Bug 38372 - unable to handle kernel NULL pointer dereference in ext3
Summary: unable to handle kernel NULL pointer dereference in ext3
Status: RESOLVED DUPLICATE of bug 40112
Alias: None
Product: File System
Classification: Unclassified
Component: ext3 (show other bugs)
Hardware: x86-64 Linux
: P1 high
Assignee: fs_ext3@kernel-bugs.osdl.org
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-27 23:12 UTC by Rob de Wit
Modified: 2011-07-26 08:43 UTC (History)
0 users

See Also:
Kernel Version: 2.6.37.6
Subsystem:
Regression: No
Bisected commit-id:

Attachments
Kernel config (59.74 KB, text/plain)
2011-06-27 23:22 UTC, Rob de Wit 		Details
Add an attachment (proposed patch, testcase, etc.)

Description Rob de Wit 2011-06-27 23:12:14 UTC 
Unable to handle kernel NULL pointer dereference in ext3

after that every read/write on filesystem hangs.

System is a dual 4-core Supermicro with 64GB RAM, running 64-bit kernel running on a 32-bit OS using 32-bit compatibility in the kernel.


Here's a log, if anything more is needed I'll add it.

Jun 27 22:44:46 kernel: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
Jun 27 22:44:46 kernel: IP: [<ffffffff811e2f35>] rb_insert_color+0x17/0xd9
Jun 27 22:44:46 kernel: PGD 9b570b067 PUD 597522067 PMD 0
Jun 27 22:44:46 kernel: Oops: 0000 [#1] SMP
Jun 27 22:44:46 kernel: last sysfs file: /sys/block/sdd/queue/scheduler
Jun 27 22:44:46 kernel: CPU 7
Jun 27 22:44:46 kernel: Modules linked in: i2c_dev i2c_core fuse ip6t_LOG ipt_REJECT ipt_LOG xt_limit xt_state xt_mark ip6tabl
e_mangle iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 iptable_filter ip_tables ip6table_filter ip6_t
ables
Jun 27 22:44:46 kernel:
Jun 27 22:44:46 kernel: Pid: 12128, comm: zsh Tainted: G   M        2.6.37.6 #2 Supermicro X8DTU/X8DTU
Jun 27 22:44:46 kernel: RIP: 0010:[<ffffffff811e2f35>]  [<ffffffff811e2f35>] rb_insert_color+0x17/0xd9
Jun 27 22:44:46 kernel: RSP: 0000:ffff8808179f3ca8  EFLAGS: 00010246
Jun 27 22:44:46 kernel: RAX: ffff880ef08d01c0 RBX: ffff8809b2b947c8 RCX: 0000000000000000
Jun 27 22:44:46 kernel: RDX: ffff8809b2b947d0 RSI: ffff880eb486ce80 RDI: ffff880ef08d01c8
Jun 27 22:44:46 kernel: RBP: 0000000000000000 R08: 0000000043a5870e R09: 000000000e0e7368
Jun 27 22:44:46 kernel: R10: 000000007468732e R11: 000000006c656e67 R12: ffff880ef08d01c8
Jun 27 22:44:46 kernel: R13: ffff880eb486ce80 R14: 000000000000003b R15: ffff88103ba8c540
Jun 27 22:44:46 kernel: FS:  0000000000000000(0000) GS:ffff8800bf5c0000(0063) knlGS:00000000f761d6c0
Jun 27 22:44:46 kernel: CS:  0010 DS: 002b ES: 002b CR0: 000000008005003b
Jun 27 22:44:46 kernel: CR2: 0000000000000010 CR3: 0000000c43672000 CR4: 00000000000006e0
Jun 27 22:44:46 kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Jun 27 22:44:46 kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Jun 27 22:44:46 kernel: Process zsh (pid: 12128, threadinfo ffff8808179f2000, task ffff880820177300)
Jun 27 22:44:46 kernel: Stack:
Jun 27 22:44:46 kernel:  ffff8809b2b947c8 ffff880c6c0be544 ffff880eb486ce80 0000000041b9c94d
Jun 27 22:44:46 kernel:  000000000000003b ffffffff81108d4d ffff880c6c0be544 ffff88103fbfca68
Jun 27 22:44:46 kernel:  ffff880c6c0be544 ffff880ed7317cf8 ffff8808179f3db8 ffffffff811108b4
Jun 27 22:44:46 kernel: Call Trace:
Jun 27 22:44:46 kernel:  [<ffffffff81108d4d>] ? ext3_htree_store_dirent+0xe0/0xef
Jun 27 22:44:46 kernel:  [<ffffffff811108b4>] ? htree_dirblock_to_tree+0xef/0x144
Jun 27 22:44:46 kernel:  [<ffffffff81090b23>] ? file_sb_list_add+0xd/0x42
Jun 27 22:44:46 kernel:  [<ffffffff81110983>] ? ext3_htree_fill_tree+0x7a/0x1e6
Jun 27 22:44:46 kernel:  [<ffffffff81084963>] ? page_add_new_anon_rmap+0x47/0x6c
Jun 27 22:44:46 kernel:  [<ffffffff8110887d>] ? ext3_readdir+0x174/0x536
Jun 27 22:44:46 kernel:  [<ffffffff810c1912>] ? compat_filldir64+0x0/0xd6
Jun 27 22:44:46 kernel:  [<ffffffff8101de7b>] ? do_page_fault+0x31b/0x354
Jun 27 22:44:46 kernel:  [<ffffffff810c1912>] ? compat_filldir64+0x0/0xd6
Jun 27 22:44:46 kernel:  [<ffffffff8109c8c5>] ? vfs_readdir+0x64/0x9c
Jun 27 22:44:46 kernel:  [<ffffffff810c3424>] ? compat_sys_getdents64+0x77/0xbf
Jun 27 22:44:46 kernel:  [<ffffffff814512df>] ? page_fault+0x1f/0x30
Jun 27 22:44:46 kernel:  [<ffffffff81021e43>] ? ia32_sysret+0x0/0x5
Jun 27 22:44:46 kernel: Code: 42 10 eb 03 48 89 06 48 8b 17 83 e2 03 48 09 c2 48 89 17 c3 41 56 41 55 49 89 f5 41 54 49 89 fc
55 53 e9 9e 00 00 00 48 83 e5 fc <48> 8b 45 10 48 39 c3 75 41 48 8b 45 08 48 85 c0 74 08 48 8b 10
Jun 27 22:44:46 kernel: RIP  [<ffffffff811e2f35>] rb_insert_color+0x17/0xd9
Jun 27 22:44:46 kernel:  RSP <ffff8808179f3ca8>
Jun 27 22:44:46 kernel: CR2: 0000000000000010
Jun 27 22:44:46 kernel: ---[ end trace 377318b2e1c551de ]---
Comment 1 Rob de Wit 2011-06-27 23:22:21 UTC 
Created attachment 63652 [details]
Kernel config
Comment 2 Rob de Wit 2011-07-26 08:16:36 UTC 
Seems this is related to disk-scheduler rather than ext3, but I can't fix the assignee.

Another dump from another host. Both hosts seem to crash at /dev/sdd which is a 
Intel SSD disk


BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
IP: [<ffffffff811e870d>] rb_insert_color+0x17/0xd9
PGD a8ecf3067 PUD 103c94067 PMD 0 
Oops: 0000 [#1] SMP 
last sysfs file: /sys/block/sdd/queue/scheduler
CPU 2 
Modules linked in: netconsole fuse ip6t_LOG ipt_REJECT ipt_LOG xt_limit xt_state
 xt_mark ip6table_mangle iptable_mangle iptable_nat nf_nat nf_conntrack_ipv4 nf_
conntrack nf_defrag_ipv4 iptable_filter ip_tables ip6table_filter ip6_tables [la
st unloaded: netconsole]

Pid: 8179, comm: zsh Tainted: G   M        2.6.39.2 #7 Supermicro X8DTU/X8DTU
RIP: 0010:[<ffffffff811e870d>]  [<ffffffff811e870d>] rb_insert_color+0x17/0xd9
RSP: 0000:ffff880ddc33bca8  EFLAGS: 00010246
RAX: ffff88000d8f9500 RBX: ffff88053a66d1c8 RCX: 0000000000000000
RDX: ffff88053a66d1d0 RSI: ffff880470912d40 RDI: ffff88000d8f9508
RBP: 0000000000000000 R08: 0000000043a5870e R09: 000000000e0e6473
R10: 000000006563746d R11: 000000006573656c R12: ffff88000d8f9508
R13: ffff880470912d40 R14: 0000000000000007 R15: ffff88000d974440
FS:  0000000000000000(0000) GS:ffff88103fc80000(0063) knlGS:00000000f75c56c0
CS:  0010 DS: 002b ES: 002b CR0: 000000008005003b
CR2: 0000000000000010 CR3: 0000000bf5913000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process zsh (pid: 8179, threadinfo ffff880ddc33a000, task ffff880cbb5c7990)
Stack:
 ffff88053a66d1c8 ffff8806d0ab8084 ffff880470912d40 00000000c179a694
 0000000000000007 ffffffff8110d1f5 ffff8806d0ab8084 ffff881036438a50
 ffff8806d0ab808441 56 41 55 49 89 f5 41 54 49 89 fc 55 53 e9 9e 00 00 00 48 83 
e5 fc 
 8b 45 10 48 39 c3 75 41 48 8b 45 08 48 85 c0 74 08 48 8b 10 
RIP  [<ffffffff811e870d>] rb_insert_color+0x17/0xd9
 RSP <ffff880ddc33bca8>
CR2: 0000000000000010
---[ end trace 24f924cfeeb1298a ]---

cat /proc/scsi/scsi 

Attached devices:
Host: scsi0 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: WDC WD2002FYPS-0 Rev: 04.0
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi1 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: ST31000340NS     Rev: SN06
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi2 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: WDC WD20EARS-00M Rev: 51.0
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi3 Channel: 00 Id: 00 Lun: 00
  Vendor: ATA      Model: INTEL SSDSA2M080 Rev: 2CV1
  Type:   Direct-Access                    ANSI  SCSI revision: 05
Host: scsi4 Channel: 00 Id: 00 Lun: 00
  Vendor: MATSHITA Model: DVD-ROM UJDA780  Rev: 1.50
  Type:   CD-ROM                           ANSI  SCSI revision: 05


lspci

00:00.0 Host bridge: Intel Corp.: Unknown device 3406 (rev 13)
00:01.0 PCI bridge: Intel Corp.: Unknown device 3408 (rev 13)
00:03.0 PCI bridge: Intel Corp.: Unknown device 340a (rev 13)
00:05.0 PCI bridge: Intel Corp.: Unknown device 340c (rev 13)
00:06.0 PCI bridge: Intel Corp.: Unknown device 340d (rev 13)
00:07.0 PCI bridge: Intel Corp.: Unknown device 340e (rev 13)
00:09.0 PCI bridge: Intel Corp.: Unknown device 3410 (rev 13)
00:14.0 PIC: Intel Corp.: Unknown device 342e (rev 13)
00:14.1 PIC: Intel Corp.: Unknown device 3422 (rev 13)
00:14.2 PIC: Intel Corp.: Unknown device 3423 (rev 13)
00:14.3 PIC: Intel Corp.: Unknown device 3438 (rev 13)
00:16.0 System peripheral: Intel Corp.: Unknown device 3430 (rev 13)
00:16.1 System peripheral: Intel Corp.: Unknown device 3431 (rev 13)
00:16.2 System peripheral: Intel Corp.: Unknown device 3432 (rev 13)
00:16.3 System peripheral: Intel Corp.: Unknown device 3433 (rev 13)
00:16.4 System peripheral: Intel Corp.: Unknown device 3429 (rev 13)
00:16.5 System peripheral: Intel Corp.: Unknown device 342a (rev 13)
00:16.6 System peripheral: Intel Corp.: Unknown device 342b (rev 13)
00:16.7 System peripheral: Intel Corp.: Unknown device 342c (rev 13)
00:1a.0 USB Controller: Intel Corp.: Unknown device 3a37
00:1a.1 USB Controller: Intel Corp.: Unknown device 3a38
00:1a.2 USB Controller: Intel Corp.: Unknown device 3a39
00:1a.7 USB Controller: Intel Corp.: Unknown device 3a3c
00:1d.0 USB Controller: Intel Corp.: Unknown device 3a34
00:1d.1 USB Controller: Intel Corp.: Unknown device 3a35
00:1d.2 USB Controller: Intel Corp.: Unknown device 3a36
00:1d.7 USB Controller: Intel Corp.: Unknown device 3a3a
00:1e.0 PCI bridge: Intel Corp. 82801BA/CA/DB PCI Bridge (rev 90)
00:1f.0 ISA bridge: Intel Corp.: Unknown device 3a16
00:1f.2 Class 0106: Intel Corp.: Unknown device 3a22
00:1f.3 SMBus: Intel Corp.: Unknown device 3a30
01:00.0 Ethernet controller: Intel Corp.: Unknown device 10c9 (rev 01)
01:00.1 Ethernet controller: Intel Corp.: Unknown device 10c9 (rev 01)
07:01.0 VGA compatible controller: Matrox Graphics, Inc.: Unknown device 0532 (rev 0a)
Comment 3 Rob de Wit 2011-07-26 08:43:13 UTC 

*** This bug has been marked as a duplicate of bug 40112 ***
Note You need to log in before you can comment on or make changes to this bug.