Bug 6086 - kernel BUG at fs/cifs/cifs_dfs_ref.c:315!
Summary: kernel BUG at fs/cifs/cifs_dfs_ref.c:315!
Alias: None
Product: CifsVFS
Classification: Unclassified
Component: kernel fs (show other bugs)
Version: 2.6
Hardware: x86 Linux
: P3 major
Target Milestone: ---
Assignee: Steve French
QA Contact:
Depends on:
Reported: 2009-02-04 06:26 UTC by Patrik Graeser
Modified: 2009-02-18 23:22 UTC (History)
0 users

See Also:

Fix for DFS oops (4.22 KB, text/x-diff)
2009-02-10 12:06 UTC, Steve French
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Patrik Graeser 2009-02-04 06:26:27 UTC
This might be related to or a duplicate of bug 5861

~#uname -a
"Linux devel #1 SMP PREEMPT Tue Feb 3 18:20:05 CET 2009 i686 i686 i386 GNU/Linux"

Line 315 of fs/cifs/cifs_dfs_ref.c is "BUG_ON(IS_ROOT(dentry));" in "cifs_dfs_follow_mountpoint"

Remote server "Windows Server 2003 Standard Edition SP2".

It occurs after mounting of a user home-directory using //ip.to.server/share_name/username on first access (ls).

------------[ cut here ]------------
kernel BUG at fs/cifs/cifs_dfs_ref.c:315!
invalid opcode: 0000 [#1] PREEMPT SMP
last sysfs file: /sys/block/sda/size
Modules linked in: nls_iso8859_1 cifs ipv6 iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables x_tables snd_ens1371 gameport snd_rawmidi snd_ac97_codec rtc_cmos rtc_core rtc_lib ac97_bus i2c_piix4 pcnet32 pcspkr intel_agp parport_pc parport i2c_core

Pid: 3168, comm: bash Not tainted ( #1) VMware Virtual Platform
EIP: 0060:[<e0b3d818>] EFLAGS: 00010246 CPU: 1
EIP is at cifs_dfs_follow_mountpoint+0x838/0x840 [cifs]
EAX: db048660 EBX: db048660 ECX: e0b53b40 EDX: de9f1f38
ESI: 00271d65 EDI: df86c004 EBP: de9f1e80 ESP: de9f1e14
 DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
Process bash (pid: 3168, ti=de9f0000 task=dfaf6080 task.ti=de9f0000)
 de9f1e1c c04ad520 de9f1e54 c01b9ad9 df7c5000 de9f1edc de9f1f38 de9f1e40
 c01b8f7c de990680 de9f1edc de9f1e4c de9f1e4c c04ad520 de9f1e70 c01bf0e4
 de9f1e5c dfb1c268 00271d65 dfb1c200 de9f1e80 00000000 00000000 de9f1e80
Call Trace:
 [<c04ad520>] ? _spin_unlock+0x10/0x30
 [<c01b9ad9>] ? __d_lookup+0xb9/0x140
 [<c01b8f7c>] ? dput+0x1c/0x120
 [<c04ad520>] ? _spin_unlock+0x10/0x30
 [<c01bf0e4>] ? mnt_drop_write+0x64/0x130
 [<c01b39d6>] ? __link_path_walk+0x876/0xcb0
 [<c012ae27>] ? flush_tlb_page+0x47/0xa0
 [<c01b3e4f>] ? path_walk+0x3f/0x90
 [<c01b3fc3>] ? do_path_lookup+0x73/0x180
 [<c01b49fa>] ? user_path_at+0x3a/0x70
 [<c0133487>] ? do_page_fault+0x1c7/0x680
 [<c01a96b4>] ? sys_chdir+0x24/0x80
 [<c011adad>] ? sysenter_do_call+0x12/0x21
Code: 84 5a ff ff ff 8b 55 a4 b9 01 00 00 00 8b 45 c4 e8 8e 1c 70 df 8b 45 c4 ba 27 dc b4 e0 e8 41 1c 70 df e9 28 ff ff ff 0f 0b eb fe <0f> 0b eb fe 0f 0b eb fe 55 89 e5 83 ec 04 f6 05 40 3e b5 e0 01
EIP: [<e0b3d818>] cifs_dfs_follow_mountpoint+0x838/0x840 [cifs] SS:ESP 0068:de9f1e14
---[ end trace 058b60772a98caf5 ]---
Comment 1 Steve French 2009-02-07 21:12:47 UTC
 There is a patch that fixes this on the linux-cifs-client mailing list which I am evaluating (may make minor changes) but which fixes this.
Comment 2 Steve French 2009-02-07 21:14:15 UTC
Also see bugzilla.kernel.org bug #12912
Comment 3 Steve French 2009-02-10 12:06:08 UTC
Created attachment 3932 [details]
Fix for DFS oops

Let us know if this fixes it.  Fix has been reviewed, and plan to push upstream to 2.6.29 if tests out ok
Comment 4 Steve French 2009-02-18 23:22:05 UTC
Fix will be in 2.6.29 kernels