Re: mcdx -- do_request(): non-read command to cd!!

From: Pekka Enberg
Date: Wed Apr 04 2007 - 02:31:18 EST

Next message: Paul Mackerras: "Re: [PATCH] Stop pmac_zilog from abusing 8250's device numbers."
Previous message: Wu, Bryan: "[PATCH] Blackfin arch: add missing __clear_user function touaccess header file"
In reply to: Rene Herman: "Re: mcdx -- do_request(): non-read command to cd!!"
Next in thread: Jens Axboe: "Re: mcdx -- do_request(): non-read command to cd!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 4/4/07, Rene Herman <rene.herman@xxxxxxxxx> wrote:

Taking forever to reproduce in as far as getting the oops. The thing is
now just locking hard each time. Will keep on trying...

Can you get anything out with sysrq-t? The original oops would be
enough to conclude it's a double-free if it weren't for this:

if (stuffp->toc) {
kfree(stuffp->toc);
stuffp->toc = NULL;
}

While the code is obviously unsafe, we would have to be interrupted
between the read and the assignment, but you don't even have preempt
enabled! So I don't quite yet see where the concurrency is coming
from.

What you can do here is protect the above sequence with a spinlock,
for example, which might paper-over the double-free enough to get you
running again...

Pekka
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Paul Mackerras: "Re: [PATCH] Stop pmac_zilog from abusing 8250's device numbers."
Previous message: Wu, Bryan: "[PATCH] Blackfin arch: add missing __clear_user function touaccess header file"
In reply to: Rene Herman: "Re: mcdx -- do_request(): non-read command to cd!!"
Next in thread: Jens Axboe: "Re: mcdx -- do_request(): non-read command to cd!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]