Re: [Bugme-new] [Bug 40832] New: NULL pointer deref in sync_inodes_sb

[Andrew Morton <akpm@linux-foundation.org>]

(switched to email.  Please respond via emailed reply-to-all, not via the
bugzilla web interface).

On Wed, 10 Aug 2011 11:39:33 GMT
bugzilla-daemon@bugzilla.kernel.org wrote:

> https://bugzilla.kernel.org/show_bug.cgi?id=40832
> 
>            Summary: NULL pointer deref in sync_inodes_sb
>            Product: IO/Storage
>            Version: 2.5
>           Platform: All
>         OS/Version: Linux
>               Tree: Mainline
>             Status: NEW
>           Severity: high
>           Priority: P1
>          Component: Block Layer
>         AssignedTo: axboe@kernel.dk
>         ReportedBy: brian@interlinx.bc.ca
>         Regression: No
> 
> 
> Created an attachment (id=68322)
>  --> (https://bugzilla.kernel.org/attachment.cgi?id=68322)
> photograph of Oops on console
> 
> I have gotten a number of these since installing this 2.6.38-10-generic kernel
> and even though I have a serial console connected to this machine, for some
> reason these are not making it out of the console.  Below is a transcription
> from a photograph (attached) of the console.  Please excuse any typos.
> 
> BUG: unable to handle kernel NULL pointer dereference at 0000002f
> IP: [<c1148665>] sync_inodes_sb+0xb5/0x140
> *pde - 0587d067 *pte = 00000000
> Oops: 0000 [#1] SMP
> last sysfs file: /sys/devices/virtual/block/dm-10/dm/name
> Modules linked in: ivtv cx2341x lirc_dev nfs fscache nfsd lockd nfs_acl
> auth_rpcgss sunrpc exportfs autofs4 snd_usb_audio snd_hwdep snd_usbmidi_lib
> tuner_simple tuner_types snd_pcm wm8775 snd_seq_midi tda9887 tda8290 xc5000
> snd_rawmidi tea5767 snd_seq_midi_event au8522 tuner snd_seq i915 snd_timer
> cx25840 au0828 snd_seq_device drm_kms_helper dvb_core drm videobuf_vmalloc
> videobuf_core tveeprom v4l2_common snd ppdev shpchp videodev i2c_algo_bit
> soundcore snd_page_alloc dcdbas parport_pc video parport pcspkr hwmon_vid b44
> r8169 ssb sata_sil floppy [last unloaded: cx2341x ]
> 
> Pid 30176, comm: mount Not tainted 2.6.38-10-generic #46-Ubuntu Dell Computer
> Coporation Dimension 2400
> EIP: 0060:[<c1148665>] EFLAGS: 00010246 CPU: 0
> EIP is at sync_inodes_sb+0xb5/0x140
> EAX: 00800000 EBX: c002fd8c ECX: 00000000 EDX: c002fddc
> ESI: ffffffff EDI: f0c0cc70 EBP: c58a1ef8 ESP: c58a1eb8
>  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
> Process mount (pid: 30176, it=c58a0000 task-c0013f20 task.ti=c58a0000
> Stack:
>  f0c0cc00 c7c61f14 7fffffff f0c0cc00 00000001 00000000 c58a1ed0 c58a1ed0
>  c58a1edc 00000000 00000202 c58a1ee4 c58a1ee4 f0c0cc00 00000001 c116b7d0
>  c58a1f0c c114c7ff f0c0cc00 fffffff3 00000000 c58a1f18 c114c869 f0c0cc00
> Call Trace:
>  [<c116b7d0>] ? dquot_quota_sync+0x0/0x2d0
>  [<c114c7ff>] __sync_filesystem+0x7f/0x90
>  [<c114c869>] sync_filesystem+0x39/0x50
>  [<c112a046>] do_remount_sb+0x56/0x110
>  [<c11405f8>] do_remount+0xb8/0x100
>  [<c1142aec>] do_mount+0x16c/0x1e0
>  [<c1142ecb>] sys_mount+0x6b/0xa0
>  [<c150a194>] syscall_call+0x7/0xb
> Code: 70 c7 45 c4 00 00 00 00 83 eb 50 eb 04 90 8d 58 b0 8b 43 50 0f 18 00 90
> 8d 53 50 39 fa 74 4f f6 43 30 38 75 e9 8b b3 c4 00 00 00 <8b> 56 30 85 d2 74 dc
> 89 d8 e8 3d 5f ff ff b8 40 49 90 c1 e8 a3
> EIP: [<c1148665>] sync_inodes_sb+0xb5/0x140 SS:ESP 0068:c58a1eb8
> CR2: 000000000000002f
> 
> Any ideas what's going wrong here?
> 

I cc'ed linux-fsdevel - we might have subsequently fixed this, perhaps
someone can recall...

2.6.38 is somewhat dated in kernel time - are you able to run something
more recent?

(If we did fix it, it's likely that the fix was backported into
2.6.38.8 or earlier.  It's unclear what kernel "2.6.38-10-generic" is
based on).