Re: 2.1.110 oops

Stephen C. Tweedie (
Mon, 27 Jul 1998 22:22:43 +0100

Hi Bill,

David fries reported:

On Sat, 25 Jul 1998 01:58:04 -0500, David Fries <>

> I had a kernel Oops on 2.1.110 while trying to get a remote printer bounce
> to work (Filters don't run on remote printers, so you have to setup a
> bounce, and the remote computer with a 386 and 8megs ram running X with no
> swap doesn't cut it).

> Unable to handle kernel NULL pointer dereference at virtual address 00000008
> current-> tss.cr3 = 014ef000, %cr3 = 014ef000
> Using `/mnt/hda1/2.1.110-map' to map addresses to symbols.

>>> EIP: c012a058 <close_fp+28/84>
> Trace: c012a165 <sys_close+b1/d8>
> Trace: c0133c0a <sys_dup2+de/294>
> Trace: c0109ff0 <system_call+34/38>
> Code: c012a058 <close_fp+28/84>
> Code: c012a058 <close_fp+28/84> 83 78 08 00 cmpl $0x0,0x8(%eax)

This is related to the quota oops you just posted a patch for. We are
calling close_fp on a filp which does not yet have a dentry. The
close_fp does not check for null dentry, and dereferences d_inode
regardless. Patch to "fix":

--- fs/open.c~ Sat May 9 06:55:06 1998
+++ fs/open.c Mon Jul 27 22:09:15 1998
@@ -796,7 +796,7 @@
printk("VFS: Close: file count is 0\n");
return 0;
- if (dentry->d_inode)
+ if (dentry && dentry->d_inode)
locks_remove_posix(filp, id);
return fput(filp);

However, I'm not 100% sure why we'd let a fd live long enough without a
dentry to get to close_fp, so I thought you'd want to glance over it
first. The real problem may be why we got an installed fd with no
dentry in the first place.


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at