Bug 168854 - Kernel panic when removing logical volume with name length greater than 16 characters
Kernel panic when removing logical volume with name length greater than 16 ch...
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Alasdair Kergon
Cluster QE
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-09-20 14:08 EDT by Henry Harris
Modified: 2007-11-30 17:07 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-12-05 11:29:49 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Henry Harris 2005-09-20 14:08:26 EDT
Description of problem: Attempting to remove logical volume with a name length 
greater than 16 characters causes a kernel panic.


Version-Release number of selected component (if applicable):
2.01.14-1.0

How reproducible: Every time


Steps to Reproduce:
1. Create a logical volume with a name greater than 16 characters long
2. lmremove the lv just created
3.
  
Actual results: Kernel paniced


Expected results: LV removed


Additional info:

This looks like the same issue that Ben Marzinski fixed
  before where a pointer was dereferenced to and invalid
  low memory address causing a panic. This panic stack
  is coming from the thread, clvmd, that called the unlink() 
  system call (i.e. so the clvmd app was removing a file 
  from a directory).
 
  e1000: eth6: e1000_watchdog: NIC Link is Down

  <1>Unable to handle kernel NULL pointer dereference at 

  0000000000000049 RIP:

  
  Stack traceback for pid 2589

  0x00000100e58e77f0     2589        1  1    1   R  0x00000100e58e7bf0 *clvmd

  RSP           RIP                Function (args)

  0x100e52c7e50 0xffffffff801e54ed rb_first+0xa

  0x100e52c7e68 0xffffffff8016dc0d mpol_free_shared_policy+0x35

  0x100e52c7e88 0xffffffff801707e7 shmem_destroy_inode+0x11

  0x100e52c7e98 0xffffffff8018a593 destroy_inode+0x42 (0xffffffff8018ba72)

  0x100e52c7ea8 0xffffffff8018bb9f generic_delete_inode+0x12d (0x0)

  0x100e52c7ec8 0xffffffff8018a9e1 iput+0x78

  0x100e52c7ed8 0xffffffff8018226a sys_unlink+0x105
Comment 1 Alasdair Kergon 2005-09-20 14:39:51 EDT
Since this was a kernel panic, exactly which kernel was it from?
Comment 3 Christine Caulfield 2005-09-21 09:44:13 EDT
Reassign to agk. It should be assigned to RHEL4/kernel but I can't seem to do that.
Comment 4 Alasdair Kergon 2005-12-05 11:29:49 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2005-514.html

Note You need to log in before you can comment on or make changes to this bug.