* Encountered a Null Pointer Problem on the SCSI Layer
@ 2002-01-28 22:30 Peter Wong
0 siblings, 0 replies; 6+ messages in thread
From: Peter Wong @ 2002-01-28 22:30 UTC (permalink / raw)
To: linux-kernel; +Cc: Jens Axboe
I encountered a null pointer problem on the SCSI layer when
I was testing Mingming Cao's diskio patch "diskio-stat-rq-2414"
on 2.4.14.
Mingming's patch is at http://sourceforge.net/projects/lse/.
The code in sd_find_queue() that protects against accessing a
non-existent device is not correct. The patch to fix it is given
below. Please check.
The following patch is based on the 2.4.18-pre7 code:
---------------------------------------------------------------------------
--- linux/drivers/scsi/sd.c Fri Jan 25 14:01:07 2002
+++ linux-2.4.17-diskio/drivers/scsi/sd.c Fri Jan 25 13:57:01 2002
@@ -279,7 +279,7 @@
target = DEVICE_NR(dev);
dpnt = &rscsi_disks[target];
- if (!dpnt)
+ if (!dpnt->device)
return NULL; /* No such device */
return &dpnt->device->request_queue;
}
---------------------------------------------------------------------------
Regards,
Peter
Wai Yee Peter Wong
IBM Linux Technology Center, Performance Analysis
email: wpeter@us.ibm.com
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Encountered a Null Pointer Problem on the SCSI Layer
[not found] <mailman.1012257244.13523.linux-kernel2news@redhat.com>
@ 2002-01-28 23:17 ` Pete Zaitcev
2002-01-29 3:51 ` David Ford
2002-01-29 17:22 ` Horst von Brand
0 siblings, 2 replies; 6+ messages in thread
From: Pete Zaitcev @ 2002-01-28 23:17 UTC (permalink / raw)
To: wpeter, linux-kernel; +Cc: Jens Axboe
> --- linux/drivers/scsi/sd.c Fri Jan 25 14:01:07 2002
> +++ linux-2.4.17-diskio/drivers/scsi/sd.c Fri Jan 25 13:57:01 2002
> @@ -279,7 +279,7 @@
> target = DEVICE_NR(dev);
>
> dpnt = &rscsi_disks[target];
> - if (!dpnt)
> + if (!dpnt->device)
> return NULL; /* No such device */
> return &dpnt->device->request_queue;
> }
> Wai Yee Peter Wong
There's one more of theese
--- linux-2.4.18-pre1/drivers/scsi/sd.c Fri Nov 9 14:05:06 2001
+++ linux-2.4.18-pre1-p3/drivers/scsi/sd.c Mon Jan 28 14:46:11 2002
@@ -302,7 +302,7 @@
dpnt = &rscsi_disks[dev];
if (devm >= (sd_template.dev_max << 4) ||
- !dpnt ||
+ !dpnt->device ||
!dpnt->device->online ||
block + SCpnt->request.nr_sectors > sd[devm].nr_sects) {
SCSI_LOG_HLQUEUE(2, printk("Finishing %ld sectors\n", SCpnt->request.nr_sectors));
-- Pete
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Encountered a Null Pointer Problem on the SCSI Layer
[not found] <8A43C34093B3D5119F7D0004AC56F4BCC3448C@difpst1a.dif.dk>
@ 2002-01-29 0:05 ` Pete Zaitcev
0 siblings, 0 replies; 6+ messages in thread
From: Pete Zaitcev @ 2002-01-29 0:05 UTC (permalink / raw)
To: Jesper Juhl; +Cc: 'linux-kernel@vger.kernel.org '
> From: Jesper Juhl <jju@dif.dk>
> Date: Tue, 29 Jan 2002 00:57:02 +0100
> > - if (!dpnt)
> > + if (!dpnt->device)
> > return NULL; /* No such device */
>
> Maybe I don't understand this right, but shouldn't that be
>
> if (!dpnt || !dpnt->device)
> return NULL; /* No such device */
In both cases, the code is like this:
dpnt = &rscsi_disks[dev_nr];
if (!dpnt->device)
return NULL;
So, it is unlikely that dpnt would be zero. It could be if rscsi_disks
were NULL, and in such case whole logics is toast.
-- Pete
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Encountered a Null Pointer Problem on the SCSI Layer
2002-01-28 23:17 ` Pete Zaitcev
@ 2002-01-29 3:51 ` David Ford
2002-01-29 17:22 ` Horst von Brand
1 sibling, 0 replies; 6+ messages in thread
From: David Ford @ 2002-01-29 3:51 UTC (permalink / raw)
To: Pete Zaitcev; +Cc: wpeter, linux-kernel, Jens Axboe
[-- Attachment #1: Type: text/plain, Size: 526 bytes --]
Might I suggest adding the below instead of swapping it out?
-d
>--- linux-2.4.18-pre1/drivers/scsi/sd.c Fri Nov 9 14:05:06 2001
>+++ linux-2.4.18-pre1-p3/drivers/scsi/sd.c Mon Jan 28 14:46:11 2002
>@@ -302,7 +302,7 @@
>
> dpnt = &rscsi_disks[dev];
> if (devm >= (sd_template.dev_max << 4) ||
>- !dpnt ||
>+ !dpnt->device ||
> !dpnt->device->online ||
> block + SCpnt->request.nr_sectors > sd[devm].nr_sects) {
> SCSI_LOG_HLQUEUE(2, printk("Finishing %ld sectors\n", SCpnt->request.nr_sectors));
>
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/x-pkcs7-signature, Size: 3269 bytes --]
^ permalink raw reply [flat|nested] 6+ messages in thread
* RE: Encountered a Null Pointer Problem on the SCSI Layer
@ 2002-01-29 15:03 Peter Wong
0 siblings, 0 replies; 6+ messages in thread
From: Peter Wong @ 2002-01-29 15:03 UTC (permalink / raw)
To: Jesper Juhl; +Cc: Pete Zaitcev, linux-kernel, Jens Axboe
Jesper,
Let's use sd_find_queue() as an example.
If the array pointed by rscsi_disk has been allocated,
dpnt cannot be null.
If rscsi_disk has not been allocated, dpnt = &rscsi_disks[target]
may not be null depending on the value of target. Thus, "if (!dpnt)"
is not sufficient anyway.
You can also look at sd_attach(), in which "if (!dpnt->device)" is
tested, not "if (!dpnt)".
Regards,
Peter
Wai Yee Peter Wong
IBM Linux Technology Center, Performance Analysis
email: wpeter@us.ibm.com
Jesper Juhl
<jju@dif.dk> To: "'Pete Zaitcev '" <zaitcev@redhat.com>, Peter Wong/Austin/IBM@IBMUS,
"'linux-kernel@vger.kernel.org '" <linux-kernel@vger.kernel.org>
01/28/02 05:57 PM cc: "'Jens Axboe '" <axboe@suse.de>
Subject: RE: Encountered a Null Pointer Problem on the SCSI Layer
> - if (!dpnt)
> + if (!dpnt->device)
> return NULL; /* No such device */
Maybe I don't understand this right, but shouldn't that be
if (!dpnt || !dpnt->device)
return NULL; /* No such device */
?
Best regards,
Jesper Juhl
jju@dif.dk
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: Encountered a Null Pointer Problem on the SCSI Layer
2002-01-28 23:17 ` Pete Zaitcev
2002-01-29 3:51 ` David Ford
@ 2002-01-29 17:22 ` Horst von Brand
1 sibling, 0 replies; 6+ messages in thread
From: Horst von Brand @ 2002-01-29 17:22 UTC (permalink / raw)
To: Pete Zaitcev; +Cc: wpeter, linux-kernel, Jens Axboe
Pete Zaitcev <zaitcev@redhat.com> said:
> > --- linux/drivers/scsi/sd.c Fri Jan 25 14:01:07 2002
> > +++ linux-2.4.17-diskio/drivers/scsi/sd.c Fri Jan 25 13:57:01 2002
> > @@ -279,7 +279,7 @@
> > target = DEVICE_NR(dev);
> >
> > dpnt = &rscsi_disks[target];
> > - if (!dpnt)
> > + if (!dpnt->device)
> > return NULL; /* No such device */
> > return &dpnt->device->request_queue;
> > }
>
> > Wai Yee Peter Wong
>
> There's one more of theese
>
> --- linux-2.4.18-pre1/drivers/scsi/sd.c Fri Nov 9 14:05:06 2001
> +++ linux-2.4.18-pre1-p3/drivers/scsi/sd.c Mon Jan 28 14:46:11 2002
> @@ -302,7 +302,7 @@
>
> dpnt = &rscsi_disks[dev];
> if (devm >= (sd_template.dev_max << 4) ||
> - !dpnt ||
> + !dpnt->device ||
> !dpnt->device->online ||
> block + SCpnt->request.nr_sectors > sd[devm].nr_sects) {
> SCSI_LOG_HLQUEUE(2, printk("Finishing %ld sectors\n", SCpnt->re
> quest.nr_sectors));
Is is possible for dpnt to be NULL here? Should perhaps be checked...
--
Horst von Brand http://counter.li.org # 22616
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2002-01-30 7:53 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <8A43C34093B3D5119F7D0004AC56F4BCC3448C@difpst1a.dif.dk>
2002-01-29 0:05 ` Encountered a Null Pointer Problem on the SCSI Layer Pete Zaitcev
2002-01-29 15:03 Peter Wong
[not found] <mailman.1012257244.13523.linux-kernel2news@redhat.com>
2002-01-28 23:17 ` Pete Zaitcev
2002-01-29 3:51 ` David Ford
2002-01-29 17:22 ` Horst von Brand
-- strict thread matches above, loose matches on Subject: below --
2002-01-28 22:30 Peter Wong
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox