aufs broken in ti-omap kernel

Bug #548924 reported by Oliver Grawert on 2010-03-26
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux-ti-omap (Ubuntu)
Critical
Amit Kucheria
Lucid
Critical
Amit Kucheria

Bug Description

trying to boot a live image with the ti-omap kernel results in an output like http://paste.ubuntu.com/401821/
seemingly teh aufs module is oopsing

Oliver Grawert (ogra) wrote :

Begin: Adding live session user... ...
[ 38.143585] kernel BUG at /home/amit/work/.Canonical/sources/ubuntu-lucid/ubuntu/aufs/f_op.c:84!
[ 38.152496] Unable to handle kernel NULL pointer dereference at virtual address 00000000
[ 38.160675] pgd = cf924000
[ 38.163391] [00000000] *pgd=8ef76031, *pte=00000000, *ppte=00000000
[ 38.169738] Internal error: Oops: 817 [#1]
[ 38.173858] last sysfs file: /sys/kernel/uevent_seqnum
[ 38.179016] Modules linked in: squashfs nls_iso8859_1 nls_cp437
[ 38.184997] CPU: 0 Tainted: G C (2.6.33-500-omap #3)
[ 38.191040] PC is at __bug+0x1c/0x24
[ 38.194641] LR is at __bug+0x18/0x24
[ 38.198242] pc : [<c003b6dc>] lr : [<c003b6d8>] psr: 60000013
[ 38.198242] sp : c14a3e20 ip : c0620760 fp : 00000000
[ 38.209777] r10: ceeeec00 r9 : c03786cc r8 : 00020241
[ 38.215026] r7 : 00000001 r6 : 00000001 r5 : cef7d8c0 r4 : cf601918
[ 38.221588] r3 : 00000000 r2 : c05e6e58 r1 : 60000013 r0 : 0000006a
[ 38.228149] Flags: nZCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment user
[ 38.235321] Control: 10c5387d Table: 8f924019 DAC: 00000015
[ 38.241088] Process grpconv (pid: 198, stack limit = 0xc14a22e8)
[ 38.247131] Stack: (0xc14a3e20 to 0xc14a4000)
[ 38.251525] 3e20: cf601918 c0378774 00000000 00000000 00000000 cef7d8c0 cf601918 c03775e8
[ 38.259735] 3e40: 00020242 c037ce0c 00000001 ffffffff 00000000 c037d09c cef7d8c0 00000000
[ 38.267944] 3e60: 00000000 cf602d18 00020242 cf601918 cf80bd40 c00f3ab8 00000022 c03786bc
[ 38.276184] 3e80: c14a3ef8 cef7d8c0 cf507998 00000000 c14a3ef8 00020242 00000000 00020241
[ 38.284393] 3ea0: 00000000 c00f3d30 cef807c0 cf507998 00000000 c0101e54 0000000f 00000000
[ 38.292633] 3ec0: 00000000 c14a3f0c 000081a0 00000001 c067ce34 c14a3f0c c14a3f50 000001b6
[ 38.300842] 3ee0: cf8f9000 ffffff9c 00000200 00000000 c14a2000 00000000 cf80bd40 cf601918
[ 38.309051] 3f00: aefe9110 00000008 cf8f9005 cf80bd40 cf517218 00000300 00000000 00000000
[ 38.317291] 3f20: cef7d4c0 bef9d620 c14a3f48 bef9d600 000000c5 c0037c48 c14a2000 00000000
[ 38.325500] 3f40: 00000000 00020242 000001b6 cef7d8c0 cf80bd40 cf601918 0000000a 00020241
[ 38.333740] 3f60: 000001b6 ffffff9c 0000000a cf8f9000 c14a2000 00000000 00000000 c00f3880
[ 38.341949] 3f80: 00000022 00000000 00019d68 4012d000 00000004 00000005 c0037c48 c14a2000
[ 38.350158] 3fa0: 00000000 c0037aa0 00019d68 4012d000 bef9d6fc 00020241 000001b6 000001b6
[ 38.358398] 3fc0: 00019d68 4012d000 00000004 00000005 0000c7ec 00000000 00000001 00000000
[ 38.366607] 3fe0: 00000004 bef9d580 40095b01 400cff7c 60000010 bef9d6fc 80893021 80893421
[ 38.374847] [<c003b6dc>] (__bug+0x1c/0x24) from [<c0378774>] (aufs_fault+0x0/0x158)
[ 38.382568] [<c0378774>] (aufs_fault+0x0/0x158) from [<00000000>] (0x0)
[ 38.389221] Code: e3080ff4 e34c0052 eb10521b e3a03000 (e5833000)
[ 38.395385] ---[ end trace 6bcd4e0e8e189ed8 ]---

Changed in linux-ti-omap (Ubuntu):
milestone: none → ubuntu-10.04-beta-2
tags: added: armel
Oliver Grawert (ogra) on 2010-03-26
Changed in linux-ti-omap (Ubuntu Lucid):
assignee: nobody → Amit Kucheria (amitk)
importance: Undecided → High
Paul Larson (pwlars) wrote :

Attaching complete log of boot from latest live image boot

Changed in linux-ti-omap (Ubuntu Lucid):
importance: High → Critical
status: New → Triaged
Amit Kucheria (amitk) wrote :

This[1] is not an oops, but a BUG_ON() called on purpose inside the aufs code. The function follows:

static int do_open_nondir(struct file *file, int flags)
{
 int err;
 aufs_bindex_t bindex;
 struct file *h_file;
 struct dentry *dentry;
 struct au_finfo *finfo;

 FiMustWriteLock(file);

 err = 0;
 dentry = file->f_dentry;
 finfo = au_fi(file);
 finfo->fi_h_vm_ops = NULL;
 finfo->fi_vm_ops = NULL;
 bindex = au_dbstart(dentry);
 /* O_TRUNC is processed already */
 BUG_ON(au_test_ro(dentry->d_sb, bindex, dentry->d_inode)
        && (flags & O_TRUNC));

 h_file = au_h_open(dentry, bindex, flags, file);
 if (IS_ERR(h_file))
  err = PTR_ERR(h_file);
 else {
  au_set_fbstart(file, bindex);
  au_set_fbend(file, bindex);
  au_set_h_fptr(file, bindex, h_file);
  au_update_figen(file);
  /* todo: necessary? */
  /* file->f_ra = h_file->f_ra; */
 }
 return err;
}

From the fragment, triggering the BUG_ON(), it seems to check if the aufs file/branch is readonly and if a truncate flag is set on the file.

So my question then is, are we doing something illegal according to aufs expectations?

[1] kernel BUG at /build/buildd/linux-ti-omap-2.6.33/ubuntu/aufs/f_op.c:84!

Changed in linux-ti-omap (Ubuntu Lucid):
status: Triaged → In Progress

we are not doing anything in omap we wouldnt also do under x86, the code is
identical on all architectures, i will dig out the mount function in casper
and attach it here if you want, but there is nothing specific in it that
would trigger this bug on other arches.

Paul Larson (pwlars) wrote :

this isn't typical BUG_ON() output though is it? This looks to be the result of a null pointer.

Launchpad Janitor (janitor) wrote :
Download full text (3.2 KiB)

This bug was fixed in the package linux-ti-omap - 2.6.33-500.4

---------------
linux-ti-omap (2.6.33-500.4) lucid; urgency=low

  [ Amit Kucheria ]

  * [Config] Compile-in display subsystem
  * Merge the DSS2 stack from 2.6.34-rc2 mainline tree
  * SAUCE: Upgrade aufs2 to latest version for 2.6.33
    - LP: #548924
  * [Config] Update configuration for new aufs2
  * [Config] Fix d-i modules
  * [Config] USB_STORAGE and ATA drivers can be a modules
  * [Upstream] DSS2 support for Beagleboard
  * [Config] Configure DSS2 based on beagle defconfig
  * [Config] Enable USB OTG mode
  * [Config] Enable various ethernet drivers

  [ Imre Deak ]

  * SAUCE: ARM: VFP: add support to sync the VFP state of the current
    thread
    - LP: #507503
  * SAUCE: ARM: VFP: preserve the HW context when calling signal handlers
    - LP: #507503

  [ Upstream Kernel Changes ]

  * OMAP: DSS2: Add Sharp LQ043T1DG01 panel driver
  * OMAP: DSS2: add Toppoly TDO35S panel
  * OMAP: DSS: add TPO TD043MTEA1 panel
  * OMAP: DSS2: Improve Kconfig help texts
  * OMAP: DSS2: enable VDDS_DSI when using DPI
  * OMAP: 3430SDP: remove vdvi regulator
  * OMAP: DSS: Taal: fix error returns in taal_probe()
  * OMAP: DSS2: OMAPFB: implement OMAPFB_GET_DISPLAY_INFO
  * OMAP: DSS2: fix irq-stats compilation
  * OMAP: DSS2: OMAPFB: Add omapfb_update_window prototype
  * OMAP: DSS2: improve DSS clk src selection
  * OMAP: DSS2: DSI: add dsi_bus_is_locked()
  * OMAP: DSS2: DSI: add helpers for DCS read/write
  * OMAP: DSS2: DSI: export dsi_vc_enable_hs()
  * OMAP: DSS2: DSI: configure all DSI VCs
  * OMAP: DSS2: DSI: remove dsi_vc_print_status()
  * OMAP: DSS2: Check ctx loss count only when starting the first clock
  * OMAP: DSS2: remove sub-panel system
  * OMAP: DSS2: fix driver probe error handling
  * OMAP: DSS2: OMAPFB: fix dssdev cleanup on error
  * OMAP: DSS2: OMAPFB: fix cleanup on dssdev enable error
  * OMAP: DSS2: fix get_dsi/dispc_clk_source() usage
  * OMAP: DSS2: DSI: change DSI bus_lock to semaphore
  * OMAP: DSS2: DSI: remove auto-update perf measurement
  * OMAP: DSS2: move run_test()
  * OMAP: DSS2: move memory_read()
  * OMAP: DSS2: move set/get_mirror()
  * OMAP: DSS2: move get/set_rotate()
  * OMAP: DSS2: move wait_vsync()
  * OMAP: DSS2: move enable/disable_channel to overlay manager
  * OMAP: DSS2: move get_resolution()
  * OMAP: DSS2: move get_recommended_bpp()
  * OMAP: DSS2: move enable/get_te()
  * OMAP: DSS2: move set/get_update_mode()
  * OMAP: DSS2: move update() and sync()
  * OMAP: DSS2: move enable/disable/suspend/resume
  * OMAP: DSS2: move set/get_wss()
  * OMAP: DSS2: move timing functions
  * OMAP: DSS2: DSI: remove external TE support
  * OMAP: DSS2: OMAPFB: Remove FB_OMAP2_FORCE_AUTO_UPDATE
  * OMAP: DSS2: DSI: add dsi_vc_dcs_read_2() helper
  * OMAP: DSS2: TPO-TD03MTEA1: fix function names
  * OMAP: DSS2: DSI: add error prints
  * OMAP: DSS2: OMAPFB: Constify some function parameters
  * OMAP: DSS2: Taal: Fix ESD check
  * OMAP: DSS2: Taal: Fix TE when resuming
  * OMAP: DSS2: VRAM: Fix early_param for vram
  * OMAP: DSS2: initialize dss clk sources properly
  * OMAP: DSS2: panel-generic: re-implement mode changing
 -- Andy Whitcroft <apw@cano...

Read more...

Changed in linux-ti-omap (Ubuntu Lucid):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments