Ubuntu
linux-source-2.6.22 package

Kernel Oops NULL Pointer dereference on i2o_proc

Bug #191688 reported by Roland
6
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Invalid
Undecided
Unassigned
linux-source-2.6.22 (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: linux-image-2.6.22-14-server

Following this procedure will lead to reproducably to a kernel NULL pointer dereference:

- Install an Adaptec SCSI RAID Controller (2100S, 3000S, 3200S,..)
- In my case I created a RAID1 of 2 disks
- Install Ubuntu Hardy Server Edition
   (I did apt-get update and apt-get upgrade)
- Login, sudo modprobe i2o_scsi and i2o_proc
- As a user, cd /proc/i2o/iop0:

roland@geminus:/proc/i2o/iop0$ cat *
cat: 000: Is a directory
cat: 008: Is a directory
cat: 013: Is a directory
cat: 030: Is a directory
cat: 031: Is a directory
cat: 032: Is a directory
cat: 033: Is a directory
cat: 034: Is a directory
cat: 040: Is a directory
cat: 041: Is a directory
cat: 045: Is a directory
cat: 201: Is a directory
cat: 202: Is a directory
cat: 203: Is a directory
cat: 204: Is a directory
cat: 205: Is a directory
Segmentation fault

After this segmentation fault this scrolls on the local console:

[ 1117.827525] BUG: unable to handle kernel NULL pointer dereference at virtual address 00000024
[ 1117.827643] printing eip:
[ 1117.827688] f886cc27
[ 1117.827693] *pdpt = 0000000035b30001
[ 1117.827740] *pde = 0000000000000000
[ 1117.827792] Oops: 0000 [#1]
[ 1117.827837] SMP
[ 1117.827958] Modules linked in: i2o_proc sg sd_mod i2o_scsi lp loop snd_via82xx gameport snd_ac97_codec ac97_bus snd_pcm_oss snd_mixer_oss snd_pcm snd_page_alloc snd_mpu401_uart snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device ide_cd cdrom snd psmouse via_agp ata_generic agpgart i2c_viapro via686a serio_raw libata pcspkr i2c_isa soundcore i2c_core parport_pc parport shpchp pci_hotplug ipv6 evdev ext3 jbd mbcache i2o_block scsi_mod floppy via82cxxx ide_core i2o_core 3c59x mii thermal processor fan fuse apparmor commoncap
[ 1117.830393] CPU: 1
[ 1117.830395] EIP: 0060:[<f886cc27>] Not tainted VLI
[ 1117.830399] EFLAGS: 00010296 (2.6.22-14-server #1)
[ 1117.830562] EIP is at i2o_parm_issue+0x27/0x260 [i2o_core]
[ 1117.830612] eax: 00000000 ebx: 0000000c ecx: f79f8f50 edx: 00000006
[ 1117.830663] esi: 00000000 edi: f79f8f5a ebp: 000000bc esp: f7b47e84
[ 1117.830714] ds: 007b es: 007b fs: 00d8 gs: 0033 ss: 0068
[ 1117.830766] Process cat (pid: 4944, ti=f7b46000 task=f7b014c0 task.ti=f7b46000)
[ 1117.830815] Stack: f7b47f30 f882b18f f79f8f50 00000006 00000000 0000000c f5acc700 000000d0
[ 1117.831205] 00000400 00000286 00008001 0000000c 00000000 f79f8f5a f79f8f50 f886cf16
[ 1117.831594] 0000000c dfd4e480 000000bc 00000003 00000000 c2161000 f5acc700 dfd4e480
[ 1117.831984] Call Trace:
[ 1117.832074] [<f882b18f>] apparmor_inode_permission+0x4f/0x70 [apparmor]
[ 1117.832205] [<f886cf16>] i2o_parm_table_get+0xb6/0x100 [i2o_core]
[ 1117.832309] [<f8cb3632>] i2o_seq_show_ddm_table+0x62/0x270 [i2o_proc]
[ 1117.832431] [<c019cc39>] seq_read+0x69/0x2a0
[ 1117.832541] [<c018274c>] vfs_read+0xbc/0x160
[ 1117.832635] [<c019cbd0>] seq_read+0x0/0x2a0
[ 1117.832725] [<c0182c81>] sys_read+0x41/0x70
[ 1117.832818] [<c010418a>] sysenter_past_esp+0x6b/0xa1
[ 1117.832919] [<c02f0000>] svc_disconnect+0x50/0x130
[ 1117.833032] =======================
[ 1117.833078] Code: 00 00 00 00 83 ec 3c 89 5c 24 2c 8b 5c 24 40 89 74 24 30 89 6c 24 38 8b 6c 24 48 89 7c 24 34 89 44 24 10 89 54 24 0c 89 4c 24 08 <8b> 40 24 89 44 24 14 8b 50 18 c7 44 24 1c 00 00 00 00 83 c2 48
[ 1117.835552] EIP: [<f886cc27>] i2o_parm_issue+0x27/0x260 [i2o_core] SS:ESP 0068:f7b47e84

This occurs obviously if one tries to read the file "ddm_table" or some other file which is in there.

Tags: cft-2.6.27
Revision history for this message
Ralph Janke (txwikinger) wrote :

Thanks for reporting this issue.

Would it be possible to test this issue against the latest hardy kernel and tell us if it still occurs?

Thanks.

Changed in linux-source-2.6.22:
assignee: nobody → txwikinger
status: New → Incomplete
Revision history for this message
Roland (roland1979) wrote :

Yes, its possible - if you tell me how exactly I can do that. I guess I have to change some lines in apt.conf and update a specific package?

Sorry, I'm not very experienced with ubuntu and apt-get in general (yet).

Revision history for this message
Roland (roland1979) wrote :

Nevermind. I just noticed that I'm already using hardy and that its not the codename for the unstable version. I'll apt-get update && apt-get upgrade right away, hold on..

Revision history for this message
Roland (roland1979) wrote :

I already were at the current hardy kernel. I can confirm this bug on:

ii linux-image-2.6.22-14-se 2.6.22-14.52 Linux kernel image for version 2.6.22 on x86/x86_64
ii linux-image-server 2.6.22.14.21 Linux kernel image on Server Equipment.
ii linux-server 2.6.22.14.21 Complete Linux kernel on Server Equipment.
ii linux-ubuntu-modules-2.6 2.6.22-14.37 Ubuntu supplied Linux modules for version 2.6.22 on x86/x86_64

Do you need some other information?

Revision history for this message
Ralph Janke (txwikinger) wrote :

It would be great if you could run the following commands and attach the resulting files:

uname -a > uname-a.log
cat /proc/version_signature > version.log
dmesg > dmesg.log
sudo lspci -vvnn > lspci-vvnn.log

Thanks.

Changed in linux:
status: New → Incomplete
Changed in linux-source-2.6.22:
assignee: txwikinger → nobody
Revision history for this message
Roland (roland1979) wrote :

> uname -a
Linux geminus 2.6.22-14-server #1 SMP Tue Feb 12 08:27:05 UTC 2008 i686 GNU/Linux

> cat /proc/version_signature
Ubuntu 2.6.22-14.52-server

Revision history for this message
Roland (roland1979) wrote :
Revision history for this message
Roland (roland1979) wrote :

OK - disregard what I wrote above. s/hardy/gutsy/.

I mixed up the codenames of Ubuntu. I was and I am talking about the current stable Ubuntu Server edition (codenamed Gutsy). Thats were I can reproduce the bug. I did NOT test it on any unstable (hardy) release.

That however brings me back to your last request (check it on latest hardy kernel) which brings me back to my last question: how do I do that?

Revision history for this message
Leann Ogasawara (leannogasawara) wrote :

The Ubuntu Kernel Team is planning to move to the 2.6.27 kernel for the upcoming Intrepid Ibex 8.10 release. As a result, the kernel team would appreciate it if you could please test this newer 2.6.27 Ubuntu kernel. There are one of two ways you should be able to test:

1) If you are comfortable installing packages on your own, the linux-image-2.6.27-* package is currently available for you to install and test.

--or--

2) The upcoming Alpha5 for Intrepid Ibex 8.10 will contain this newer 2.6.27 Ubuntu kernel. Alpha5 is set to be released Thursday Sept 4. Please watch http://www.ubuntu.com/testing for Alpha5 to be announced. You should then be able to test via a LiveCD.

Please let us know immediately if this newer 2.6.27 kernel resolves the bug reported here or if the issue remains. More importantly, please open a new bug report for each new bug/regression introduced by the 2.6.27 kernel and tag the bug report with 'linux-2.6.27'. Also, please specifically note if the issue does or does not appear in the 2.6.26 kernel. Thanks again, we really appreicate your help and feedback.

Revision history for this message
Michele Mangili (mangilimic) wrote :

We are closing this bug report because it lacks the information we need to investigate the problem, as described in the previous comments. Please reopen it if you can give us the missing information, and don't hesitate to submit bug reports in the future. To reopen the bug report you can click on the current status, under the Status column, and change the Status back to "New". Thanks again!

Changed in linux:
status: Incomplete → Invalid
Changed in linux-source-2.6.22:
status: Incomplete → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.