Bug 162469

Summary: memory problems and kernel panic with CIFS mounts
Product: [Fedora] Fedora Reporter: paul.knowles
Component: kernelAssignee: Dave Jones <davej>
Status: CLOSED CANTFIX QA Contact: Brian Brock <bbrock>
Severity: high Docs Contact:
Priority: medium    
Version: 3CC: pfrields, wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-10-03 01:13:15 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description paul.knowles 2005-07-05 09:53:33 UTC 
Description of problem:
Since regular samba mounts are broken (Bug 162038)
We test with the cifs file system.  Server is linux 2.4 kernel, 
client is Fedora FC3. Mounting the share succeeds, trying to list 
files or otherwise access the drive generates a kernel panic.

Version-Release number of selected component (if applicable):
kernel-2.6.11-1.35_FC3, vanilla 2.6.10, user tools:samba-3.0.10-1.fc3

How reproducible: Every Time


Steps to Reproduce:
1. mount.cifs \\\\physpr19\\FILE_SHARE /mnt/physpr19/ -o pass=#####
2. ls /mnt/physpr19/<DIR_with_250_files>

Actual results:
/bin/ls: reading directory /mnt/physpr19/SCAN/thompson/: Cannot allocate memory
and a kernel panic is dumped to the logs.

Expected results:
A regular listing of the files on the device should have been produced.

Additional info:
kernel-2.6.11-1.35_FC3:
Unable to handle kernel paging request at virtual address f8000000
 printing eip:
f8cddf20
*pde = 00000000
Oops: 0000 [#1]
Modules linked in: nls_utf8 cifs mga drm nfsd exportfs lockd parport_pc lp parpo
rt autofs4 sunrpc microcode dm_mod video button battery ac uhci_hcd ohci_hcd ehc
i_hcd hw_random i2c_i801 i2c_core snd_intel8x0 snd_ac97_codec snd_pcm_oss snd_mi
xer_oss snd_pcm snd_timer snd soundcore snd_page_alloc 8139too e100 mii floppy s
r_mod st ext3 jbd raid1 3w_xxxx aic7xxx sd_mod scsi_mod
CPU:    0
EIP:    0060:[<f8cddf20>]    Not tainted VLI
EFLAGS: 00010293   (2.6.11-1.35_FC3) 
EIP is at cifs_get_name_from_search_buf+0x6b/0x13d [cifs]
eax: f889841d   ebx: f8000000   ecx: c11296db   edx: 52d8815f
esi: 8f4d8f15   edi: d22c95f6   ebp: ce90be5c   esp: ce90be1c
ds: 007b   es: 007b   ss: 0068
Process ls (pid: 18105, threadinfo=ce90b000 task=f42ba730)
Stack: 0000000c d22c95aa ce90bfa0 ca237f00 ef1ce180 d22c95b6 f8cde081 00000000 
       f88cb480 ce90be58 00000008 c018b167 00000008 daeac5ec cc6646b0 00000000 
       6343b576 e6e600e6 d22c95f6 ca237f00 d22c95b6 00000000 ef1ce180 ca237f00 
Call Trace:
 [<f8cde081>] cifs_filldir2+0x8f/0x188 [cifs]
 [<c018b167>] filldir64+0x0/0xd0
 [<f8cde3ec>] cifs_readdir2+0x1ad/0x41d [cifs]
 [<c015be83>] pte_alloc_map+0xd8/0x1bc
 [<c018b167>] filldir64+0x0/0xd0
 [<f8cd33b0>] cifs_readdir+0x44/0xe75 [cifs]
 [<c0203cca>] __copy_to_user_ll+0x4a/0x5b
 [<c0117b20>] do_page_fault+0x1c9/0x54e
 [<c018b167>] filldir64+0x0/0xd0
 [<c018b167>] filldir64+0x0/0xd0
 [<c018aefa>] vfs_readdir+0x96/0xab
 [<c018b2a3>] sys_getdents64+0x6c/0xbe
 [<c0103903>] syscall_call+0x7/0xb
Code: 81 f9 04 01 0f 85 c2 00 00 00 8d 7e 52 8b 5e 3c 8b 44 24 1c 85 c0 75 46 89
 f9 89 7d 08 89 d8 89 5d 04 89 cb 31 f6 8d 48 ff eb 21 <0f> b6 03 83 e9 01 83 c3
 01 89 c2 c1 e8 04 c1 e2 04 01 f2 01 c2 
 <3> CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xea2d0b00

 640b0000 424d53ff 00000032 00418000 . . . d ÿ S M B 2 . . . . . A .
 00000000 00000000 00000000 46b90001 . . . . . . . . . . . . . . ¹ F
 00380106 78000a0a . . 8 . .
 CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xea2d0b00

 640b0000 424d53ff 00000032 00418000 . . . d ÿ S M B 2 . . . . . A .
 00000000 00000000 00000000 46b90001 . . . . . . . . . . . . . . ¹ F
 00380106 78000a0a . . 8 . .
 CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xea2d0b00

 460b0000 424d53ff 00000032 00418000 . . . F ÿ S M B 2 . . . . . A .
 00000000 00000000 00000000 46b90001 . . . . . . . . . . . . . . ¹ F
 00380106 78000a0a . . 8 . .

Linux version 2.6.11-1.35_FC3 (bhcompile.redhat.com) (gcc version 3.4
.3 20050227 (Red Hat 3.4.3-22)) #1 Mon Jun 13 00:52:08 EDT 2005



kernel 2.6.10 (custom on FC3)
 CIFS VFS: Failed allocating dentry
 CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xda578420

 640b0000 424d53ff 00000032 00418000 . . . d � S M B 2 . . . . . A .
 00000000 00000000 00000000 78a50001 . . . . . . . . . . . . . . � x
 033801a6 78000a0a � . 8 . .
 CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xda578420

 640b0000 424d53ff 00000032 00418000 . . . d � S M B 2 . . . . . A .
 00000000 00000000 00000000 78a50001 . . . . . . . . . . . . . . � x
 033801a6 78000a0a � . 8 . .
 CIFS VFS: No task to wake, unknown frame rcvd!
Received Data is: : dump of 37 bytes of data at 0xda578420

 460b0000 424d53ff 00000032 00418000 . . . F � S M B 2 . . . . . A .
 00000000 00000000 00000000 78a50001 . . . . . . . . . . . . . . � x
 033801a6 78000a0a � . 8 . .


The userland smbclient can access the files in question.  This works,
but is not multiuser friendly.
Comment 1 Dave Jones 2005-07-15 20:37:39 UTC 
An update has been released for Fedora Core 3 (kernel-2.6.12-1.1372_FC3) which
may contain a fix for your problem.   Please update to this new kernel, and
report whether or not it fixes your problem.

If you have updated to Fedora Core 4 since this bug was opened, and the problem
still occurs with the latest updates for that release, please change the version
field of this bug to 'fc4'.

Thank you.
Comment 2 Dave Jones 2005-10-03 01:13:15 UTC 
This bug has been automatically closed as part of a mass update.
It had been in NEEDINFO state since July 2005.
If this bug still exists in current errata kernels, please reopen this bug.

There are a large number of inactive bugs in the database, and this is the only
way to purge them.

Thank you.