Description of problem: [root@morph-01 root]# modprobe cman [root@morph-01 root]# cman_tool version -r 4 [Panic] SYSLOG: CMAN <CVS> (built Jan 18 2005 12:59:17) installed Unable to handle kernel NULL pointer dereference at virtual address 00000014 printing eip: f8a4b1d8 *pde = 369ff001 Oops: 0000 [#1] SMP Modules linked in: cman(U) md5 ipv6 parport_pc lp parport autofs4 sunrpc e1000 microcode dm_mod uhci_hcd ehci_hcd button battery ac ext3 jbd qla2300 qla2xxx scsi_transport_fc sd_mod scsi_mod CPU: 0 EIP: 0060:[<f8a4b1d8>] Not tainted VLI EFLAGS: 00010293 (2.6.9-5.ELsmp) EIP is at kcl_sendmsg+0x1e/0xe3 [cman] eax: 00000000 ebx: 00000000 ecx: ffffffea edx: f630deec esi: 00000008 edi: bfe37490 ebp: 00000000 esp: f630de9c ds: 007b es: 007b ss: 0068 Process cman_tool (pid: 2323, threadinfo=f630d000 task=f62f0c30) Stack: 00000000 f630deec f7c8f820 00ca1590 f6223804 f6bab680 00000001 00000000 fffcf508 f69ff030 00ca1590 c0149094 f630deec ffffffa1 bfe37490 f630d000 f8a4ee97 00000000 00000000 00000000 f62f0308 00000004 00000000 00000000 Call Trace: [<c0149094>] handle_mm_fault+0xbd/0x175 [<f8a4ee97>] send_reconfigure+0x3f/0x44 [cman] [<c026a752>] sock_map_file+0x98/0x107 [<f8a49489>] do_ioctl_set_version+0xb3/0xbd [cman] [<f8a4a51d>] cl_ioctl+0x2da/0x3e9 [cman] [<c026b23d>] sock_ioctl+0x28c/0x2b4 [<c0164faa>] sys_ioctl+0x227/0x269 [<c02c62a3>] syscall_call+0x7/0xb Code: c7 89 f2 83 c4 10 89 d0 5b 5e 5f 5d c3 55 89 c5 57 56 89 ce b9 ea ff ff ff 53 83 ec 30 81 fe dc 05 00 00 89 54 24 04 8b 5c 24 4c <8b> 78 14 0f 8f b2 00 00 00 a1 38 3d a6 f8 b1 95 85 c0 0f 84 a3 <0>Fatal exception: panic in 5 seconds Kernel panic - not syncing: Fatal exception How reproducible: Always
There were a few ioctls that need protection from this. Checking in cnxman.c; /cvs/cluster/cluster/cman-kernel/src/cnxman.c,v <-- cnxman.c new revision: 1.47; previous revision: 1.46 done Checking in cnxman.c; /cvs/cluster/cluster/cman-kernel/src/cnxman.c,v <-- cnxman.c new revision: 1.42.2.4; previous revision: 1.42.2.3 done
fix verified.