Ubuntu
linux package

Kernel NULL pointer deference in __d_move from vfs_stat ioctl

Bug #890569 reported by Pauli
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

__d_move crashes in second d_ancestor check where it finds that one of parents for "dentry" variable is NULL.
Call comes from sysfs_lookup->d_move->__d_move. The vfs_stat ioctl was initiated from Xorg quickly after I tried to switch user.

I have take picture from oops report but I don't have cable for the camera. But I will upload the picture later when I get my hands on the cable. Too bad console font was a bit too large to capture the begin of the oops report.

ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: linux-image-3.0.0-12-generic 3.0.0-12.20
ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4
Uname: Linux 3.0.0-12-generic x86_64
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
ArecordDevices:
 **** List of CAPTURE Hardware Devices ****
 card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog]
   Subdevices: 1/1
   Subdevice #0: subdevice #0
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: pniemine 1835 F.... pulseaudio
CRDA: Error: [Errno 2] No such file or directory
Card0.Amixer.info:
 Card hw:0 'Intel'/'HDA Intel at 0xd4720000 irq 47'
   Mixer name : 'Intel IbexPeak HDMI'
   Components : 'HDA:111d7603,103c172a,00100202 HDA:11c11040,103c3066,00100200 HDA:80862804,80860101,00100000'
   Controls : 19
   Simple ctrls : 11
Date: Tue Nov 15 09:51:04 2011
HibernationDevice: RESUME=UUID=63e3472e-a6e0-4ce4-b3a5-aad98c335e05
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111011)
MachineType: Hewlett-Packard HP EliteBook 8440p
PccardctlIdent:
 Socket 0:
   product info: "RICOH", "Bay8Controller", "", ""
   manfid: 0x0000, 0x0000
   function: 254 (unknown)
PccardctlStatus:
 Socket 0:
   3.3V 16-bit PC Card
   Subdevice 0 (function 0) bound to driver "pata_pcmcia"
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-3.0.0-12-generic root=/dev/mapper/username--mobl3-root ro persistent splash quiet vt.handoff=7
RelatedPackageVersions:
 linux-restricted-modules-3.0.0-12-generic N/A
 linux-backports-modules-3.0.0-12-generic N/A
 linux-firmware 1.60
SourcePackage: linux
StagingDrivers: mei
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 11/25/2010
dmi.bios.vendor: Hewlett-Packard
dmi.bios.version: 68CCU Ver. F.11
dmi.board.name: 172A
dmi.board.vendor: Hewlett-Packard
dmi.board.version: KBC Version 30.31
dmi.chassis.asset.tag: CZC1111K74
dmi.chassis.type: 10
dmi.chassis.vendor: Hewlett-Packard
dmi.modalias: dmi:bvnHewlett-Packard:bvr68CCUVer.F.11:bd11/25/2010:svnHewlett-Packard:pnHPEliteBook8440p:pvr:rvnHewlett-Packard:rn172A:rvrKBCVersion30.31:cvnHewlett-Packard:ct10:cvr:
dmi.product.name: HP EliteBook 8440p
dmi.sys.vendor: Hewlett-Packard

Revision history for this message
Pauli (paniemin) wrote :
Brad Figg (brad-figg)
Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Pauli (paniemin) wrote :
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Would it be possible for you to test the latest upstream kernel? It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . If possible, please test the latest v3.2-rcN kernel (Not a kernel in the daily directory). Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag(Only that one tag, please leave the others). This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text.

If this bug is fixed by the mainline kernel, please add the following tag 'kernel-fixed-upstream-KERNEL-VERSION'. For example, if kernel version 3.2-rc1 fixed and issue, the tag would be: 'kernel-fixed-upstream-v3.2-rc1'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-unable-to-test-upstream'. If you believe this bug does not require upstream testing, please add the tag: 'kernel-upstream-testing-not-needed'.

Thanks in advance.

tags: added: needs-upstream-testing
Revision history for this message
Pauli (paniemin) wrote :

It was one time crash only for me. But upstream doesn't have much changes in that area.

Only patches that I quickly could name even potentially related are in sysfs side:
f6d90b4f9ce018bff429d6e01ee672de712b8641 sysfs: Make sysfs_rename safe with sysfs_dirents in rbtrees
Mikulas Patocka 's rb_tree changes.

in dcache side there is more interesting commits but only one of them talk about d_parent not being NULL. But looking (upstream) code d_parent shouldn't ever be NULL.

If same applies to 3.0 kernel then It starts to look like some race condition that I happened to hit only once.

Revision history for this message
penalvch (penalvch) wrote :

Pauli, thank you for reporting this bug and helping make Ubuntu better. This bug was reported a while ago and there hasn't been any activity in it recently. We were wondering if this is still an issue? If so, please answer the following questions:

* Is this reproducible?
* If so, what specific steps should we take to recreate this bug?
* Could you please capture the oops data following https://wiki.ubuntu.com/KernelTeam/KernelTeamBugPolicies#Capturing_OOPs ?
* Could you please test the latest development release of Ubuntu? ISO CD images are available from http://cdimage.ubuntu.com/releases/ .

If it remains an issue, could you run the following command from a Terminal (Applications->Accessories->Terminal). It will automatically gather and attach updated debug information to this report.

apport-collect -p linux <replace-with-bug-number>

Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text. Please let us know your results.

Thanks in advance.

Changed in linux (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.