From: Jan Blunck <jblunck@suse.de>
To: mingo@redhat.com
Cc: Linux-Kernel Mailinglist <linux-kernel@vger.kernel.org>,
Andrew Morton <akpm@osdl.org>
Subject: kernel NULL pointer dereference in check_spread+0x0/0x26
Date: Fri, 12 Oct 2007 14:40:54 +0200 [thread overview]
Message-ID: <20071012124054.GD8471@hasse.suse.de> (raw)
This is with 2.6.23-mm1 and allmodconfig.
Seems that se in the following is a NULL pointer.
453 static void check_spread(struct cfs_rq *cfs_rq, struct
sched_entity *se)
454 {
455 #ifdef CONFIG_SCHED_DEBUG
456 s64 d = se->vruntime - cfs_rq->min_vruntime;
457
458 if (d < 0)
459 d = -d;
Cheers,
Jan
--
[ 1.344000] Unable to handle kernel NULL pointer dereference at 0000000000000040 RIP:
[ 1.348000] [<ffffffff8022dd7d>] check_spread+0x0/0x26
[ 1.356000] PGD 0
[ 1.360000] Oops: 0000 [1] SMP
[ 1.364000] last sysfs file:
[ 1.368000] CPU 1
[ 1.368000] Modules linked in:
[ 1.372000] Pid: 2, comm: kthreadd Not tainted 2.6.23-mm1-jbl-gab69b1c9 #4
[ 1.380000] RIP: 0010:[<ffffffff8022dd7d>] [<ffffffff8022dd7d>] check_spread+0x0/0x26
[ 1.388000] RSP: 0018:ffff810005753d58 EFLAGS: 00010083
[ 1.392000] RAX: 0000000000001908 RBX: ffff81008006b900 RCX: 0000000000000c31
[ 1.400000] RDX: 0000000003938700 RSI: 0000000000000000 RDI: ffff81008006b900
[ 1.408000] RBP: ffff810005753d90 R08: ffff810005753d40 R09: ffff8100800d0798
[ 1.416000] R10: ffffffffffffffff R11: 0000000000000001 R12: ffff810005c12000
[ 1.424000] R13: ffff810005c12048 R14: 0000000000000000 R15: 0000000000000001
[ 1.428000] FS: 0000000000000000(0000) GS:ffff810005401960(0000) knlGS:0000000000000000
[ 1.440000] CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b
[ 1.444000] CR2: 0000000000000040 CR3: 0000000000201000 CR4: 00000000000006e0
[ 1.452000] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1.460000] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1.468000] Process kthreadd (pid: 2, threadinfo ffff810005752000, task ffff810005750000)
[ 1.476000] last branch before last exception/interrupt
[ 1.480000] from [<ffffffff802363f2>] task_new_fair+0xd0/0x111
[ 1.488000] to [<ffffffff8022dd7d>] check_spread+0x0/0x26
[ 1.492000] Stack: ffffffff802363f7 ffff8100800d0780 ffff8100800d0780 ffff810005c12000
[ 1.500000] 000000000000000f 0000000000000000 0000000000000000 ffff810005753dc0
[ 1.508000] ffffffff80236cf1 0000000000800711 0000000000000286 ffff810005c12000
[ 1.516000] Call Trace:
[ 1.520000] [<ffffffff802363f7>] task_new_fair+0xd5/0x111
[ 1.524000] [<ffffffff80236cf1>] wake_up_new_task+0x84/0xb8
[ 1.532000] [<ffffffff802395be>] do_fork+0x186/0x286
[ 1.536000] [<ffffffff8025e101>] __lock_acquire+0xe4b/0xf40
[ 1.544000] [<ffffffff8020d021>] kernel_thread+0x81/0xde
[ 1.548000] [<ffffffff8024fc72>] kthread+0x0/0x76
[ 1.552000] [<ffffffff8020d07e>] child_rip+0x0/0x12
[ 1.560000] [<ffffffff8024fad1>] kthreadd+0xcd/0x143
[ 1.564000] [<ffffffff8020d088>] child_rip+0xa/0x12
[ 1.568000] [<ffffffff8020c79c>] restore_args+0x0/0x30
[ 1.576000] [<ffffffff802a9bea>] __mpol_free+0x3b/0x40
[ 1.580000] [<ffffffff8024fa04>] kthreadd+0x0/0x143
[ 1.584000] [<ffffffff8020d07e>] child_rip+0x0/0x12
[ 1.592000]
[ 1.592000] INFO: lockdep is turned off.
[ 1.596000]
[ 1.596000] Code: 48 8b 46 40 48 2b 47 20 55 48 89 e5 48 99 48 31 d0 48 29 d0
[ 1.604000] RIP [<ffffffff8022dd7d>] check_spread+0x0/0x26
[ 1.612000] RSP <ffff810005753d58>
[ 1.616000] CR2: 0000000000000040
[ 1.620000] kthreadd used greatest stack depth: 5512 bytes left
[ 36.348000] BUG: spinlock lockup on CPU#2, swapper/0, ffff8100800d0780
[ 36.356000]
[ 36.356000] Call Trace:
[ 36.360000] <IRQ> [<ffffffff80357e07>] _raw_spin_lock+0x126/0x14e
[ 36.368000] [<ffffffff80449e5f>] _spin_lock+0x46/0x53
[ 36.372000] [<ffffffff80235547>] scheduler_tick+0x42/0x1d8
[ 36.376000] [<ffffffff80244684>] update_process_times+0x82/0x92
[ 36.384000] [<ffffffff80257bd6>] tick_periodic+0x6e/0x7a
[ 36.388000] [<ffffffff80257c03>] tick_handle_periodic+0x21/0x5e
[ 36.396000] [<ffffffff8020b244>] default_idle+0x0/0x64
[ 36.400000] [<ffffffff8021d226>] smp_local_timer_interrupt+0x5a/0x5e
[ 36.408000] [<ffffffff8021d83e>] smp_apic_timer_interrupt+0x3a/0x54
[ 36.416000] [<ffffffff8020b244>] default_idle+0x0/0x64
[ 36.420000] [<ffffffff8020ceab>] apic_timer_interrupt+0x6b/0x70
[ 36.428000] <EOI> [<ffffffff8020b28e>] default_idle+0x4a/0x64
[ 36.432000] [<ffffffff8020b28c>] default_idle+0x48/0x64
[ 36.440000] [<ffffffff8020b365>] cpu_idle+0xbd/0xf8
[ 36.444000] [<ffffffff8021cd77>] start_secondary+0x3d6/0x3e7
[ 36.448000]
[ 36.452000] INFO: lockdep is turned off.
next reply other threads:[~2007-10-12 12:41 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-12 12:40 Jan Blunck [this message]
2007-10-12 14:46 ` kernel NULL pointer dereference in check_spread+0x0/0x26 Frederik Deweerdt
2007-10-12 15:31 ` Jan Blunck
2007-10-12 16:42 ` Frederik Deweerdt
2007-10-13 3:36 ` Mike Galbraith
2007-10-16 7:38 ` Mike Galbraith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071012124054.GD8471@hasse.suse.de \
--to=jblunck@suse.de \
--cc=akpm@osdl.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.