From: Andrew Morton <akpm@linux-foundation.org>
To: Michael Buesch <mb@bu3sch.de>
Cc: Arnd Bergmann <arnd@arndb.de>,
"linux-kernel" <linux-kernel@vger.kernel.org>,
Jens Axboe <axboe@kernel.dk>, Jan Kara <jack@ucw.cz>
Subject: Re: Oops when using growisofs
Date: Sun, 22 Jun 2008 23:34:48 -0700 [thread overview]
Message-ID: <20080622233448.4b27c131.akpm@linux-foundation.org> (raw)
In-Reply-To: <200806230028.20643.mb@bu3sch.de>
On Mon, 23 Jun 2008 00:28:20 +0200 Michael Buesch <mb@bu3sch.de> wrote:
> On Monday 23 June 2008 00:05:51 Michael Buesch wrote:
> > > Note: r9 and r3 are both NULL pointers. r3 is the value returned from alloc_page_buffers.
> > > R9 is a copy of that, which gets accessed.
> >
> > Hm, yeah. I looked at that code already, but I can't see how it could return
> > a NULL pointer.
>
> Well, actually, it can return a NULL pointer.
>
> 928 head = NULL;
> 929 offset = PAGE_SIZE;
> 930 while ((offset -= size) >= 0) {
> ...
> 949 }
> 950 return head;
>
> So if size, which is a passed in as parameter, is > PAGE_SIZE it will return NULL.
>
> The size parameter is calculated by doing
> blocksize = 1 << inode->i_blkbits;
> in an earlier function in the callchain.
Yes, that's a more likely scenario. isofs has a history of passing
garbage into the VFS.
> So, well. I dunno what i_blkbits is. There's no docs in struct inode.
It's log2 of the filesystem blocksize. It'd be interesting to work out
what value isofs is setting it to, and why.
next prev parent reply other threads:[~2008-06-23 6:35 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-22 16:18 Oops when using growisofs Michael Buesch
2008-06-22 21:22 ` Arnd Bergmann
2008-06-22 21:31 ` Arnd Bergmann
2008-06-22 22:09 ` Michael Buesch
2008-06-22 22:05 ` Michael Buesch
2008-06-22 22:28 ` Michael Buesch
2008-06-23 6:34 ` Andrew Morton [this message]
2008-06-23 6:59 ` Nick Piggin
2008-06-24 17:28 ` Jan Kara
2008-06-24 18:39 ` Michael Buesch
2008-06-25 1:42 ` Arnd Bergmann
2008-06-25 9:37 ` Jan Kara
2008-06-25 9:46 ` Michael Buesch
2008-06-26 17:05 ` Jan Kara
2008-06-26 18:11 ` Jens Axboe
2008-06-26 18:21 ` Michael Buesch
2008-06-26 18:36 ` Jens Axboe
2008-06-26 18:39 ` Michael Buesch
2008-06-26 18:41 ` Jens Axboe
2008-06-29 19:39 ` Michael Buesch
2008-07-09 18:46 ` Jan Kara
2008-07-22 9:25 ` Andrew Morton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080622233448.4b27c131.akpm@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=arnd@arndb.de \
--cc=axboe@kernel.dk \
--cc=jack@ucw.cz \
--cc=linux-kernel@vger.kernel.org \
--cc=mb@bu3sch.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox