loop oops

David Fries (dfries@umr.edu)
Mon, 14 Sep 1998 23:23:11 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: David Luyer: "Dump a mode --x--x--x binary on Linux 2.0.x"
Previous message: Chris Wedgwood: "Re: egcs-1.1 (was 2.0.36-pre9"
Next in thread: Martin Mares: "Re: Minor PTRACE security bug"
Reply: Martin Mares: "Re: Minor PTRACE security bug"
Reply: Cezary Sliwa: "Re: Minor PTRACE security bug"

I'm not sure exactly where the problem is, but it was re-producable. I
inserted the loop device and did `mount root.bin mountpt -o loop` and I had
gotten a oops, both times. The root.bin is a minix filesystem and I did
not have the minix file module loaded or compiled in the kernel at the
time. I did this twice in two re-boots. I haven't tried to mount the file
whne the minix module is in the kernel, but reguardless it shouldn't oops
in this situation.

It looked like pre-2.1.122-3 had some code in the loop device so I don't
know if that would have fixed the problem, but I booted in to the
pre-2.1.122-3 and it hardlocked, so I didn't have time to test it.

Unable to handle kernel NULL pointer dereference at virtual address 00000004
current->tss.cr3 = 01b51000, %cr3 = 01b51000
*pde = 00000000
Oops: 0000
CPU: 1
EIP: 0010:[<c88c474f>]
EFLAGS: 00010286
eax: 00000003 ebx: 00000700 ecx: 00000000 edx: 00000000
esi: 00000003 edi: c88c54b0 ebp: 00000004 esp: c195ff70
ds: 0018 es: 0018 ss: 0018
Process mount (pid: 379, process nr: 46, stackpage=c195f000)
Stack: 00004c00 00000004 00000213 fffffff7 00000700 c88c4f3b c88c54b0 00000700
00000003 c1b318c0 ffffffe7 c012ed44 c2851400 c1b318c0 00004c00 00000003
c195e000 bffffc7c 00000000 bffffb8c c0107af0 00000004 00004c00 00000003
Call Trace: [<c88c4f3b>] [<c88c54b0>] [<c012ed44>] [<c0107af0>]
Code: 39 42 04 76 06 8b 52 08 8b 0c 82 85 c9 74 04 66 ff 41 1c 89

Using `map' to map addresses to symbols.

>>EIP: c88c474f <loop_set_fd+4f/2c0>
Trace: c88c4f3b <lo_ioctl+bb/150>
Trace: c88c54b0 <loop_dev>
Trace: c012ed44
Trace: c0107af0
Code: c88c474f <loop_set_fd+4f/2c0>
Code: c88c474f <loop_set_fd+4f/2c0> 39 42 04 cmpl %eax,0x4(%edx)
Code: c88c4752 <loop_set_fd+52/2c0> 76 06 jbe c88c475a <loop_set_fd+5a/2c0>
Code: c88c4754 <loop_set_fd+54/2c0> 8b 52 08 movl 0x8(%edx),%edx
Code: c88c4757 <loop_set_fd+57/2c0> 8b 0c 82 movl (%edx,%eax,4),%ecx
Code: c88c4760 <loop_set_fd+60/2c0> 85 c9 testl %ecx,%ecx
Code: c88c4762 <loop_set_fd+62/2c0> 74 04 je c88c4762 <loop_set_fd+62/2c0>
Code: c88c4764 <loop_set_fd+64/2c0> 66 ff 41 1c incw 0x1c(%ecx)
Code: c88c4768 <loop_set_fd+68/2c0> 89 00 movl %eax,(%eax)
Code: c88c4770 <loop_set_fd+70/2c0> 90 nop
Code: c88c4771 <loop_set_fd+71/2c0> 90 nop
Code: c88c4772 <loop_set_fd+72/2c0> 90 nop

Dual Pentium 200MHz MMX
Tyan 1653D, Tomcat III
Intel 82439HX, 82371SB chipset
128 megs memory,
NCR53C810 using BSD ported driver
Both IDE and SCSI harddrives
NE2000 compatible ISA
3Com 3c905B
gcc 2.7.2.3
Linux version 2.1.121 (david@AeroSpace) (gcc version 2.7.2.3) #112 SMP Thu Sep 10 13:15:52 CDT 1998

-- +---------------------------------+ | David Fries | | dfries@umr.edu | +---------------------------------+

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: David Luyer: "Dump a mode --x--x--x binary on Linux 2.0.x"
Previous message: Chris Wedgwood: "Re: egcs-1.1 (was 2.0.36-pre9"
Next in thread: Martin Mares: "Re: Minor PTRACE security bug"
Reply: Martin Mares: "Re: Minor PTRACE security bug"
Reply: Cezary Sliwa: "Re: Minor PTRACE security bug"