Re: 2.6.21.3 Oops (was Re: XFS internal error xfs_da_do_buf(2) at line 2087 of file fs/xfs/xfs_da_btree.c. Caller 0xc01b00bd)

On Thu, 21 Jun 2007, Marco Berizzi wrote:

> > > Some RCU callback (that calls kmem_cache_free()) oopsed and
> > > panic'ed his box. [ Marco had experienced fs issues lately, so we
> > could
> > > suspect file_free_rcu() here, but I can't really tell from the stack
> > trace;
> > > BTW whats with the rampant disease in the kernel to declare as
> inline
> > > even those functions exclusively meant to be dereferenced and passed
> > > as pointers to call_rcu()?! ]


The BUG_ON that triggers this signals us that someone tried to perform
a kfree or kmem_cache_free on an object that is not in a slab page.


> Hello everybody.
> Few minutes ago 2.6.22-rc5 has been
> crashed with this error (see also the
> bitmap at http://80.204.235.230/foto2.jpg).
> Just for record: if I build linux
> with 'Debug slab memory allocations'
> the box doesn't crash.

Hmmm.. That is strange and could point to some sort of race condition.

1. The object is freed. It is the last page on the slab. Thus slab 
decommissions the page and resets PageSlab.

2. Another process tries to free the object again. Now the page is no 
longer marked as being a SLAB page. Thus the BUG_ON is triggered.

Can you try the same with SLUB? Boot with "slub_debug". If you cannot 
trigger the error anymore do limited debugging by booting with
"slub_debug=F". Maybe that will be enough to trigger the race.

> Jun 21 14:27:43 Pleiadi kernel: ------------[ cut here ]------------
> Jun 21 14:27:43 Pleiadi kernel: kernel BUG at mm/slab.c:591!

BUG_ON(!PageSlab(page));

> Jun 21 14:27:43 Pleiadi kernel: Call Trace:
> Jun 21 14:27:43 Pleiadi kernel:  [<c016a9c0>] d_kill+0x40/0x52
> Jun 21 14:27:43 Pleiadi kernel:  [<c016aa3c>] dput+0x6a/0xdc
> Jun 21 14:27:43 Pleiadi kernel:  [<c015be3f>] __fput+0xf8/0x15b
> Jun 21 14:27:43 Pleiadi kernel:  [<c015a5c3>] filp_close+0x3c/0x7b
> Jun 21 14:27:43 Pleiadi kernel:  [<c021342d>] copy_to_user+0x32/0x45
> Jun 21 14:27:43 Pleiadi kernel:  [<c015a665>] sys_close+0x63/0xb2
> Jun 21 14:27:43 Pleiadi kernel:  [<c0102834>] syscall_call+0x7/0xb

dentry already freed?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: 2.6.21.3 Oops (was Re: XFS internal error xfs_da_do_buf(2) at line 2087 of file fs/xfs/xfs_da_btree.c. Caller 0xc01b00bd)
    • From: "Marco Berizzi" <[email protected]>

• References:
  • Re: 2.6.21.3 Oops (was Re: XFS internal error xfs_da_do_buf(2) at line 2087 of file fs/xfs/xfs_da_btree.c. Caller 0xc01b00bd)
    • From: "Marco Berizzi" <[email protected]>

• Prev by Date: Re: [PATCH for 2.6.22] [6/10] x86: Only make Macintosh drivers default on Macs
• Next by Date: Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
• Previous by thread: Re: 2.6.21.3 Oops (was Re: XFS internal error xfs_da_do_buf(2) at line 2087 of file fs/xfs/xfs_da_btree.c. Caller 0xc01b00bd)
• Next by thread: Re: 2.6.21.3 Oops (was Re: XFS internal error xfs_da_do_buf(2) at line 2087 of file fs/xfs/xfs_da_btree.c. Caller 0xc01b00bd)
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]