Kernel oops (bug) in fs/buffers.c:create_empty_buffers

From: Arjan van de Ven
Date: Sun Jul 06 2008 - 16:23:18 EST

Next message: pageexec: "Re: Linux 2.6.25.10"
Previous message: Michael Buesch: "Re: [PATCH v2] gpiolib: Allow user-selection"
Next in thread: Andrew Morton: "Re: Kernel oops (bug) in fs/buffers.c:create_empty_buffers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

caught this one on kerneloops.org:
http://www.kerneloops.org/searchweek.php?search=create_empty_buffers

void create_empty_buffers(struct page *page,
unsigned long blocksize, unsigned long b_state)
{
struct buffer_head *bh, *head, *tail;

head = alloc_page_buffers(page, blocksize, 1);
bh = head;
do {
bh->b_state |= b_state;
tail = bh;
bh = bh->b_this_page;
} while (bh);

turns out, alloc_page_buffers() can fail and return NULL (for AIO for
example)... yet this code blindly dereferences the result, getting a
predictable NULL pointer fault.

It's not directly clear what to do about... make this function return
the failure to the caller?

--
If you want to reach me at my work email, use arjan@xxxxxxxxxxxxxxx
For development, discussion and tips for power savings,
visit http://www.lesswatts.org
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: pageexec: "Re: Linux 2.6.25.10"
Previous message: Michael Buesch: "Re: [PATCH v2] gpiolib: Allow user-selection"
Next in thread: Andrew Morton: "Re: Kernel oops (bug) in fs/buffers.c:create_empty_buffers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]