Hardware Environment: AMD Athlon(tm) XP 3000+ , not smp Software Environment: Reiserfs + usr quota enabled Problem Description: ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (6924839) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7809292) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7809885) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7810216) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7811698) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7812011) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7812404) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7813157) ReiserFS: sda3: warning: vs-15011: reiserfs_release_objectid: tried to free free object id (7813425) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) ReiserFS: sda3: warning: vs-13060: reiserfs_update_sd: stat data of object [5882601 5882606 0x0 SD] (nlink == 1) not found (pos 19) TCP: Treason uncloaked! Peer 200.114.207.51:64840/80 shrinks window 2791985686:2792001470. Repaired. ReiserFS: warning: vs-16090: direntry_bytes_number: bytes number is asked for direntry ReiserFS: warning: vs-16090: direntry_bytes_number: bytes number is asked for direntry REISERFS: panic (device Null superblock): free space 4024, entry_count 1 ------------[ cut here ]------------ kernel BUG at fs/reiserfs/prints.c:362! invalid operand: 0000 [#1] CPU: 0 EIP: 0060:[<c019782f>] Not tainted VLI EFLAGS: 00010286 (2.6.11.10-endy) EIP is at reiserfs_panic+0x4f/0x80 eax: 0000004d ebx: c02be9bf ecx: 00000001 edx: c02eecac esi: 00000000 edi: 00000140 ebp: cfc65864 esp: cfc6584c ds: 007b es: 007b ss: 0068 Process pure-ftpd (pid: 2473, threadinfo=cfc64000 task=f34bda40) Stack: c02c3ee0 c02be9bf c03b3580 00000fb8 ef34a0c4 00000001 cfc6588c c01a993f 00000000 c02c6ac0 00000fb8 00000001 00010000 00000000 ef34a01c 00000000 cfc658e0 c0190233 ef34a01c 00000fd0 00000000 00000000 00000000 cfc658e0 Call Trace: [<c010282f>] show_stack+0x7f/0xa0 [<c01029d1>] show_registers+0x151/0x1c0 [<c0102bc8>] die+0xc8/0x150 [<c010307c>] do_invalid_op+0xbc/0xd0 [<c01024bb>] error_code+0x2b/0x30 [<c01a993f>] direntry_check_left+0x8f/0x90 [<c0190233>] get_num_ver+0x303/0x350 [<c01912dc>] ip_check_balance+0x3ec/0xbb0 [<c0192bcb>] fix_nodes+0x15b/0x420 [<c019fdbf>] reiserfs_cut_from_item+0x10f/0x5f0 [<c01a0638>] reiserfs_do_truncate+0x2e8/0x610 [<c019f7bf>] reiserfs_delete_object+0x3f/0x80 [<c018633c>] reiserfs_delete_inode+0x8c/0x110 [<c015ed55>] generic_delete_inode+0x95/0x130 [<c015ef96>] iput+0x56/0x80 [<c018992a>] reiserfs_new_inode+0x13a/0x740 [<c0184787>] reiserfs_create+0x97/0x1b0 [<c0153ddf>] vfs_create+0x9f/0x120 [<c01546c9>] open_namei+0x5d9/0x630 [<c0144b8c>] filp_open+0x3c/0x60 [<c0144ea6>] sys_open+0x46/0x90 [<c0102313>] syscall_call+0x7/0xb Code: 01 00 00 89 04 24 e8 31 fd ff ff c7 04 24 e0 3e 2c c0 85 f6 89 d8 0f 45 c7 ba 80 35 3b c0 8954 24 08 89 44 24 04 e8 f1 a9 f7 ff <0f> 0b 6a 01 02 ef 2b c0 c7 04 24 20 3f 2c c0 85 f6 b9 80 35 3b
Could you please retest 2.6.13-rc4? Thanks.
Hi, I retried with 2.6.13-rc4, but it doesnt seems to solve my problem. Here's the new panic: ------------[ cut here ]------------ kernel BUG at fs/reiserfs/prints.c:362! invalid operand: 0000 [#1] CPU: 0 EIP: 0060:[<c019ae2f>] Not tainted VLI EFLAGS: 00010296 (2.6.13-rc4-endy) EIP is at reiserfs_panic+0x4f/0x80 eax: 00000053 ebx: c02b8fde ecx: 00000000 edx: c02dfdac esi: 00000000 edi: 00000140 ebp: e75b383c esp: e75b3824 ds: 007b es: 007b ss: 0068 Process pure-ftpd (pid: 12771, threadinfo=e75b2000 task=f091d530) Stack: c02bd610 c02b8fde c03acdc0 00000fa0 c0971154 00000002 e75b3864 c01ac75f 00000000 c02bf89c 00000fa0 00000002 00020000 00000000 c097101c 00000000 e75b38b8 c01939d3 c097101c 00000fd0 00000000 00000000 00000000 00000000 Call Trace: [<c0102e5f>] show_stack+0x7f/0xa0 [<c0103002>] show_registers+0x152/0x1c0 [<c01031f8>] die+0xc8/0x140 [<c0103325>] do_trap+0xb5/0xc0 [<c010366c>] do_invalid_op+0xbc/0xd0 [<c0102aa3>] error_code+0x4f/0x54 [<c01ac75f>] direntry_check_left+0x8f/0x90 [<c01939d3>] get_num_ver+0x303/0x350 [<c01949ac>] ip_check_balance+0x3dc/0xbc0 [<c0195948>] check_balance+0x58/0x70 [<c019623b>] fix_nodes+0x15b/0x420 [<c01a2daf>] reiserfs_cut_from_item+0x10f/0x570 [<c01a359b>] reiserfs_do_truncate+0x2db/0x5e0 [<c01a282f>] reiserfs_delete_object+0x3f/0x80 [<c0189baf>] reiserfs_delete_inode+0xaf/0x150 [<c0161835>] generic_delete_inode+0x95/0x130 [<c0161a18>] generic_drop_inode+0x18/0x30 [<c0161a86>] iput+0x56/0x80 [<c018d07d>] reiserfs_new_inode+0x16d/0x7e0 [<c0187d31>] reiserfs_create+0xc1/0x1f0 [<c0156a4f>] vfs_create+0x9f/0x120 [<c015732c>] open_namei+0x5cc/0x620 [<c0146eac>] filp_open+0x3c/0x60 [<c01471c5>] sys_open+0x55/0x90 [<c0102889>] syscall_call+0x7/0xb Code: 01 00 00 89 04 24 e8 31 fd ff ff c7 04 24 10 d6 2b c0 85 f6 89 d8 0f 45 c7 ba c0 cd 3a c0 89 54 24 08 89 44 24 04 e8 21 80 f7 ff <0f> 0b 6a 01 2f 95 2b c0 c7 04 24 34 d6 2b c0 85 f6 be c0 cd 3 a Badness in do_exit at kernel/exit.c:787 [<c0102e9e>] dump_stack+0x1e/0x30 [<c0114fdc>] do_exit+0x2ec/0x300 [<c010326f>] die+0x13f/0x140 [<c0103325>] do_trap+0xb5/0xc0 [<c010366c>] do_invalid_op+0xbc/0xd0 [<c0102aa3>] error_code+0x4f/0x54 [<c01ac75f>] direntry_check_left+0x8f/0x90 [<c01939d3>] get_num_ver+0x303/0x350 [<c01949ac>] ip_check_balance+0x3dc/0xbc0 [<c0195948>] check_balance+0x58/0x70 [<c019623b>] fix_nodes+0x15b/0x420 [<c01a2daf>] reiserfs_cut_from_item+0x10f/0x570 [<c01a359b>] reiserfs_do_truncate+0x2db/0x5e0 [<c01a282f>] reiserfs_delete_object+0x3f/0x80 [<c0189baf>] reiserfs_delete_inode+0xaf/0x150 [<c0161835>] generic_delete_inode+0x95/0x130 [<c0161a18>] generic_drop_inode+0x18/0x30 [<c0161a86>] iput+0x56/0x80 [<c018d07d>] reiserfs_new_inode+0x16d/0x7e0 [<c0187d31>] reiserfs_create+0xc1/0x1f0 [<c0156a4f>] vfs_create+0x9f/0x120 [<c015732c>] open_namei+0x5cc/0x620 [<c0146eac>] filp_open+0x3c/0x60 [<c01471c5>] sys_open+0x55/0x90 [<c0102889>] syscall_call+0x7/0xb
I seems to me like the following is happening: we are trying to create new inode - it fails (probably ENOSPC or EDQUOT). We try to undo what we've done. reiserfs_delete_inode() expects inode to be marked I_NEW if it is not fully initialized but neither new_inode() nor new_inode_init() mark the inode as such... I'll attach completely untested patch against 2.6.13-rc6. I'll get into testing it hopefully tomorrow...
Created attachment 5549 [details] Patch hopefully fixing the bug - mark inode I_NEW when it's created
Created attachment 5580 [details] Patch fixing the above oops So I've looked so more into the problem. I've rewritten the patch as setting I_NEW should use inode_lock and furthermore ReiserFS does not clear the flag... In the new patch we just initialize objectid to 0 which should be enough to make delete_inode() ignore the inode.
PS: I've tested the patch and I'm not able to reproduce the oops any more.
bugme-daemon@kernel-bugs.osdl.org wrote: > > http://bugzilla.kernel.org/show_bug.cgi?id=4771 > > > > > > ------- Additional Comments From jack@suse.cz 2005-08-10 05:51 ------- > PS: I've tested the patch and I'm not able to reproduce the oops any more. > > ------- You are receiving this mail because: ------- > You are on the CC list for the bug, or are watching someone who is. Jan, could you please send that patch through to Linus when you're happy with it, cc myself? I'll be mostly offline for the next four days. Thanks.
OK, if Gillaume won't report any problems with it and nobody objects till Friday, I'll send it to Linus.
The patch is in mainline. /me closes the bug since everybody is being too lazy ;)