Note: This is a public test instance of Red Hat Bugzilla. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback at bugzilla.redhat.com.
Bug 1365686 - kernel BUG at mm/rmap.c:1288!
Summary: kernel BUG at mm/rmap.c:1288!
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 25
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: AcceptedFreezeException
Depends On:
Blocks: F25AlphaFreezeException
TreeView+ depends on / blocked
 
Reported: 2016-08-09 20:44 UTC by Tomasz Kłoczko
Modified: 2016-08-27 10:40 UTC (History)
10 users (show)

Fixed In Version: kernel-4.8.0-0.rc2.git3.1.fc25 kernel-4.8.0-0.rc1.git3.1.fc25
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2016-08-22 22:08:10 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)
3 days temperature (67.59 KB, image/png)
2016-08-19 11:01 UTC, Tomasz Kłoczko 		no flags Details
View All

Description Tomasz Kłoczko 2016-08-09 20:44:50 UTC 
Description of problem:
I've been trying to use tcpdump on wifi interface.
It was not possible to stop  or kill tcpdump.
In kernel dmesg I found:

[ 1013.718212] device wlp2s0 entered promiscuous mode
[ 1013.736003] page:ffffea0004380000 count:2 mapcount:0 mapping:          (null) index:0x0 compound_mapcount: 0
[ 1013.736013] flags: 0x17ffffc0004000(head)
[ 1013.736017] page dumped because: VM_BUG_ON_PAGE(!PageLocked(page))
[ 1013.736044] ------------[ cut here ]------------
[ 1013.736091] kernel BUG at mm/rmap.c:1288!
[ 1013.736113] invalid opcode: 0000 [#1] SMP
[ 1013.736145] Modules linked in: nfnetlink_queue nfnetlink_log nfnetlink rfcomm fuse target_core_mod ccm bnep arc4 uvcvideo iwldvm videobuf2_vmalloc mac80211 snd_hda_codec_hdmi videobuf2_memops snd_hda_codec_realtek intel_rapl videobuf2_v4l2 x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel iTCO_wdt videobuf2_core snd_hda_codec_generic btusb kvm iTCO_vendor_support iwlwifi snd_hda_intel irqbypass snd_hda_codec btrtl crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hda_core videodev cfg80211 intel_cstate btbcm rtsx_pci_ms intel_uncore btintel joydev media snd_hwdep memstick bluetooth intel_rapl_perf snd_seq snd_seq_device snd_pcm acpi_als mei_me kfifo_buf industrialio sony_laptop snd_timer rfkill i2c_i801 mei lpc_ich fjes tpm_tis tpm_tis_core tpm snd soundcore shpchp i2c_smbus btrfs xor
[ 1013.736793]  raid6_pq amdkfd amd_iommu_v2 rtsx_pci_sdmmc i915 mmc_core radeon crc32c_intel i2c_algo_bit serio_raw ttm drm_kms_helper drm r8169 rtsx_pci mii video
[ 1013.736925] CPU: 2 PID: 5013 Comm: tcpdump Not tainted 4.8.0-0.rc0.git5.1.fc26.x86_64 #1
[ 1013.736982] Hardware name: Sony Corporation VPCSB2M9E/VAIO, BIOS R2087H4 06/15/2012
[ 1013.737039] task: ffffa25a4dc48000 task.stack: ffffa25910b3c000
[ 1013.737080] RIP: 0010:[<ffffffffaa249157>]  [<ffffffffaa249157>] page_add_file_rmap+0x1d7/0x200
[ 1013.737139] RSP: 0018:ffffa25910b3fc70  EFLAGS: 00010246
[ 1013.737169] RAX: 0000000000000000 RBX: ffffea0004380000 RCX: 0000000000000006
[ 1013.737217] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffa25a569ce2a0
[ 1013.737265] RBP: ffffa25910b3fc80 R08: 0000000000000001 R09: 0000000000000001
[ 1013.737308] R10: ffffa25a4dc48000 R11: 000000000000081a R12: ffffea0004380000
[ 1013.737354] R13: ffffa259e7ed8000 R14: ffffa2590f090700 R15: 8000000000000027
[ 1013.737392] FS:  00007f7fe9ce9480(0000) GS:ffffa25a56800000(0000) knlGS:0000000000000000
[ 1013.737444] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1013.737487] CR2: 00007fc53c7f7b20 CR3: 000000010ecbc000 CR4: 00000000000406e0
[ 1013.737526] Stack:
[ 1013.737539]  ffffea0004380000 00007f7fe88e0000 ffffa25910b3fcc8 ffffffffaa23dab6
[ 1013.737602]  ffffa259184a0168 00000000c61f7435 0000000000000000 ffffa2590ecca4e8
[ 1013.737658]  ffffa2590e000000 00007f7fe88e0000 ffffffff80000000 ffffa25910b3fd28
[ 1013.737724] Call Trace:
[ 1013.737750]  [<ffffffffaa23dab6>] vm_insert_page+0x126/0x230
[ 1013.737795]  [<ffffffffaa8cc6be>] packet_mmap+0x18e/0x1f0
[ 1013.737841]  [<ffffffffaa77518d>] sock_mmap+0x1d/0x20
[ 1013.737883]  [<ffffffffaa2443e5>] mmap_region+0x3a5/0x640
[ 1013.737928]  [<ffffffffaa244a9b>] do_mmap+0x41b/0x4d0
[ 1013.737969]  [<ffffffffaa2222fc>] ? vm_mmap_pgoff+0x8c/0x100
[ 1013.738013]  [<ffffffffaa22232d>] vm_mmap_pgoff+0xbd/0x100
[ 1013.738061]  [<ffffffffaa242551>] SyS_mmap_pgoff+0x1c1/0x290
[ 1013.738107]  [<ffffffffaa1830ab>] ? __audit_syscall_exit+0x1db/0x260
[ 1013.738155]  [<ffffffffaa033bab>] SyS_mmap+0x1b/0x30
[ 1013.738183]  [<ffffffffaa003efc>] do_syscall_64+0x6c/0x1e0
[ 1013.738221]  [<ffffffffaa8f823f>] entry_SYSCALL64_slow_path+0x25/0x25
[ 1013.738268] Code: c4 48 8b 00 a8 01 0f 85 fb fe ff ff 0f 0b 48 c7 c6 e8 40 c7 aa e8 2a ab fe ff 0f 0b 48 c7 c6 60 38 c7 aa 4c 89 e7 e8 19 ab fe ff <0f> 0b 48 c7 c6 60 50 c7 aa 4c 89 e7 e8 08 ab fe ff 0f 0b 48 c7 
[ 1013.738627] RIP  [<ffffffffaa249157>] page_add_file_rmap+0x1d7/0x200
[ 1013.738681]  RSP <ffffa25910b3fc70>
[ 1013.746241] ---[ end trace 61301dcad33a4a75 ]---
[ 1013.746250] BUG: sleeping function called from invalid context at ./include/linux/sched.h:3049
[ 1013.746254] in_atomic(): 1, irqs_disabled(): 0, pid: 5013, name: tcpdump
[ 1013.746256] INFO: lockdep is turned off.
[ 1013.746261] CPU: 2 PID: 5013 Comm: tcpdump Tainted: G      D         4.8.0-0.rc0.git5.1.fc26.x86_64 #1
[ 1013.746264] Hardware name: Sony Corporation VPCSB2M9E/VAIO, BIOS R2087H4 06/15/2012
[ 1013.746267]  0000000000000286 00000000c61f7435 ffffa25910b3fe50 ffffffffaa465b63
[ 1013.746275]  ffffa25a4dc48000 ffffffffaac670f8 ffffa25910b3fe78 ffffffffaa0de759
[ 1013.746281]  ffffffffaac670f8 0000000000000be9 0000000000000000 ffffa25910b3fea0
[ 1013.746287] Call Trace:
[ 1013.746297]  [<ffffffffaa465b63>] dump_stack+0x86/0xc3
[ 1013.746303]  [<ffffffffaa0de759>] ___might_sleep+0x179/0x230
[ 1013.746307]  [<ffffffffaa0de859>] __might_sleep+0x49/0x80
[ 1013.746312]  [<ffffffffaa0c27b3>] exit_signals+0x33/0x160
[ 1013.746316]  [<ffffffffaa0b34d3>] do_exit+0xc3/0xd40
[ 1013.746322]  [<ffffffffaa8fa8b7>] rewind_stack_do_exit+0x17/0x20


Version-Release number of selected component (if applicable):

# uname -a
Linux domek 4.8.0-0.rc0.git5.1.fc26.x86_64 #1 SMP Wed Aug 3 09:59:24 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 lethalwp 2016-08-10 07:00:05 UTC 
I have the same problem since 4.8.0, still present in 4.8.0-rc1.git0-fc25
my wifi isn't enabled, and tried with my eth0 module unloaded, same problem.
just have to launch tcpdump with no parameter


If it helps,  another copy/paste of the dmesg:
[root@little ~]# tcpdump
[   19.421054] Netfilter messages via NETLINK v0.30.
[   19.457980] device enp0s25 entered promiscuous mode
[   19.462021] page:ffffea000fcfe000 count:2 mapcount:0 mapping:          (null) index:0x0 compound_mapcount: 0
[   19.462057] flags: 0x2ffffc00004000(head)
[   19.462067] page dumped because: VM_BUG_ON_PAGE(!PageLocked(page))
[   19.462090] ------------[ cut here ]------------
[   19.462100] kernel BUG at mm/rmap.c:1288!
[   19.462111] invalid opcode: 0000 [#1] SMP
[   19.462120] Modules linked in: nfnetlink_queue nfnetlink_log nfnetlink ppdev parport_pc parport ebtable_filter ebtables cmac bnep ip6t_REJECT nf_reject_ipv6 nf_conntrack_ipv6 nf_defrag_ipv6 ip6table_filter ip6_tables nf_conntrack_ipv4 nf_defrag_ipv4 xt_conntrack nf_conntrack nct6775 hwmon_vid vfat fat intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel iTCO_wdt intel_cstate iTCO_vendor_support snd_hda_codec_realtek intel_uncore snd_hda_codec_generic snd_hda_codec_hdmi intel_rapl_perf btusb btrtl btbcm btintel snd_hda_intel snd_hda_codec bluetooth snd_hda_core snd_hwdep snd_seq snd_seq_device snd_pcm rfkill i2c_i801 i2c_smbus snd_timer mei_me snd mei shpchp soundcore lpc_ich nuvoton_cir rc_core tpm_tis video tpm_tis_core tpm soc_button_array nfsd binfmt_misc auth_rpcgss nfs_acl lockd grace sunrpc amdkfd amd_iommu_v2 amdgpu i2c_algo_bit drm_kms_helper ttm crc32c_intel e1000e drm serio_raw ptp pps_core fjes
[   19.462408] CPU: 3 PID: 1660 Comm: tcpdump Not tainted 4.8.0-0.rc1.git0.1.fc25.x86_64 #1
[   19.462427] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Z87E-ITX, BIOS P2.50 07/11/2014
[   19.462448] task: ffff8f1a09a98000 task.stack: ffff8f19f3ef0000
[   19.462461] RIP: 0010:[<ffffffffa12013ed>]  [<ffffffffa12013ed>] page_add_file_rmap+0x1ad/0x1d0
[   19.462483] RSP: 0018:ffff8f19f3ef3c98  EFLAGS: 00010246
[   19.462496] RAX: 0000000000000000 RBX: ffffea000fcfe000 RCX: 0000000000000006
[   19.462512] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffff8f1a1ecce040
[   19.462528] RBP: ffff8f19f3ef3ca8 R08: 0000000000000000 R09: 0000000000000000
[   19.462544] R10: ffff8f1a1efe3000 R11: 00000000000003a9 R12: ffffea000fcfe000
[   19.462559] R13: ffff8f1a09a12640 R14: ffff8f1a05745c58 R15: 8000000000000027
[   19.462576] FS:  00007fb388348700(0000) GS:ffff8f1a1ecc0000(0000) knlGS:0000000000000000
[   19.462594] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   19.462607] CR2: 00007fb3883aa000 CR3: 000000040571c000 CR4: 00000000001406e0
[   19.462623] Stack:
[   19.462629]  ffffea000fcfe000 00007fb386f8b000 ffff8f19f3ef3cf0 ffffffffa11f6366
[   19.462650]  ffffea001015d170 00000000c7fcc9b9 0000000000000000 ffff8f1a03ac7ae8
[   19.462670]  ffff8f19f3f80000 00007fb386f8b000 ffffffff80000000 ffff8f19f3ef3d50
[   19.462690] Call Trace:
[   19.462699]  [<ffffffffa11f6366>] vm_insert_page+0x126/0x220
[   19.462713]  [<ffffffffa17db74c>] packet_mmap+0x18c/0x1f0
[   19.462726]  [<ffffffffa16b718d>] sock_mmap+0x1d/0x20
[   19.462738]  [<ffffffffa11fc9a5>] mmap_region+0x3a5/0x640
[   19.462751]  [<ffffffffa11fd04f>] do_mmap+0x40f/0x4c0
[   19.462764]  [<ffffffffa1361c5b>] ? security_mmap_file+0x6b/0xe0
[   19.462779]  [<ffffffffa11dd35a>] vm_mmap_pgoff+0xba/0xf0
[   19.462792]  [<ffffffffa11fab31>] SyS_mmap_pgoff+0x1c1/0x290
[   19.462805]  [<ffffffffa102be6b>] SyS_mmap+0x1b/0x30
[   19.462818]  [<ffffffffa17ff672>] entry_SYSCALL_64_fastpath+0x1a/0xa4
[   19.462833] Code: 10 c5 c3 a1 4c 89 e7 e8 b2 b9 fe ff 0f 0b 48 c7 c6 98 6f c4 a1 e8 a4 b9 fe ff 0f 0b 48 c7 c6 60 67 c4 a1 4c 89 e7 e8 93 b9 fe ff <0f> 0b 48 c7 c6 80 7d c4 a1 4c 89 e7 e8 82 b9 fe ff 0f 0b 48 c7
[   19.462945] RIP  [<ffffffffa12013ed>] page_add_file_rmap+0x1ad/0x1d0
[   19.462961]  RSP <ffff8f19f3ef3c98>
[   19.462976] ---[ end trace 4561fb9dd800abae ]---

Message from syslogd@little at Aug 10 08:49:05 ...
 kernel:page:ffffea000fcfe000 count:2 mapcount:0 mapping:          (null) index:0x0 compound_mapcount: 0

Message from syslogd@little at Aug 10 08:49:05 ...
 kernel:flags: 0x2ffffc00004000(head)
Comment 2 Adam Williamson 2016-08-10 19:52:43 UTC 
labbott says she'd like to have this fixed for Alpha, so nominating as a freeze exception. The use case I guess is if you want/need to do some TCP dumping from a live image.
Comment 3 Fedora Update System 2016-08-11 13:41:32 UTC 
kernel-4.8.0-0.rc1.git3.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-1784e6a050
Comment 4 Fedora Update System 2016-08-11 16:55:25 UTC 
kernel-4.8.0-0.rc1.git3.1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-1784e6a050
Comment 5 Tomasz Kłoczko 2016-08-13 10:12:42 UTC 
After upgrade to latest ernel and upgrade tcpdump package now seems everything is ok.

# uname -r;rpm -q tcpdump
4.8.0-0.rc1.git3.1.fc26.x86_64
tcpdump-4.8.0-1.fc26.x86_64
Comment 6 Adam Williamson 2016-08-13 14:21:39 UTC 
We need the bug open for F25 freeze exception tracking.
Comment 7 Geoffrey Marr 2016-08-15 19:17:37 UTC 
Discussed during the 2016-08-15 blocker review meeting: [1]

The decision to classify this bug as an AcceptedFreezeException was made as the bug seems significant enough to ensure it's fixed on the live images. Help from the kernel team on this one is appreciated.

[1] https://meetbot.fedoraproject.org/fedora-blocker-review/2016-08-15/f25-blocker-review.2016-08-15-16.00.txt
Comment 8 Laura Abbott 2016-08-15 19:44:38 UTC 
The patch is in the rawhide and F25.
Comment 9 Adam Williamson 2016-08-16 16:47:10 UTC 
tcpdump works fine with kernel-4.8.0-0.rc1.git3.1.fc25 .
Comment 10 Fedora Update System 2016-08-19 02:09:53 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 11 Tomasz Kłoczko 2016-08-19 11:01:31 UTC 
Created attachment 1192102 [details]
3 days temperature

Just had a look on 4 temperature sensors data which reading on this laptop.
Despite theoreticall much higher cpu usege by additional %softirq time seems CPU conumption measured as amout of heat generated in CPU is almost the same on kernels 4.5.5 and latest 4.8rc1.
These temperature data shows that kernel 4.5 or 4.8 cpu stats may be wrong.
It is as well possibility that cpu usage on both kernels are somehow broken as well.

Here is raw output of sensors command showing what is possibe tp measureon this laptop.

# sensors
coretemp-isa-0000
Adapter: ISA adapter
Physical id 0:  +81.0°C  (high = +86.0°C, crit = +100.0°C)
Core 0:         +74.0°C  (high = +86.0°C, crit = +100.0°C)
Core 1:         +81.0°C  (high = +86.0°C, crit = +100.0°C)

acpitz-virtual-0
Adapter: Virtual device
temp1:        +77.0°C  (crit = +97.0°C)

radeon-pci-0100
Adapter: PCI adapter
temp1:            N/A  (crit = +120.0°C, hyst = +90.0°C)
Comment 12 Tomasz Kłoczko 2016-08-19 11:04:39 UTC 
Sorry. Comment in wrong ticket. I cannot delete my commet :(
Comment 13 Fedora Update System 2016-08-19 16:50:44 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 14 Fedora Update System 2016-08-19 21:53:44 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 15 Fedora Update System 2016-08-19 22:08:28 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 16 Fedora Update System 2016-08-19 22:11:22 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 17 Fedora Update System 2016-08-19 22:15:55 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 18 Fedora Update System 2016-08-19 22:19:32 UTC 
kernel-4.8.0-0.rc2.git2.1.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 19 Fedora Update System 2016-08-20 18:50:45 UTC 
kernel-4.8.0-0.rc2.git3.1.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-0dd1a509c8
Comment 20 Fedora Update System 2016-08-22 22:07:52 UTC 
kernel-4.8.0-0.rc2.git3.1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
Comment 21 Fedora Update System 2016-08-27 10:40:21 UTC 
kernel-4.8.0-0.rc1.git3.1.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.