WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-devel

[Xen-devel] Null-pointer access in netback_uevent

To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] Null-pointer access in netback_uevent
From: Bastian Blank <waldi@xxxxxxxxxx>
Date: Thu, 27 May 2010 18:55:58 +0200
Cc: Jeremy Fitzhardinge <jeremy@xxxxxxxx>
Delivery-date: Thu, 27 May 2010 09:56:54 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Mail-followup-to: Bastian Blank <waldi@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx, Jeremy Fitzhardinge <jeremy@xxxxxxxx>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)
My slightly patched kernel based on
f6fe6583b77a49b569eef1b66c3d761eec2e561b failed with null-pointer access in
netback_uevent.

| BUG: unable to handle kernel NULL pointer dereference at 0000000000000150
| IP: [<ffffffff812017a3>] netback_uevent+0x83/0xaf

According to gdb the following is the culprit:

| 185             if (add_uevent_var(env, "vif=%s", netif->dev->name))
|    0x0000000000002313 <+131>:   mov    0x150(%r13),%rdx

Complete oops:

| BUG: unable to handle kernel NULL pointer dereference at 0000000000000150
| IP: [<ffffffff812017a3>] netback_uevent+0x83/0xaf
| PGD ce0b1067 PUD ce193067 PMD 0 
| Oops: 0000 [#1] SMP 
| last sysfs file: /sys/devices/vif-1-0/uevent
| CPU 1 
| Modules linked in: blktap xen_evtchn xenfs xt_tcpudp xt_state iptable_filter 
ipt_MASQUERADE iptable_nat nf_nat nf_conntrack_ipv4 nf_conntrack nf_defrag_ipv4 
ip_tables x_tables bridge stp dm_snapshot loop snd_pcm snd_timer snd soundcore 
tpm_tis radeon snd_page_alloc ttm drm_kms_helper psmouse tpm drm pcspkr 
amd64_edac_mod ipmi_si tpm_bios evdev serio_raw edac_core i2c_algo_bit shpchp 
ipmi_msghandler i2c_piix4 edac_mce_amd container i2c_core hpilo processor 
pci_hotplug button acpi_processor hpwdt ext3 jbd mbcache dm_mod cciss 
ata_generic libata scsi_mod bnx2 thermal thermal_sys [last unloaded: xen_evtchn]
| Pid: 8076, comm: udevd Tainted: G        W  2.6.32-5-xen-amd64 #2 ProLiant 
DL385 G6   
| RIP: e030:[<ffffffff812017a3>]  [<ffffffff812017a3>] netback_uevent+0x83/0xaf
| RSP: e02b:ffff880002af7e18  EFLAGS: 00010246
| RAX: 01000000000000c1 RBX: ffff8800029f6000 RCX: 0000000000800078
| RDX: ffff8800c33b13a0 RSI: ffffea0002ab4eb8 RDI: 01000000000002c0
| RBP: ffff8800c33b14e0 R08: 0000000000000000 R09: ffffffff814664f0
| R10: 0000000000000200 R11: ffffffff8100f19c R12: ffff880002f39c00
| R13: 0000000000000000 R14: ffff8800021db000 R15: ffff8800c5026980
| FS:  00007fbd86ad2790(0000) GS:ffff880003a64000(0000) knlGS:0000000000000000
| CS:  e033 DS: 0000 ES: 0000 CR0: 000000008005003b
| CR2: 0000000000000150 CR3: 00000000025f4000 CR4: 0000000000000660
| DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
| DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
| Process udevd (pid: 8076, threadinfo ffff880002af6000, task ffff88000246c6a0)
| Stack:
|  0000000000000908 ffff880002f39c40 ffff8800029f6000 ffff8800c3795c30
|  ffff8800029f6000 ffffffff8122d9f6 ffff880002f39c50 ffff8800c3795c30
|  ffffffff814a80d0 0000000000000000 ffff880002f39c50 ffffffff8122db35
| Call Trace:
|  [<ffffffff8122d9f6>] ? dev_uevent+0x104/0x146
|  [<ffffffff8122db35>] ? show_uevent+0x81/0xd5
|  [<ffffffff8122d6da>] ? dev_attr_show+0x1f/0x42
|  [<ffffffff8114074f>] ? sysfs_read_file+0xa7/0x125
|  [<ffffffff810f0a6e>] ? vfs_read+0xa6/0xff
|  [<ffffffff810f0b83>] ? sys_read+0x45/0x6e
|  [<ffffffff81011b42>] ? system_call_fastpath+0x16/0x1b
| Code: c7 c6 fe 1c 3f 81 31 c0 48 89 df e8 44 fe f8 ff 85 c0 74 0f 48 89 ef bb 
f4 ff ff ff e8 39 70 ee ff eb 2a 48 89 ef e8 2f 70 ee ff <49> 8b 95 50 01 00 00 
48 89 df 31 c0 48 c7 c6 08 1d 3f 81 e8 11 
| RIP  [<ffffffff812017a3>] netback_uevent+0x83/0xaf
|  RSP <ffff880002af7e18>
| CR2: 0000000000000150
| ---[ end trace a7919e7f17c0a727 ]---

Bastian

-- 
Men will always be men -- no matter where they are.
                -- Harry Mudd, "Mudd's Women", stardate 1329.8

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel