From: Tejun Heo <htejun@gmail.com>
To: linux-hotplug@vger.kernel.org
Subject: Re: Early-boot kernel panics from udev-165/extras/ata_id/ata_id.c
Date: Mon, 17 Jan 2011 15:27:33 +0000 [thread overview]
Message-ID: <20110117152733.GE27123@htj.dyndns.org> (raw)
In-Reply-To: <4D263BF6.6050305@verizon.net>
Hello,
On Sun, Jan 16, 2011 at 11:03:06PM -0500, John Stanley wrote:
> The kernel-panic, which occurs at boot-time in udev/ata_id.c when
> issuing an ioctl SG_IO sg3 SCSI ATA Pass-through Identify command,
> appears to arise from DMA'ing into an incorrectly aligned user data
> buffer pointed to by sg_io_hdr.dxferp .
The problem is that nobody is DMA'ing in this case. The driver in
question is ata_piix and the IO path taken is an actual PIO where the
CPU reads from the IO space and writes to the memory itself.
> My guess is that in the past, use of sg3 would not involve DMA by
> default, but now, with libata ATA Pass-Through commands, it does (I
> also may be totally wrong about that, just a thought).
No DMA in progress here. The only (somewhat) recent related change
would be libata PIO path now using 32bit IO commands when supported by
the controller, but I fail to see how that would trigger this type of
failures.
> I recall documentaion somewhere which emphasized that if direct I/O
> (DMA) is to used in sg, one should page-align the SCSI response data
> buffer.. With sg using indirect I/O this wouldn't be necessary, of
> course, but perhaps now with libata, it is. Just guessing here.
If the buffer is not aligned, the kernel would just create a bounce
buffer and bounce the data, so it shouldn't be a problem either. It
looks like we have an obscure bug in buffer mapping code for SG_IO.
I tried several things but can't reproduce the problem here. Can you
please try the attached minimal test case? It issues IDENTIFY_PACKET
and you can specify the alignment offset. By default the buffer would
be 512byte aligned but you can offset it. ie. specifying 1 would make
the buffer misaligned by 1 byte and so on.
Can you please see whether the problem can be reliably triggered with
it? Also, please,
* Attach full kernel log (including boot messages) and the program
output after triggering the problem.
* Make sure the kernel is built with debug info and frame pointer.
* Please reverse map the reported oops address to the source line.
Thanks.
--
tejun
next prev parent reply other threads:[~2011-01-17 15:27 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-01-06 22:02 Early-boot kernel panics from udev-165/extras/ata_id/ata_id.c John Stanley
2011-01-06 22:29 ` Greg KH
2011-01-07 2:13 ` Robby Workman
2011-01-07 8:06 ` Ozan Çağlayan
2011-01-10 8:10 ` Hannes Reinecke
2011-01-10 11:35 ` Ozan Çağlayan
2011-01-11 13:25 ` Tejun Heo
2011-01-17 3:53 ` John Stanley
2011-01-17 4:03 ` John Stanley
2011-01-17 5:07 ` John Stanley
2011-01-17 15:27 ` Tejun Heo [this message]
2011-01-17 15:28 ` Tejun Heo
2011-01-18 3:38 ` John Stanley
2011-01-18 15:09 ` Tejun Heo
2011-01-18 21:48 ` John Stanley
2011-01-19 2:07 ` Brad Price
2011-01-19 20:20 ` John Stanley
2011-01-20 12:59 ` [PATCH #upstream-fixes] libata: set queue DMA alignment to sector Tejun Heo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110117152733.GE27123@htj.dyndns.org \
--to=htejun@gmail.com \
--cc=linux-hotplug@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).