-- Trace on a fail while writing: 017Start mounting filesystem: sd(8,19) Ending clean XFS mount for filesystem: sd(8,19) Unable to handle kernel NULL pointer dereference at virtual address 00000000 printing eip: c0161ea4 *pde = 00000000 Entering kdb (current=0xe12bc000, pid 21364) on processor 0 Oops: Oops due to oops @ 0xc0161ea4 eax = 0x00000000 ebx = 0xf11be4a0 ecx = 0x00000009 edx = 0x00000000 esi = 0x08052200 edi = 0x00000000 esp = 0xe12bdd7c eip = 0xc0161ea4 ebp = 0xe12bddb8 xss = 0x00000018 xcs = 0x00000010 eflags = 0x00010246 xds = 0x00000018 xes = 0x00000018 origeax = 0xffffffff ®s = 0xe12bdd48 [0]kdb> [0]kdb> [0]kdb> [0]kdb> bt EBP EIP Function(args) 0xe12bddb8 0xc0161ea4 _pb_direct_io+0x90 (0xf4fb19c0, 0x2f000, 0x0, 0x7000, 0xe12bde1c) kernel .text 0xc0100000 0xc0161e14 0xc0161fd4 0xe12bde3c 0xc0163285 _pagebuf_file_write+0x175 (0xf6e50560, 0x8052200, 0x7000, 0xe12bdea8, 0xc01cea90) kernel .text 0xc0100000 0xc0163110 0xc016330c 0xe12bdeb0 0xc016340d pagebuf_generic_file_write+0x101 (0xf6e50560, 0x8052200, 0x7000, 0xe12bdf84, 0xc01cea90) kernel .text 0xc0100000 0xc016330c 0xc016374c 0xe12bdf34 0xc01cfd98 xfs_write+0x348 (0xf590c6b4, 0xe12bdf78, 0x0, 0x0, 0x0) kernel .text 0xc0100000 0xc01cfa50 0xc01d0054 0xe12bdf98 0xc01cb765 linvfs_write+0x10d (0xf6e50560, 0x8052200, 0x7000, 0xf6e50580) kernel .text 0xc0100000 0xc01cb658 0xc01cb7a0 0xe12bdfbc 0xc0136175 sys_write+0x95 (0x3, 0x8052200, 0x7000, 0x0, 0x1f367a8f) kernel .text 0xc0100000 0xc01360e0 0xc01361b0 0xc0106fcb system_call+0x33 kernel .text 0xc0100000 0xc0106f98 0xc0106fd0 -- Trace/disasm, failed while reading: [root@toy xfstests]# free total used free shared buffers cached Mem: 1028124 39284 988840 0 5300 17624 -/+ buffers/cache: 16360 1011764 Swap: 2096440 0 2096440 [root@toy xfstests]# ./017 QA output created by 017 *** init FS Start mounting filesystem: sd(8,19) Ending clean XFS mount for filesystem: sd(8,19) *** test *** test 0 Unable to handle kernel NULL pointer dereference at virtual address 00000000 printing eip: c0161ea4 *pde = 00000000 Entering kdb (current=0xf6732000, pid 793) on processor 0 Oops: Oops due to oops @ 0xc0161ea4 eax = 0x00000000 ebx = 0xf66ffd80 ecx = 0x00000009 edx = 0x00000000 esi = 0x00000000 edi = 0x00000000 esp = 0xf6733de0 eip = 0xc0161ea4 ebp = 0xf6733e1c xss = 0x00000018 xcs = 0x00000010 eflags = 0x00010246 xds = 0x00000018 xes = 0x00000018 origeax = 0xffffffff ®s = 0xf6733dac [0]kdb> bt EBP EIP Function(args) 0xf6733e1c 0xc0161ea4 _pb_direct_io+0x90 (0xf66fbc20, 0x78000, 0x0, 0x11000, 0xf6733e98) kernel .text 0xc0100000 0xc0161e14 0xc0161fd4 0xf6733eec 0xc016225e pagebuf_direct_file_read+0x27a (0xf714eba0, 0x8052200, 0x1a000, 0xf6733f84, 0xc01cea90) kernel .text 0xc0100000 0xc0161fe4 0xc0162330 0xf6733f44 0xc01ceeab xfs_read+0x1fb (0xf74f95d4, 0xf6733f78, 0x0, 0x0, 0x0) kernel .text 0xc0100000 0xc01cecb0 0xc01cef34 0xf6733f98 0xc01cb630 linvfs_read+0x90 (0xf714eba0, 0x8052200, 0x1a000, 0xf714ebc0) kernel .text 0xc0100000 0xc01cb5a0 0xc01cb658 0xf6733fbc 0xc01360a5 sys_read+0x91 (0x3, 0x8052200, 0x1a000, 0x0, 0x3) kernel .text 0xc0100000 0xc0136014 0xc01360e0 0xc0106fcb system_call+0x33 kernel .text 0xc0100000 0xc0106f98 0xc0106fd0 [root@toy /]# gdb /boot/vmlinux-2.4.6-pre2-xfs-20010609 GNU gdb 5.0rh-5 Red Hat Linux 7.1 Copyright 2001 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux"... (gdb) disass _pb_direct_io Dump of assembler code for function _pb_direct_io: 0xc0161e14 <_pb_direct_io>: push %ebp 0xc0161e15 <_pb_direct_io+1>: mov %esp,%ebp 0xc0161e17 <_pb_direct_io+3>: sub $0x30,%esp 0xc0161e1a <_pb_direct_io+6>: push %edi 0xc0161e1b <_pb_direct_io+7>: push %esi 0xc0161e1c <_pb_direct_io+8>: push %ebx 0xc0161e1d <_pb_direct_io+9>: mov 0x1c(%ebp),%esi 0xc0161e20 <_pb_direct_io+12>: mov 0xc032bda8,%eax 0xc0161e25 <_pb_direct_io+17>: shl $0xc,%eax 0xc0161e28 <_pb_direct_io+20>: mov %eax,0xfffffff8(%ebp) 0xc0161e2b <_pb_direct_io+23>: mov 0x14(%ebp),%edx 0xc0161e2e <_pb_direct_io+26>: cmp %edx,%eax 0xc0161e30 <_pb_direct_io+28>: cmovbe %eax,%edx 0xc0161e33 <_pb_direct_io+31>: mov %edx,0x14(%ebp) 0xc0161e36 <_pb_direct_io+34>: cmpl $0x0,0x24(%ebp) 0xc0161e3a <_pb_direct_io+38>: je 0xc0161e45 <_pb_direct_io+49> 0xc0161e3c <_pb_direct_io+40>: movl $0x8000002,0xfffffffc(%ebp) 0xc0161e43 <_pb_direct_io+47>: jmp 0xc0161e4c <_pb_direct_io+56> 0xc0161e45 <_pb_direct_io+49>: movl $0x8000001,0xfffffffc(%ebp) 0xc0161e4c <_pb_direct_io+56>: mov 0xfffffffc(%ebp),%edi 0xc0161e4f <_pb_direct_io+59>: push %edi 0xc0161e50 <_pb_direct_io+60>: mov 0x14(%ebp),%eax 0xc0161e53 <_pb_direct_io+63>: push %eax 0xc0161e54 <_pb_direct_io+64>: mov 0xc(%ebp),%eax 0xc0161e57 <_pb_direct_io+67>: mov 0x10(%ebp),%edx 0xc0161e5a <_pb_direct_io+70>: push %edx 0xc0161e5b <_pb_direct_io+71>: push %eax 0xc0161e5c <_pb_direct_io+72>: mov 0x8(%ebp),%edx 0xc0161e5f <_pb_direct_io+75>: push %edx 0xc0161e60 <_pb_direct_io+76>: call 0xc0160174 0xc0161e65 <_pb_direct_io+81>: mov %eax,%ebx 0xc0161e67 <_pb_direct_io+83>: add $0x14,%esp 0xc0161e6a <_pb_direct_io+86>: test %ebx,%ebx 0xc0161e6c <_pb_direct_io+88>: jne 0xc0161e80 <_pb_direct_io+108> 0xc0161e6e <_pb_direct_io+90>: mov 0x20(%ebp),%edi 0xc0161e71 <_pb_direct_io+93>: movl $0xfffffff4,0xc(%edi) 0xc0161e78 <_pb_direct_io+100>: xor %eax,%eax 0xc0161e7a <_pb_direct_io+102>: jmp 0xc0161fca <_pb_direct_io+438> 0xc0161e7f <_pb_direct_io+107>: nop 0xc0161e80 <_pb_direct_io+108>: mov 0x18(%ebp),%eax 0xc0161e83 <_pb_direct_io+111>: movzwl 0x8(%eax),%eax 0xc0161e87 <_pb_direct_io+115>: mov %ax,0x1c(%ebx) 0xc0161e8b <_pb_direct_io+119>: mov 0x8(%ebp),%edx 0xc0161e8e <_pb_direct_io+122>: mov 0x18(%ebp),%edi 0xc0161e91 <_pb_direct_io+125>: mov 0x8c(%edx),%edx 0xc0161e97 <_pb_direct_io+131>: mov 0x14(%edi),%eax 0xc0161e9a <_pb_direct_io+134>: movzbl 0x10(%edx),%ecx 0xc0161e9e <_pb_direct_io+138>: shr %cl,%eax 0xc0161ea0 <_pb_direct_io+140>: mov %eax,%edi 0xc0161ea2 <_pb_direct_io+142>: mov %edi,%edx 0xc0161ea4 <_pb_direct_io+144>: mov (%edx),%eax 0xc0161ea6 <_pb_direct_io+146>: mov 0x4(%edx),%edx 0xc0161ea9 <_pb_direct_io+149>: mov %eax,0x14(%ebx) 0xc0161eac <_pb_direct_io+152>: mov %edx,0x18(%ebx) 0xc0161eaf <_pb_direct_io+155>: add %edi,0x14(%ebx) 0xc0161eb2 <_pb_direct_io+158>: adcl $0x0,0x18(%ebx) 0xc0161eb6 <_pb_direct_io+162>: push $0x70 0xc0161eb8 <_pb_direct_io+164>: push $0x2234 0xc0161ebd <_pb_direct_io+169>: call 0xc012c33c 0xc0161ec2 <_pb_direct_io+174>: mov %eax,0xffffffec(%ebp) 0xc0161ec5 <_pb_direct_io+177>: add $0x8,%esp 0xc0161ec8 <_pb_direct_io+180>: test %eax,%eax 0xc0161eca <_pb_direct_io+182>: jne 0xc0161ee3 <_pb_direct_io+207> 0xc0161ecc <_pb_direct_io+184>: push %ebx 0xc0161ecd <_pb_direct_io+185>: call 0xc0160474 0xc0161ed2 <_pb_direct_io+190>: mov 0x20(%ebp),%eax 0xc0161ed5 <_pb_direct_io+193>: movl $0xfffffff4,0xc(%eax) 0xc0161edc <_pb_direct_io+200>: xor %eax,%eax 0xc0161ede <_pb_direct_io+202>: jmp 0xc0161fca <_pb_direct_io+438> 0xc0161ee3 <_pb_direct_io+207>: mov $0x88d,%ecx 0xc0161ee8 <_pb_direct_io+212>: mov 0xffffffec(%ebp),%edi 0xc0161eeb <_pb_direct_io+215>: xor %eax,%eax 0xc0161eed <_pb_direct_io+217>: repz stos %eax,%es:(%edi) 0xc0161eef <_pb_direct_io+219>: mov 0xffffffec(%ebp),%eax 0xc0161ef2 <_pb_direct_io+222>: movl $0x81,0x4(%eax) 0xc0161ef9 <_pb_direct_io+229>: mov %eax,%edx 0xc0161efb <_pb_direct_io+231>: add $0x18,%edx 0xc0161efe <_pb_direct_io+234>: mov %edx,0x10(%eax) 0xc0161f01 <_pb_direct_io+237>: cmpl $0x0,0x20(%ebp) 0xc0161f05 <_pb_direct_io+241>: je 0xc0161f1e <_pb_direct_io+266> 0xc0161f07 <_pb_direct_io+243>: mov 0x20(%ebp),%edi 0xc0161f0a <_pb_direct_io+246>: mov 0x20(%ebp),%eax 0xc0161f0d <_pb_direct_io+249>: mov 0x28(%edi),%edi 0xc0161f10 <_pb_direct_io+252>: mov 0x1c(%eax),%eax 0xc0161f13 <_pb_direct_io+255>: mov (%eax,%edi,4),%edx 0xc0161f16 <_pb_direct_io+258>: mov 0x20(%ebp),%edi 0xc0161f19 <_pb_direct_io+261>: mov 0x20(%edi),%esi 0xc0161f1c <_pb_direct_io+264>: add (%edx),%esi 0xc0161f1e <_pb_direct_io+266>: mov 0x14(%ebp),%eax 0xc0161f21 <_pb_direct_io+269>: push %eax 0xc0161f22 <_pb_direct_io+270>: push %esi 0xc0161f23 <_pb_direct_io+271>: mov 0xffffffec(%ebp),%edx 0xc0161f26 <_pb_direct_io+274>: push %edx 0xc0161f27 <_pb_direct_io+275>: cmpl $0x0,0x24(%ebp) 0xc0161f2b <_pb_direct_io+279>: setne %al 0xc0161f2e <_pb_direct_io+282>: movzbl %al,%edx 0xc0161f31 <_pb_direct_io+285>: push %edx 0xc0161f32 <_pb_direct_io+286>: call 0xc01232e8 0xc0161f37 <_pb_direct_io+291>: mov %eax,%esi 0xc0161f39 <_pb_direct_io+293>: add $0x10,%esp 0xc0161f3c <_pb_direct_io+296>: test %esi,%esi 0xc0161f3e <_pb_direct_io+298>: jne 0xc0161f72 <_pb_direct_io+350> 0xc0161f40 <_pb_direct_io+300>: mov 0xffffffec(%ebp),%edi 0xc0161f43 <_pb_direct_io+303>: mov 0x10(%edi),%edi 0xc0161f46 <_pb_direct_io+306>: mov %edi,0x5c(%ebx) 0xc0161f49 <_pb_direct_io+309>: mov 0xffffffec(%ebp),%eax 0xc0161f4c <_pb_direct_io+312>: mov (%eax),%eax 0xc0161f4e <_pb_direct_io+314>: mov %eax,0x50(%ebx) 0xc0161f51 <_pb_direct_io+317>: mov 0xffffffec(%ebp),%edx 0xc0161f54 <_pb_direct_io+320>: mov 0x8(%edx),%edx 0xc0161f57 <_pb_direct_io+323>: mov %edx,0x58(%ebx) 0xc0161f5a <_pb_direct_io+326>: mov 0xfffffffc(%ebp),%edi 0xc0161f5d <_pb_direct_io+329>: push %edi 0xc0161f5e <_pb_direct_io+330>: push %ebx 0xc0161f5f <_pb_direct_io+331>: call 0xc01606ac 0xc0161f64 <_pb_direct_io+336>: mov %eax,%esi 0xc0161f66 <_pb_direct_io+338>: mov 0xffffffec(%ebp),%eax 0xc0161f69 <_pb_direct_io+341>: push %eax 0xc0161f6a <_pb_direct_io+342>: call 0xc01235c8 0xc0161f6f <_pb_direct_io+347>: add $0xc,%esp 0xc0161f72 <_pb_direct_io+350>: mov 0xffffffec(%ebp),%edx 0xc0161f75 <_pb_direct_io+353>: push %edx 0xc0161f76 <_pb_direct_io+354>: call 0xc012c5ac 0xc0161f7b <_pb_direct_io+359>: add $0x4,%esp 0xc0161f7e <_pb_direct_io+362>: cmpl $0x0,0x20(%ebp) 0xc0161f82 <_pb_direct_io+366>: je 0xc0161fb7 <_pb_direct_io+419> 0xc0161f84 <_pb_direct_io+368>: test %esi,%esi 0xc0161f86 <_pb_direct_io+370>: jne 0xc0161fb1 <_pb_direct_io+413> 0xc0161f88 <_pb_direct_io+372>: mov 0x14(%ebp),%eax 0xc0161f8b <_pb_direct_io+375>: mov 0x20(%ebp),%edi 0xc0161f8e <_pb_direct_io+378>: mov %eax,0xfffffff0(%ebp) 0xc0161f91 <_pb_direct_io+381>: movl $0x0,0xfffffff4(%ebp) 0xc0161f98 <_pb_direct_io+388>: add %eax,(%edi) 0xc0161f9a <_pb_direct_io+390>: sub %eax,0x4(%edi) 0xc0161f9d <_pb_direct_io+393>: mov 0xfffffff0(%ebp),%eax 0xc0161fa0 <_pb_direct_io+396>: mov 0xfffffff4(%ebp),%edx 0xc0161fa3 <_pb_direct_io+399>: add %eax,0x10(%edi) 0xc0161fa6 <_pb_direct_io+402>: adc %edx,0x14(%edi) 0xc0161fa9 <_pb_direct_io+405>: add %eax,0x20(%edi) 0xc0161fac <_pb_direct_io+408>: adc %edx,0x24(%edi) 0xc0161faf <_pb_direct_io+411>: jmp 0xc0161fb7 <_pb_direct_io+419> 0xc0161fb1 <_pb_direct_io+413>: mov 0x20(%ebp),%eax 0xc0161fb4 <_pb_direct_io+416>: mov %esi,0xc(%eax) 0xc0161fb7 <_pb_direct_io+419>: push %ebx 0xc0161fb8 <_pb_direct_io+420>: call 0xc0160474 0xc0161fbd <_pb_direct_io+425>: test %esi,%esi 0xc0161fbf <_pb_direct_io+427>: jne 0xc0161fc6 <_pb_direct_io+434> 0xc0161fc1 <_pb_direct_io+429>: mov 0x14(%ebp),%ecx 0xc0161fc4 <_pb_direct_io+432>: jmp 0xc0161fc8 <_pb_direct_io+436> 0xc0161fc6 <_pb_direct_io+434>: xor %ecx,%ecx 0xc0161fc8 <_pb_direct_io+436>: mov %ecx,%eax 0xc0161fca <_pb_direct_io+438>: lea 0xffffffc4(%ebp),%esp 0xc0161fcd <_pb_direct_io+441>: pop %ebx 0xc0161fce <_pb_direct_io+442>: pop %esi 0xc0161fcf <_pb_direct_io+443>: pop %edi 0xc0161fd0 <_pb_direct_io+444>: mov %ebp,%esp 0xc0161fd2 <_pb_direct_io+446>: pop %ebp 0xc0161fd3 <_pb_direct_io+447>: ret End of assembler dump. (gdb) q