lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sun, 4 Nov 2007 11:51:21 +0100
From:	"Torsten Kaiser" <just.for.lkml@...glemail.com>
To:	"Jens Axboe" <jens.axboe@...cle.com>
Cc:	"Stefan Richter" <stefanr@...6.in-berlin.de>,
	linux-kernel@...r.kernel.org, linux1394-devel@...ts.sourceforge.net
Subject: Re: 2.6.24-rc1-54866f032307063776b4eff7eadb131d47f9f9b4 fails to boot: kernel BUG at include/linux/scatterlist.h:49!

On 11/4/07, Jens Axboe <jens.axboe@...cle.com> wrote:
> On Sat, Nov 03 2007, Jens Axboe wrote:
> > It's probably enough. Only if you use chaining do you need to convert to
> > using for_each_sg() and so on.
>
> Did a grep over ieee1394/, this seems to be all you need.

What *I* need. For eth1394.

Stefan Richter wrote:
> (The other place where the 1394 stack deals with s/g lists is sbp2 where
> we have to deal with what comes from the SCSI stack or the block layer.
> But sbp2's s/g list handling is entirely unrelated to ieee1394's own
> code for isochronous I/O and async streams, which eth1394 needs and
> caused the bug.)

I see nothing preventing chained sg lists to be feed into
sbp2scsi_queuecommand() which then gives these lists to
sbp2_prep_command_orb_sg().

And there I find this:
static void sbp2_prep_command_orb_sg(struct sbp2_command_orb *orb,
                                     struct sbp2_fwhost_info *hi,
                                     struct sbp2_command_info *cmd,
                                     unsigned int scsi_use_sg,
                                     struct scatterlist *sgpnt,
                                     u32 orb_direction,
                                     enum dma_data_direction dma_dir)
{
[snip]
for (i = 0, sg_count = 0 ; i < count; i++, sgpnt++) {


As yesterday my md1_raid5-thread oopsed with the same bug from the
thread "kernel NULL pointer dereference in blk_rq_map_sg with
v2.6.23-6815-g0895e91" I'm rather suspicious of anything sg related
right now. (At least I think its the same bug, as 2.6.23-mm1 does not
contain the fix from that thread)

> diff --git a/drivers/ieee1394/dma.c b/drivers/ieee1394/dma.c
> index f5f4983..7c4eb39 100644
> --- a/drivers/ieee1394/dma.c
> +++ b/drivers/ieee1394/dma.c
> @@ -103,8 +103,7 @@ int dma_region_alloc(struct dma_region *dma, unsigned long n_bytes,
>                 goto err;
>         }
>
> -       /* just to be safe - this will become unnecessary once sglist->address goes away */
> -       memset(dma->sglist, 0, dma->n_pages * sizeof(*dma->sglist));
> +       sg_init_table(dma->sglist, dma->n_pages);
>
>         /* fill scatter/gather list with pages */
>         for (i = 0; i < dma->n_pages; i++) {
>

With that patch, 2.6.24-rc1-b4f555081fdd27d13e6ff39d455d5aefae9d2c0c
boots, eth1394 works.

Torsten
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ