[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#883413: linux-image-4.14.0-1-amd64: WARN_ON_ONCE in page_counter_cancel() in mm/page_counter.c

Severity: serious
Justification: kernel panic

I experimented a little and disabled cgroupv2 on that server. Because I 
had some issues during boot I attempted to enable 
NetworkManager-wait-online.service using systemd, but that instantly 
resulted in the following kernel panic:

[   69.485816] ------------[ cut here ]------------
[   69.490485] WARNING: CPU: 1 PID: 1 at /build/linux-NHzxYj/linux-4.14.7/kernel/fork.c:419 __put_task_struct+0xf0/0x150
[   69.501108] Modules linked in: binfmt_misc vhost_net vhost tap tun xt_multiport devlink iptable_filter bridge 8021q garp mrp stp llc fuse i915 nls_ascii nls_cp437 vfat fat intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ast ttm hci_uart btqca ghash_clmulni_intel drm_kms_helper btintel intel_cstate intel_uncore bluetooth efi_pstore intel_rapl_perf sg mei_me pcspkr drbg efivars iTCO_wdt joydev ansi_cprng evdev cdc_acm iTCO_vendor_support drm mei shpchp intel_pch_thermal ie31200_edac battery ecdh_generic intel_lpss_acpi rfkill intel_lpss mfd_core video button acpi_als acpi_power_meter acpi_pad kfifo_buf industrialio ipmi_si ipmi_devintf ipmi_msghandler nfsd auth_rpcgss nfs_acl lockd grace sunrpc efivarfs ip_tables x_tables autofs4 ext4
[   69.571558]  crc16 mbcache jbd2 crc32c_generic fscrypto ecb dm_mod ses enclosure sd_mod scsi_transport_sas hid_generic usbhid xhci_pci crc32c_intel xhci_hcd igb ixgbe i2c_algo_bit aesni_intel ahci dca aes_x86_64 libahci usbcore ptp crypto_simd libata cryptd megaraid_sas glue_helper usb_common i2c_i801 pps_core mdio scsi_mod fan thermal i2c_hid hid
[   69.602324] CPU: 1 PID: 1 Comm: systemd Not tainted 4.14.0-2-amd64 #1 Debian 4.14.7-1
[   69.610168] Hardware name: Supermicro Super Server/X11SSH-F, BIOS 2.0b 07/27/2017
[   69.617665] task: ffffa0552173a040 task.stack: ffffb46243168000
[   69.623601] RIP: 0010:__put_task_struct+0xf0/0x150
[   69.628403] RSP: 0018:ffffb4624316bda0 EFLAGS: 00010246
[   69.633644] RAX: 0000000000000000 RBX: ffffa054db731410 RCX: 0000000000000001
[   69.640795] RDX: ffffb4624316be40 RSI: ffffa054db731410 RDI: ffffa054db731410
[   69.647944] RBP: ffffb4624316bdb0 R08: 0000000000001000 R09: 000000000000000c
[   69.655095] R10: 0000000000000020 R11: ffffa054b84a500b R12: ffffb4624316bf18
[   69.662244] R13: ffffa0551e7e7a00 R14: ffffa054db731410 R15: ffffa0551d8bcc00
[   69.669395] FS:  00007f18193e4980(0000) GS:ffffa05545040000(0000) knlGS:0000000000000000
[   69.677498] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   69.683260] CR2: 00005582ad204068 CR3: 00000008603ae003 CR4: 00000000003626e0
[   69.690410] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   69.697561] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   69.704709] Call Trace:
[   69.707166]  css_task_iter_next+0x74/0x80
[   69.711195]  cgroup_procs_next+0x16/0x20
[   69.715130]  cgroup_seqfile_next+0x1a/0x20
[   69.719239]  kernfs_seq_next+0x27/0x60
[   69.722999]  seq_read+0x2ce/0x3f0
[   69.726327]  kernfs_fop_read+0x134/0x180
[   69.730263]  ? security_file_permission+0x9b/0xc0
[   69.734975]  __vfs_read+0x18/0x40
[   69.738295]  vfs_read+0x8e/0x130
[   69.741527]  SyS_read+0x55/0xc0
[   69.744675]  system_call_fast_compare_end+0xc/0x97
[   69.749483] RIP: 0033:0x7f1818d0076d
[   69.753061] RSP: 002b:00007ffc19d1a880 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
[   69.760644] RAX: ffffffffffffffda RBX: 00005582ad1d9440 RCX: 00007f1818d0076d
[   69.767794] RDX: 0000000000001000 RSI: 00005582ad1f60e0 RDI: 000000000000001d
[   69.774945] RBP: 00007f1818fbc440 R08: 00007f1818fc0188 R09: 0000000000001010
[   69.782094] R10: 0000000000000020 R11: 0000000000000293 R12: 0000000000000000
[   69.789669] R13: 0000000000000000 R14: 000000000000001d R15: 00005582ad0a15c0
[   69.797296] Code: 49 8b 94 24 d8 03 00 00 48 85 d2 74 06 f0 ff 4a 5c 74 2c 48 8b 3d 29 42 e5 00 4c 89 e6 e8 c9 a7 19 00 eb a2 0f ff e9 4a ff ff ff <0f> ff 8b 43 48 85 c0 0f 84 2b ff ff ff 0f ff e9 24 ff ff ff 48 
[   69.817117] ---[ end trace 29e4513e3e583259 ]---
[   69.822245] BUG: unable to handle kernel NULL pointer dereference at 00000000000000b0
[   69.830959] IP: pids_free+0x15/0x40
[   69.834908] PGD 0 P4D 0 
[   69.837873] Oops: 0000 [#1] SMP
[   69.841488] Modules linked in: binfmt_misc vhost_net vhost tap tun xt_multiport devlink iptable_filter bridge 8021q garp mrp stp llc fuse i915 nls_ascii nls_cp437 vfat fat intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ast ttm hci_uart btqca ghash_clmulni_intel drm_kms_helper btintel intel_cstate intel_uncore bluetooth efi_pstore intel_rapl_perf sg mei_me pcspkr drbg efivars iTCO_wdt joydev ansi_cprng evdev cdc_acm iTCO_vendor_support drm mei shpchp intel_pch_thermal ie31200_edac battery ecdh_generic intel_lpss_acpi rfkill intel_lpss mfd_core video button acpi_als acpi_power_meter acpi_pad kfifo_buf industrialio ipmi_si ipmi_devintf ipmi_msghandler nfsd auth_rpcgss nfs_acl lockd grace sunrpc efivarfs ip_tables x_tables autofs4 ext4
[   69.914840]  crc16 mbcache jbd2 crc32c_generic fscrypto ecb dm_mod ses enclosure sd_mod scsi_transport_sas hid_generic usbhid xhci_pci crc32c_intel xhci_hcd igb ixgbe i2c_algo_bit aesni_intel ahci dca aes_x86_64 libahci usbcore ptp crypto_simd libata cryptd megaraid_sas glue_helper usb_common i2c_i801 pps_core mdio scsi_mod fan thermal i2c_hid hid
[   69.946865] CPU: 1 PID: 1 Comm: systemd Tainted: G        W       4.14.0-2-amd64 #1 Debian 4.14.7-1
[   69.956360] Hardware name: Supermicro Super Server/X11SSH-F, BIOS 2.0b 07/27/2017
[   69.964301] task: ffffa0552173a040 task.stack: ffffb46243168000
[   69.970681] RIP: 0010:pids_free+0x15/0x40
[   69.975149] RSP: 0018:ffffb4624316bd48 EFLAGS: 00010246
[   69.980829] RAX: ffffa054fb9b3878 RBX: 0000000000000000 RCX: 000000000000000a
[   69.988420] RDX: 000000000000000a RSI: 000000000000000b RDI: ffffa054db731410
[   69.996002] RBP: ffffb4624316bd50 R08: 0000000000001000 R09: 000000000000000c
[   70.003585] R10: 0000000000000020 R11: ffffa054b84a500b R12: ffffa054db731410
[   70.011169] R13: ffffffffbc85c1a0 R14: ffffa054fb9b3878 R15: ffffa0551d8bcc00
[   70.018754] FS:  00007f18193e4980(0000) GS:ffffa05545040000(0000) knlGS:0000000000000000
[   70.027298] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   70.033521] CR2: 00000000000000b0 CR3: 00000008603ae003 CR4: 00000000003626e0
[   70.041364] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   70.048974] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   70.056702] Call Trace:
[   70.059618]  cgroup_free+0x62/0xe0
[   70.063491]  __put_task_struct+0x42/0x150
[   70.067961]  css_task_iter_next+0x74/0x80
[   70.072432]  cgroup_procs_next+0x16/0x20
[   70.076820]  cgroup_seqfile_next+0x1a/0x20
[   70.081377]  kernfs_seq_next+0x27/0x60
[   70.085590]  seq_read+0x2ce/0x3f0
[   70.089368]  kernfs_fop_read+0x134/0x180
[   70.093753]  ? security_file_permission+0x9b/0xc0
[   70.098970]  __vfs_read+0x18/0x40
[   70.102741]  vfs_read+0x8e/0x130
[   70.106424]  SyS_read+0x55/0xc0
[   70.110021]  system_call_fast_compare_end+0xc/0x97
[   70.115316] RIP: 0033:0x7f1818d0076d
[   70.119344] RSP: 002b:00007ffc19d1a880 EFLAGS: 00000293 ORIG_RAX: 0000000000000000
[   70.127360] RAX: ffffffffffffffda RBX: 00005582ad1d9440 RCX: 00007f1818d0076d
[   70.134936] RDX: 0000000000001000 RSI: 00005582ad1f60e0 RDI: 000000000000001d
[   70.142502] RBP: 00007f1818fbc440 R08: 00007f1818fc0188 R09: 0000000000001010
[   70.150067] R10: 0000000000000020 R11: 0000000000000293 R12: 0000000000000000
[   70.157675] R13: 0000000000000000 R14: 000000000000001d R15: 00005582ad0a15c0
[   70.165233] Code: b0 00 00 00 00 75 e7 5b 5d c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 53 48 8b 87 70 08 00 00 48 8b 58 50 <48> 83 bb b0 00 00 00 00 74 19 48 89 df e8 e9 fc ff ff 48 8b 9b 
[   70.184961] RIP: pids_free+0x15/0x40 RSP: ffffb4624316bd48
[   70.190878] CR2: 00000000000000b0
[   70.194615] ---[ end trace 29e4513e3e58325a ]---
[   71.923126] systemd: 49 output lines suppressed due to ratelimiting
[   71.929864] Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000009
[   71.929864] 
[   71.940121] Kernel Offset: 0x3ac00000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[   75.216438] Rebooting in 120 seconds..

For the avoidance of doubt, this was obtained with the following kernel cmdline:

BOOT_IMAGE=/boot/vmlinuz-4.14.0-2-amd64 root=/dev/mapper/vg_tarquin-rootfs ro intel_iommu=on vsyscall=emulate scsi_mod.use_blk_mq=Y dm_mod.use_blk_mq=Y intel_pstate=passive i915.disable_display=Y apparmor=0 console=ttyS1,115200n8 console=tty0

And the trigger for this was running:

systemctl enable NetworkManager-wait-online.service

I don't know that this is the same bug at all, but I'm keeping it on this report for now as it seems at least related somehow.

HTH,
Chris

-- 
Chris Boot
bootc@debian.org
Reply to: