Bug 128483

Summary: ReiserFS caused kernel panic and system hung
Product: [Fedora] Fedora Reporter: VJ <vj>
Component: reiserfs-utilsAssignee: Jeff Garzik <jgarzik>
Status: CLOSED INSUFFICIENT_DATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 4CC: barryn, mattdm, peterm
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-02-13 22:23:05 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description VJ 2004-07-23 15:13:46 UTC 
This is how I got this error
1) Created a 300Mb file using dd if=/dev/zero of=lindisk.img
2) Created reiserfs file system on it using block size 512 and forcing
it(because it insisted).
3) mounted the file as loop device.

In daily usage (copying / creating / deleting files or directories) it
 caused my system to hang. I could ping my system, could get ssh
prompt and also could enter login and password using putty, but could
not get to prompt.

My root file system is also reiserfs.

Jul 23 15:49:16 MyComputer kernel: ReiserFS: loop0: warning: vs-8111:
get_num_ver: split_item_position is out of boundary
Jul 23 15:49:16 MyComputer kernel: ReiserFS: loop0: warning: vs-8115:
get_num_ver: not directory item
Jul 23 15:49:16 MyComputer kernel: Unable to handle kernel NULL
pointer dereference at virtual address 00000196
Jul 23 15:49:16 MyComputer kernel:  printing eip:
Jul 23 15:49:16 MyComputer kernel: 128a4c8c
Jul 23 15:49:16 MyComputer kernel: *pde = 00000000
Jul 23 15:49:16 MyComputer kernel: Oops: 0000 [#1]
Jul 23 15:49:16 MyComputer kernel: Modules linked in: snd_mixer_oss
r128 snd_emu10k1 snd_rawmidi snd_pcm snd_timer snd_se
q_device snd_ac97_codec snd_page_alloc snd_util_mem snd_hwdep snd
soundcore ipt_state ipt_MASQUERADE iptable_nat ip_conntrack iptable
_filter ip_tables nfsd exportfs lockd ipv6 parport_pc lp parport
autofs4 sunrpc e100 mii sg scsi_mod ohci1394 ieee1394 ext3 jbd loop
nls_utf8 nls_cp437 vfat fat dm_mod button battery asus_acpi ac reiserfs
Jul 23 15:49:16 MyComputer kernel: CPU:    0
Jul 23 15:49:16 MyComputer kernel: EIP:    0060:[<128a4c8c>]    Not
tainted
Jul 23 15:49:16 MyComputer kernel: EFLAGS: 00010202   (2.6.6-1.435.2.3)
Jul 23 15:49:16 MyComputer kernel: EIP is at get_num_ver+0x13/0x2fc
[reiserfs]
Jul 23 15:49:16 MyComputer kernel: eax: 00000069   ebx: 00000000  
ecx: 00000000   edx: 00000006
Jul 23 15:49:16 MyComputer kernel: esi: ffffffff   edi: 0cf6ac00  
ebp: 00000001   esp: 061bd5b0
Jul 23 15:49:16 MyComputer kernel: ds: 007b   es: 007b   ss: 0068
Jul 23 15:49:16 MyComputer kernel: Process mv (pid: 4998,
threadinfo=061bd000 task=0b618f10)
Jul 23 15:49:16 MyComputer kernel: Stack: 00000000 00000000 00000000
00000006 00000004 000001e8 00000084 0cf6ac00
Jul 23 15:49:16 MyComputer kernel:        00000006 00000006 00000006
00000006 00000000 0cf6ac00 00000001 128a5cf9
Jul 23 15:49:16 MyComputer kernel:        00000000 ffffffff 00000000
ffffffff 061bd66e 00000001 02281b10 11f926b8
Jul 23 15:49:16 MyComputer kernel: Call Trace:
Jul 23 15:49:16 MyComputer kernel:  [<128a5cf9>]
ip_check_balance+0x3ea/0x83b [reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<02281b10>] schedule+0x34c/0x369
Jul 23 15:49:16 MyComputer kernel:  [<021f6d83>]
ide_do_request+0x244/0x262
Jul 23 15:49:16 MyComputer kernel:  [<128a6cd5>] fix_nodes+0xfc/0x307
[reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<128b0f74>]
reiserfs_insert_item+0x1e0/0x28c [reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<128a2961>]
reiserfs_allocate_blocks_for_region+0xe8c/0x10c7 [reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<128ade01>] pathrelse+0x1b/0x29
[reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<128a3dc8>]
reiserfs_file_write+0x43b/0x5ae [reiserfs]
Jul 23 15:49:16 MyComputer kernel:  [<02182761>] inode_has_perm+0x57/0x5f
Jul 23 15:49:16 MyComputer kernel:  [<0212c764>]
generic_file_read+0x66/0x7d
Jul 23 15:49:16 MyComputer kernel:  [<0214219c>] vfs_write+0xb8/0xe4
Jul 23 15:49:16 MyComputer kernel:  [<02142236>] sys_write+0x2c/0x42
Jul 23 15:49:16 MyComputer kernel:
Jul 23 15:49:16 MyComputer kernel: Code: 8b 82 90 01 00 00 c7 44 24 24
ff ff ff ff c7 44 24 28 ff ff
Comment 1 VJ 2004-07-23 15:20:35 UTC 
I am sorry for giving partial information

Kernel version : 2.6.6-1.435.2.3 #1 Thu Jul 1 08:25:29 EDT 2004 i686 
athlon i386 GNU/Linux
Comment 2 Matthew Miller 2005-04-26 15:01:33 UTC 
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
Comment 3 Ted Kaczmarek 2005-11-08 13:48:16 UTC 
Seeing soemthing simillar on FC4 with 2.6.13-1.1526_FC4smp and  
2.6.13-1.1526_FC4 kernels.
kernel:CPU:0
kernel:EIP:0060:[<f8ac30a4>]
kernel:EFLAGS:00010202
kernel:EIPis
kernel:eax:00000004
kernel:esi:10000000
kernel:ds:007b
kernel:Processmv
kernel:Stack:00000000
kernel:0000040000000000
kernel:0000007000000034
kernel:CallTrace:
kernel:[<f8ac4336>]fix_nodes+0x109/0x35d
kernel:[<c016d279>]inode_add_bytes+0x14/0x52
kernel:[<f8ad15ca>]reiserfs_paste_into_item+0x121/0x206
kernel:[<f8abf2f8>]reiserfs_allocate_blocks_for_region+0x116d/0x13d0
kernel:[<c0166123>]alloc_page_buffers+0x71/0xb7
kernel:[<f8ac0bb4>]reiserfs_file_write+0x621/0x63a
kernel:[<c014675e>]__generic_file_aio_read+0x16a/0x224
kernel:[<f8ac0593>]reiserfs_file_write+0x0/0x63a
kernel:[<c016432a>]vfs_write+0xa2/0x15a
kernel:[<c016448d>]sys_write+0x41/0x6a
kernel:[<c010395d>]syscall_call+0x7/0xb
kernel:Code:fb
kernel:Badnessin
kernel:[<c0123ec8>]do_exit+0x3ed/0x3f2
kernel:[<c0104cb7>]do_trap+0x0/0xb4
kernel:[<c011969b>]do_page_fault+0x225/0x6cc
kernel:[<f8ac27f0>]get_far_parent+0x1fd/0x260
kernel:[<c01dccd9>]vsprintf+0x12/0x16
kernel:[<c0121662>]printk+0x1b/0x1f
kernel:[<f8ac879f>]reiserfs_warning+0x3b/0x59
kernel:[<c0119476>]do_page_fault+0x0/0x6cc
kernel:[<c01044eb>]error_code+0x4f/0x54
kernel:[<f8ac30a4>]ip_check_balance+0x6d0/0xba9
kernel:[<f8ac4336>]fix_nodes+0x109/0x35d
kernel:[<c016d279>]inode_add_bytes+0x14/0x52
kernel:[<f8ad15ca>]reiserfs_paste_into_item+0x121/0x206
kernel:[<f8abf2f8>]reiserfs_allocate_blocks_for_region+0x116d/0x13d0
kernel:[<c0166123>]alloc_page_buffers+0x71/0xb7
kernel:[<f8ac0bb4>]reiserfs_file_write+0x621/0x63a
kernel:[<c014675e>]__generic_file_aio_read+0x16a/0x224
kernel:[<f8ac0593>]reiserfs_file_write+0x0/0x63a
kernel:[<c016432a>]vfs_write+0xa2/0x15a
kernel:[<c016448d>]sys_write+0x41/0x6a
kernel:[<c010395d>]syscall_call+0x7/0xb

00:02.5 IDE interface: Silicon Integrated Systems [SiS] 5513 [IDE] (prog-if 80
[Master])
        Subsystem: CLEVO/KAPOK Computer: Unknown device 0402
        Control: I/O+ Mem- BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr-
Stepping- SERR- FastB2B-
        Status: Cap- 66Mhz- UDF- FastB2B- ParErr- DEVSEL=medium >TAbort-
<TAbort- <MAbort- >SERR- <PERR-
        Latency: 128
        Interrupt: pin ? routed to IRQ 185
        Region 4: I/O ports at 1000 [size=16]
Comment 4 petrosyan 2008-02-03 09:42:35 UTC 
Fedora 4 is not maintained anymore. Can you reproduce this bug in Fedora 7 or 8?
Comment 5 petrosyan 2008-02-13 22:23:05 UTC 
Setting status to "INSUFFICIENT_DATA". If you can reproduce this bug in the
current Fedora release, please reopen this bug and assign it to the
corresponding Fedora version.