loop.c triggers BUGs in buffer.c?

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Robert B. Hamilton: "mmap hang with 2.3.7"
• Previous message: Chris Evans: "Re: immutable flag on ext2fs"

While I was trying to figure out why it's so sloooow to read from
loop devices (2.2.5 clean, no encryption stuff), I got a solid lockup
when repeatedly copying files between two mounted loop devices.
This problem can be reproduced by:

1. Attatch two loop devices to two big files or other block devices;
2. do mke2fs on each of the loop devcies
3. mount the loop devs
4. keep copying big files(I was using 8M ones) between the 2 mounted
loop devs (with a sh script :). The problem happens randomly, a few
rounds of copying won't be GOOD enough.
5. before system went dead, you might get oops like the following one
on the console.

=================================================
Options used: -V (specified)
-O (specified)
-k /tmp/ksym.txt (specified)
-L (specified)
-m /usr/src/linux/System.map (specified)
-c 1

Unable to handle kernel NULL pointer dereference at virtual address 00000064
current->tss.cr3 = 00101000, %cr3 = 00101000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c011e88c>]
EFLAGS: 00010013
eax: 00000019 ebx: c009e740 ecx: c0436fc0 edx: 00000064
esi: c0436900 edi: 00000286 ebp: 00000900 esp: c000df6c
ds: 0018 es: 0018 ss: 0018
Process kswapd (pid: 4, process nr: 4, stackpage=c000d000)
Stack: c0436900 c021c218 00000202 00000064 00000436 c0124a71 c009e740 c0436900
c0436900 c0436900 c01253c3 c0436900 c0436900 c021c218 0000007f 00000030
c000c000 c011a77e c021c218 00000008 00000006 c011f4e3 00000006 00000030
Call Trace: [<c0124a71>] [<c01253c3>] [<c011a77e>] [<c011f4e3>] [<c019fa05>] [<c011f58f>] [<c0106000>]
[<c01065e7>]
Code: 39 32 0f 84 17 ff ff ff 57 9d 53 56 68 83 f8 19 c0 eb aa 90

>>EIP: c011e88c <kmem_cache_free+118/170>
Trace: c0124a71 <put_unused_buffer_head+21/4c>
Trace: c01253c3 <try_to_free_buffers+4f/88>
Trace: c011a77e <shrink_mmap+da/12c>
Trace: c011f4e3 <do_try_to_free_pages+23/78>
Trace: c019fa05 <tvecs+146d/4f18>
Trace: c011f58f <kswapd+57/c8>
Trace: c0106000 <get_options+0/74>
Trace: c01065e7 <kernel_thread+23/30>
Code: c011e88c <kmem_cache_free+118/170> 00000000 <_EIP>: <===
Code: c011e88c <kmem_cache_free+118/170> 0: 39 32 cmpl %esi,(%edx) <===
Code: c011e88e <kmem_cache_free+11a/170> 2: 0f 84 17 ff ff je c011e7ab <kmem_cache_free+37/170>
Code: c011e893 <kmem_cache_free+11f/170> 7: ff
Code: c011e894 <kmem_cache_free+120/170> 8: 57 pushl %edi
Code: c011e895 <kmem_cache_free+121/170> 9: 9d popf
Code: c011e896 <kmem_cache_free+122/170> a: 53 pushl %ebx
Code: c011e897 <kmem_cache_free+123/170> b: 56 pushl %esi
Code: c011e898 <kmem_cache_free+124/170> c: 68 83 f8 19 c0 pushl $0xc019f883
Code: c011e89d <kmem_cache_free+129/170> 11: eb aa jmp c011e849 <kmem_cache_free+d5/170>
Code: c011e89f <kmem_cache_free+12b/170> 13: 90 nop

Unable to handle kernel NULL pointer dereference at virtual address 00000034
current->tss.cr3 = 0157c000, %cr3 = 0157c000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c011e88c>]
EFLAGS: 00010013
eax: 0000000d ebx: c009e740 ecx: c1493fc0 edx: 00000034
esi: c14934e0 edi: 00000282 ebp: 000004e0 esp: c158bd68
ds: 0018 es: 0018 ss: 0018
Process cp (pid: 130, process nr: 14, stackpage=c158b000)
Stack: c14934e0 c021c308 00000001 00000034 00001493 c0124a71 c009e740 c14934e0
c14934e0 c14934e0 c01253c3 c14934e0 c14934e0 c021c308 0000007f 00000003
00000700 c011a77e c021c308 0000001c 00000006 c011f4e3 00000006 00000003
Call Trace: [<c0124a71>] [<c01253c3>] [<c011a77e>] [<c011f4e3>] [<c011f623>] [<c011fdae>] [<c01252c4>]
[<c01243ba>] [<c0124642>] [<c0137c49>] [<c01382b1>] [<c0138565>] [<c01368e6>] [<c01366fc>] [<c011af22>]
[<c011b0b6>] [<c011b178>] [<c011b0c4>] [<c0122c12>] [<c0122cf4>] [<c0107b24>]
Code: 39 32 0f 84 17 ff ff ff 57 9d 53 56 68 83 f8 19 c0 eb aa 90

>>EIP: c011e88c <kmem_cache_free+118/170>
Trace: c0124a71 <put_unused_buffer_head+21/4c>
Trace: c01253c3 <try_to_free_buffers+4f/88>
Trace: c011a77e <shrink_mmap+da/12c>
Trace: c011f4e3 <do_try_to_free_pages+23/78>
Trace: c011f623 <try_to_free_pages+23/30>
Trace: c011fdae <__get_free_pages+72/1bc>
Trace: c01252c4 <grow_buffers+38/e8>
Trace: c01243ba <refill_freelist+a/30>
Trace: c011b0b6 <do_generic_file_read+5de/5ec>
Code: c011e88c <kmem_cache_free+118/170> 00000000 <_EIP>: <===
Code: c011e88c <kmem_cache_free+118/170> 0: 39 32 cmpl %esi,(%edx) <===
Code: c011e88e <kmem_cache_free+11a/170> 2: 0f 84 17 ff ff je c011e7ab <kmem_cache_free+37/170>
Code: c011e893 <kmem_cache_free+11f/170> 7: ff
Code: c011e894 <kmem_cache_free+120/170> 8: 57 pushl %edi
Code: c011e895 <kmem_cache_free+121/170> 9: 9d popf
Code: c011e896 <kmem_cache_free+122/170> a: 53 pushl %ebx
Code: c011e897 <kmem_cache_free+123/170> b: 56 pushl %esi
Code: c011e898 <kmem_cache_free+124/170> c: 68 83 f8 19 c0 pushl $0xc019f883
Code: c011e89d <kmem_cache_free+129/170> 11: eb aa jmp c011e849 <kmem_cache_free+d5/170>
Code: c011e89f <kmem_cache_free+12b/170> 13: 90 nop

Unable to handle kernel NULL pointer dereference at virtual address 0000002c
current->tss.cr3 = 01ac0000, %cr3 = 01ac0000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c011e88c>]
EFLAGS: 00010012
eax: 0000000b ebx: c009e740 ecx: c1887fc0 edx: 0000002c
esi: c1887420 edi: 00000282 ebp: 00000420 esp: c1abfd68
ds: 0018 es: 0018 ss: 0018
Process cp (pid: 129, process nr: 12, stackpage=c1abf000)
Stack: c1887420 c021c448 00000001 0000002c 00001887 c0124a71 c009e740 c1887420
c1887420 c1887420 c01253c3 c1887420 c1887420 c021c448 0000007f 00000003
00000701 c011a77e c021c448 0000001d 00000006 c011f4e3 00000006 00000003
Call Trace: [<c0124a71>] [<c01253c3>] [<c011a77e>] [<c011f4e3>] [<c011f623>] [<c011fdae>] [<c01252c4>]
[<c01243ba>] [<c0124642>] [<c0137c49>] [<c01382b1>] [<c0138565>] [<c01368e6>] [<c01366fc>] [<c011af22>]
[<c011b0b6>] [<c011b178>] [<c011b0c4>] [<c0122c12>] [<c0122cf4>] [<c0107b24>]
Code: 39 32 0f 84 17 ff ff ff 57 9d 53 56 68 83 f8 19 c0 eb aa 90

>>EIP: c011e88c <kmem_cache_free+118/170>
Trace: c0124a71 <put_unused_buffer_head+21/4c>
Trace: c01253c3 <try_to_free_buffers+4f/88>
Trace: c011a77e <shrink_mmap+da/12c>
Trace: c011f4e3 <do_try_to_free_pages+23/78>
Trace: c011f623 <try_to_free_pages+23/30>
Trace: c011fdae <__get_free_pages+72/1bc>
Trace: c01252c4 <grow_buffers+38/e8>
Trace: c01243ba <refill_freelist+a/30>
Trace: c011b0b6 <do_generic_file_read+5de/5ec>
Code: c011e88c <kmem_cache_free+118/170> 00000000 <_EIP>: <===
Code: c011e88c <kmem_cache_free+118/170> 0: 39 32 cmpl %esi,(%edx) <===
Code: c011e88e <kmem_cache_free+11a/170> 2: 0f 84 17 ff ff je c011e7ab <kmem_cache_free+37/170>
Code: c011e893 <kmem_cache_free+11f/170> 7: ff
Code: c011e894 <kmem_cache_free+120/170> 8: 57 pushl %edi
Code: c011e895 <kmem_cache_free+121/170> 9: 9d popf
Code: c011e896 <kmem_cache_free+122/170> a: 53 pushl %ebx
Code: c011e897 <kmem_cache_free+123/170> b: 56 pushl %esi
Code: c011e898 <kmem_cache_free+124/170> c: 68 83 f8 19 c0 pushl $0xc019f883
Code: c011e89d <kmem_cache_free+129/170> 11: eb aa jmp c011e849 <kmem_cache_free+d5/170>
Code: c011e89f <kmem_cache_free+12b/170> 13: 90 nop

Unable to handle kernel NULL pointer dereference at virtual address 00000014
current->tss.cr3 = 00f3c000, %cr3 = 00f3c000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c011e88c>]
EFLAGS: 00010017
eax: 00000005 ebx: c009e740 ecx: c0d04fc0 edx: 00000014
esi: c0d041e0 edi: 00000282 ebp: 000001e0 esp: c0f2fddc
ds: 0018 es: 0018 ss: 0018
Process update (pid: 11, process nr: 7, stackpage=c0f2f000)
Stack: c0d041e0 c021c5d8 000003e8 00000014 00000d04 c0124a71 c009e740 c0d041e0
c0d041e0 c0d041e0 c01253c3 c0d041e0 c0d041e0 c021c5d8 0000007f 00000003
00000303 c011a77e c021c5d8 0000001a 00000006 c011f4e3 00000006 00000003
Call Trace: [<c0124a71>] [<c01253c3>] [<c011a77e>] [<c011f4e3>] [<c011f623>] [<c011fdae>] [<c01705e0>]
[<c01252c4>] [<c01243ba>] [<c0124642>] [<c2802439>] [<c0107a4a>] [<c28036a8>] [<c016e3fc>] [<c016e515>]
[<c016ebbb>] [<c016ed1b>] [<c012562f>] [<c0125718>] [<c0107b24>]
Code: 39 32 0f 84 17 ff ff ff 57 9d 53 56 68 83 f8 19 c0 eb aa 90

>>EIP: c011e88c <kmem_cache_free+118/170>
Trace: c0124a71 <put_unused_buffer_head+21/4c>
Trace: c01253c3 <try_to_free_buffers+4f/88>
Trace: c011a77e <shrink_mmap+da/12c>
Trace: c011f4e3 <do_try_to_free_pages+23/78>
Trace: c011f623 <try_to_free_pages+23/30>
Trace: c011fdae <__get_free_pages+72/1bc>
Trace: c01705e0 <ide_do_request+434/51c>
Trace: c01252c4 <grow_buffers+38/e8>
Trace: c016ebbb <make_request+697/6bc>
Code: c011e88c <kmem_cache_free+118/170> 00000000 <_EIP>: <===
Code: c011e88c <kmem_cache_free+118/170> 0: 39 32 cmpl %esi,(%edx) <===
Code: c011e88e <kmem_cache_free+11a/170> 2: 0f 84 17 ff ff je c011e7ab <kmem_cache_free+37/170>
Code: c011e893 <kmem_cache_free+11f/170> 7: ff
Code: c011e894 <kmem_cache_free+120/170> 8: 57 pushl %edi
Code: c011e895 <kmem_cache_free+121/170> 9: 9d popf
Code: c011e896 <kmem_cache_free+122/170> a: 53 pushl %ebx
Code: c011e897 <kmem_cache_free+123/170> b: 56 pushl %esi
Code: c011e898 <kmem_cache_free+124/170> c: 68 83 f8 19 c0 pushl $0xc019f883
Code: c011e89d <kmem_cache_free+129/170> 11: eb aa jmp c011e849 <kmem_cache_free+d5/170>
Code: c011e89f <kmem_cache_free+12b/170> 13: 90 nop

Unable to handle kernel NULL pointer dereference at virtual address 00000064
current->tss.cr3 = 001cd000, %cr3 = 001cd000
*pde = 00000000
Oops: 0000
CPU: 0
EIP: 0010:[<c011e88c>]
EFLAGS: 00010013
eax: 00000019 ebx: c009e740 ecx: c0543fe0 edx: 00000064
esi: c0543920 edi: 00000282 ebp: 00000900 esp: c024fe04
ds: 0018 es: 0018 ss: 0018
Process init (pid: 1, process nr: 1, stackpage=c024f000)
Stack: c0f58000 00000000 c024feac 00000064 00000543 c0124a71 c009e740 c0543920
c05430e0 c0f58000 c0124ab7 c0543920 00000000 c0f58000 c0124b72 00000000
00000000 00000400 c0f58000 00000303 c024e000 00000000 c01252d9 c0f58000
Call Trace: [<c0124a71>] [<c0124ab7>] [<c0124b72>] [<c01252d9>] [<c01243ba>] [<c0124642>] [<c2802439>]
[<c28036a8>] [<c016e3fc>] [<c016e515>] [<c016ebbb>] [<c016ed1b>] [<c0123b2e>] [<c0123c26>] [<c0123c4b>]
[<c0107b24>]
Code: 39 32 0f 84 17 ff ff ff 57 9d 53 56 68 83 f8 19 c0 eb aa 90

>>EIP: c011e88c <kmem_cache_free+118/170>
Trace: c0124a71 <put_unused_buffer_head+21/4c>
Trace: c0124ab7 <get_unused_buffer_head+1b/a4>
Trace: c0124b72 <create_buffers+32/18c>
Trace: c01252d9 <grow_buffers+4d/e8>
Trace: c01243ba <refill_freelist+a/30>
Trace: c0124642 <getblk+1fa/21c>
Trace: c2802439 <END_OF_CODE+2608e01/????>
Trace: c28036a8 <END_OF_CODE+260a070/????>
Trace: c0107b24 <system_call+34/40>
Code: c011e88c <kmem_cache_free+118/170> 00000000 <_EIP>: <===
Code: c011e88c <kmem_cache_free+118/170> 0: 39 32 cmpl %esi,(%edx) <===
Code: c011e88e <kmem_cache_free+11a/170> 2: 0f 84 17 ff ff je c011e7ab <kmem_cache_free+37/170>
Code: c011e893 <kmem_cache_free+11f/170> 7: ff
Code: c011e894 <kmem_cache_free+120/170> 8: 57 pushl %edi
Code: c011e895 <kmem_cache_free+121/170> 9: 9d popf
Code: c011e896 <kmem_cache_free+122/170> a: 53 pushl %ebx
Code: c011e897 <kmem_cache_free+123/170> b: 56 pushl %esi
Code: c011e898 <kmem_cache_free+124/170> c: 68 83 f8 19 c0 pushl $0xc019f883
Code: c011e89d <kmem_cache_free+129/170> 11: eb aa jmp c011e849 <kmem_cache_free+d5/170>
Code: c011e89f <kmem_cache_free+12b/170> 13: 90 nop

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Robert B. Hamilton: "mmap hang with 2.3.7"
• Previous message: Chris Evans: "Re: immutable flag on ext2fs"