[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#463508: marked as done (linux-image-2.6.22-3-686: nfs4 client crash on long filename)

Your message dated Sun, 3 Feb 2008 22:44:28 +0100
with message-id <20080203214428.GB3959@baikonur.stro.at>
and subject line Bug#463508: linux-image-2.6.22-3-686: nfs4 client crash on      long filename
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: linux-image-2.6.22-3-686
Severity: grave

This program run within an nfs4 mount causes the kernel to crash.


Program:
#include <unistd.h>

int main()
{
        return access(
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        "AAAAAAAAAABBBBBBBBBBCCCCCCCCCC"
        ,0);
}

Crash message:
RESERVE_SPACE(608) failed in function encode_lookup
------------[ cut here ]------------
kernel BUG at fs/nfs/nfs4xdr.c:849!
invalid opcode: 0000 [#1]
SMP
Modules linked in: binfmt_misc ocfs2_dlmfs ocfs2_dlm ocfs2_nodemanager
configfs nfs lockd nfs_acl sunrpc ipv6 dm_snapshot dm_mirror dm_mod
ip_vs sd_mod psmouse ide_cd cdrom i2c_i801 e7xxx_edac edac_mc i2c_core
shpchp pci_hotplug iTCO_wdt parport_pc parport evdev rtc pcspkr ext3 jbd
mbcache raid1 md_mod ide_disk ata_generic libata piix e1000 aic79xx
scsi_transport_spi scsi_mod generic ide_core uhci_hcd floppy usbcore
thermal processor fan
CPU:    0
EIP:    0060:[<f8ce3099>]    Not tainted VLI
EFLAGS: 00010296   (2.6.22-3-686 #1)
EIP is at encode_lookup+0x33/0x5a [nfs]
eax: 00000037   ebx: 00000258   ecx: 00000086   edx: 00000000
esi: 00000260   edi: eb369d0c   ebp: f728f300   esp: ee115ba4
ds: 007b   es: 007b   fs: 00d8  gs: 0033  ss: 0068
Process testengine (pid: 5174, ti=ee114000 task=f75c9a50
task.ti=ee114000)
Stack: f8cee730 00000260 f8ceaff6 ee3d0068 ee115cb8 ee115bd0 f8ce43fd
00000000
       00000004 00000000 00000000 ee3d008c f728f304 ee3d0234 f728f304
00000000
       f6828c80 f728f300 f8ce43ad f8c62ebd f8c62f62 f8c5f8f2 00000000
ee115c38
Call Trace:
 [<f8ce43fd>] nfs4_xdr_enc_lookup+0x50/0x71 [nfs]
 [<f8ce43ad>] nfs4_xdr_enc_lookup+0x0/0x71 [nfs]
 [<f8c62ebd>] rpcauth_wrap_req+0x6c/0x74 [sunrpc]
 [<f8c62f62>] rpcauth_marshcred+0x4b/0x52 [sunrpc]
 [<f8c5f8f2>] xprt_prepare_transmit+0x78/0x81 [sunrpc]
 [<f8c5d427>] call_transmit+0x1a4/0x207 [sunrpc]
 [<f8c5d172>] call_reserve+0x3c/0x65 [sunrpc]
 [<f8ce43ad>] nfs4_xdr_enc_lookup+0x0/0x71 [nfs]
 [<f8c623a5>] __rpc_execute+0x78/0x22e [sunrpc]
 [<f8c61a17>] rpc_set_active+0x1c/0x58 [sunrpc]
 [<f8c5db4b>] rpc_call_sync+0x6f/0x91 [sunrpc]
 [<f8cdda4c>] nfs4_proc_lookup+0xdb/0x264 [nfs]
 [<c0102f7d>] __switch_to+0xa3/0x126
 [<f8ccb48e>] nfs_lookup+0xdf/0x243 [nfs]
 [<f8c62e49>] rpcauth_unwrap_resp+0x6c/0x74 [sunrpc]
 [<f8c62f10>] rpcauth_checkverf+0x4b/0x52 [sunrpc]
 [<c02a4298>] __wait_on_bit+0x50/0x58
 [<f8c61ea2>] rpc_wait_bit_interruptible+0x0/0x1f [sunrpc]
 [<c011c349>] __wake_up+0x32/0x43
 [<f8c5dd5f>] rpc_release_client+0x4c/0x62 [sunrpc]
 [<c012b02d>] recalc_sigpending+0xb/0x1d
 [<f8c63117>] rpcauth_lookupcred+0x65/0x8a [sunrpc]
 [<f8ccbc9c>] nfs_access_get_cached+0x1c/0xed [nfs]
 [<f8ccbefe>] nfs_permission+0x191/0x19d [nfs]
 [<c01780bb>] dput+0x15/0xdc
 [<f8ccd2a5>] nfs_atomic_lookup+0x48/0x14b [nfs]
 [<c0178e24>] d_alloc+0x138/0x17b
 [<c01700be>] do_lookup+0xa3/0x140
 [<c0171d5c>] __link_path_walk+0x7d8/0xc2d
 [<f8c6035f>] xs_sendpages+0x76/0x1c1 [sunrpc]
 [<c012a943>] lock_timer_base+0x19/0x35
 [<c015506e>] activate_page+0x81/0xa7
 [<c01721f5>] link_path_walk+0x44/0xb3
 [<c01780e2>] dput+0x3c/0xdc
 [<c017c20c>] mntput_no_expire+0x11/0x6a
 [<c01724d5>] do_path_lookup+0x15a/0x175
 [<c01712c5>] getname+0x59/0x8f
 [<c0172c8f>] __user_walk_fd+0x2f/0x45
 [<c0169173>] sys_faccessat+0x9c/0x133
 [<c01780e2>] dput+0x3c/0xdc
 [<c017c20c>] mntput_no_expire+0x11/0x6a
 [<c0169229>] sys_access+0x1f/0x23
 [<c0103d86>] syscall_call+0x7/0xb
 [<c02a0000>] atm_dev_ioctl+0x4b5/0x567
 =======================
Code: 8b 5a 04 8d 73 08 89 f2 e8 46 68 f8 ff 85 c0 89 c2 75 1c 89 74 24
04 c7 44 24 08 f6 af ce f8 c7 04 24 30 e7 ce f8 e8 2c 06 44 c7 <0f> 0b
eb fe c7 00 00 00 00 0f 89 d8 89 d9 0f c8 89 42 04 8d 42
EIP: [<f8ce3099>] encode_lookup+0x33/0x5a [nfs] SS:ESP 0068:ee115ba4

-- System Information:
Debian Release: lenny
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.22-3-686
Locale: LANG=en_NZ, LC_CTYPE=en_NZ (charmap=ISO-8859-1)

--- End Message ---
--- Begin Message --- 
On Mon, Feb 04, 2008 at 10:21:28AM +1300, Andrew Dixie wrote:
> > please against 2.6.24 found in unstable.
> > nfsd had some updates since.
> 
> The problem is fixed in 2.6.24-1.
> 
> Thanks.

thanks for feedback, closing.

--- End Message ---
Reply to: