lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Sun, 03 May 2015 13:11:58 -0700
From:	Nikhilesh Reddy <>
Subject: Null pointer dereference of s_chksum_driver  in ext4_chksum


I am running the 3.10 ( android ) kernel.

I have run into a couple of instances of a null pointer dereference
occurring in the function ext4_chksum.

This issue seems to be the same one as

I am not sure if this was ever solved?

Can someone kindly point me in the right direction?

The only patch i found that might be remotely related is the

I am not entirely sure if this is the fix for the issue.

Please find additional details below:

This occurred in while de-referencing the sbi->s_chksum_driver member of
the superblock info.

This occurs during a bootup mount

  10.216919:   <6> EXT4-fs (mmcblk0p22): mounted filesystem with ordered
data mode. Opts: barrier=1,discard
     10.225032:   <6> SELinux: initialized (dev mmcblk0p22, type ext4),
uses xattr
     10.235901:   <6> EXT4-fs (mmcblk0p29): Ignoring removed
nomblk_io_submit option
     10.341141:   <6> Unable to handle kernel NULL pointer dereference
at virtual address 00000000

The call stack is as below:

                   [<ffffffc000393a54>] ext4_superblock_csum+0x20/0x68
     10.498103: <2>[<ffffffc000393fc8>]ext4_superblock_csum_set+0x20/0x34
     10.504353:   <2> [<ffffffc00039455c>] ext4_commit_super+0x178/0x1f4
     10.510170:   <2> [<ffffffc0003945f4>] save_error_info+0x1c/0x2c
     10.515638:   <2> [<ffffffc000394954>] ext4_error_inode+0x4c/0x13c
     10.521282:   <2> [<ffffffc00037d510>] ext4_map_blocks+0x354/0x398
     10.526924:   <2> [<ffffffc00037e97c>] _ext4_get_block+0xc0/0x160
     10.532479:   <2> [<ffffffc00037ea2c>] ext4_get_block+0x10/0x1c
     10.537863:   <2> [<ffffffc00031e808>] generic_block_bmap+0x34/0x44
     10.543589:   <2> [<ffffffc00037b980>] ext4_bmap+0x78/0xd4
     10.548539:   <2> [<ffffffc00030a2ec>] bmap+0x20/0x2c
     10.553052:   <2> [<ffffffc0003c8ec0>] jbd2_journal_bmap+0x24/0x9c
     10.558695:   <2> [<ffffffc0003c311c>] jread+0x54/0x228
     10.563381:   <2> [<ffffffc0003c3618>] do_one_pass+0x328/0x724
     10.568678:   <2> [<ffffffc0003c3a8c>] jbd2_journal_recover+0x78/0xdc
     10.574580:   <2> [<ffffffc0003c8c80>] jbd2_journal_load+0x154/0x308
     10.580396:   <2> [<ffffffc000398168>] ext4_fill_super+0x1984/0x2470
     10.586211:   <2> [<ffffffc0002f8634>] mount_bdev+0x134/0x1b8
     10.591420:   <2> [<ffffffc000392f18>] ext4_mount+0x10/0x1c
     10.596454:   <2> [<ffffffc0002f8ebc>] mount_fs+0x78/0x174
     10.601404:   <2> [<ffffffc00030f420>] vfs_kern_mount+0x58/0xcc
     10.606785:   <2> [<ffffffc000311748>] do_mount+0x6f0/0x7d4
     10.611819:   <2> [<ffffffc0003118b8>] SyS_mount+0x8c/0xd0
     10.616768:   <6> Code: 9100fff3 f9420000 927ae673 f942340(b9400002)
     10.622935:   <6> ---[ end trace 69fa2927148e4ec2 ]---
     10.627528:   <6> Kernel panic - not syncing: Fatal exception

Nikhilesh Reddy

Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.

To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists