Bug 9108

Summary: recent reiserfs bugs with non-default blocksize
Product: File System Reporter: Randy Dunlap (randy.dunlap)
Component: ReiserFSAssignee: Edward Shishkin (edward.shishkin)
Status: DEFERRED WILL_FIX_LATER    
Severity: normal CC: kernel
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.23-rc8-git2 Subsystem:
Regression: --- Bisected commit-id:

Description Randy Dunlap 2007-10-01 10:57:16 UTC 
Most recent kernel where this bug did not occur: bug is intermittent.
Distribution: custom kernel
Hardware Environment: x86_64
Software Environment:
Problem Description: Various reiserfs bugs

Steps to reproduce: Run fsx-linux a lot, using various block sizes, various
journal modes, and varying "notail" option.

One of these bug reports is from 2.6.20, so I don't consider these as regressions.

2.6.20-rc5:  see http://marc.info/?l=linux-kernel&m=116866921329267
(unanswered)

2.6.23-rc6-git3:  see http://marc.info/?l=linux-kernel&m=118971359806971&w=2
(subject says -git4, but that was incorrect)
(unanswered)

2.6.23-rc8-git2:  (new)
blocksize=2kb, data=journal,notail:

[10963.304664] ReiserFS: sdb1: found reiserfs format "3.6" with standard journal
[10963.311823] ReiserFS: sdb1: using journaled data mode
[10963.323233] ReiserFS: sdb1: journal params: device sdb1, size 8192, journal first block 34, max trans len 512, max batch 450, max commit age 30, max trans age 30
[10963.339034] ReiserFS: sdb1: checking transaction log (sdb1)
[10963.602239] ReiserFS: sdb1: Using r5 hash to sort names
[10969.085864] Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP:
[10969.091361]  [<ffffffff88026e51>] :reiserfs:do_journal_end+0x5ce/0xcde
[10969.100359] PGD 11c196067 PUD 11c195067 PMD 0
[10969.104861] Oops: 0000 [1] SMP
[10969.108040] CPU 1
[10969.110075] Modules linked in: reiserfs loop
[10969.114406] Pid: 22769, comm: pdflush Not tainted 2.6.23-rc8-git2 #1
[10969.120753] RIP: 0010:[<ffffffff88026e51>]  [<ffffffff88026e51>] :reiserfs:do_journal_end+0x5ce/0xcde
[10969.129995] RSP: 0018:ffff810106043c80  EFLAGS: 00010282
[10969.135303] RAX: 0000000000000000 RBX: ffffc200102bed00 RCX: ffff810109a34000
[10969.142430] RDX: 0000000000af4000 RSI: 000000000000057a RDI: ffffc20010292220
[10969.149558] RBP: ffff810106043d50 R08: 0000000000000005 R09: 0000000000000000
[10969.156685] R10: ffffc200102bed00 R11: 0000000000000048 R12: ffffc200102bc4c8
[10969.163812] R13: ffffc200102bed00 R14: ffffc20010282000 R15: ffff81011fcd1000
[10969.170941] FS:  0000000000000000(0000) GS:ffff81011fc75e40(0000) knlGS:0000000000000000
[10969.179021] CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
[10969.184762] CR2: 0000000000000000 CR3: 000000011c0c6000 CR4: 00000000000006e0
[10969.191889] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[10969.199018] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[10969.206145] Process pdflush (pid: 22769, threadinfo ffff810106042000, task ffff81010752f040)
[10969.214571] Stack:  0000000000000282 ffff81011fce0000 ffff810106043d50 ffff810100000004
[10969.222642]  ffff810106043d90 0000000000af4000 ffff810109a34000 ffff810117ba2800
[10969.230099]  ffff81010d11a2d0 ffffffff880277be 0000000400000000 ffff81011d7a36c0
[10969.237374] Call Trace:
[10969.240019]  [<ffffffff880277be>] :reiserfs:do_journal_begin_r+0x108/0x33d
[10969.246894]  [<ffffffff880275d6>] :reiserfs:journal_end_sync+0x75/0x7e
[10969.253424]  [<ffffffff88019008>] :reiserfs:reiserfs_sync_fs+0x41/0x67
[10969.259953]  [<ffffffff8801903c>] :reiserfs:reiserfs_write_super+0xe/0x10
[10969.266739]  [<ffffffff8028ae09>] sync_supers+0x67/0xb6
[10969.271959]  [<ffffffff8026e5b9>] pdflush+0x0/0x1ed
[10969.276833]  [<ffffffff8026e223>] wb_kupdate+0x4e/0x136
[10969.282056]  [<ffffffff8026e5b9>] pdflush+0x0/0x1ed
[10969.286931]  [<ffffffff8026e6fb>] pdflush+0x142/0x1ed
[10969.291980]  [<ffffffff8026e1d5>] wb_kupdate+0x0/0x136
[10969.297117]  [<ffffffff8024b9a7>] kthread+0x49/0x76
[10969.301993]  [<ffffffff8020c308>] child_rip+0xa/0x12
[10969.306955]  [<ffffffff8024b95e>] kthread+0x0/0x76
[10969.311743]  [<ffffffff8020c2fe>] child_rip+0x0/0x12
[10969.318203] Code: 8b 00 66 85 c0 0f 89 97 01 00 00 4c 89 ff 44 89 85 48 ff ff
[10969.327279] RIP  [<ffffffff88026e51>] :reiserfs:do_journal_end+0x5ce/0xcde
[10969.334172]  RSP <ffff810106043c80>
[10969.337663] CR2: 0000000000000000
[10969.341303] Kernel panic - not syncing: Fatal exception
[10969.346542] Rebooting in 30 seconds..
Comment 1 Daniel Drake 2008-12-23 02:55:28 UTC 
Another report of this:
https://bugs.gentoo.org/show_bug.cgi?id=251691
Comment 2 Edward Shishkin 2009-01-10 13:25:43 UTC 
Yes, this is an old bug, not a regression..

I'll take a look at this as soon as I have a spare time.
For now, please, use the latest release of reiserfsprogs(3.6.21),
where small blocksizes are disabled:
http://www.kernel.org/pub/linux/utils/fs/reiserfs/reiserfsprogs-3.6.21.tar.gz

Thanks,
Edward.