Bug 107361
Summary: | BUG: unable to handle kernel NULL pointer dereference when mounting/umounting vfat in 4.3.0, worked in 4.2.4 | ||
---|---|---|---|
Product: | File System | Reporter: | Mads (mads) |
Component: | FAT/VFAT/MSDOS | Assignee: | OGAWA Hirofumi (hirofumi) |
Status: | RESOLVED INVALID | ||
Severity: | normal | CC: | mads |
Priority: | P1 | ||
Hardware: | All | ||
OS: | Linux | ||
Kernel Version: | 4.3.0 | Subsystem: | |
Regression: | No | Bisected commit-id: |
Description
Mads
2015-11-06 10:55:09 UTC
Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 41 57 41 56 41 55 41 54 55 48 89 f5 53 48 89 d3 48 81 ec 10 01 00 00 48 8b 07 48 89 3c 24 <48> 8b 40 28 8b 80 08 04 00 00 85 c0 78 05 e8 cf 19 04 00 48 8b Disassemble of oops code 0: ff (bad) 1: ff c3 inc %ebx 3: 66 2e 0f 1f 84 00 00 nopw %cs:0x0(%rax,%rax,1) a: 00 00 00 d: 41 57 push %r15 f: 41 56 push %r14 11: 41 55 push %r13 13: 41 54 push %r12 15: 55 push %rbp 16: 48 89 f5 mov %rsi,%rbp 19: 53 push %rbx 1a: 48 89 d3 mov %rdx,%rbx 1d: 48 81 ec 10 01 00 00 sub $0x110,%rsp 24: 48 8b 07 mov (%rdi),%rax 27: 48 89 3c 24 mov %rdi,(%rsp) 2b: 48 8b 40 28 mov 0x28(%rax),%rax 2f: 8b 80 08 04 00 00 mov 0x408(%rax),%eax 35: 85 c0 test %eax,%eax 37: 78 05 js 0x3e 39: e8 cf 19 04 00 callq 0x41a0d 3e: 48 rex.W 3f: 8b .byte 0x8b 40: a0 .byte 0xa0 24: %rdi would be mapping %rax would be mapping->host 2b: 0x28(%rax) == mapping->host->i_sb 2f: 0x408(%rax) == mapping->host->i_sb->cleancache_poolid And it seems to be host->i_sb == NULL then. There is no change in v4.2..v4.3, so this is likely to be the bug of other parts. It might be memory corruption, race, or such. Could you report this to lkml? Ok, thanks for checking it out! |