David fries reported:
On Sat, 25 Jul 1998 01:58:04 -0500, David Fries <dfries@mail.win.org>
said:
> I had a kernel Oops on 2.1.110 while trying to get a remote printer bounce
> to work (Filters don't run on remote printers, so you have to setup a
> bounce, and the remote computer with a 386 and 8megs ram running X with no
> swap doesn't cut it).
> Unable to handle kernel NULL pointer dereference at virtual address 00000008
> current-> tss.cr3 = 014ef000, %cr3 = 014ef000
> Using `/mnt/hda1/2.1.110-map' to map addresses to symbols.
>>> EIP: c012a058 <close_fp+28/84>
> Trace: c012a165 <sys_close+b1/d8>
> Trace: c0133c0a <sys_dup2+de/294>
> Trace: c0109ff0 <system_call+34/38>
> Code: c012a058 <close_fp+28/84>
> Code: c012a058 <close_fp+28/84> 83 78 08 00 cmpl $0x0,0x8(%eax)
This is related to the quota oops you just posted a patch for. We are
calling close_fp on a filp which does not yet have a dentry. The
close_fp does not check for null dentry, and dereferences d_inode
regardless. Patch to "fix":
----------------------------------------------------------------
--- fs/open.c~ Sat May 9 06:55:06 1998
+++ fs/open.c Mon Jul 27 22:09:15 1998
@@ -796,7 +796,7 @@
printk("VFS: Close: file count is 0\n");
return 0;
}
- if (dentry->d_inode)
+ if (dentry && dentry->d_inode)
locks_remove_posix(filp, id);
return fput(filp);
}
----------------------------------------------------------------
However, I'm not 100% sure why we'd let a fd live long enough without a
dentry to get to close_fp, so I thought you'd want to glance over it
first. The real problem may be why we got an installed fd with no
dentry in the first place.
--Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html