       <ffffffff8014e7a0>{kthread+0} <ffffffff8010f1ef>{child_rip+0}


Code: 0f 0b 77 83 36 80 ff ff ff ff 79 00 f0 fe 0b 0f 88 b2 04 00


Expected Results:  No oops

Additional info:

Comment 1 Thornton Prime 2005-04-13 13:58:54 UTC
The above traces were tainted with vmware ... but I did get a couple oopses
before loading vmware (but also before I attached my serial console).

I am trying to reproduce without vmware and trying to narrow down the cause.
Leaving NEEDINFO until then.

Comment 2 Dave Jones 2005-04-13 18:55:07 UTC
reopen if reproducable without tainting.

Comment 3 David Mansfield 2005-05-25 13:49:16 UTC
Please re-open!

I'm not the original poster.

I got this on a non-tainted FC3 kernel after plugging in an iPod.  My system is
a Dell dimension, FC3 completely updated. Intel(R) Pentium(R) 4 CPU 3.00GHz. 
1gb ram. 2.6.11-1.14_FC3smp kernel

eip: c024c5be
------------[ cut here ]------------
kernel BUG at include/asm/spinlock.h:136!
invalid operand: 0000 [#1]
SMP
Modules linked in: vfat fat nls_utf8 hfsplus usb_storage parport_pc lp parport
autofs4 nfs lockd sunrpc video button battery ac uhci_hcd ehci_hcd hw_random
i2c_i801 i2c_core snd_intel8x0 snd_ac97_codec snd_pcm_oss snd_mixer_oss snd_pcm
snd_timer snd soundcore snd_page_alloc e100 mii floppy ext3 jbd dm_mod ata_piix
libata sd_mod scsi_mod
CPU:    0
EIP:    0060:[<c0300e44>]    Not tainted VLI
EFLAGS: 00010096   (2.6.11-1.14_FC3smp)
EIP is at _spin_lock+0x36/0x40
eax: 0000000e   ebx: e803b81c   ecx: c035878c   edx: 00000000
esi: f67ba66c   edi: c1b9ad98   ebp: c1b9ada4   esp: f6745f54
ds: 007b   es: 007b   ss: 0068
Process hald (pid: 4135, threadinfo=f6745000 task=f63ff020)
Stack: c0317f5f c024c5be c1b9a390 c024c5be 00000286 f63d0c94 c1b98ee8 f63ff020
       f6745000 00000000 c02454d7 f6745000 c0123e4f f5a4e380 c015c943 ffffffff
       080de080 0804c873 00000000 eab6f480 f6745000 00000000 c0123ec8 00000000
Call Trace:
 [<c024c5be>] cfq_exit_io_context+0x54/0xb3
 [<c024c5be>] cfq_exit_io_context+0x54/0xb3
 [<c02454d7>] exit_io_context+0x45/0x52
 [<c0123e4f>] do_exit+0x314/0x338
 [<c015c943>] vfs_read+0xc0/0x108
 [<c0123ec8>] do_group_exit+0x29/0x90
 [<c0103f0f>] syscall_call+0x7/0xb
Code: ad de 75 13 f0 fe 0b 79 09 f3 90 80 3b 00 7e f9 eb f2 83 c4 08 5b c3 8b 44
24 0c c7 04 24 5f 7f 31 c0 89 44 24 04 e8 5e 0a e2 ff <0f> 0b 88 00 14 77 31 c0
eb cf 81 78 04 ed 1e af de 75 0f f0 81




Comment 4 Thornton Prime 2005-05-25 14:59:05 UTC
I wasn't able to reproduce it until David posted, and I realized I was looking
at the wrong thing. It was crashing for me during VMware, but when I was hot
plugging USB devices for VMware to use.

I can consistently oops *without* VMware by doing the following, and I think
this is related to all the above reports.

1. Hot plug a USB device.
2. Mount the USB device.
3. Unmount the USB device.
4. killall -KILL hald

Here is a console session:

usb 1-4: new high speed USB device using ehci_hcd and add3scsi7 : SCSI emulation
for USB Mass Storage devices
usb-storage: device found at 3
usb-storage: waiting for device to settle before scanning
Vendor: USB 2.0   Model: Storage Device    Rev: 0100
  Type:   Direct-Access                      ANSI SCSI revision: 00
SCSI device sde: 240121728 512-byte hdwr sectors (122942 MB)
sde: assuming drive cache: write through
SCSI device sde: 240121728 512-byte hdwr sectors (122942 MB)
sde: assuming drive cache: write through
 sde: sde1
Attached scsi disk sde at scsi7, channel 0, id 0, lun 0
usb-storage: device scan complete

[root@prajna ~]#

usb 1-4: USB disconnect, address 3

[root@prajna ~]# killall -KILL hald
eip: ffffffff80283d9e
----------- [cut here ] --------- [please bite here ] ---------
Kernel BUG at spinlock:121
invalid operand: 0000 [2] SMP
CPU 1
Modules linked in: usb_storage nfs nfsd exportfs lockd parport_pc lp parport
audPid: 6783, comm: hald Not tainted 2.6.11-1.14_FC3smp
RIP: 0010:[<ffffffff80347ea0>] <ffffffff80347ea0>{_spin_lock+32}
RSP: 0018:ffff8100acc6fd18  EFLAGS: 00010092
RAX: 0000000000000016 RBX: ffff81016ac8e834 RCX: ffffffff80417f08
RDX: ffffffff80417f08 RSI: 0000000000000082 RDI: ffffffff80417f00
RBP: ffff8100aaa95d48 R08: ffff8100bf6d2040 R09: 000000000000000f
R10: 0000000000000000 R11: ffffffff8011caf0 R12: ffff8100beaf2310
R13: ffff8100beaf2328 R14: ffff8100daeffe18 R15: 0000000000000282
FS:  00002aaaaaae1d60(0000) GS:ffffffff804e8a00(0000) knlGS:0000000055587de0
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00002aaaaaaac000 CR3: 00000000ace89000 CR4: 00000000000006e0
Process hald (pid: 6783, threadinfo ffff8100acc6e000, task ffff8101778387d0)
Stack: ffff8100beaf2640 ffffffff80283d9e ffffffff80490bc0 ffff8100bd4794f0
       0000000000000009 ffff8101778387d0 0000000000000009 0000000000000000
       ffff8100acc6fef8 ffffffff8027bd3d
Call Trace:<ffffffff80283d9e>{cfq_exit_io_context+110} <ffffffff8027bd3d>{exit_
       <ffffffff8013acc5>{do_exit+117} <ffffffff801436d5>{__dequeue_signal+485}
       <ffffffff8013b8ff>{do_group_exit+239} <ffffffff801457da>{get_signal_to_d
       <ffffffff8010d963>{do_signal+163} <ffffffff80141b65>{del_timer+117}
       <ffffffff801953f3>{poll_freewait+67} <ffffffff80196176>{sys_poll+806}
       <ffffffff8010e5a3>{sysret_signal+28} <ffffffff8010e88f>{ptregscall_commo


Code: 0f 0b 77 83 36 80 ff ff ff ff 79 00 f0 fe 0b 0f 88 b2 04 00
RIP <ffffffff80347ea0>{_spin_lock+32} RSP <ffff8100acc6fd18>

Comment 5 David Mansfield 2005-05-25 16:06:32 UTC
yes, this sounds right.  i was restarting hald as well when the oops occurred


Comment 6 Sitsofe Wheeler 2005-05-26 07:34:08 UTC
Comment #4
If the problems occur after plugging and unplugging a hotplug device it sounds a
heck of a lot like bug #155472 (which has been fixed in 2.6.11-1.27_FC30.

Comment 7 David Mansfield 2005-05-26 15:58:42 UTC
i can confirm the problem is fixed for me with 2.6.11-1.27_FC3


Comment 8 Dave Jones 2005-05-26 23:56:49 UTC

*** This bug has been marked as a duplicate of 155472 ***


Note You need to log in before you can comment on or make changes to this bug.