[patch 0/3] reiser4 fixups - Edward Shishkin

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Edward Shishkin <edward@namesys.com>
To: Andrew Morton <akpm@linux-foundation.org>, Zan Lynx <zlynx@acm.org>
Cc: ReiserFS Mailing List <reiserfs-devel@vger.kernel.org>,
	Linux kernel mailing list <linux-kernel@vger.kernel.org>
Subject: [patch 0/3] reiser4 fixups
Date: Mon, 16 Jul 2007 22:50:47 +0400	[thread overview]
Message-ID: <469BBE07.2010606@namesys.com> (raw)
In-Reply-To: <1184344914.468943.3.camel@localhost>

Zan Lynx wrote:
...

>Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: 
> [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
>PGD 17594067 PUD d025067 PMD 0 
>Oops: 0000 [1] PREEMPT SMP 
>CPU 0 
>Modules linked in: nls_iso8859_1 isofs nls_base snd_pcm_oss snd_mixer_oss netconsole ipv6 usbhid hid snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer psmouse serio_raw evdev snd snd_page_alloc ohci_hcd ehci_hcd usbcore sg
>Pid: 469720, comm: rhythmbox Not tainted 2.6.22-rc6-mm1 #4
>RIP: 0010:[<ffffffff8033d324>]  [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
>RSP: 0018:ffff81000ba03940  EFLAGS: 00010296
>RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000c
>RDX: 0000000000000559 RSI: 0000000000000000 RDI: ffff810001433a88
>RBP: ffff810001433a88 R08: 0000000000000000 R09: 0000000000000001
>R10: 0000000000000000 R11: ffffffff8035a350 R12: ffff810001433a88
>R13: ffff81000ba03a90 R14: ffff8100125e0224 R15: ffff8100125e0224
>FS:  0000000043806940(0063) GS:ffffffff8075b000(0000) knlGS:00000000f7cd76b0
>CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
>CR2: 0000000000000000 CR3: 0000000004b9e000 CR4: 00000000000006e0
>DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
>DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
>Process rhythmbox (pid: 469720, threadinfo ffff81000ba02000, task ffff810013c4edd0)
>Stack:  ffffffff8032649a ffff81000ba03a90 0000000000000000 ffff810001433a88
> ffff81000ba03a58 ffff81000ba03a90 ffff8100125e0224 ffff8100125e0224
> ffffffff8034db75 ffff810000000002 ffff810000000002 ffff810000000002
>Call Trace:
> [<ffffffff8032649a>] jnode_of_page+0x2a/0x2c0
> [<ffffffff8034db75>] uf_readpages_filler+0x235/0x300
> [<ffffffff8034d940>] uf_readpages_filler+0x0/0x300
> [<ffffffff8028a586>] read_cache_pages+0x96/0xc0
> [<ffffffff8034dc96>] readpages_unix_file+0x56/0xc0
> [<ffffffff8028a381>] __do_page_cache_readahead+0x1e1/0x2c0
> [<ffffffff8028a66b>] ondemand_readahead+0xbb/0x120
> [<ffffffff80282bc6>] do_generic_mapping_read+0x1b6/0x4b0
> [<ffffffff80281fb0>] file_read_actor+0x0/0x1b0
> [<ffffffff80284f46>] generic_file_aio_read+0x106/0x1c0
> [<ffffffff802ad019>] do_sync_read+0xd9/0x120
> [<ffffffff802a723b>] check_bytes_and_report+0x4b/0x100
> [<ffffffff802a7704>] check_object+0x224/0x260
> [<ffffffff80254580>] autoremove_wake_function+0x0/0x30
> [<ffffffff8052e669>] _spin_unlock+0x29/0x50
> [<ffffffff80330e2c>] reiser4_grab+0x8c/0xd0
> [<ffffffff8034cf9f>] read_unix_file+0x49f/0x4c0
> [<ffffffff802ad995>] vfs_read+0xc5/0x180
> [<ffffffff802ade93>] sys_read+0x53/0x90
> [<ffffffff8020c1de>] system_call+0x7e/0x83
>
>  
>

This is bug in Zam's new file_read: unlocked page was reclaimed,
then reiser4_tree_by_page() looks at page->mapping->host.
The patch #3 fixes this problem.

Andrew, please apply the following series.

Thanks,
Edward.

>INFO: lockdep is turned off.
>
>Code: 48 8b 00 48 8b 80 d0 01 00 00 48 8b 80 18 04 00 00 48 83 c0 
>RIP  [<ffffffff8033d324>] reiser4_tree_by_page+0x4/0x20
> RSP <ffff81000ba03940>
>CR2: 0000000000000000
>  
>

next prev parent reply	other threads:[~2007-07-16 18:51 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-07-10 18:03 2.6.22-rc6-mm1 reiser4_tree_by_page NULL pointer Zan Lynx
2007-07-11 18:39 ` Edward Shishkin
2007-07-12 20:31   ` Zan Lynx
2007-07-13 16:41     ` Zan Lynx
2007-07-16 18:50       ` Edward Shishkin [this message]
2007-07-17 16:24         ` [patch 0/3] reiser4 fixups Zan Lynx

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=469BBE07.2010606@namesys.com \
    --to=edward@namesys.com \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=reiserfs-devel@vger.kernel.org \
    --cc=zlynx@acm.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox