From: Florin Iucha <florin@iucha.net>
To: Jens Axboe <axboe@kernel.dk>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: kernel NULL pointer dereference in blk_rq_map_sg with v2.6.23-6815-g0895e91
Date: Tue, 23 Oct 2007 07:46:37 -0500 [thread overview]
Message-ID: <20071023124637.GJ7918@iucha.net> (raw)
[-- Attachment #1: Type: text/plain, Size: 4525 bytes --]
Jens,
This is freshly after booting into this morning's kernel:
[ 60.656136] Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP:
[ 60.656143] [<ffffffff80375553>] blk_rq_map_sg+0x10d/0x17c
[ 60.656151] PGD 4640067 PUD 46d4067 PMD 0
[ 60.656154] Oops: 0000 [1] SMP
[ 60.656157] CPU 1
[ 60.656159] Modules linked in: sbp2 lp dvb_pll lgdt330x cx88_dvb cx88_vp3054_i2c videobuf_dvb tuner tea5767 td
a8290 tuner_simple mt20xx cx88_alsa cx8802 cx8800 cx88xx ir_common tveeprom videobuf_dma_sg videobuf_core btcx_ri
sc i2c_nforce2 evdev rtc forcedeth ehci_hcd fuse
[ 60.656176] Pid: 4250, comm: hald-probe-stor Not tainted 2.6.24-rc0-5 #1
[ 60.656178] RIP: 0010:[<ffffffff80375553>] [<ffffffff80375553>] blk_rq_map_sg+0x10d/0x17c
[ 60.656182] RSP: 0018:ffff810004791930 EFLAGS: 00010246
[ 60.656184] RAX: 000000000403b000 RBX: 0000000000001000 RCX: 6db6db6db6db6db7
[ 60.656187] RDX: 0000000000000000 RSI: ffff810001000000 RDI: 0000000005701000
[ 60.656189] RBP: ffff810004791968 R08: 0000000005700000 R09: ffff8100044aa060
[ 60.656191] R10: 0000000000000000 R11: ffff8100050dea00 R12: 0000000000002000
[ 60.656193] R13: ffff8100060d2700 R14: 0000000000000000 R15: ffffffff807f0000
[ 60.656196] FS: 00002b5da088e6e0(0000) GS:ffff810003011500(0000) knlGS:0000000000000000
[ 60.656198] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 60.656200] CR2: 0000000000000000 CR3: 0000000004568000 CR4: 00000000000006e0
[ 60.656202] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 60.656204] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 60.656207] Process hald-probe-stor (pid: 4250, threadinfo ffff810004790000, task ffff810006312000)
[ 60.656208] Stack: ffff81000607a000 0000000100000001 ffff8100040fa120 ffffffff807fe2c0
[ 60.656213] ffff81000607a000 ffff81000607a000 ffffffff807fe2c0 ffff8100047919a8
[ 60.656217] ffffffff8041bb58 ffff8100047919a8 ffff8100040fa120 ffffffff807fe2c0
[ 60.656220] Call Trace:
[ 60.656226] [<ffffffff8041bb58>] ide_map_sg+0x38/0xb0
[ 60.656231] [<ffffffff8042952b>] cdrom_start_read_continuation+0x0/0xb5
[ 60.656234] [<ffffffff80423806>] ide_build_sglist+0x38/0x88
[ 60.656238] [<ffffffff80423885>] ide_build_dmatable+0x2f/0x172
[ 60.656241] [<ffffffff804239fc>] ide_dma_setup+0x34/0xaa
[ 60.656245] [<ffffffff804277e5>] cdrom_start_packet_command+0x5a/0x177
[ 60.656249] [<ffffffff8037fac4>] cfq_dispatch_insert+0x38/0x50
[ 60.656253] [<ffffffff80428339>] ide_do_rw_cdrom+0x423/0x57c
[ 60.656257] [<ffffffff8041c56c>] ide_do_request+0x7a7/0xa74
[ 60.656263] [<ffffffff8023c097>] del_timer+0x52/0x5d
[ 60.656267] [<ffffffff8025d343>] sync_page+0x0/0x45
[ 60.656269] [<ffffffff8041cba0>] do_ide_request+0x1b/0x1d
[ 60.656273] [<ffffffff803778a7>] __generic_unplug_device+0x28/0x2c
[ 60.656276] [<ffffffff80377c6e>] generic_unplug_device+0x20/0x31
[ 60.656279] [<ffffffff803751b1>] blk_backing_dev_unplug+0x16/0x18
[ 60.656283] [<ffffffff8029decc>] block_sync_page+0x42/0x44
[ 60.656285] [<ffffffff8025d37f>] sync_page+0x3c/0x45
[ 60.656290] [<ffffffff805589b8>] __wait_on_bit_lock+0x42/0x79
[ 60.656294] [<ffffffff8025d32f>] __lock_page+0x64/0x6b
[ 60.656298] [<ffffffff8024664b>] wake_bit_function+0x0/0x2a
[ 60.656301] [<ffffffff8025da95>] do_generic_mapping_read+0x1da/0x383
[ 60.656304] [<ffffffff8025d08d>] file_read_actor+0x0/0x137
[ 60.656309] [<ffffffff8025f1af>] generic_file_aio_read+0x11e/0x15d
[ 60.656315] [<ffffffff8027ee59>] do_sync_read+0xe2/0x126
[ 60.656318] [<ffffffff8026b15a>] handle_mm_fault+0x62e/0x65e
[ 60.656324] [<ffffffff80386fcc>] __up_read+0x8f/0x97
[ 60.656327] [<ffffffff80246613>] autoremove_wake_function+0x0/0x38
[ 60.656331] [<ffffffff80559233>] __mutex_lock_slowpath+0x22f/0x23c
[ 60.656337] [<ffffffff8027f5f0>] vfs_read+0xab/0x134
[ 60.656341] [<ffffffff8027f9b5>] sys_read+0x47/0x6f
[ 60.656345] [<ffffffff8020b77e>] system_call+0x7e/0x83
[ 60.656349]
[ 60.656350]
[ 60.656350] Code: 49 8b 02 41 c7 42 18 00 00 00 00 49 c7 42 10 00 00 00 00 83
[ 60.656359] RIP [<ffffffff80375553>] blk_rq_map_sg+0x10d/0x17c
[ 60.656362] RSP <ffff810004791930>
[ 60.656363] CR2: 0000000000000000
Platform is AMD64 and the userspace is Ubuntu 7/10 Gutsy Gibbon.
florin
--
Bruce Schneier expects the Spanish Inquisition.
http://geekz.co.uk/schneierfacts/fact/163
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]
next reply other threads:[~2007-10-23 12:55 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-10-23 12:46 Florin Iucha [this message]
2007-10-23 12:47 ` kernel NULL pointer dereference in blk_rq_map_sg with v2.6.23-6815-g0895e91 Jens Axboe
2007-10-23 14:28 ` Jean Delvare
2007-10-23 18:45 ` Jens Axboe
2007-10-23 12:50 ` Florin Iucha
2007-10-23 12:53 ` Jens Axboe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071023124637.GJ7918@iucha.net \
--to=florin@iucha.net \
--cc=axboe@kernel.dk \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.