Bug 676687

Summary: BUG NULL pointer e100_hw_init+0x151/0x2ea [e100]
Product: [Fedora] Fedora Reporter: John Reiser <jreiser>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED CURRENTRELEASE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: rawhideCC: gansalmon, itamar, jonathan, jwboyer, kernel-maint, madhu.chinakonda
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-08-02 20:36:25 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description John Reiser 2011-02-10 19:20:17 UTC 
Description of problem: Oops in network driver for required updates to installation DVD of Rawhide TC1 for Fedora 15.


Version-Release number of selected component (if applicable):
kernel-2.6.38-0.rc4.git0.1.fc15.i686

How reproducible: every time


Steps to Reproduce:
1. boot DVD rawhide F15 TC1 with required updates=http://clumens.fedorapeople.org/676032.img
2.
3.
  
Actual results: Oops in e100 driver


Expected results: No Oops.


Additional info:19:06:42,483 INFO NetworkManager: <info> (pci2#1): bringing up device.
19:06:42,950 ALERT kernel:[   22.639260] BUG: unable to handle kernel NULL pointer dereference at 00000218
19:06:42,950 ALERT kernel:[   22.639558] IP: [<f7a11204>] e100_hw_init+0x151/0x2ea [e100]
19:06:42,950 WARNING kernel:[   22.639796] *pde = 368dd067 *pte = 00000000
19:06:42,950 EMERG kernel:[   22.639976] Oops: 0000 [#1] SMP
19:06:42,950 EMERG kernel:[   22.640014] last sysfs file: /sys/devices/pci0000:00/0000:00:1e.0/0000:02:0a.0/firmware/0000:02:0a.0/loading
19:06:42,950 WARNING kernel:[   22.640014] Modules linked in: radeon ttm drm_kms_helper drm i2c_algo_bit e100 i2c_core mii ipv6 iscsi_ibft iscsi_boot_sysfs pcspkr edd floppy iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi squashfs cramfs usb_storage uas
19:06:42,950 WARNING kernel:[   22.640014]
19:06:42,950 WARNING kernel:[   22.640014] Pid: 433, comm: NetworkManager Not tainted 2.6.38-0.rc4.git0.1.fc15.i686 #1 P4B266/System Name
19:06:42,950 WARNING kernel:[   22.640014] EIP: 0060:[<f7a11204>] EFLAGS: 00210246 CPU: 0
19:06:42,950 WARNING kernel:[   22.640014] EIP is at e100_hw_init+0x151/0x2ea [e100]
19:06:42,950 WARNING kernel:[   22.640014] EAX: 00000000 EBX: f6a6d440 ECX: dd785200 EDX: dd7851f0
19:06:42,950 WARNING kernel:[   22.640014] ESI: f7a12ef3 EDI: 00000000 EBP: f60ffb0c ESP: f60ffadc
19:06:42,950 WARNING kernel:[   22.640014]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
19:06:42,950 EMERG kernel:[   22.640014] Process NetworkManager (pid: 433, ti=f60fe000 task=f699b240 task.ti=f60fe000)
19:06:42,950 EMERG kernel:[   22.640014] Stack:
19:06:42,950 WARNING kernel:[   22.640014]  f60ffaf0 f50c0000 f6a6d440 f7a136d0 00000000 f60ffb0c f7a0f46b f50c0000
19:06:42,950 WARNING kernel:[   22.640014]  dd7851f0 f6a6d440 f7a136d0 00000000 f60ffb2c f7a11994 c074698a f6a6d000
19:06:42,950 WARNING kernel:[   22.640014]  f7a136d0 f6a6d000 f7a136d0 00001003 f60ffb44 f7a11a4e 00200246 f60ffb40
19:06:42,950 EMERG kernel:[   22.640014] Call Trace:
19:06:42,950 WARNING kernel:[   22.640014]  [<f7a0f46b>] ? e100_alloc_cbs+0x61/0x129 [e100]
19:06:42,950 WARNING kernel:[   22.640014]  [<f7a11994>] e100_up+0x37/0xd2 [e100]
19:06:42,950 WARNING kernel:[   22.640014]  [<c074698a>] ? linkwatch_fire_event+0x73/0x78
19:06:42,950 WARNING kernel:[   22.640014]  [<f7a11a4e>] e100_open+0x1f/0x4c [e100]
19:06:42,950 WARNING kernel:[   22.640014]  [<c073c355>] __dev_open+0x8a/0xb8
19:06:42,950 WARNING kernel:[   22.640014]  [<c07d4201>] ? _raw_spin_unlock_bh+0x12/0x14
19:06:42,951 WARNING kernel:[   22.640014]  [<c073c2c7>] ? dev_set_rx_mode+0x27/0x2b
19:06:42,951 WARNING kernel:[   22.640014]  [<c073c55b>] __dev_change_flags+0xa1/0x118
19:06:42,951 WARNING kernel:[   22.640014]  [<c073c640>] dev_change_flags+0x18/0x44
19:06:42,951 WARNING kernel:[   22.640014]  [<c07453fc>] do_setlink+0x240/0x58e
19:06:42,951 WARNING kernel:[   22.640014]  [<c0455c74>] ? sched_clock_local+0x10/0x18b
19:06:42,951 WARNING kernel:[   22.640014]  [<c0745836>] rtnl_setlink+0xae/0xc9
19:06:42,951 WARNING kernel:[   22.640014]  [<c0745788>] ? rtnl_setlink+0x0/0xc9
19:06:42,951 WARNING kernel:[   22.640014]  [<c0745d3c>] rtnetlink_rcv_msg+0x1a4/0x1b3
19:06:42,951 WARNING kernel:[   22.640014]  [<c042e0d2>] ? __might_sleep+0x29/0xe4
19:06:42,951 WARNING kernel:[   22.640014]  [<c0745b98>] ? rtnetlink_rcv_msg+0x0/0x1b3
19:06:42,951 WARNING kernel:[   22.640014]  [<c0755c65>] netlink_rcv_skb+0x37/0x78
19:06:42,951 WARNING kernel:[   22.640014]  [<c0744fef>] rtnetlink_rcv+0x1e/0x25
19:06:42,951 WARNING kernel:[   22.640014]  [<c07557d9>] netlink_unicast+0xc9/0x125
19:06:42,951 WARNING kernel:[   22.640014]  [<c0755aa4>] netlink_sendmsg+0x26f/0x299
19:06:42,951 WARNING kernel:[   22.640014]  [<c072c399>] __sock_sendmsg+0x59/0x60
19:06:42,951 WARNING kernel:[   22.640014]  [<c072c4f8>] sock_sendmsg+0x98/0xb3
19:06:42,951 WARNING kernel:[   22.640014]  [<c042e0d2>] ? __might_sleep+0x29/0xe4
19:06:42,951 WARNING kernel:[   22.640014]  [<c0592416>] ? avc_has_perm_noaudit+0x8e/0x346
19:06:42,951 WARNING kernel:[   22.640014]  [<c042e0d2>] ? __might_sleep+0x29/0xe4
19:06:42,951 WARNING kernel:[   22.640014]  [<c0427f54>] ? should_resched+0xd/0x27
19:06:42,951 WARNING kernel:[   22.640014]  [<c05d147e>] ? _copy_from_user+0x3c/0x50
19:06:42,951 WARNING kernel:[   22.640014]  [<c07340f5>] ? copy_from_user+0xd/0xf
19:06:42,951 WARNING kernel:[   22.640014]  [<c073443e>] ? verify_iovec+0x43/0x79
19:06:42,951 WARNING kernel:[   22.640014]  [<c072d631>] sys_sendmsg+0x187/0x1f4
19:06:42,951 WARNING kernel:[   22.640014]  [<c040dd76>] ? p4_pmu_enable_all+0x2a/0x37
19:06:42,951 WARNING kernel:[   22.640014]  [<c0410497>] ? x86_pmu_enable+0x1be/0x231
19:06:42,951 WARNING kernel:[   22.640014]  [<c0453210>] ? run_posix_cpu_timers+0x1e/0x520
19:06:42,951 WARNING kernel:[   22.640014]  [<c0408335>] ? native_sched_clock+0x41/0x94
19:06:42,951 WARNING kernel:[   22.640014]  [<c0408390>] ? sched_clock+0x8/0xb
19:06:42,951 WARNING kernel:[   22.640014]  [<c0455c74>] ? sched_clock_local+0x10/0x18b
19:06:42,951 WARNING kernel:[   22.640014]  [<c04e5543>] ? fget_light+0x4f/0x63
19:06:42,951 WARNING kernel:[   22.640014]  [<c042e0d2>] ? __might_sleep+0x29/0xe4
19:06:42,951 WARNING kernel:[   22.640014]  [<c072b9e5>] ? fput_light+0x11/0x13
19:06:42,951 WARNING kernel:[   22.640014]  [<c0427f54>] ? should_resched+0xd/0x27
19:06:42,951 WARNING kernel:[   22.640014]  [<c05d147e>] ? _copy_from_user+0x3c/0x50
19:06:42,951 WARNING kernel:[   22.640014]  [<c072db0e>] sys_socketcall+0x22a/0x285
19:06:42,951 WARNING kernel:[   22.640014]  [<c041a649>] ? smp_apic_timer_interrupt+0x6b/0x78
19:06:42,951 WARNING kernel:[   22.640014]  [<c07d44b4>] syscall_call+0x7/0xb
19:06:42,955 WARNING kernel:[   22.640014]  [<c07d0000>] ? pci_fixup_parent_subordinate_busnr.isra.11+0x18/0x54
19:06:42,955 EMERG kernel:[   22.640014] Code: 1b 02 00 00 74 22 f6 03 02 74 7c 89 44 24 0c 8b 43 04 89 74 24 08 c7 44 24 04 62 2f a1 f7 89 04 24 e8 d4 7d d2 c8 eb 5f 8b 42 04 <8a> 88 18 02 00 00 0f b6 b8 19 02 00 00 8a 80 1a 02 00 00 88 4d
19:06:42,955 EMERG kernel:[   22.640014] EIP: [<f7a11204>] e100_hw_init+0x151/0x2ea [e100] SS:ESP 0068:f60ffadc
19:06:42,955 EMERG kernel:[   22.640014] CR2: 0000000000000218
19:06:42,955 WARNING kernel:[   23.074454] ---[ end trace 936c1cc191175789 ]---
Comment 1 Chuck Ebbert 2011-02-11 05:21:56 UTC 
drivers/net/e100.c:1277:
        timer = fw->data[UCODE_SIZE * 4];

fw->data is NULL

Is this the same machine that hit the NULL dereference in the TCP code?
Comment 2 John Reiser 2011-02-11 05:41:45 UTC 
No, the e100 is a 9-yr old i686 Pentium4 1.6GHz (Northwood); the tcp is a 5-yr old Athlon64 2.0GHz socket 939.  They have been reliable, but I'll run memtest86+ again.
Comment 3 John Reiser 2011-02-11 14:11:39 UTC 
Memtest86+-4.10 reports no errors after 8.25 hours; 9 passes on the e100 machine, 5.7 passes on the tcp machine.

This morning the e100 oops does not reproduce.  Yesterday it happened twice.  I have seen the tcp oops only once.

At this point I'd assign low priority to both the e100 and tcp oopses.  I was going to suggest the possibility of a gcc-4.6.0 problem and/or something with xz/lzma compression, both of which are new.
Comment 4 Josh Boyer 2011-08-02 19:45:59 UTC 
Is this still happening and if so, what kernel version is it happening on?
Comment 5 John Reiser 2011-08-02 20:18:02 UTC 
This problem has disappeared in normal use [not installing from DVD] of 
   kernel-2.6.38.8-35.fc15.i686
   kernel-2.6.38.8-35.fc15.i686-PAE
Comment 6 Josh Boyer 2011-08-02 20:36:25 UTC 
Thanks John!