Bug#859779: BUG: unable to handle kernel paging request at 6f697468
Package: linux-source-3.16
Version: 3.16.7-ckt20-1+deb8u4
Severity: important
Tags: upstream
Dear Maintainer,
We are running this system under KVM. The KVM host is running:
  3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 
The client is running:
  3.16.0-4-686-pae #1 SMP Debian 3.16.7-ckt20-1+deb8u4
>From the 60 production systems, there is approx. 1 crash a day
Kernel trace:
[830686.141158] BUG: unable to handle kernel paging request at 6f697468
[830686.144584] IP: [<c122e493>] __blk_bios_map_sg+0x1f3/0x410
[830686.144584] *pdpt = 0000000033053001 *pde = 0000000000000000
[830686.144584] Oops: 0000 [#1] SMP
[830686.144584] Modules linked in: dm_snapshot dm_bufio nf_nat_ftp nf_conntrack_
ftp ipt_REJECT xt_limit xt_nat xt_LOG xt_tcpudp xt_state iptable_nat nf_nat_ipv4
 iptable_filter ip_tables x_tables nf_nat nf_conntrack_tftp nf_conntrack_ipv4 nf
_defrag_ipv4 nf_conntrack quota_v2 quota_tree nfsd auth_rpcgss oid_registry nfs_
acl nfs lockd sunrpc 8021q garp stp mrp llc 9p fscache raw fuse pvpanic parport_
pc parport joydev processor thermal_sys psmouse pcspkr serio_raw ttm evdev drm_k
ms_helper 9pnet_virtio virtio_balloon 9pnet drm i2c_piix4 i2c_core button hid_ge
neric usbhid hid ext4 crc16 mbcache jbd2 dm_mod md_mod sr_mod cdrom mptscsih mpt
base aic7xxx sym53c8xx scsi_transport_spi BusLogic ata_generic virtio_blk virtio
_net floppy uhci_hcd ehci_hcd ata_piix usbcore libata virtio_pci virtio_ring usb
_common virtio scsi_mod [last unloaded: nf_conntrack_ftp]
[830686.144584] CPU: 0 PID: 20285 Comm: kworker/u8:3 Not tainted 3.16.0-4-686-pa
e #1 Debian 3.16.7-ckt20-1+deb8u4
[830686.144584] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[830686.144584] Workqueue: writeback bdi_writeback_workfn (flush-252:23)
[830686.144584] task: eef87ab0 ti: f2f94000 task.ti: f2f94000
[830686.144584] EIP: 0060:[<c122e493>] EFLAGS: 00010202 CPU: 0
[830686.144584] EIP is at __blk_bios_map_sg+0x1f3/0x410
[830686.144584] EAX: 6f697468 EBX: 00000000 ECX: f4063b60 EDX: 6f697469
[830686.144584] ESI: 00000400 EDI: 00000000 EBP: f2f95bd4 ESP: f2f95b54
[830686.144584]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[830686.144584] CR0: 8005003b CR2: 6f697468 CR3: 364c5000 CR4: 000006f0
[830686.144584] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[830686.144584] DR6: fffe0ff0 DR7: 00000400
[830686.144584] Stack:
[830686.144584]  f6fca400 00000000 f3efa3a2 000004ec 00000000 00000000 c0020110
0b4db000
[830686.144584]  00000000 00000000 00000000 0e19b000 00000000 f659db68 0b4db000
00000000
[830686.144584]  01cc1800 00000080 00000400 f6eab110 f4063b60 00000000 00000002
f4063b60
[830686.144584] Call Trace:
[830686.144584]  [<c122e6df>] ? blk_rq_map_sg+0x2f/0x130
[830686.144584]  [<c1230bbc>] ? __blk_mq_alloc_request+0xac/0x1b0
[830686.144584]  [<f7ecf478>] ? virtio_queue_rq+0x98/0x220 [virtio_blk]
[830686.144584]  [<c1230a8c>] ? blk_mq_start_request+0x3c/0xc0
[830686.144584]  [<c1231d69>] ? __blk_mq_run_hw_queue+0x199/0x2c0
[830686.144584]  [<c1232e0a>] ? blk_mq_insert_requests+0xaa/0x100
[830686.144584]  [<c123376f>] ? blk_mq_flush_plug_list+0x10f/0x120
[830686.144584]  [<c122ab9e>] ? blk_flush_plug_list+0x9e/0x1b0
[830686.144584]  [<c122afa2>] ? blk_finish_plug+0x12/0x40
[830686.144584]  [<f80ade2a>] ? ext4_writepages+0x39a/0x660 [ext4]
[830686.144584]  [<c108a349>] ? find_busiest_group+0x29/0x4a0
[830686.144584]  [<c123376f>] ? blk_mq_flush_plug_list+0x10f/0x120
[830686.144584]  [<c112193a>] ? do_writepages+0x1a/0x40
[830686.144584]  [<c118f35c>] ? __writeback_single_inode+0x3c/0x1f0
[830686.144584]  [<c104a551>] ? pvclock_clocksource_read+0xc1/0x150
[830686.144584]  [<c11900bb>] ? writeback_sb_inodes+0x16b/0x2e0
[830686.144584]  [<c11902ac>] ? __writeback_inodes_wb+0x7c/0xb0
[830686.144584]  [<c11904d2>] ? wb_writeback+0x1f2/0x270
[830686.144584]  [<c1191f67>] ? bdi_writeback_workfn+0x177/0x370
[830686.144584]  [<c106dc35>] ? process_one_work+0x115/0x380
[830686.144584]  [<c10815d6>] ? try_to_wake_up+0x136/0x290
[830686.144584]  [<c106e3ed>] ? worker_thread+0xed/0x490
[830686.144584]  [<c106e300>] ? create_and_start_worker+0x50/0x50
[830686.144584]  [<c107362b>] ? kthread+0x9b/0xb0
[830686.144584]  [<c147e541>] ? ret_from_kernel_thread+0x21/0x30
[830686.144584]  [<c1073590>] ? kthread_create_on_node+0x110/0x110
[830686.144584] Code: bc 33 45 b8 89 da 09 c2 0f 84 e2 00 00 00 66 90 8b 45 08 83 21 fd 8b 00 e8 9b 0c 03 00 8b 5d 08 8b 4d dc 89 4d d0 89 03 8b 5d e4 <8b> 08 8b 55 d0 83 e1 03 f6 c2 03 0f 85 cd 01 00 00 89 58 04 8b
[830686.144584] EIP: [<c122e493>] __blk_bios_map_sg+0x1f3/0x410 SS:ESP 0068:f2f95b54
[830686.144584] CR2: 000000006f697468
[830686.144584] ---[ end trace 5dca640ac1886a84 ]---
[830686.185844] BUG: unable to handle kernel paging request at ffffffec
[830686.186794] IP: [<c1073aef>] kthread_data+0xf/0x20
[830686.187363] *pdpt = 000000000171a001 *pde = 000000000179e067 *pte = 0000000000000000
[830686.188353] Oops: 0000 [#2] SMP
[830686.188783] Modules linked in: dm_snapshot dm_bufio nf_nat_ftp nf_conntrack_ftp ipt_REJECT xt_limit xt_nat xt_LOG xt_tcpudp xt_state iptable_nat nf_nat_ipv4 iptable_filter ip_tables x_tables nf_nat nf_conntrack_tftp nf_conntrack_ipv4 nf_defrag_ipv4 nf_conntrack quota_v2 quota_tree nfsd auth_rpcgss oid_registry nfs_acl nfs lockd sunrpc 8021q garp stp mrp llc 9p fscache raw fuse pvpanic parport_pc parport joydev processor thermal_sys psmouse pcspkr serio_raw ttm evdev drm_kms_helper 9pnet_virtio virtio_balloon 9pnet drm i2c_piix4 i2c_core button hid_generic usbhid hid ext4 crc16 mbcache jbd2 dm_mod md_mod sr_mod cdrom mptscsih mptbase aic7xxx sym53c8xx scsi_transport_spi BusLogic ata_generic virtio_blk virtio_net floppy uhci_hcd ehci_hcd ata_piix usbcore libata virtio_pci virtio_ring usb_common virtio scsi_mod [last unloaded: nf_conntrack_ftp]
[830686.189504] CPU: 0 PID: 20285 Comm: kworker/u8:3 Tainted: G      D       3.16.0-4-686-pae #1 Debian 3.16.7-ckt20-1+deb8u4
[830686.189504] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[830686.189504] task: eef87ab0 ti: f2f94000 task.ti: f2f94000
[830686.189504] EIP: 0060:[<c1073aef>] EFLAGS: 00010002 CPU: 0
[830686.189504] EIP is at kthread_data+0xf/0x20
[830686.189504] EAX: 00000000 EBX: 00000000 ECX: 00000002 EDX: 00000000
[830686.189504] ESI: eef87d4c EDI: eef87ab0 EBP: f2f95930 ESP: f2f95928
[830686.189504]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[830686.189504] CR0: 8005003b CR2: 00000014 CR3: 36d45000 CR4: 000006f0
[830686.189504] DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000
[830686.189504] DR6: fffe0ff0 DR7: 00000400
[830686.189504] Stack:
[830686.189504]  c106e800 00000000 f2f959ac c147b3b1 0000000e 00000013 0000001a c1714000
[830686.189504]  c1714000 f2f95974 00000086 f75bb000 eef87ab0 f2f95980 c132b10e [830686.189504]  00000246 00000046 00000000 eef87ab0 eef87ab0 00000000 f2f9598c c10ab38c
[830686.189504] Call Trace:
[830686.189504]  [<c106e800>] ? wq_worker_sleeping+0x10/0x80
[830686.189504]  [<c147b3b1>] ? __schedule+0x411/0x6d0
[830686.189504]  [<c132b10e>] ? add_device_randomness+0xbe/0xf0
[830686.189504]  [<c10ab38c>] ? call_rcu_sched+0x1c/0x20
[830686.189504]  [<c10590ef>] ? do_exit+0x57f/0x900
[830686.189504]  [<c1059157>] ? do_exit+0x5e7/0x900
[830686.189504]  [<c101255e>] ? oops_end+0x8e/0xc0
[830686.189504]  [<c1476ad8>] ? no_context+0x1e5/0x1ed
[830686.189504]  [<c1476c1e>] ? __bad_area_nosemaphore+0x13e/0x146
[830686.189504]  [<c1478a88>] ? cache_grow.constprop.63+0x158/0x1e9
[830686.189504]  [<c1478aeb>] ? cache_grow.constprop.63+0x1bb/0x1e9
[830686.189504]  [<c1049320>] ? kvm_async_pf_task_wake+0xd0/0xd0
[830686.189504]  [<c1476c3d>] ? bad_area_nosemaphore+0x17/0x19
[830686.189504]  [<c104b9d9>] ? __do_page_fault+0x89/0x4d0
[830686.189504]  [<c111a0ce>] ? mempool_alloc+0x3e/0x100
[830686.189504]  [<f7ea4065>] ? virtqueue_add_sgs+0x345/0x5d0 [virtio_ring]
[830686.189504]  [<f7ea41b6>] ? virtqueue_add_sgs+0x496/0x5d0 [virtio_ring]
[830686.189504]  [<f7fd9b37>] ? __map_bio+0x37/0x100 [dm_mod]
[830686.189504]  [<c1049320>] ? kvm_async_pf_task_wake+0xd0/0xd0
[830686.189504]  [<c147f567>] ? error_code+0x67/0x6c
[830686.189504]  [<c122e493>] ? __blk_bios_map_sg+0x1f3/0x410
[830686.189504]  [<c122e6df>] ? blk_rq_map_sg+0x2f/0x130
[830686.189504]  [<c1230bbc>] ? __blk_mq_alloc_request+0xac/0x1b0
[830686.189504]  [<f7ecf478>] ? virtio_queue_rq+0x98/0x220 [virtio_blk]
[830686.189504]  [<c1230a8c>] ? blk_mq_start_request+0x3c/0xc0
[830686.189504]  [<c1231d69>] ? __blk_mq_run_hw_queue+0x199/0x2c0
[830686.189504]  [<c1232e0a>] ? blk_mq_insert_requests+0xaa/0x100
[830686.189504]  [<c123376f>] ? blk_mq_flush_plug_list+0x10f/0x120
[830686.189504]  [<c122ab9e>] ? blk_flush_plug_list+0x9e/0x1b0
[830686.189504]  [<c122afa2>] ? blk_finish_plug+0x12/0x40
[830686.189504]  [<f80ade2a>] ? ext4_writepages+0x39a/0x660 [ext4]
[830686.189504]  [<c108a349>] ? find_busiest_group+0x29/0x4a0
[830686.189504]  [<c123376f>] ? blk_mq_flush_plug_list+0x10f/0x120
[830686.189504]  [<c112193a>] ? do_writepages+0x1a/0x40
[830686.189504]  [<c118f35c>] ? __writeback_single_inode+0x3c/0x1f0
[830686.189504]  [<c104a551>] ? pvclock_clocksource_read+0xc1/0x150
[830686.189504]  [<c11900bb>] ? writeback_sb_inodes+0x16b/0x2e0
[830686.189504]  [<c11902ac>] ? __writeback_inodes_wb+0x7c/0xb0
[830686.189504]  [<c11904d2>] ? wb_writeback+0x1f2/0x270
[830686.189504]  [<c1191f67>] ? bdi_writeback_workfn+0x177/0x370
[830686.189504]  [<c106dc35>] ? process_one_work+0x115/0x380
[830686.189504]  [<c10815d6>] ? try_to_wake_up+0x136/0x290
[830686.189504]  [<c106e3ed>] ? worker_thread+0xed/0x490
[830686.189504]  [<c106e300>] ? create_and_start_worker+0x50/0x50
[830686.189504]  [<c107362b>] ? kthread+0x9b/0xb0
[830686.189504]  [<c147e541>] ? ret_from_kernel_thread+0x21/0x30
[830686.189504]  [<c1073590>] ? kthread_create_on_node+0x110/0x110
[830686.189504] Code: 8d 74 26 00 64 a1 14 e0 70 c1 8b 80 70 02 00 00 5d 8b 40 e4 c1 e8 02 83 e0 01 c3 90 55 89 e5 3e 8d 74 26 00 8b 80 70 02 00 00 5d <8b> 40 ec c3 8d b6 00 00 00 00 8d bc 27 00 00 00 00 55 89 e5 83
[830686.189504] EIP: [<c1073aef>] kthread_data+0xf/0x20 SS:ESP 0068:f2f95928
[830686.189504] CR2: 00000000ffffffec
[830686.189504] ---[ end trace 5dca640ac1886a85 ]---
[830686.189504] Fixing recursive fault but reboot is needed!
  -- At this point the system becomes unresponsive
-- System Information:
Debian Release: A bit of a mix between 7 and 8
  APT prefers stable
Architecture: i386 client, amd64 host
Reply to: