https://bugzilla.novell.com/show_bug.cgi?id=216956 Summary: Kernel oops when mounting ReiserFS on readonly media Product: openSUSE 10.2 Version: Beta 1 Platform: x86-64 OS/Version: SuSE Other Status: NEW Severity: Minor Priority: P5 - None Component: Kernel AssignedTo: kernel-maintainers@forge.provo.novell.com ReportedBy: lpechacek@novell.com QAContact: qa@suse.de When playing with reproduction of bug #213561 we have hit the following oops: ReiserFS: loop0: found reiserfs format "3.6" with standard journal ReiserFS: loop0: using ordered data mode reiserfs: using flush barriers ReiserFS: loop0: journal params: device loop0, size 8192, journal first block 18, max trans len 1024, max batch 900, max commit age 30, max trans age 30 ReiserFS: loop0: checking transaction log (loop0) ReiserFS: loop0: warning: clm-2076: device is readonly, unable to replay log ReiserFS: loop0: warning: Replay Failure, unable to mount ReiserFS: loop0: warning: sh-2022: reiserfs_fill_super: unable to initialize journal space Unable to handle kernel NULL pointer dereference at 0000000000000010 RIP: [<ffffffff802cd33b>] do_add_mount+0x82/0x13a PGD 31917067 PUD 3589b067 PMD 0 Oops: 0000 [1] SMP last sysfs file: /devices/pci0000:00/0000:00:0d.0/subsystem_device CPU 0 Modules linked in: reiserfs xt_pkttype ipt_LOG xt_limit snd_pcm_oss snd_mixer_oss snd_seq af_packet button battery ac cpufreq_conservative cpufreq_ondemand cpufreq_userspace cpufreq_powersave powernow_k8 freq_table ip6t_REJECT xt_tcpudp ipt_REJECT xt_state iptable_mangle iptable_nat ip_nat iptable_filter ip6table_mangle ip_conntrack nfnetlink ip_tables ip6table_filter ip6_tables x_tables ipv6 loop usbhid usb_storage dm_mod shpchp ehci_hcd ide_cd cdrom uhci_hcd pci_hotplug i2c_viapro i2c_core usbcore snd_via82xx gameport floppy snd_ac97_codec snd_ac97_bus snd_pcm snd_timer snd_page_alloc snd_mpu401_uart r8169 snd_rawmidi snd_seq_device snd soundcore parport_pc lp parport apparmor aamatch_pcre ext3 mbcache jbd edd fan sg via82cxxx sata_via libata thermal processor sd_mod scsi_mod ide_disk ide_core Pid: 4153, comm: mount Tainted: G U 2.6.18.1-7-default #1 RIP: 0010:[<ffffffff802cd33b>] [<ffffffff802cd33b>] do_add_mount+0x82/0x13a RSP: 0018:ffff81002c2b9c68 EFLAGS: 00010206 RAX: 0000000000000000 RBX: ffff81002c2b9e58 RCX: 00000000c0000100 RDX: ffff81002c642c00 RSI: 0000000000000000 RDI: ffffffff805958d4 RBP: ffff81003e452bc0 R08: ffff81002c2b8000 R09: 00000000006144df R10: 0000000000000000 R11: ffffffff8024be65 R12: 0000000000000000 R13: ffff8100324d0000 R14: 0000000000000000 R15: 0000000000000000 FS: 00002b5847568b00(0000) GS:ffffffff805b9000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b CR2: 0000000000000010 CR3: 000000002dfe7000 CR4: 00000000000006e0 Process mount (pid: 4153, threadinfo ffff81002c2b8000, task ffff81003e772080) Stack: 0000000000000001 000000003e452bc0 0000000000000000 ffff8100324d0000 0000000000000001 ffffffff802ce3c9 ffff81002c2b9e48 ffff810034f51000 ffff81002c2b9cc8 000000013ad893e0 0000000e0cf68720 ffff81003dfc6006 Call Trace: [<ffffffff802ce3c9>] do_mount+0x6ab/0x6fc [<ffffffff802481c1>] sys_mount+0x8a/0xcd [<ffffffff8025800e>] system_call+0x7e/0x83 DWARF2 unwinder stuck at system_call+0x7e/0x83 Leftover inexact backtrace: Code: 48 8b 40 10 0f b7 40 4c 25 00 f0 00 00 3d 00 a0 00 00 0f 84 RIP [<ffffffff802cd33b>] do_add_mount+0x82/0x13a RSP <ffff81002c2b9c68> CR2: 0000000000000010 How to reproduce: dhcp42:~ # dd if=/dev/zero of=/tmp/rfs.img bs=4k count=10000 10000+0 records in 10000+0 records out 40960000 bytes (41 MB) copied, 0.695428 s, 58.9 MB/s dhcp42:~ # mkreiserfs -f /tmp/rfs.img mkreiserfs 3.6.19 (2003 www.namesys.com) A pair of credits: Elena Gryaznova performed testing and benchmarking. Hans Reiser was the project initiator, source of all funding for the first 5.5 years. He is the architect and official maintainer. /tmp/rfs.img is not a block special device Continue (y/n):y Guessing about desired format.. Kernel 2.6.18.1-7-default is running. Format 3.6 with standard journal Count of blocks on the device: 10000 Number of blocks consumed by mkreiserfs formatting process: 8212 Blocksize: 4096 Hash function used to sort names: "r5" Journal Size 8193 blocks (first block 18) Journal Max transaction length 1024 inode generation number: 0 UUID: 7803ff63-d227-4e2c-b519-06a24cf0522c Initializing journal - 0%....20%....40%....60%....80%....100% Syncing..ok ReiserFS is successfully created on /tmp/rfs.img. dhcp42:~ # losetup -r /dev/loop0 /tmp/rfs.img dhcp42:~ # mount -r /dev/loop0 /mnt/ Killed dhcp42:~ # dmesg # shows the above oops... dhcp42:~ # cat /proc/mounts # hangs in uninterruptible sleep -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.