Re: 2.6.39-rc5-git2 boot crashs

[Al Viro]

On Fri, Apr 29, 2011 at 07:47:14PM -0700, Linus Torvalds wrote:
> On Fri, Apr 29, 2011 at 7:31 PM, Linus Torvalds
> <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> >
> > It looks like a NULL pointer dereference with offset 4, so at a guess,
> > super->s_freeing_list.next is NULL, and it's the "next->prev = entry"
> > instruction that faults when inserting into that list.
> >
> > How/why would s_freeing_list be NULL? I have no idea. But it looks
> > like a failed mount, so presumably it was never initialized.
> 
> Hmm. super->s_freeing_list is initialized pretty late in
> logfs_read_sb(), and any error path _before_ that point will result in
> a "goto err1" in logfs_get_sb_device() which will do various iputs
> etc. All without that list initialized. That would seem to be the
> cause of this, possibly triggered by Al's changes to ->mount from
> read_super.

Then it ought to be reproducible with much ealier kernels.  Say, 2.6.37 or
so...  That part of ->mount() series went in during last Autumn...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/