In message <[EMAIL PROTECTED]>,Matthew Miller writes: >Unable to handle kernel paging request at virtual address 0008008e > printing eip: >c0131d35 >*pde = 12d54067 >Oops: 0000 [#1] >DEBUG_PAGEALLOC >Modules linked in: libafs(U) radeon parport_pc lp parport autofs4 sunrpc >iptable_filter ip_tables video button battery ac md5 ipv6 usbled ohci1394 >ieee1394 uhci_hcd ehci_hcd i2c_viapro i2c_core snd_via82xx snd_ac97_codec >snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd_page_alloc gameport >snd_mpu401_uart snd_rawmidi snd_seq_device snd soundcore sk98lin floppy >dm_snapshot dm_zero dm_mirror ext3 jbd dm_mod sata_promise sata_via libata >sd_mod scsi_mod >CPU: 0 >EIP: 0060:[<c0131d35>] Tainted: P VLI >EFLAGS: 00010216 (2.6.10-1.727_FC3) >EIP is at bit_waitqueue+0x2f/0x42 >eax: b9b92403 ebx: 0007ff56 ecx: 00000020 edx: 00000003 >esi: e118a120 edi: e11860e4 ebp: e0ce1680 esp: d35c9c7c >ds: 007b es: 007b ss: 0068 >Process ls (pid: 5462, threadinfo=d35c9000 task=d1837aa0) >Stack: 00000003 c0131cfb e1189f84 e0f413d0 c017a832 e1189f84 e134cbe8 c017aad6 > e1189f84 e0f1be5b e1189f84 e0f21969 00000202 00000000 00000000 c964e120 > 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 >Call Trace: > [<c0131cfb>] wake_up_bit+0xb/0x16 > [<e0f413d0>] afs_delete_inode+0x0/0x10 [libafs] > [<c017a832>] generic_delete_inode+0x20a/0x224 > [<c017aad6>] iput+0x5f/0x61 > [<e0f1be5b>] afs_PutVCache+0x4c/0x93 [libafs] > [<e0f21969>] afs_DoBulkStat+0x5f8/0x144a [libafs] > [<e08c4b3a>] __ext3_journal_stop+0x19/0x34 [ext3] > [<e0f0f3bc>] afs_dir_GetBlob+0xb/0x1e [libafs] > [<e0f0f45a>] FindItem+0x5c/0xde [libafs] > [<e0f0f20d>] afs_dir_LookupOffset+0x4c/0x53 [libafs] > [<e0f230c6>] afs_lookup+0x90b/0xf79 [libafs]
i took a little look at this problem this morning. its back to 'where does afs get its inodes'. the wake_up_bit() mechanism has replaced 'per object' wait queues (atleast when testing for single bit changes). the actual wait queue to use is determined using a hash on page->flags (which encodes the zone table in the lower 8 bits). afs inodes come from a vmalloc() since afs gets all the inodes in one go. vmalloc()'d memory apparently doesnt get mapped to any particular zone. so when an afs inode uses wake_up_bit() they index off the end of the zone_page table. i verified this by forcing afs_osi_Alloc() to always use kmalloc() and starting afsd with suitably smallish parameters. works fine. a real fix? two options i guess, dont get all the inodes in one go. its a linked list in memory, so just get them one at a time to make sure we use kmalloc(). or, and likely a better solution in the long term, just get inodes the 'normal' way from the kernel (i had some code to do this at one point and lost it, i have seen some code from a suse developer as well to do the same thing). _______________________________________________ OpenAFS-devel mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-devel
