Bug 466376

Summary: kernel-2.6.27-0.398.rc9.fc10 gets NULL pointer dereference in __list_add+0x16/0x87
Product: [Fedora] Fedora Reporter: Michal Jaegermann <michal>
Component: kernelAssignee: Dave Airlie <airlied>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: kernel-maint, notting
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2008-10-27 21:43:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 466414    
Attachments:
Description Flags
dmesg terminating with oops and a number of traces
none
additonal oopses and traces none

Description Michal Jaegermann 2008-10-09 22:08:13 UTC 
Created attachment 319954 [details]
dmesg terminating with oops and a number of traces

Description of problem:

This is what I see in dmesg:

BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffff81181fa7>] __list_add+0x16/0x87
PGD 1a195067 PUD 1a196067 PMD 1a13b067 PTE 0
Oops: 0000 [1] SMP

Full dmesg output attached.  No idea what "Tainted" means
in this case.  There are no external modules of any sort loaded
or present on the machine.

I have seen "Disabling IRQ #16" displayed all over the place
on other occasssions.

Version-Release number of selected component (if applicable):
kernel-2.6.27-0.398.rc9.fc10.x86_64

How reproducible:
I can actually dig out from logs other "NULL pointer dereference"
messages.  They go back to 2.6.27-0.211.rc1.git3.fc10 and
through 2.6.27-0.226.rc1.git5.fc10.  They all seem to be related
to X but earlier ones point to drm_ati_pcigart_init+0x1be/0x210
though.

Additional info:
That particular one seems to be something new after an update to 2.6.27-0.398.rc9.fc10
Comment 1 Michal Jaegermann 2008-10-09 23:51:57 UTC 
Created attachment 319963 [details]
additonal oopses and traces

After running that kernel a bit longer I got also what is attached
here; after "Disabling IRQ #16" line. So, yes, this seems to be
repetable.
Comment 2 Chuck Ebbert 2008-10-10 17:21:19 UTC 
(In reply to comment #2)
> Full dmesg output attached.  No idea what "Tainted" means
> in this case.  There are no external modules of any sort loaded
> or present on the machine.
> 

G - all loaded modules are GPL
M - there was an earlier machine check exception
D - there was a previous oops
Comment 3 Michal Jaegermann 2008-10-10 20:10:01 UTC 
Got the same error with 2.6.27-0.408.rc9.git1.fc10.x86_64
too.  Sometime after that a machine just died.  Hard
to tell if this was related as I got no information from
that last incident.
Comment 4 Bill Nottingham 2008-10-27 20:25:37 UTC 
Has this improved at all in recent rawhide?
Comment 5 Michal Jaegermann 2008-10-27 21:43:26 UTC 
> Has this improved at all in recent rawhide?

Indeed it did improve.  I do not see anymore this or "Disabling IRQ" messages. That was showing up in a seemingly random manner but I would think that it would still show up from time to time if still present.