Re: Slab corruption in 2.6.16-rc5-mm2
From: Jesper Juhl
Date: Mon Mar 06 2006 - 16:14:32 EST
On 3/6/06, Linus Torvalds <torvalds@xxxxxxxx> wrote:
>
>
> On Mon, 6 Mar 2006, Jesper Juhl wrote:
> >
> > Hmm, is it just me or should that len= have read len=96 ???
> >
> > This is the change I made :
> >
> > --- linux-2.6.16-rc5-mm2/block/scsi_ioctl.c~ 2006-03-06
> > 21:43:56.000000000 +0100
> > +++ linux-2.6.16-rc5-mm2/block/scsi_ioctl.c 2006-03-06
> > 21:43:56.000000000 +0100
> > @@ -568,7 +568,7 @@ int scsi_cmd_ioctl(struct file *file, st
> > hdr.dxferp = cgc.buffer;
> > hdr.sbp = cgc.sense;
> > if (hdr.sbp)
> > - hdr.mx_sb_len = sizeof(struct request_sense);
> > + hdr.mx_sb_len = SCSI_SENSE_BUFFERSIZE;
> > hdr.timeout = cgc.timeout;
> > hdr.cmdp = ((struct cdrom_generic_command __user*) arg)->cmd;
> > hdr.cmd_len = sizeof(cgc.cmd);
> >
> > did I mess up?
>
> That's not the one to change. It's the one in "sr_do_ioctl()", where it
> uses "sizeof(*sense)".
>
Ahh, so I did mess up - whoops - I just grep'ed for "sizeof(struct
request_sense)" :-(
I'll try it again (with the correct change) in a moment, after I've
tested Jens's "does no slab poison/debug make it go Oops" question...
--
Jesper Juhl <jesper.juhl@xxxxxxxxx>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/