[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#597276: qla2xxx_eh_abort(5) -> kernel NULL pointer dereference



Package: linux-2.6
Version: 2.6.32-21~bpo50+1

Hi,

Got this in dmesg on a server:

Sep 18 02:46:52 birdun kernel: [387093.744649] qla2xxx_eh_abort(5): aborting sp ffff8801b58013c0 from RISC. pid=46881441.
Sep 18 02:46:56 birdun kernel: [387093.836909] BUG: unable to handle kernel NULL pointer dereference at 0000000000000040
Sep 18 02:46:56 birdun kernel: [387093.924511] IP: [<ffffffff812f8ea1>] _spin_lock_irqsave+0x1a/0x34
Sep 18 02:46:56 birdun kernel: [387093.996511] PGD 22d846067 PUD 22d678067 PMD 0
Sep 18 02:46:56 birdun kernel: [387094.048511] Oops: 0002 [#1] SMP
Sep 18 02:46:56 birdun kernel: [387094.086651] last sysfs file: /sys/devices/pci0000:00/0000:00:04.0/0000:13:00.0/host4/rport-4:0-3/target4:0:3/fc_transport/target4:0:3/node_name
Sep 18 02:46:56 birdun kernel: [387094.236007] CPU 4
Sep 18 02:46:56 birdun kernel: [387094.260007] Modules linked in: ipmi_devintf nf_conntrack_ipv6 ip6t_LOG ip6table_filter ip6_tables xt_tcpudp nf_conntrack_ipv4 nf_defrag_ipv4 xt_state nf_conntrack ipt_REJECT ipt_LOG iptable_filter ip_tables x_tables bonding xfs exportfs dm_round_robin dm_multipath scsi_dh loop snd_pcsp snd_pcm snd_timer psmouse ipmi_si rng_core snd soundcore i5000_edac serio_raw hpilo ipmi_msghandler snd_page_alloc edac_core evdev container i5k_amb button processor shpchp pci_hotplug ext3 jbd mbcache dm_mirror dm_region_hash dm_log dm_snapshot dm_mod st ch osst sd_mod crc_t10dif sg sr_mod cdrom ata_piix ata_generic qla2xxx scsi_transport_fc libata scsi_tgt cciss usbhid hid bnx2 ehci_hcd uhci_hcd floppy usbcore nls_base scsi_mod thermal fan thermal_sys
Sep 18 02:46:56 birdun kernel: [387095.008511] Pid: 763, comm: scsi_eh_5 Not tainted 2.6.32-bpo.5-amd64 #1 ProLiant DL360 G5
Sep 18 02:46:56 birdun kernel: [387095.104511] RIP: 0010:[<ffffffff812f8ea1>]  [<ffffffff812f8ea1>] _spin_lock_irqsave+0x1a/0x34
Sep 18 02:46:56 birdun kernel: [387095.204007] RSP: 0018:ffff88022b1c5d70  EFLAGS: 00010082
Sep 18 02:46:56 birdun kernel: [387095.264511] RAX: 0000000000000282 RBX: 0000000000000040 RCX: 000000000000381d
Sep 18 02:46:56 birdun kernel: [387095.348511] RDX: 0000000000010000 RSI: 0000000000000282 RDI: 0000000000000040
Sep 18 02:46:56 birdun kernel: [387095.432258] RBP: ffff8801b58013c0 R08: 00000000000a26c8 R09: 000000000000000a
Sep 18 02:46:56 birdun kernel: [387095.512512] R10: 0000000000000000 R11: ffffffff81673868 R12: 0000000000000001
Sep 18 02:46:56 birdun kernel: [387095.596512] R13: ffff88014066e100 R14: ffff8801b5801e80 R15: 0000000000000000
Sep 18 02:46:56 birdun kernel: [387095.684513] FS:  0000000000000000(0000) GS:ffff880008d00000(0000) knlGS:0000000000000000
Sep 18 02:46:56 birdun kernel: [387095.780002] CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
Sep 18 02:46:56 birdun kernel: [387095.844512] CR2: 0000000000000040 CR3: 000000022d42b000 CR4: 00000000000006e0
Sep 18 02:46:56 birdun kernel: [387095.928512] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Sep 18 02:46:56 birdun kernel: [387096.012511] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Sep 18 02:46:56 birdun kernel: [387096.096005] Process scsi_eh_5 (pid: 763, threadinfo ffff88022b1c4000, task ffff88022ba39c40)
Sep 18 02:46:56 birdun kernel: [387096.192511] Stack:
Sep 18 02:46:56 birdun kernel: [387096.216511]  000000000000381d ffffffffa014cb8b 0000000000000000 0000000000000286
Sep 18 02:46:56 birdun kernel: [387096.300959] <0> ffffffffffffff10 ffff8801b58013c0 0000000000002002 0000000000000286
Sep 18 02:46:56 birdun kernel: [387096.390206] <0> ffff88022df0a900 ffff88022b1c0000 ffff88022b881840 ffffffffa01407e4
Sep 18 02:46:56 birdun kernel: [387096.480511] Call Trace:
Sep 18 02:46:56 birdun kernel: [387096.508511]  [<ffffffffa014cb8b>] ? qla24xx_abort_command+0x3f/0x1db [qla2xxx]
Sep 18 02:46:56 birdun kernel: [387096.592513]  [<ffffffffa01407e4>] ? qla2xxx_eh_abort+0xf2/0x250 [qla2xxx]
Sep 18 02:46:56 birdun kernel: [387096.672511]  [<ffffffffa001ccde>] ? scsi_error_handler+0x302/0x5b5 [scsi_mod]
Sep 18 02:46:56 birdun kernel: [387096.756512]  [<ffffffffa001c9dc>] ? scsi_error_handler+0x0/0x5b5 [scsi_mod]
Sep 18 02:46:56 birdun kernel: [387096.836513]  [<ffffffff81063601>] ? kthread+0x79/0x81
Sep 18 02:46:56 birdun kernel: [387096.896512]  [<ffffffff81011baa>] ? child_rip+0xa/0x20
Sep 18 02:46:56 birdun kernel: [387096.956511]  [<ffffffff81063588>] ? kthread+0x0/0x81
Sep 18 02:46:56 birdun kernel: [387097.012512]  [<ffffffff81011ba0>] ? child_rip+0x0/0x20
Sep 18 02:46:56 birdun kernel: [387097.072511] Code: 31 d2 89 d0 c3 f0 83 2f 01 79 05 e8 ca ae e9 ff c3 48 83 ec 08 9c 58 0f 1f 44 00 00 48 89 c6 fa 66 0f 1f 44 00 00 ba 00 00 01 00 <f0> 0f c1 17 0f b7 ca c1 ea 10 39 d1 74 07 f3 90 0f b7 0f eb f5
Sep 18 02:46:56 birdun kernel: [387097.292511] RIP  [<ffffffff812f8ea1>] _spin_lock_irqsave+0x1a/0x34
Sep 18 02:46:56 birdun kernel: [387097.364514]  RSP <ffff88022b1c5d70>
Sep 18 02:46:56 birdun kernel: [387097.404511] CR2: 0000000000000040
Sep 18 02:46:56 birdun kernel: [387097.444512] ---[ end trace b0d3a44141011ebd ]---

I'm filing this as a Debian bug report and also Cc:ing the two upstream
kernel lists as indicated by scripts/get_maintainer.pl, because
drivers/scsi/qla2xxx/qla_mbx.c isn't mentioned anywhere under debian/
so it looks generic.

Please fix this. TIA.

-- 
     2. That which causes joy or happiness.



Reply to: