Oops on umount -a -f

Frank Cornelis (Frank.Cornelis@rug.ac.be)
Tue, 24 Sep 2002 12:03:41 +0200 (MEST)


Hi,

This Oops has been annoying me for a while now so here's the report after
some disassembling.
Situation: linux 2.4.19 rh7.3 when I poweroff and the system is doing
umount -a -f

In the file:function fs/file_table.c:fs_may_remount_ro
struct inode *inode = file->f_dentry->d_inode;
oopses (NULL ptr deref at 00000008) on instruction fs_may_remount_ro+19:
0xc0138550 <fs_may_remount_ro+16>: mov 0x8(%edx),%eax
0xc0138553 <fs_may_remount_ro+19>: mov 0x8(%eax),%eax
which does the evaluation of
f_dentry->d_inode
so seems like file->f_dentry can be NULL, which should be checked first.

A quick and dirty patch for this:
--- fs/file_table.c.orig-2.4.19 Tue Sep 24 11:58:17 2002
+++ fs/file_table.c Tue Sep 24 12:00:34 2002
@@ -170,7 +170,11 @@
file_list_lock();
for (p = sb->s_files.next; p != &sb->s_files; p = p->next) {
struct file *file = list_entry(p, struct file, f_list);
- struct inode *inode = file->f_dentry->d_inode;
+ struct dentry *dentry = file->f_dentry;
+ struct inode *inode;
+ if (!dentry)
+ continue;
+ inode = dentry->d_inode;

/* File with pending delete? */
if (inode->i_nlink == 0)

'm not on the mailing list anymore, contact me by email.

Greetz,
Frank.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/