Bug 183664 - dm: make sure don't give out the same minor number twice
dm: make sure don't give out the same minor number twice
Status: CLOSED DUPLICATE of bug 185445
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jun'ichi Nomura (Red Hat)
Brian Brock
Depends On:
Blocks: 181409
  Show dependency treegraph
Reported: 2006-03-02 10:59 EST by Jason Baron
Modified: 2013-04-02 19:51 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-03-14 16:21:33 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Free minor number after unregistering (511 bytes, patch)
2006-03-09 14:18 EST, Jun'ichi Nomura (Red Hat)
no flags Details | Diff
Regression test for this bug (778 bytes, application/x-shellscript)
2006-03-09 15:46 EST, Jun'ichi Nomura (Red Hat)
no flags Details

External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0575 normal SHIPPED_LIVE Important: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 4 2006-08-10 00:00:00 EDT

  None (edit)
Description Jason Baron 2006-03-02 10:59:46 EST
Description of problem:


Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
Actual results:

Expected results:

Additional info:
Comment 1 Jun'ichi Nomura (Red Hat) 2006-03-09 14:18:21 EST
Created attachment 125894 [details]
Free minor number after unregistering

This is a RHEL4-backported patch from upstream.
Comment 2 Jun'ichi Nomura (Red Hat) 2006-03-09 15:46:00 EST
Created attachment 125903 [details]
Regression test for this bug

Regression test for this bug.
Without the proposed patch, kernel will panic eventually.
Comment 3 Jun'ichi Nomura (Red Hat) 2006-03-09 15:47:32 EST
Typical Oops with this bug and the testcase in Comment #2
Badness in kref_get at lib/kref.c:32

Call Trace:<ffffffff801e74c9>{kref_get+46} <ffffffff801e6f8a>{kobject_get+18}
       <ffffffff801e6fbc>{kobject_init+45} <ffffffff8024d170>{alloc_disk+170}
       <ffffffff80189319>{sys_ioctl+853} <ffffffff801101c6>{system_call+126}

Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP:
PML4 1915da067 PGD 1a26b8067 PMD 0
Oops: 0000 [1] SMP
Modules linked in: nfsd exportfs lockd nfs_acl md5 ipv6 parport_pc lp parport
autofs4 i2c_dev i2c_core sunrpc ds yenta_socket pcmcia_core scsi_dump diskdump
zlib_deflate dm_mirror dm_multipath button battery ac uhci_hcd ehci_hcd
e752x_edac edac_mc e1000 floppy sg ext3 jbd dm_mod aic79xx sd_mod scsi_mod
Pid: 16910, comm: dmsetup Not tainted 2.6.9-34.ELlargesmp
RIP: 0010:[<ffffffff801e6bb1>] <ffffffff801e6bb1>{kobject_get_path+41}
RSP: 0018:00000101a9d63c48  EFLAGS: 00010286
RAX: 0000000000000000 RBX: 0000000000002180 RCX: ffffffffffffffff
RDX: 0000000000000006 RSI: 00000000000000d0 RDI: 0000000000000000
RBP: 0000000000000005 R08: 0000000000000000 R09: 0000000000000003
R10: 0000000000000000 R11: 0000000000000000 R12: 0000010195f01ec0
R13: 00000100cfd964a8 R14: 0000000000000000 R15: 0000010190539800
FS:  0000002a95585380(0000) GS:ffffffff804eac00(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 0000000000000000 CR3: 0000000037e14000 CR4: 00000000000006e0
Process dmsetup (pid: 16910, threadinfo 00000101a9d62000, task
00000101a18fa030)Stack: ffffffff803fda00 ffffffff803fda00 0000000000002180
       0000010195f01ec0 ffffffff803fda00 00000100cfd964a8 ffffffff801e6db6
       ffffffff803de100 ffffffff803fda28
Call Trace:<ffffffff801e6db6>{kobject_hotplug+384}
       <ffffffffa0062528>{:dm_mod:dev_create+0} <ffffffff801e728c>{kobject_add+332}
       <ffffffff801ae26c>{register_disk+67} <ffffffff8024c81b>{add_disk+52}
       <ffffffff80189319>{sys_ioctl+853} <ffffffff801101c6>{system_call+126}

Code: f2 ae 48 f7 d1 48 ff c9 4d 85 c0 8d 2c 0a 8d 55 01 75 db 48
RIP <ffffffff801e6bb1>{kobject_get_path+41} RSP <00000101a9d63c48>
CR2: 0000000000000000
Comment 4 Jun'ichi Nomura (Red Hat) 2006-03-14 16:03:07 EST
This bug is a duplicate of BZ#185455.

Jason, Alasdair,
please close this bug if it's ok.
Comment 5 Alasdair Kergon 2006-03-14 16:21:33 EST
Sorry - I forgot to check for bugs cc'd to me like this when submitting these
patches to U4!

*** This bug has been marked as a duplicate of 185445 ***
Comment 6 Jeff Burke 2006-03-30 14:36:50 EST
This test case have been added to the RHTS system
Comment 7 Linda Wang 2006-05-09 17:51:28 EDT
errata tool clean up, add to U4 CANFIX list for tracking purposes.

Note You need to log in before you can comment on or make changes to this bug.