Bug #9432: kcephfs: null pointer deref in posix_acl_create - Linux kernel client - Ceph

Actions

Copy link

Bug #9432

closed

kcephfs: null pointer deref in posix_acl_create

Added by Sage Weil over 9 years ago. Updated over 9 years ago.

Status:

Resolved

Priority:

Urgent

Assignee:

Zheng Yan

Category:

Target version:

% Done:

Source:

Development

Tags:

Backport:

Regression:

Severity:

3 - minor

Reviewed:

Affected Versions:

ceph-qa-suite:

Crash signature (v1):

Crash signature (v2):

Description

[ 4998.873919] BUG: unable to handle kernel NULL pointer dereference at           (null)
[ 4998.881855] IP: [<ffffffff81227673>] posix_acl_create+0x23/0x190
[ 4998.888012] PGD 3ab330067 PUD 2909ca067 PMD 0 
[ 4998.892569] Oops: 0000 [#1] SMP 
[ 4998.895861] Modules linked in: ipmi_devintf(E) ipmi_si(E) ipmi_msghandler(E) ip6table_filter(E) ip6_tables(E) ebtable_nat(E) ebtables(E) ipt_MASQUERADE(E) iptable_nat(E) nf_nat_ipv4(E) nf_nat(E) nf_conntrack_ipv4(E) nf_defrag_ipv4(E) xt_state(E) nf_conntrack(E) ipt_REJECT(E) xt_CHECKSUM(E) iptable_mangle(E) xt_tcpudp(E) iptable_filter(E) ip_tables(E) x_tables(E) bridge(E) stp(E) llc(E) ceph(E) libceph(E) fscache(E) gpio_ich(E) psmouse(E) joydev(E) serio_raw(E) i7core_edac(E) edac_core(E) lpc_ich(E) tpm_infineon(E) tpm_tis(E) xfs(E) lp(E) parport(E) hid_generic(E) usbhid(E) hid(E) btrfs(E) e1000e(E) ahci(E) raid6_pq(E) ptp(E) libahci(E) pps_core(E) arcmsr(E) xor(E) libcrc32c(E)
[ 4998.957415] CPU: 2 PID: 23972 Comm: teuthology Tainted: G            E 3.16.0-ceph-00005-gd8f31c8 #1
[ 4998.966626] Hardware name: Supermicro X8SIL/X8SIL, BIOS 1.1 05/27/2010
[ 4998.973222] task: ffff8803ab15a1f0 ti: ffff8802cbf84000 task.ti: ffff8802cbf84000
[ 4998.980887] RIP: 0010:[<ffffffff81227673>]  [<ffffffff81227673>] posix_acl_create+0x23/0x190
[ 4998.989412] RSP: 0018:ffff8802cbf87e28  EFLAGS: 00010286
[ 4998.994788] RAX: ffff88024e59b001 RBX: 0000000000000000 RCX: ffff8802cbf87e70
[ 4999.001981] RDX: ffff8802cbf87e68 RSI: 0000000000000000 RDI: ffff8800b94d5480
[ 4999.009207] RBP: ffff8802cbf87e48 R08: 0000000000000000 R09: 0000000000000000
[ 4999.016497] R10: 0000000000000001 R11: 0000000000000001 R12: ffff8802cbf87e68
[ 4999.023706] R13: ffff8802abfdf8c0 R14: 0000000000000000 R15: 00000000000001ff
[ 4999.030957] FS:  00007f2aff780700(0000) GS:ffff88043fc80000(0000) knlGS:0000000000000000
[ 4999.039107] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 4999.044978] CR2: 0000000000000000 CR3: 00000002cbf0a000 CR4: 00000000000007e0
[ 4999.052161] Stack:
[ 4999.054244]  0000000000000000 ffff8800b94d5480 ffff8802abfdf8c0 0000000000000000
[ 4999.061801]  ffff8802cbf87e88 ffffffffa0384891 0000000000000000 00000000000001ff
[ 4999.069364]  ffff8802cbf87e88 ffffffffa037dd5e ffff88024e59ec00 ffff88024e59ec00
[ 4999.076960] Call Trace:
[ 4999.079438]  [<ffffffffa0384891>] ceph_init_acl+0x21/0xd4 [ceph]
[ 4999.085509]  [<ffffffffa037dd5e>] ? ceph_mdsc_release_request+0x16e/0x1b0 [ceph]
[ 4999.093008]  [<ffffffffa036d5b0>] ceph_mkdir+0x130/0x170 [ceph]
[ 4999.099035]  [<ffffffff811dc02d>] vfs_mkdir+0xcd/0x170
[ 4999.104201]  [<ffffffff811dcbeb>] SyS_mkdirat+0xab/0xf0
[ 4999.109494]  [<ffffffff811dcc49>] SyS_mkdir+0x19/0x20
[ 4999.114613]  [<ffffffff8170d0d6>] system_call_fastpath+0x1a/0x1f
[ 4999.120788] Code: 0f 1f 84 00 00 00 00 00 66 66 66 66 90 55 48 89 e5 48 83 ec 20 48 89 5d e0 4c 89 65 e8 48 89 f3 4c 89 6d f0 4c 89 75 f8 49 89 d4 <0f> b7 06 49 89 cd 25 00 f0 00 00 3d 00 a0 00 00 74 0a 48 8b 47 
[ 4999.141423] RIP  [<ffffffff81227673>] posix_acl_create+0x23/0x190
[ 4999.147559]  RSP <ffff8802cbf87e28>
[ 4999.151108] CR2: 0000000000000000
[ 4999.154804] ---[ end trace 8587215ed7fe9f74 ]---