Re: Bug#491911: "Eeek! page_mapcount(page) went negative!" with xen and redhat cluster suite
Hi,
We are also facing the same bug when testing with nessus scan for
vulnerability.
Our version is 2.6.24.
We currently do not want to do a kernel upgrade, but could you please let us
know if there is any patch available which can be used.
Thanks
Best Regards
Deepak
Mathieu Parent wrote:
>
> Package: linux-image-2.6.25-2-xen-686
> Version: 2.6.25-7
> Severity: important
>
> Hi,
>
> This is a reproduceable error.
>
> It happens when shutting down the domU or in other cases (I have to
> investigate these cases, probably when unjoining the cluster).
>
> The kernel produces the attached errors in the DomU. Dom0 is not
> affected.
>
> The second part of the stack is always the same (kernel BUG at
> arch/x86/kernel/paravirt.c:241!)
>
> I have attached the DomU config.
>
> Packages installed in the DomU:
> apt-get install redhat-cluster-modules-2.6.25-2-xen-686
> apt-get install redhat-cluster-suite
>
>
> /etc/cluster/cluster.conf (minimal):
> <?xml version="1.0"?>
> <cluster name="sambacluster" config_version="1">
>
> <clusternodes>
> <clusternode name="samba1" nodeid="1">
> <fence>
> </fence>
> </clusternode>
>
> <clusternode name="samba2" nodeid="2">
> <fence>
> </fence>
> </clusternode>
>
> <clusternode name="samba3" nodeid="3">
> <fence>
> </fence>
> </clusternode>
> </clusternodes>
>
> <fencedevices>
> <fencedevice name="manual" agent="fence_manual"/>
> </fencedevices>
>
> </cluster>
>
>
> -- System Information:
> Debian Release: lenny/sid
> APT prefers testing
> APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.18-6-xen-686 (SMP w/2 CPU cores)
> Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
>
> Versions of packages linux-image-2.6.25-2-xen-686 depends on:
> ii initramfs-tools 0.92e tools for generating an
> initramfs
> ii linux-modules-2.6.25-2-xen-68 2.6.25-7 Linux 2.6.25 modules on i686
>
> Versions of packages linux-image-2.6.25-2-xen-686 recommends:
> ii libc6-xen 2.7-10 GNU C Library: Shared
> libraries [X
>
> -- no debconf information
>
> #
> # Configuration file for the Xen instance samba1.local.sathieu.net,
> created
> # by xen-tools 3.9 on Wed Jul 16 22:33:24 2008.
> #
>
> #
> # Kernel + memory size
> #
> kernel = '/boot/vmlinuz-2.6.25-2-xen-686'
> ramdisk = '/boot/initrd.img-2.6.25-2-xen-686'
> extra="console=hvc0 rootdelay=5"
> memory = '128'
>
> #
> # Disk device(s).
> #
> root = '/dev/xvda2 ro'
> disk = [
> 'phy:/dev/serv/samba1.local.sathieu.net-swap,xvda1,w',
> 'phy:/dev/serv/samba1.local.sathieu.net-disk,xvda2,w',
> 'phy:/dev/serv/gfs,xvda3,w!',
> ]
>
>
> #
> # Hostname
> #
> name = 'samba1.local.sathieu.net'
>
> #
> # Networking
> #
> vif = [ 'ip=192.168.0.61,mac=00:16:3E:C6:08:B8' ]
>
> #
> # Behaviour
> #
> on_poweroff = 'destroy'
> on_reboot = 'restart'
> on_crash = 'restart'
>
>
>
>
> [ 498.609735] kernel BUG at lib/radix-tree.c:467!
> [ 498.609746] invalid opcode: 0000 [#1] SMP
> [ 498.609760] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 498.609857]
> [ 498.609866] Pid: 1162, comm: aisexec Not tainted (2.6.25-2-xen-686 #1)
> [ 498.609880] EIP: 0061:[<c01daeeb>] EFLAGS: 00010086 CPU: 0
> [ 498.609897] EIP is at radix_tree_tag_set+0x1b/0x88
> [ 498.609909] EAX: c02fcb44 EBX: 00000000 ECX: 00000000 EDX: 83e975ca
> [ 498.609922] ESI: c02fcb40 EDI: 045660e0 EBP: c02fcb44 ESP: c74f5da4
> [ 498.609934] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 498.609946] Process aisexec (pid: 1162, ti=c74f4000 task=c7c7d930
> task.ti=c74f4000)
> [ 498.609959] Stack: 00000000 83e975ca c11bdce0 c02fcb40 045660e0
> c11bdce0 c01580e9 00000000
> [ 498.609995] 00000000 c0157e8e 00000000 00000000 c015eedb
> c01020c5 c1000000 07d63067
> [ 498.610029] 00000000 c74f5f10 c0102456 0dee70e1 00000000
> 00000000 c6d082dc c74f5e7c
> [ 498.610064] Call Trace:
> [ 498.610078] [<c01580e9>] __set_page_dirty_nobuffers+0x10a/0x136
> [ 498.610100] [<c0157e8e>] set_page_dirty+0x30/0x8f
> [ 498.610119] [<c015eedb>] unmap_vmas+0x40a/0x7b0
> [ 498.610138] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 498.610158] [<c0102456>] xen_do_pin+0x12/0x57
> [ 498.610181] [<c01631f4>] exit_mmap+0x65/0xce
> [ 498.610200] [<c0120f86>] mmput+0x20/0x75
> [ 498.610219] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 498.610239] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 498.610258] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 498.610279] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 498.610299] [<c013be25>] do_futex+0x6e/0x901
> [ 498.610322] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 498.610341] [<c0104066>] check_events+0x8/0xe
> [ 498.610359] [<c013c789>] sys_futex+0xd1/0xe6
> [ 498.610381] [<c010693c>] work_notifysig+0x13/0x1b
> [ 498.610401] =======================
> [ 498.610410] Code: f4 ff ff ff eb 02 31 c0 83 c4 0c 5b 5e 5f 5d c3 55 89
> c5 57 56 53 83 ec 08 89 54 24 04 89 0c 24 8b 18 3b 14 9d 24 64 31 c0 76 04
> <0f> 0b eb fe 8b 78 08 6b c3 06 83 e7 fe 8d 70 fa eb 31 8b 54 24
> [ 498.610603] EIP: [<c01daeeb>] radix_tree_tag_set+0x1b/0x88 SS:ESP
> 0069:c74f5da4
> [ 498.610627] ---[ end trace b3cc1250a1dec4a3 ]---
> [ 498.610637] Fixing recursive fault but reboot is needed!
> [ 498.610659] ------------[ cut here ]------------
> [ 498.610669] kernel BUG at arch/x86/kernel/paravirt.c:241!
> [ 498.610679] invalid opcode: 0000 [#2] SMP
> [ 498.610692] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 498.610785]
> [ 498.610794] Pid: 1162, comm: aisexec Tainted: G D
> (2.6.25-2-xen-686 #1)
> [ 498.610806] EIP: 0061:[<c01151af>] EFLAGS: 00010002 CPU: 0
> [ 498.610819] EIP is at paravirt_enter_lazy_cpu+0x12/0x1e
> [ 498.610831] EAX: c034f0ac EBX: c6d23880 ECX: c11078c0 EDX: 00db5000
> [ 498.610842] ESI: c6d2cc70 EDI: c70e9b80 EBP: c7c7d930 ESP: c74f5c50
> [ 498.610853] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 498.610864] Process aisexec (pid: 1162, ti=c74f4000 task=c7c7d930
> task.ti=c74f4000)
> [ 498.610875] Stack: c027f18b 1782b586 00000074 c7c7dab0 c11078c0
> 00000000 00000000 00000000
> [ 498.610907] 00000000 c7c7d930 c02c05f0 c02fcb44 c0123709
> 0000000b c7c7d930 c02c05f0
> [ 498.610939] c02fcb44 c01257a3 c0123709 c02c60fa c74f5cb0
> c74f5cb0 c74f5d6c 00000000
> [ 498.610971] Call Trace:
> [ 498.610980] [<c027f18b>] schedule+0x448/0x5e9
> [ 498.611000] [<c0123709>] printk+0x14/0x18
> [ 498.611016] [<c01257a3>] do_exit+0xab/0x5c9
> [ 498.611030] [<c0123709>] printk+0x14/0x18
> [ 498.611046] [<c0107c9a>] die+0x156/0x15b
> [ 498.611181] [<c0107ee0>] do_invalid_op+0x0/0x6b
> [ 498.611181] [<c0107f42>] do_invalid_op+0x62/0x6b
> [ 498.611181] [<c01daeeb>] radix_tree_tag_set+0x1b/0x88
> [ 498.611181] [<c0104066>] check_events+0x8/0xe
> [ 498.611181] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 498.611181] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 498.611181] [<c01d83d0>] __next_cpu+0x12/0x21
> [ 498.611181] [<c011a8a5>] find_busiest_group+0x21e/0x623
> [ 498.611181] [<c0126f31>] do_softirq+0x4f/0x53
> [ 498.611181] [<c01038c0>] xen_clocksource_read+0x31/0xb9
> [ 498.611181] [<c0280792>] error_code+0x72/0x78
> [ 498.611181] [<c015007b>] register_handler_proc+0xa1/0xc2
> [ 498.611181] [<c01daeeb>] radix_tree_tag_set+0x1b/0x88
> [ 498.611181] [<c01580e9>] __set_page_dirty_nobuffers+0x10a/0x136
> [ 498.611181] [<c0157e8e>] set_page_dirty+0x30/0x8f
> [ 498.611181] [<c015eedb>] unmap_vmas+0x40a/0x7b0
> [ 498.611181] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 498.611181] [<c0102456>] xen_do_pin+0x12/0x57
> [ 498.611181] [<c01631f4>] exit_mmap+0x65/0xce
> [ 498.611181] [<c0120f86>] mmput+0x20/0x75
> [ 498.611181] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 498.611181] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 498.611181] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 498.611181] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 498.611181] [<c013be25>] do_futex+0x6e/0x901
> [ 498.611181] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 498.611181] [<c0104066>] check_events+0x8/0xe
> [ 498.611181] [<c013c789>] sys_futex+0xd1/0xe6
> [ 498.611181] [<c010693c>] work_notifysig+0x13/0x1b
> [ 498.611181] =======================
> [ 498.611181] Code: 00 00 00 00 c3 b8 02 00 00 00 e9 d9 ff ff ff b8 01 00
> 00 00 e9 cf ff ff ff b8 ac f0 34 c0 64 8b 15 50 f0 34 c0 83 3c 10 00 74 04
> <0f> 0b eb fe c7 04 10 02 00 00 00 c3 53 89 c1 8b 42 18 89 41 04
> [ 498.611181] EIP: [<c01151af>] paravirt_enter_lazy_cpu+0x12/0x1e SS:ESP
> 0069:c74f5c50
> [ 498.611181] ---[ end trace b3cc1250a1dec4a3 ]---
> [ 498.611181] Fixing recursive fault but reboot is needed!
>
>
> [ 72.390411] Eeek! page_mapcount(page) went negative! (-402295616)
> [ 72.390433] page pfn = dee9
> [ 72.390440] page->flags = fffedefc
> [ 72.390463] general protection fault: 0000 [#1] SMP
> [ 72.390478] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 72.390566]
> [ 72.390573] Pid: 1143, comm: aisexec Not tainted (2.6.25-2-xen-686 #1)
> [ 72.390584] EIP: 0061:[<c01661eb>] EFLAGS: 00010246 CPU: 0
> [ 72.390598] EIP is at page_remove_rmap+0x63/0xe7
> [ 72.390607] EAX: 00024000 EBX: c11bdd20 ECX: c0360028 EDX: fffffa00
> [ 72.390617] ESI: c7c62f3c EDI: 2d8e3067 EBP: c11bdd20 ESP: c70b3dcc
> [ 72.390627] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 72.390637] Process aisexec (pid: 1143, ti=c70b2000 task=c7c7d930
> task.ti=c70b2000)
> [ 72.390647] Stack: 045640e0 00000000 c015ef0c c01020c5 c1000000
> 07d97067 00000000 c70b3f10
> [ 72.390678] c0102456 0636b025 00000000 00000000 c7c62f3c
> c70b3e7c 00000000 00000000
> [ 72.390707] 045640e0 00000000 00287000 b67fb000 00000000
> 00000001 b67fc000 c6caf010
> [ 72.390737] Call Trace:
> [ 72.390745] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 72.390760] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 72.390776] [<c0102456>] xen_do_pin+0x12/0x57
> [ 72.390795] [<c01631f4>] exit_mmap+0x65/0xce
> [ 72.390808] [<c0120f86>] mmput+0x20/0x75
> [ 72.390822] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 72.390837] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 72.390850] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 72.390867] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 72.390882] [<c013be25>] do_futex+0x6e/0x901
> [ 72.390897] [<c0104066>] check_events+0x8/0xe
> [ 72.390911] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 72.390925] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 72.390939] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 72.390952] [<c0104066>] check_events+0x8/0xe
> [ 72.392532] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 72.392532] [<c0126f31>] do_softirq+0x4f/0x53
> [ 72.392532] [<c013c789>] sys_futex+0xd1/0xe6
> [ 72.392532] [<c010693c>] work_notifysig+0x13/0x1b
> [ 72.392532] =======================
> [ 72.392532] Code: 60 cf 2c c0 e8 2c d5 fb ff ff 33 68 75 cf 2c c0 e8 20
> d5 fb ff 8b 03 89 da 25 00 40 02 00 83 c4 18 3d 00 40 02 00 75 03 8b 53 0c
> <ff> 72 04 68 8d cf 2c c0 e8 fd d4 fb ff ff 73 10 68 a4 cf 2c c0
> [ 72.392532] EIP: [<c01661eb>] page_remove_rmap+0x63/0xe7 SS:ESP
> 0069:c70b3dcc
> [ 72.392532] ---[ end trace 84ed77852d59b360 ]---
> [ 72.392532] Fixing recursive fault but reboot is needed!
> [ 72.392532] ------------[ cut here ]------------
> [ 72.392532] kernel BUG at arch/x86/kernel/paravirt.c:241!
> [ 72.392532] invalid opcode: 0000 [#2] SMP
> [ 72.392532] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 72.392532]
> [ 72.392532] Pid: 1143, comm: aisexec Tainted: G D
> (2.6.25-2-xen-686 #1)
> [ 72.392532] EIP: 0061:[<c01151af>] EFLAGS: 00010002 CPU: 0
> [ 72.392532] EIP is at paravirt_enter_lazy_cpu+0x12/0x1e
> [ 72.392532] EAX: c034f0ac EBX: c70a0d80 ECX: c11078c0 EDX: 00db5000
> [ 72.392532] ESI: c6d2c650 EDI: c6d97680 EBP: c7c7d930 ESP: c70b3d14
> [ 72.392532] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 72.392532] Process aisexec (pid: 1143, ti=c70b2000 task=c7c7d930
> task.ti=c70b2000)
> [ 72.392532] Stack: c027f18b daee61a1 00000010 c7c7dab0 c11078c0
> 00000000 00000000 00201e05
> [ 72.392532] 00000000 c7c7d930 c02c067e c11bdd20 c0123709
> 0000000b c7c7d930 c02c067e
> [ 72.392532] c11bdd20 c01257a3 c0123709 c02c60fa c70b3d74
> c70b3d74 c70b3d94 00000000
> [ 72.392532] Call Trace:
> [ 72.392532] [<c027f18b>] schedule+0x448/0x5e9
> [ 72.392532] [<c0123709>] printk+0x14/0x18
> [ 72.392532] [<c01257a3>] do_exit+0xab/0x5c9
> [ 72.392532] [<c0123709>] printk+0x14/0x18
> [ 72.392532] [<c0107c9a>] die+0x156/0x15b
> [ 72.392532] [<c0108193>] do_general_protection+0x0/0x1ce
> [ 72.392532] [<c0280792>] error_code+0x72/0x78
> [ 72.392532] [<c016007b>] copy_page_range+0x1b1/0x6d9
> [ 72.392532] [<c01661eb>] page_remove_rmap+0x63/0xe7
> [ 72.392532] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 72.392532] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 72.392532] [<c0102456>] xen_do_pin+0x12/0x57
> [ 72.392532] [<c01631f4>] exit_mmap+0x65/0xce
> [ 72.392532] [<c0120f86>] mmput+0x20/0x75
> [ 72.392532] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 72.392532] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 72.392532] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 72.392532] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 72.392532] [<c013be25>] do_futex+0x6e/0x901
> [ 72.392532] [<c0104066>] check_events+0x8/0xe
> [ 72.392532] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 72.392532] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 72.392532] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 72.392532] [<c0104066>] check_events+0x8/0xe
> [ 72.392532] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 72.392532] [<c0126f31>] do_softirq+0x4f/0x53
> [ 72.392532] [<c013c789>] sys_futex+0xd1/0xe6
> [ 72.392532] [<c010693c>] work_notifysig+0x13/0x1b
> [ 72.392532] =======================
> [ 72.392532] Code: 00 00 00 00 c3 b8 02 00 00 00 e9 d9 ff ff ff b8 01 00
> 00 00 e9 cf ff ff ff b8 ac f0 34 c0 64 8b 15 50 f0 34 c0 83 3c 10 00 74 04
> <0f> 0b eb fe c7 04 10 02 00 00 00 c3 53 89 c1 8b 42 18 89 41 04
> [ 72.392532] EIP: [<c01151af>] paravirt_enter_lazy_cpu+0x12/0x1e SS:ESP
> 0069:c70b3d14
> [ 72.392532] ---[ end trace 84ed77852d59b360 ]---
> [ 72.392532] Fixing recursive fault but reboot is needed!
>
>
> [ 23.546840] Eeek! page_mapcount(page) went negative! (-1232223395)
> [ 23.546857] page pfn = e002
> [ 23.546866] page->flags = 311cc483
> [ 23.546875] page->count = 5f5e5bc0
> [ 23.546884] page->mapping = 983b838d
> [ 23.546905] vma->vm_ops = 0x0
> [ 23.546934] ------------[ cut here ]------------
> [ 23.546945] kernel BUG at mm/rmap.c:669!
> [ 23.546955] invalid opcode: 0000 [#1] SMP
> [ 23.546970] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 23.547070]
> [ 23.547079] Pid: 1150, comm: aisexec Not tainted (2.6.25-2-xen-686 #1)
> [ 23.547092] EIP: 0061:[<c0166254>] EFLAGS: 00010246 CPU: 0
> [ 23.547109] EIP is at page_remove_rmap+0xcc/0xe7
> [ 23.547121] EAX: 00000000 EBX: c11c0040 ECX: c0360028 EDX: c0360028
> [ 23.547133] ESI: c6cd63e4 EDI: 69f29067 EBP: c11c0040 ESP: c70b3dcc
> [ 23.547146] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 23.547158] Process aisexec (pid: 1150, ti=c70b2000 task=c7c678b0
> task.ti=c70b2000)
> [ 23.547171] Stack: 0444b0e0 00000000 c015ef0c c01020c5 c1000000
> 07485067 00000000 c70b3f10
> [ 23.547205] c0102456 0625a025 00000000 00000000 c6cd63e4
> c70b3e7c 00000000 00000000
> [ 23.547238] 0444b0e0 00000000 00287000 b6848000 00000000
> 00000001 b6849000 c6c51010
> [ 23.547271] Call Trace:
> [ 23.547283] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 23.547301] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 23.547321] [<c0102456>] xen_do_pin+0x12/0x57
> [ 23.547344] [<c01631f4>] exit_mmap+0x65/0xce
> [ 23.547358] [<c0120f86>] mmput+0x20/0x75
> [ 23.547369] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 23.547381] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 23.547391] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 23.547403] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 23.547415] [<c013be25>] do_futex+0x6e/0x901
> [ 23.547428] [<c0104066>] check_events+0x8/0xe
> [ 23.547439] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.547449] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 23.547461] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 23.547471] [<c0104066>] check_events+0x8/0xe
> [ 23.547481] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.547492] [<c0126f31>] do_softirq+0x4f/0x53
> [ 23.547503] [<c013c789>] sys_futex+0xd1/0xe6
> [ 23.547514] [<c010693c>] work_notifysig+0x13/0x1b
> [ 23.547527] =======================
> [ 23.547532] Code: 8b 46 44 8b 50 08 b8 f3 cf 2c c0 e8 fe aa fd ff 8b 46
> 4c 85 c0 74 14 8b 40 10 85 c0 74 0d 8b 50 2c b8 11 d0 2c c0 e8 e3 aa fd ff
> <0f> 0b eb fe 8b 53 10 89 d8 5b 5e 83 e2 01 f7 da 83 c2 04 e9 cd
> [ 23.547679] EIP: [<c0166254>] page_remove_rmap+0xcc/0xe7 SS:ESP
> 0069:c70b3dcc
> [ 23.547695] ---[ end trace 1503f60e80439f5f ]---
> [ 23.547702] Fixing recursive fault but reboot is needed!
> [ 23.547720] ------------[ cut here ]------------
> [ 23.547728] kernel BUG at arch/x86/kernel/paravirt.c:241!
> [ 23.547735] invalid opcode: 0000 [#2] SMP
> [ 23.547744] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 23.549487]
> [ 23.549487] Pid: 1150, comm: aisexec Tainted: G D
> (2.6.25-2-xen-686 #1)
> [ 23.549487] EIP: 0061:[<c01151af>] EFLAGS: 00010002 CPU: 0
> [ 23.549487] EIP is at paravirt_enter_lazy_cpu+0x12/0x1e
> [ 23.549487] EAX: c034f0ac EBX: c755bb80 ECX: c11078c0 EDX: 00db5000
> [ 23.549487] ESI: c7c7d930 EDI: c6c86900 EBP: c7c678b0 ESP: c70b3c78
> [ 23.549487] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 23.549487] Process aisexec (pid: 1150, ti=c70b2000 task=c7c678b0
> task.ti=c70b2000)
> [ 23.549487] Stack: c027f18b 7b8d8911 00000005 c7c67a30 c11078c0
> 00000000 00000000 00000000
> [ 23.549487] 00000000 c7c678b0 c02c05f0 c11c0040 c0123709
> 0000000b c7c678b0 c02c05f0
> [ 23.549487] c11c0040 c01257a3 c0123709 c02c60fa c70b3cd8
> c70b3cd8 c70b3d94 00000000
> [ 23.549487] Call Trace:
> [ 23.549487] [<c027f18b>] schedule+0x448/0x5e9
> [ 23.549487] [<c0123709>] printk+0x14/0x18
> [ 23.549487] [<c01257a3>] do_exit+0xab/0x5c9
> [ 23.549487] [<c0123709>] printk+0x14/0x18
> [ 23.549487] [<c0107c9a>] die+0x156/0x15b
> [ 23.549487] [<c0107ee0>] do_invalid_op+0x0/0x6b
> [ 23.549487] [<c0107f42>] do_invalid_op+0x62/0x6b
> [ 23.549487] [<c0166254>] page_remove_rmap+0xcc/0xe7
> [ 23.549487] [<c0205c9f>] hvc_handle_interrupt+0x7/0x16
> [ 23.549487] [<c014e872>] handle_IRQ_event+0x23/0x51
> [ 23.549487] [<c014fb12>] handle_level_irq+0xac/0xb6
> [ 23.549487] [<c01271e5>] irq_exit+0x50/0x67
> [ 23.549487] [<c0108f1b>] do_IRQ+0x52/0x63
> [ 23.549487] [<c01035fe>] xen_evtchn_do_upcall+0x6c/0xa2
> [ 23.549487] [<c01074e8>] xen_hypervisor_callback+0x3c/0x44
> [ 23.549487] [<c0280792>] error_code+0x72/0x78
> [ 23.549487] [<c0166254>] page_remove_rmap+0xcc/0xe7
> [ 23.549487] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 23.549487] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 23.549487] [<c0102456>] xen_do_pin+0x12/0x57
> [ 23.549487] [<c01631f4>] exit_mmap+0x65/0xce
> [ 23.549487] [<c0120f86>] mmput+0x20/0x75
> [ 23.549487] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 23.549487] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 23.549487] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 23.549487] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 23.549487] [<c013be25>] do_futex+0x6e/0x901
> [ 23.549487] [<c0104066>] check_events+0x8/0xe
> [ 23.549487] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.549487] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 23.549487] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 23.549487] [<c0104066>] check_events+0x8/0xe
> [ 23.549487] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.549487] [<c0126f31>] do_softirq+0x4f/0x53
> [ 23.549487] [<c013c789>] sys_futex+0xd1/0xe6
> [ 23.549487] [<c010693c>] work_notifysig+0x13/0x1b
> [ 23.549487] =======================
> [ 23.549487] Code: 00 00 00 00 c3 b8 02 00 00 00 e9 d9 ff ff ff b8 01 00
> 00 00 e9 cf ff ff ff b8 ac f0 34 c0 64 8b 15 50 f0 34 c0 83 3c 10 00 74 04
> <0f> 0b eb fe c7 04 10 02 00 00 00 c3 53 89 c1 8b 42 18 89 41 04
> [ 23.549487] EIP: [<c01151af>] paravirt_enter_lazy_cpu+0x12/0x1e SS:ESP
> 0069:c70b3c78
> [ 23.549487] ---[ end trace 1503f60e80439f5f ]---
> [ 23.549487] Fixing recursive fault but reboot is needed!
> [ 23.546840] Eeek! page_mapcount(page) went negative! (-1232223395)
> [ 23.546857] page pfn = e002
> [ 23.546866] page->flags = 311cc483
> [ 23.546875] page->count = 5f5e5bc0
> [ 23.546884] page->mapping = 983b838d
> [ 23.546905] vma->vm_ops = 0x0
> [ 23.546934] ------------[ cut here ]------------
> [ 23.546945] kernel BUG at mm/rmap.c:669!
> [ 23.546955] invalid opcode: 0000 [#1] SMP
> [ 23.546970] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 23.547070]
> [ 23.547079] Pid: 1150, comm: aisexec Not tainted (2.6.25-2-xen-686 #1)
> [ 23.547092] EIP: 0061:[<c0166254>] EFLAGS: 00010246 CPU: 0
> [ 23.547109] EIP is at page_remove_rmap+0xcc/0xe7
> [ 23.547121] EAX: 00000000 EBX: c11c0040 ECX: c0360028 EDX: c0360028
> [ 23.547133] ESI: c6cd63e4 EDI: 69f29067 EBP: c11c0040 ESP: c70b3dcc
> [ 23.547146] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 23.547158] Process aisexec (pid: 1150, ti=c70b2000 task=c7c678b0
> task.ti=c70b2000)
> [ 23.547171] Stack: 0444b0e0 00000000 c015ef0c c01020c5 c1000000
> 07485067 00000000 c70b3f10
> [ 23.547205] c0102456 0625a025 00000000 00000000 c6cd63e4
> c70b3e7c 00000000 00000000
> [ 23.547238] 0444b0e0 00000000 00287000 b6848000 00000000
> 00000001 b6849000 c6c51010
> [ 23.547271] Call Trace:
> [ 23.547283] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 23.547301] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 23.547321] [<c0102456>] xen_do_pin+0x12/0x57
> [ 23.547344] [<c01631f4>] exit_mmap+0x65/0xce
> [ 23.547358] [<c0120f86>] mmput+0x20/0x75
> [ 23.547369] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 23.547381] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 23.547391] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 23.547403] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 23.547415] [<c013be25>] do_futex+0x6e/0x901
> [ 23.547428] [<c0104066>] check_events+0x8/0xe
> [ 23.547439] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.547449] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 23.547461] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 23.547471] [<c0104066>] check_events+0x8/0xe
> [ 23.547481] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.547492] [<c0126f31>] do_softirq+0x4f/0x53
> [ 23.547503] [<c013c789>] sys_futex+0xd1/0xe6
> [ 23.547514] [<c010693c>] work_notifysig+0x13/0x1b
> [ 23.547527] =======================
> [ 23.547532] Code: 8b 46 44 8b 50 08 b8 f3 cf 2c c0 e8 fe aa fd ff 8b 46
> 4c 85 c0 74 14 8b 40 10 85 c0 74 0d 8b 50 2c b8 11 d0 2c c0 e8 e3 aa fd ff
> <0f> 0b eb fe 8b 53 10 89 d8 5b 5e 83 e2 01 f7 da 83 c2 04 e9 cd
> [ 23.547679] EIP: [<c0166254>] page_remove_rmap+0xcc/0xe7 SS:ESP
> 0069:c70b3dcc
> [ 23.547695] ---[ end trace 1503f60e80439f5f ]---
> [ 23.547702] Fixing recursive fault but reboot is needed!
> [ 23.547720] ------------[ cut here ]------------
> [ 23.547728] kernel BUG at arch/x86/kernel/paravirt.c:241!
> [ 23.547735] invalid opcode: 0000 [#2] SMP
> [ 23.547744] Modules linked in: nfsd lockd nfs_acl auth_rpcgss sunrpc
> exportfs sctp ipv6 libcrc32c lock_dlm gfs2 dlm configfs evdev pcspkr ext3
> jbd mbcache dm_snapshot raid456 md_mod async_xor async_memcpy async_tx xor
> dm_mirror dm_mod
> [ 23.549487]
> [ 23.549487] Pid: 1150, comm: aisexec Tainted: G D
> (2.6.25-2-xen-686 #1)
> [ 23.549487] EIP: 0061:[<c01151af>] EFLAGS: 00010002 CPU: 0
> [ 23.549487] EIP is at paravirt_enter_lazy_cpu+0x12/0x1e
> [ 23.549487] EAX: c034f0ac EBX: c755bb80 ECX: c11078c0 EDX: 00db5000
> [ 23.549487] ESI: c7c7d930 EDI: c6c86900 EBP: c7c678b0 ESP: c70b3c78
> [ 23.549487] DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0069
> [ 23.549487] Process aisexec (pid: 1150, ti=c70b2000 task=c7c678b0
> task.ti=c70b2000)
> [ 23.549487] Stack: c027f18b 7b8d8911 00000005 c7c67a30 c11078c0
> 00000000 00000000 00000000
> [ 23.549487] 00000000 c7c678b0 c02c05f0 c11c0040 c0123709
> 0000000b c7c678b0 c02c05f0
> [ 23.549487] c11c0040 c01257a3 c0123709 c02c60fa c70b3cd8
> c70b3cd8 c70b3d94 00000000
> [ 23.549487] Call Trace:
> [ 23.549487] [<c027f18b>] schedule+0x448/0x5e9
> [ 23.549487] [<c0123709>] printk+0x14/0x18
> [ 23.549487] [<c01257a3>] do_exit+0xab/0x5c9
> [ 23.549487] [<c0123709>] printk+0x14/0x18
> [ 23.549487] [<c0107c9a>] die+0x156/0x15b
> [ 23.549487] [<c0107ee0>] do_invalid_op+0x0/0x6b
> [ 23.549487] [<c0107f42>] do_invalid_op+0x62/0x6b
> [ 23.549487] [<c0166254>] page_remove_rmap+0xcc/0xe7
> [ 23.549487] [<c0205c9f>] hvc_handle_interrupt+0x7/0x16
> [ 23.549487] [<c014e872>] handle_IRQ_event+0x23/0x51
> [ 23.549487] [<c014fb12>] handle_level_irq+0xac/0xb6
> [ 23.549487] [<c01271e5>] irq_exit+0x50/0x67
> [ 23.549487] [<c0108f1b>] do_IRQ+0x52/0x63
> [ 23.549487] [<c01035fe>] xen_evtchn_do_upcall+0x6c/0xa2
> [ 23.549487] [<c01074e8>] xen_hypervisor_callback+0x3c/0x44
> [ 23.549487] [<c0280792>] error_code+0x72/0x78
> [ 23.549487] [<c0166254>] page_remove_rmap+0xcc/0xe7
> [ 23.549487] [<c015ef0c>] unmap_vmas+0x43b/0x7b0
> [ 23.549487] [<c01020c5>] __xen_mc_entry+0x3d/0x78
> [ 23.549487] [<c0102456>] xen_do_pin+0x12/0x57
> [ 23.549487] [<c01631f4>] exit_mmap+0x65/0xce
> [ 23.549487] [<c0120f86>] mmput+0x20/0x75
> [ 23.549487] [<c01258dd>] do_exit+0x1e5/0x5c9
> [ 23.549487] [<c0125d2c>] do_group_exit+0x6b/0x82
> [ 23.549487] [<c012ccdf>] get_signal_to_deliver+0x2bf/0x2ec
> [ 23.549487] [<c0105f45>] do_notify_resume+0x81/0x671
> [ 23.549487] [<c013be25>] do_futex+0x6e/0x901
> [ 23.549487] [<c0104066>] check_events+0x8/0xe
> [ 23.549487] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.549487] [<c016ff92>] kmem_cache_free+0x49/0x4f
> [ 23.549487] [<c0102fa6>] force_evtchn_callback+0xa/0xc
> [ 23.549487] [<c0104066>] check_events+0x8/0xe
> [ 23.549487] [<c0103feb>] xen_restore_fl_direct_end+0x0/0x1
> [ 23.549487] [<c0126f31>] do_softirq+0x4f/0x53
> [ 23.549487] [<c013c789>] sys_futex+0xd1/0xe6
> [ 23.549487] [<c010693c>] work_notifysig+0x13/0x1b
> [ 23.549487] =======================
> [ 23.549487] Code: 00 00 00 00 c3 b8 02 00 00 00 e9 d9 ff ff ff b8 01 00
> 00 00 e9 cf ff ff ff b8 ac f0 34 c0 64 8b 15 50 f0 34 c0 83 3c 10 00 74 04
> <0f> 0b eb fe c7 04 10 02 00 00 00 c3 53 89 c1 8b 42 18 89 41 04
> [ 23.549487] EIP: [<c01151af>] paravirt_enter_lazy_cpu+0x12/0x1e SS:ESP
> 0069:c70b3c78
> [ 23.549487] ---[ end trace 1503f60e80439f5f ]---
> [ 23.549487] Fixing recursive fault but reboot is needed!
>
>
>
--
View this message in context: http://old.nabble.com/Bug-491911%3A-%22Eeek%21-page_mapcount%28page%29-went-negative%21%22-with-xen-and-redhat-cluster-suite-tp18595404p33314384.html
Sent from the debian-kernel mailing list archive at Nabble.com.
Reply to: