Opened 9 years ago

Last modified 3 years ago

#12397 new bug

KDL trigged in VFS by Tracker idle task

Reported by: jessicah Owned by: axeld
Priority: normal Milestone: Unscheduled
Component: File Systems/BFS Version: R1/Development
Keywords: Cc:
Blocked By: Blocking:
Platform: All

Description

KDL during idle, triggered by Tracker (also note the request to malloc 3GB): 

vm_soft_fault: va 0xdeb80000 not covered by area in address space
usb error ehci -1: vm_page_fault: vm_soft_fault returned error 'Bad address' on fault at 0xdeb8003b, ip 0x800e8fde, write 0, user 0, thread 0x389
malloc() of 3557031024 bytes asked
PANIC: vm_page_fault: unhandled page fault in kernel space at 0xdeb8003b, ip 0x800e8fde
 
Welcome to Kernel Debugging Land...
Thread 905 "TrackerTaskLoop" running on CPU 0
stack trace for thread 905 "TrackerTaskLoop"
    kernel stack: 0xd27bd000 to 0xd27c1000
      user stack: 0x7070e000 to 0x7074e000
frame               caller     <image>:function + offset
 0 d27c0ba4 (+  32) 801417e6   <kernel_x86> arch_debug_stack_trace + 0x12
 1 d27c0bc4 (+  16) 800a35f3   <kernel_x86> stack_trace_trampoline(NULL) + 0x0b
 2 d27c0bd4 (+  12) 80133866   <kernel_x86> arch_debug_call_with_fault_handler + 0x1b
 3 d27c0be0 (+  48) 800a5077   <kernel_x86> debug_call_with_fault_handler + 0x5f
 4 d27c0c10 (+  64) 800a3807   <kernel_x86> kernel_debugger_loop(0x80185697 "PANIC: ", 0x8019c200 "vm_page_fault: unhandled page fault in kernel space at 
0x%lx, ip 0x%lx
", 0xd27c0cbc ";", int32: 0) + 0x20f
 5 d27c0c50 (+  48) 800a3bab   <kernel_x86> kernel_debugger_internal(0x80185697 "PANIC: ", 0x8019c200 "vm_page_fault: unhandled page fault in kernel space
 at 0x%lx, ip 0x%lx
", 0xd27c0cbc ";", int32: 0) + 0x77
 6 d27c0c80 (+  48) 800a53ea   <kernel_x86> panic + 0x3a
 7 d27c0cb0 (+ 144) 8011880d   <kernel_x86> vm_page_fault + 0x13d
 8 d27c0d40 (+  80) 80142fc3   <kernel_x86> x86_page_fault_exception + 0x183
 9 d27c0d90 (+  12) 8013614c   <kernel_x86> int_bottom + 0x3c
kernel iframe at 0xd27c0d9c (end = 0xd27c0dec)
 eax 0xdeb7ffff    ebx 0x0            ecx 0x65f5c1    edx 0xf0250000
 esi 0x3           edi 0x3            ebp 0xd27c0e34  esp 0xd27c0dd0
 eip 0x800e8fde eflags 0x13286   
 vector: 0xe, error code: 0x0
10 d27c0d9c (+ 152) 800e8fde   <kernel_x86> lookup_vnode(int32: 3, int64: 6682049) + 0x66
11 d27c0e34 (+  64) 800f2321   <kernel_x86> fix_dirent(vnode*: 0xd652ee68, dirent*: 0xf0bb80c0, io_context*: 0xd3738888) + 0x115
12 d27c0e74 (+  48) 800f23f1   <kernel_x86> dir_read(io_context*: 0xd3738888, vnode*: 0xd652ee68, 0xd6527580, dirent*: 0xf0bb80c0, uint32: 0x11c (284), 0x
d27c0f30) + 0x6d
13 d27c0ea4 (+  64) 800f2203   <kernel_x86> dir_read(io_context*: 0xd3738888, file_descriptor*: 0xd6527370, dirent*: 0xf0bb80c0, uint32: 0x11c (284), 0xd2
7c0f30) + 0x2b
14 d27c0ee4 (+  96) 800dd857   <kernel_x86> _user_read_dir + 0x13b
15 d27c0f44 (+ 100) 8013634f   <kernel_x86> handle_syscall + 0xdc
user iframe at 0xd27c0fa8 (end = 0xd27c1000)
 eax 0x93          ebx 0x2264aac      ecx 0x7074d68c  edx 0x60ead114
 esi 0x7074d6fc    edi 0x187e57a0     ebp 0x7074d6b8  esp 0xd27c0fdc
 eip 0x60ead114 eflags 0x3202    user esp 0x7074d68c
 vector: 0x63, error code: 0x0
16 d27c0fa8 (+   0) 60ead114   <commpage> commpage_syscall + 0x04
17 7074d6b8 (+ 352) 0215e9cc   <libbe.so> BDirectory<0x187e57a0>::GetNextRef(entry_ref*: 0x7074d948) + 0xa8
18 7074d818 (+  96) 01989df0   <libtracker.so> BTrackerPrivate::TNodeWalker<0x187d59a8>::GetNextRef(entry_ref*: 0x7074d948) + 0xc0
19 7074d878 (+ 224) 01966bf9   <libtracker.so> BPrivate::DeleteTransientQueriesTask<0x186caea8>::GetSome(0x9ddb2912) + 0x51
20 7074d958 (+  48) 01966a51   <libtracker.so> BPrivate::DeleteTransientQueriesTask<0x186caea8>::DoSomeWork(0x9ddb2912) + 0x4d
21 7074d988 (+  48) 019685fb   <libtracker.so> BPrivate::DeleteTransientQueriesFunctor<0x186caed8>::__cl(0x9ddb2912) + 0x23
22 7074d9b8 (+  48) 019d43f7   <libtracker.so> BPrivate::RunWhenIdleTask<0x186deff0>::RunIfNeeded(int64: 6943353106) + 0xcb
23 7074d9e8 (+  64) 019d4c8b   <libtracker.so> BPrivate::TaskLoop<0x1863a248>::Pulse(0x0) + 0x77
24 7074da28 (+  64) 019d50a4   <libtracker.so> BPrivate::StandAloneTaskLoop<0x1863a248>::Run(0x0) + 0x8c
25 7074da68 (+  48) 019d500f   <libtracker.so> BPrivate::StandAloneTaskLoop<0x1863a248>::RunBinder(NULL) + 0x1f
26 7074da98 (+  48) 010df34b   <libroot.so> _get_next_team_info (nearest) + 0x5f
27 7074dac8 (+   0) 60ead250   <commpage> commpage_thread_exit + 0x00

Probably just my BFS getting corrupted again :(

Attachments (1)

CIMG4688-2.JPG (777.4 KB ) - added by X512 3 years ago.
I got similar crash on hrev55104.

Download all attachments as: .zip

Change History (3)

comment:1 by diver, 8 years ago

Component: - GeneralFile Systems/BFS
Owner: changed from nobody to axeld

by X512, 3 years ago

Attachment: CIMG4688-2.JPG added

I got similar crash on hrev55104.

comment:2 by X512, 3 years ago

File system seems to be fine except "blocks could be freed".

Note: See TracTickets for help on using tickets.