ubuntu-x-swat team mailing list archive

Thread
Date
[Bug 222229] Re: Firefox causes Kernel bug and crash

To: ubuntu-x-swat@xxxxxxxxxxxxxxxxxxx
From: mrlarkin <mrlarkin@xxxxxxx>
Date: Wed, 27 May 2009 19:27:28 -0000
Reply-to: Bug 222229 <222229@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Same here. Firefox crashed and I had to reboot.

program versions:
Ubuntu: 9.04 (amd64)
Firefox: 3.0.10+nobinonly-0ubuntu0.9.04.1
Kernel: linux-image-2.6.28-11-generic 2.6.28-11.42

system info:
---- /proc/cpuinfo ----
processor	: 0
vendor_id	: GenuineIntel
cpu family	: 6
model		: 23
model name	: Intel(R) Core(TM)2 Duo CPU     T9400  @ 2.53GHz
stepping	: 6
cpu MHz		: 800.000
cache size	: 6144 KB
physical id	: 0
siblings	: 2
core id		: 0
cpu cores	: 2
apicid		: 0
initial apicid	: 0
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 lahf_lm tpr_shadow vnmi flexpriority
bogomips	: 5053.67
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

processor	: 1
vendor_id	: GenuineIntel
cpu family	: 6
model		: 23
model name	: Intel(R) Core(TM)2 Duo CPU     T9400  @ 2.53GHz
stepping	: 6
cpu MHz		: 800.000
cache size	: 6144 KB
physical id	: 0
siblings	: 2
core id		: 1
cpu cores	: 2
apicid		: 1
initial apicid	: 1
fpu		: yes
fpu_exception	: yes
cpuid level	: 10
wp		: yes
flags		: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc arch_perfmon pebs bts rep_good pni dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm sse4_1 lahf_lm tpr_shadow vnmi flexpriority
bogomips	: 5053.97
clflush size	: 64
cache_alignment	: 64
address sizes	: 36 bits physical, 48 bits virtual
power management:

--- /proc/meminfo ---
MemTotal:        3869680 kB
MemFree:         2967276 kB
Buffers:           90740 kB
Cached:           322376 kB
SwapCached:            0 kB
Active:           603128 kB
Inactive:         166220 kB
Active(anon):     443004 kB
Inactive(anon):        8 kB
Active(file):     160124 kB
Inactive(file):   166212 kB
Unevictable:           8 kB
Mlocked:               8 kB
SwapTotal:       4000144 kB
SwapFree:        4000144 kB
Dirty:                 4 kB
Writeback:             0 kB
AnonPages:        356252 kB
Mapped:            88872 kB
Slab:              43868 kB
SReclaimable:      23356 kB
SUnreclaim:        20512 kB
PageTables:        19052 kB
NFS_Unstable:          0 kB
Bounce:                0 kB
WritebackTmp:          0 kB
CommitLimit:     5934984 kB
Committed_AS:    1070552 kB
VmallocTotal:   34359738367 kB
VmallocUsed:      338012 kB
VmallocChunk:   34359398907 kB
HugePages_Total:       0
HugePages_Free:        0
HugePages_Rsvd:        0
HugePages_Surp:        0
Hugepagesize:       2048 kB
DirectMap4k:       45056 kB
DirectMap2M:     4046848 kB

--- dmesg at crash ---
[30565.497826] swap_free: Bad swap offset entry ffffffffffff00
[30565.498138] Eeek! page_mapcount(page) went negative! (-1)
[30565.498142]   page pfn = 0
[30565.498145]   page->flags = 414
[30565.498149]   page->count = 1
[30565.498152]   page->mapping = 0000000000000000
[30565.498164]   vma->vm_ops = generic_file_vm_ops+0x0/0x40
[30565.498172]   vma->vm_ops->fault = filemap_fault+0x0/0x430
[30565.498179]   vma->vm_file->f_op->mmap = generic_file_mmap+0x0/0x60
[30565.498216] ------------[ cut here ]------------
[30565.498221] kernel BUG at /build/buildd/linux-2.6.28/mm/rmap.c:725!
[30565.498226] invalid opcode: 0000 [#1] SMP 
[30565.498233] last sysfs file: /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq
[30565.498239] Dumping ftrace buffer:
[30565.498244]    (ftrace buffer empty)
[30565.498248] CPU 0 
[30565.498252] Modules linked in: isofs usb_storage udf crc_itu_t aes_x86_64 aes_generic i915 drm binfmt_misc ppdev bridge stp bnep vboxnetflt vboxdrv input_polldev joydev lp parport snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy arc4 snd_seq_oss ecb snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq iwlagn iwlcore snd_timer snd_seq_device thinkpad_acpi uvcvideo pcmcia compat_ioctl32 snd mac80211 led_class psmouse videodev yenta_socket rsrc_nonstatic soundcore video nvram serio_raw pcspkr v4l1_compat intel_agp pcmcia_core ricoh_mmc sdhci_pci sdhci usbhid snd_page_alloc iTCO_wdt iTCO_vendor_support output cfg80211 btusb ohci1394 ieee1394 e1000e fbcon tileblit font bitblit softcursor
[30565.498360] Pid: 3538, comm: firefox Not tainted 2.6.28-11-generic #42-Ubuntu
[30565.498366] RIP: 0010:[<ffffffff802ce691>]  [<ffffffff802ce691>] page_remove_rmap+0x141/0x150
[30565.498378] RSP: 0018:ffff880142d91af8  EFLAGS: 00010296
[30565.498383] RAX: 000000000000004a RBX: ffffe20000000000 RCX: 0000000000000001
[30565.498388] RDX: ffff8800a75c9000 RSI: 0000000000000086 RDI: 0000000000000296
[30565.498393] RBP: ffff880142d91b08 R08: 0000000000000006 R09: 0000000000000000
[30565.498398] R10: ffff880142d91886 R11: ffff880142d91878 R12: ffff88013f088000
[30565.498403] R13: ffff880142d91ca8 R14: 00007f1d29c03000 R15: ffff88012c74c018
[30565.498409] FS:  0000000000000000(0000) GS:ffffffff80aa3000(0000) knlGS:0000000000000000
[30565.498414] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[30565.498419] CR2: 00000000027f00f0 CR3: 0000000000201000 CR4: 00000000000006a0
[30565.498423] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[30565.498428] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[30565.498434] Process firefox (pid: 3538, threadinfo ffff880142d90000, task ffff880129485980)
[30565.498439] Stack:
[30565.498442]  ffffe20000000000 ffff88002802e8c0 ffff880142d91b98 ffffffff802c2cf2
[30565.498450]  ffff880142d91b38 ffffe20000672390 ffffe200041b98a0 00000000000000ff
[30565.498460]  ffffe200041b98b0 00007f1d29d2d000 ffff88013f088000 ffff880149d96a40
[30565.498470] Call Trace:
[30565.498474]  [<ffffffff802c2cf2>] zap_pte_range+0x212/0x420
[30565.498482]  [<ffffffff802c3f7a>] unmap_page_range+0x2da/0x360
[30565.498490]  [<ffffffff802c47ff>] unmap_vmas+0x16f/0x2a0
[30565.498497]  [<ffffffff802c9533>] exit_mmap+0xb3/0x170
[30565.498505]  [<ffffffff8024eaf8>] mmput+0x38/0xd0
[30565.498513]  [<ffffffff80252f56>] exit_mm+0x116/0x150
[30565.498521]  [<ffffffff8069e471>] ? _spin_lock_irq+0x11/0x20
[30565.498530]  [<ffffffff80254f0c>] do_exit+0x16c/0x3b0
[30565.498538]  [<ffffffff80255192>] do_group_exit+0x42/0xc0
[30565.498546]  [<ffffffff802607ac>] get_signal_to_deliver+0x1ac/0x3a0
[30565.498554]  [<ffffffff80212625>] ? sysret_signal+0x3d/0x67
[30565.498562]  [<ffffffff80212230>] do_signal+0x70/0x1e0
[30565.498568]  [<ffffffff8024a580>] ? default_wake_function+0x0/0x10
[30565.498576]  [<ffffffff80278ba6>] ? do_futex+0x86/0x140
[30565.498583]  [<ffffffff80278d26>] ? sys_futex+0xc6/0x170
[30565.498589]  [<ffffffff80212625>] ? sysret_signal+0x3d/0x67
[30565.498596]  [<ffffffff802123dd>] do_notify_resume+0x3d/0x40
[30565.498602]  [<ffffffff802129c7>] ptregscall_common+0x67/0xb0
[30565.498610] Code: e8 95 f9 ff ff 49 8b 84 24 90 00 00 00 48 85 c0 74 19 48 8b 40 20 48 85 c0 74 10 48 8b 70 58 48 c7 c7 80 ab 7f 80 e8 6f f9 ff ff <0f> 0b eb fe 66 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 
[30565.498682] RIP  [<ffffffff802ce691>] page_remove_rmap+0x141/0x150
[30565.498690]  RSP <ffff880142d91af8>
[30565.498695] ---[ end trace b5475a881e197e49 ]---
[30565.498700] Fixing recursive fault but reboot is needed!

-- 
Firefox causes Kernel bug and crash
https://bugs.launchpad.net/bugs/222229
You received this bug notification because you are a member of Ubuntu-X,
which is subscribed to linux-restricted-modules-2.6.24 in ubuntu.