Re: kernel BUG at mm/highmem.c:259

From: Jens Axboe
Date: Tue Nov 03 2009 - 05:40:50 EST

Next message: Eric W. Biederman: "Re: [PATCH 1/3] sysfs directory scaling: rbtree for dirent name lookups"
Previous message: steven.zhang: "how to enable kernel support for Multi-Touch for synaptics touchpad"
In reply to: Todor Gyumyushev: "kernel BUG at mm/highmem.c:259"
Next in thread: Miklos Szeredi: "Re: kernel BUG at mm/highmem.c:259"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Nov 02 2009, Todor Gyumyushev wrote:
> Hello I got this recently
>
> Nov 2 22:21:52 macmini kernel: [ 50.576427] ------------[ cut here
> ]------------
> Nov 2 22:21:52 macmini kernel: [ 50.576543] kernel BUG at
> mm/highmem.c:259!
> Nov 2 22:21:52 macmini kernel: [ 50.576622] invalid opcode: 0000 [#1]
> SMP
> Nov 2 22:21:52 macmini kernel: [ 50.576785] last sysfs file:
> /sys/devices/pci0000:00/0000:00:1f.2/host0/target0:0:1/0:0:1:0/block/sda/size
> Nov 2 22:21:52 macmini kernel: [ 50.576902] Modules linked in: sr_mod
> cdrom btusb bluetooth usblp arc4 ecb rt73usb usb_storage crc_itu_t
> rt2x00usb rt2x00lib led_class input_polldev mac80211 fuse
> snd_hda_codec_idt intel_agp video agpgart snd_hda_intel backlight
> snd_hda_codec snd_hwdep snd_pcm snd_timer output iTCO_wdt evdev uhci_hcd
> snd_page_alloc iTCO_vendor_support sky2 ehci_hcd tpm_infineon tpm
> tpm_bios sg rtc_cmos rtc_core rtc_lib
> Nov 2 22:21:52 macmini kernel: [ 50.578349]
> Nov 2 22:21:52 macmini kernel: [ 50.578349] Pid: 1446, comm: dd Not
> tainted (2.6.31.5 #1) Macmini1,1
> Nov 2 22:21:52 macmini kernel: [ 50.578349] EIP: 0060:[<c108c9f1>]
> EFLAGS: 00010246 CPU: 0
> Nov 2 22:21:52 macmini kernel: [ 50.578349] EIP is at
> kunmap_high+0xa1/0xb0
> Nov 2 22:21:52 macmini kernel: [ 50.578349] EAX: 00000000 EBX:
> ffa6f000 ECX: 00000000 EDX: 00000000
> Nov 2 22:21:52 macmini kernel: [ 50.578349] ESI: 00000000 EDI:
> ffa6f000 EBP: f621be34 ESP: f621be18
> Nov 2 22:21:52 macmini kernel: [ 50.578349] DS: 007b ES: 007b FS:
> 00d8 GS: 00e0 SS: 0068
> Nov 2 22:21:52 macmini kernel: [ 50.578349] Process dd (pid: 1446,
> ti=f621b000 task=f6c65800 task.ti=f621b000)
> Nov 2 22:21:52 macmini kernel: [ 50.578349] Stack:
> Nov 2 22:21:52 macmini kernel: [ 50.578349] 0000001c 987dfcac
> 0000001c f82d77e9 013da5c0 f6f68380 ffa6f000 f6c54000
> Nov 2 22:21:52 macmini kernel: [ 50.578349] <0> 00000001 0000001c
> 00000000 987dfcac 00000001 00000000 0000001c 00000001
> Nov 2 22:21:52 macmini kernel: [ 50.578349] <0> f82d7cac 0000001c
> 00000001 f621be94 00000000 00000001 f6f68380 00001000
> Nov 2 22:21:52 macmini kernel: [ 50.578349] Call Trace:
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<f82d77e9>] ?
> fuse_ioctl_copy_user+0xe9/0x120 [fuse]
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<f82d7cac>] ?
> fuse_do_ioctl+0x48c/0x4c0 [fuse]
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<f82d7dfd>] ?
> fuse_file_ioctl+0x1d/0x40 [fuse]
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<f82d7de0>] ?
> fuse_file_ioctl+0x0/0x40 [fuse]
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c10b9e82>] ?
> vfs_ioctl+0x22/0xa0
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c10ba0a1>] ?
> do_vfs_ioctl+0x81/0x5e0
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c109061e>] ?
> handle_mm_fault+0x83e/0xa20
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c105a3d6>] ?
> getnstimeofday+0x56/0x120
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c10ba64d>] ?
> sys_ioctl+0x4d/0x90
> Nov 2 22:21:52 macmini kernel: [ 50.578349] [<c100324f>] ?
> sysenter_do_call+0x12/0x26
> Nov 2 22:21:52 macmini kernel: [ 50.578349] Code: 04 24 00 00 00 00
> b9 01 00 00 00 ba 03 00 00 00 b8 c8 f9 39 c1 e8 30 d6 f9 ff 8b 44 24 04
> 65 33 05 14 00 00 00 75 08 59 5b 5b c3 <0f> 0b eb fe e8 16 b8 fa ff 8d
> b6 00 00 00 00 55 57 56 53 31 db
> Nov 2 22:21:52 macmini kernel: [ 50.578349] EIP: [<c108c9f1>]
> kunmap_high+0xa1/0xb0 SS:ESP 0068:f621be18
> Nov 2 22:21:52 macmini kernel: [ 50.585117] ---[ end trace
> 0fd8c0da365d38aa ]---

Looks like another victim of the confusing kmap() vs kmap_atomic() API
differences.

diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index a3492f7..8a219bd 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -1599,7 +1599,7 @@ static int fuse_ioctl_copy_user(struct page **pages, struct iovec *iov,
kaddr += copy;
}

- kunmap(map);
+ kunmap(page);
}

return 0;

--
Jens Axboe

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric W. Biederman: "Re: [PATCH 1/3] sysfs directory scaling: rbtree for dirent name lookups"
Previous message: steven.zhang: "how to enable kernel support for Multi-Touch for synaptics touchpad"
In reply to: Todor Gyumyushev: "kernel BUG at mm/highmem.c:259"
Next in thread: Miklos Szeredi: "Re: kernel BUG at mm/highmem.c:259"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]