#12070 NORM Not Tri: Runin kernel null pointer dereference in mmc_queue_thread on 1.75 / 12.1.0 os21
Zarro Boogs per Child
bugtracker at laptop.org
Thu Aug 30 21:53:21 EDT 2012
#12070: Runin kernel null pointer dereference in mmc_queue_thread on 1.75 / 12.1.0
os21
---------------------------------+------------------------------------------
Reporter: greenfeld | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Not Triaged
Component: kernel | Version: Development build as of this date
Resolution: | Keywords:
Next_action: diagnose | Verified: 0
Deployment_affected: | Blockedby:
Blocking: |
---------------------------------+------------------------------------------
Comment(by dsd):
{{{
0xe4 <mmc_queue_thread+228>: bl 0xe4 <mmc_queue_thread+228>
0xe8 <mmc_queue_thread+232>: mov r0, r6
0xec <mmc_queue_thread+236>: pop {r3, r4, r5, r6, r7, r8, r10, pc}
0xf0 <mmc_prep_request>: push {r3, lr}
}}}
LR must have been set to +0xe8 because of the bl instruction above, which
has somehow ended up at this nonsense pc value.
I believe that bl call is to up() :
{{{
list *mmc_queue_thread+0xe4
0xe4 is in mmc_queue_thread (drivers/mmc/card/queue.c:76).
71 }
72 set_current_state(TASK_RUNNING);
73
74 mq->issue_fn(mq, req);
75 } while (1);
76 up(&mq->thread_sem);
77
78 return 0;
79 }
80
}}}
--
Ticket URL: <http://dev.laptop.org/ticket/12070#comment:4>
One Laptop Per Child <http://laptop.org/>
OLPC bug tracking system
More information about the Bugs
mailing list