[patch 0/3] reiser4 fixups - Edward Shishkin

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Edward Shishkin <edward@namesys.com>
To: Andrew Morton <akpm@linux-foundation.org>, Zan Lynx <zlynx@acm.org>
Cc: ReiserFS Mailing List <reiserfs-devel@vger.kernel.org>,
	Linux kernel mailing list <linux-kernel@vger.kernel.org>
Subject: [patch 0/3] reiser4 fixups
Date: Mon, 16 Jul 2007 22:50:47 +0400	[thread overview]
Message-ID: <469BBE07.2010606@namesys.com> (raw)
In-Reply-To: <1184344914.468943.3.camel@localhost>

Zan Lynx wrote:
...

>Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: 
> [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
>PGD 17594067 PUD d025067 PMD 0 
>Oops: 0000 [1] PREEMPT SMP 
>CPU 0 
>Modules linked in: nls_iso8859_1 isofs nls_base snd_pcm_oss snd_mixer_oss netconsole ipv6 usbhid hid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer psmouse serio_raw evdev snd snd_page_alloc ohci_hcd ehci_hcd usbcore sg
>Pid: 469720, comm: rhythmbox Not tainted 2.6.22-rc6-mm1 #4
>RIP: 0010:[<ffffffff8033d324>]  [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
>RSP: 0018:ffff81000ba03940  EFLAGS: 00010296
>RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000c
>RDX: 0000000000000559 RSI: 0000000000000000 RDI: ffff810001433a88
>RBP: ffff810001433a88 R08: 0000000000000000 R09: 0000000000000001
>R10: 0000000000000000 R11: ffffffff8035a350 R12: ffff810001433a88
>R13: ffff81000ba03a90 R14: ffff8100125e0224 R15: ffff8100125e0224
>FS:  0000000043806940(0063) GS:ffffffff8075b000(0000) knlGS:00000000f7cd76b0
>CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>CR2: 0000000000000000 CR3: 0000000004b9e000 CR4: 00000000000006e0
>DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
>Process rhythmbox (pid: 469720, threadinfo ffff81000ba02000, task ffff810013c4edd0)
>Stack:  ffffffff8032649a ffff81000ba03a90 0000000000000000 ffff810001433a88
> ffff81000ba03a58 ffff81000ba03a90 ffff8100125e0224 ffff8100125e0224
> ffffffff8034db75 ffff810000000002 ffff810000000002 ffff810000000002
>Call Trace:
> [<ffffffff8032649a>] jnode_of_page+0x2a/0x2c0
> [<ffffffff8034db75>] uf_readpages_filler+0x235/0x300
> [<ffffffff8034d940>] uf_readpages_filler+0x0/0x300
> [<ffffffff8028a586>] read_cache_pages+0x96/0xc0
> [<ffffffff8034dc96>] readpages_unix_file+0x56/0xc0
> [<ffffffff8028a381>] __do_page_cache_readahead+0x1e1/0x2c0
> [<ffffffff8028a66b>] ondemand_readahead+0xbb/0x120
> [<ffffffff80282bc6>] do_generic_mapping_read+0x1b6/0x4b0
> [<ffffffff80281fb0>] file_read_actor+0x0/0x1b0
> [<ffffffff80284f46>] generic_file_aio_read+0x106/0x1c0
> [<ffffffff802ad019>] do_sync_read+0xd9/0x120
> [<ffffffff802a723b>] check_bytes_and_report+0x4b/0x100
> [<ffffffff802a7704>] check_object+0x224/0x260
> [<ffffffff80254580>] autoremove_wake_function+0x0/0x30
> [<ffffffff8052e669>] _spin_unlock+0x29/0x50
> [<ffffffff80330e2c>] reiser4_grab+0x8c/0xd0
> [<ffffffff8034cf9f>] read_unix_file+0x49f/0x4c0
> [<ffffffff802ad995>] vfs_read+0xc5/0x180
> [<ffffffff802ade93>] sys_read+0x53/0x90
> [<ffffffff8020c1de>] system_call+0x7e/0x83
>
>  
>

This is bug in Zam's new file_read: unlocked page was reclaimed,
then reiser4_tree_by_page() looks at page->mapping->host.
The patch #3 fixes this problem.

Andrew, please apply the following series.

Thanks,
Edward.

>INFO: lockdep is turned off.
>
>Code: 48 8b 00 48 8b 80 d0 01 00 00 48 8b 80 18 04 00 00 48 83 c0 
>RIP  [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
> RSP <ffff81000ba03940>
>CR2: 0000000000000000
>  
>

next prev parent reply	other threads:[~2007-07-16 18:50 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-07-10 18:03 2.6.22-rc6-mm1 reiser4_tree_by_page NULL pointer Zan Lynx
2007-07-11 18:39 ` Edward Shishkin
2007-07-12 20:31   ` Zan Lynx
2007-07-13 16:41     ` Zan Lynx
2007-07-16 18:50       ` Edward Shishkin [this message]
2007-07-17 16:24         ` [patch 0/3] reiser4 fixups Zan Lynx

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=469BBE07.2010606@namesys.com \
    --to=edward@namesys.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=reiserfs-devel@vger.kernel.org \
    --cc=zlynx@acm.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.