Yanqing, Thanks. Thee fix is in the set of patches that Hannes has sent (latest one sent yesterday). It will make into 2.6.27. Thanks, chandra On Thu, 2008-07-17 at 11:56 -0500, Yanqing_Liu@xxxxxxxx wrote: > Hello, > > Here is the lsi rdac device handler code that was posted: > > https://www.redhat.com/archives/dm-devel/2008-May/msg00003.html > > The following patch is to address a NULL pointer problem in lsi rdac > device handler. > > In function get_rdac_req, after a request is successfully allocated, > the area that the cmd pointer points to should be zeroed out. However, > the function zeros out the command pointer itself, along with some > other adjacent area. This results in NULL pointer dereference when > submitting inquiry commands when checking virtual disk ownership > during device discovery time. The kernel trace is attached at the end > of the message. > > The change is to zero out the area that the cmd pointer points to, > instead of the pointer itself in the allocated request structure. > > --- scsi_dh_rdac.c.orig 2008-07-17 01:53:10.000000000 -0400 > +++ scsi_dh_rdac.c 2008-07-17 01:45:28.000000000 -0400 > @@ -214,7 +214,7 @@ > return NULL; > } > > - memset(&rq->cmd, 0, BLK_MAX_CDB); > + memset(rq->cmd, 0, BLK_MAX_CDB); > rq->sense = h->sense; > memset(rq->sense, 0, SCSI_SENSE_BUFFERSIZE); > rq->sense_len = 0; > > > Below is the kernel trace when problem happens, just for reference: > > Jul 10 01:05:52 localhost kernel: In fn rdac_activate > Jul 10 01:05:52 localhost kernel: BUG: unable to handle kernel NULL > pointer dereference at 0000000000000000 > Jul 10 01:05:52 localhost kernel: IP: > [<ffffffffa051e1d4>] :scsi_dh_rdac:submit_inquiry+0x42/0x8d > Jul 10 01:05:52 localhost kernel: PGD 0 > Jul 10 01:05:52 localhost kernel: Oops: 0002 [1] SMP > Jul 10 01:05:52 localhost kernel: CPU 2 > Jul 10 01:05:52 localhost kernel: Modules linked in: scsi_dh_rdac vfat > fat autofs4 hidp rfcomm l2cap bluetooth sunrpc iptable_filter > ip_tables ip6t_REJECT xt_tcpudp ip6table_filter ip6_tables x_tables > ipv6 ib_iser rdma_cm ib_cm iw_cm ib_sa ib_mad ib_core ib_addr > iscsi_tcp libiscsi scsi_transport_iscsi dm_round_robin dm_multipath > scsi_dh sbs sbshc battery acpi_memhotplug ac parport_pc lp parport sg > usb_storage dcdbas ide_cd_mod cdrom bnx2 serio_raw button rtc_cmos > rtc_core rtc_lib i5000_edac shpchp edac_core pcspkr dm_snapshot > dm_zero dm_mirror dm_log dm_mod ata_piix libata megaraid_sas mptsas > mptscsih scsi_transport_sas mptbase sd_mod scsi_mod ext3 jbd uhci_hcd > ohci_hcd ehci_hcd [last unloaded: microcode] > > Jul 10 01:05:52 localhost kernel: Pid: 5741, comm: kmpath_handlerd Not > tainted 2.6.26-rc5 #1 > Jul 10 01:05:52 localhost kernel: RIP: 0010:[<ffffffffa051e1d4>] > [<ffffffffa051e1d4>] :scsi_dh_rdac:submit_inquiry+0x42/0x8d > > Jul 10 01:05:52 localhost kernel: RSP: 0018:ffff81003c511dd0 EFLAGS: > 00010246 > Jul 10 01:05:52 localhost kernel: RAX: 0000000000000000 RBX: > 00000000000000af RCX: 0000000000000001 > Jul 10 01:05:52 localhost kernel: RDX: ffff81003c4818b8 RSI: > 0000000000000000 RDI: ffff81003e82eb10 > Jul 10 01:05:52 localhost kernel: RBP: 00000000000000c8 R08: > 0000000000000003 R09: 0000000000000005 > Jul 10 01:05:52 localhost kernel: R10: ffff81003a472c15 R11: > 000000000000005d R12: ffff81003e82eb10 > Jul 10 01:05:52 localhost multipathd: mpath2: event checker started > Jul 10 01:05:52 localhost kernel: R13: ffffffffa051f640 R14: > ffff81003956d920 R15: 0000000000000000 > Jul 10 01:05:52 localhost kernel: FS: 0000000000000000(0000) > GS:ffff81003fa5be40(0000) knlGS:0000000000000000 > Jul 10 01:05:52 localhost kernel: CS: 0010 DS: 0018 ES: 0018 CR0: > 000000008005003b > Jul 10 01:05:52 localhost kernel: CR2: 0000000000000000 CR3: > 0000000000201000 CR4: 00000000000006e0 > Jul 10 01:05:52 localhost kernel: DR0: 0000000000000000 DR1: > 0000000000000000 DR2: 0000000000000000 > Jul 10 01:05:52 localhost kernel: DR3: 0000000000000000 DR6: > 00000000ffff0ff0 DR7: 0000000000000400 > Jul 10 01:05:52 localhost kernel: Process kmpath_handlerd (pid: 5741, > threadinfo ffff81003c510000, task ffff81003e9329a0) > > Jul 10 01:05:52 localhost kernel: Stack: ffff81003a472c00 > ffff81003956d800 ffff81003956d800 ffffffffa051e4db > Jul 10 01:05:52 localhost kernel: ffff81003e9329a0 ffff81003a472c08 > ffff81003d5e67c0 ffffffff808d0700 > Jul 10 01:05:52 localhost kernel: 0000000000000000 ffff81003d5e67c0 > ffff81003c511ed0 0000000000000000 > Jul 10 01:05:52 localhost kernel: Call Trace: > Jul 10 01:05:52 localhost kernel: > [<ffffffffa051e4db>] ? :scsi_dh_rdac:rdac_activate+0x70/0x461 > Jul 10 01:05:52 localhost kernel: > [<ffffffffa03050f4>] ? :scsi_dh:scsi_dh_activate+0x55/0x9c > Jul 10 01:05:52 localhost kernel: > [<ffffffffa0310327>] ? :dm_multipath:activate_path+0x0/0x16d > Jul 10 01:05:52 localhost kernel: > [<ffffffffa0310352>] ? :dm_multipath:activate_path+0x2b/0x16d > Jul 10 01:05:52 localhost kernel: > [<ffffffffa0310327>] ? :dm_multipath:activate_path+0x0/0x16d > Jul 10 01:05:52 localhost kernel: [<ffffffff8023fed9>] ? > run_workqueue+0x7b/0x103 > Jul 10 01:05:52 localhost kernel: [<ffffffff80240754>] ? > worker_thread+0xd5/0xe0 > Jul 10 01:05:52 localhost kernel: [<ffffffff80242f26>] ? > autoremove_wake_function+0x0/0x2e > Jul 10 01:05:52 localhost kernel: [<ffffffff8024067f>] ? > worker_thread+0x0/0xe0 > Jul 10 01:05:52 localhost kernel: [<ffffffff80242df7>] ? kthread > +0x47/0x74 > Jul 10 01:05:53 localhost kernel: [<ffffffff8022d674>] ? > schedule_tail+0x28/0x5d > Jul 10 01:05:53 localhost kernel: [<ffffffff8020cb98>] ? child_rip > +0xa/0x12 > Jul 10 01:05:53 localhost kernel: [<ffffffff80242db0>] ? kthread > +0x0/0x74 > Jul 10 01:05:53 localhost kernel: [<ffffffff8020cb8e>] ? child_rip > +0x0/0x12 > Jul 10 01:05:53 localhost kernel: > Jul 10 01:05:53 localhost multipathd: mpath0: event checker started > Jul 10 01:05:53 localhost kernel: > Jul 10 01:05:53 localhost multipathd: mpath13: event checker started > Jul 10 01:05:53 localhost kernel: Code: 04 0f 0b eb fe 48 8d 70 75 31 > c9 e8 c1 fe ff ff 48 85 c0 48 89 c2 b9 0c 00 00 00 74 52 48 8b 80 e8 > 00 00 00 b1 01 31 f6 4c 89 e7 <c6> 00 12 48 8b 82 e8 00 00 00 c6 40 01 > 01 48 8b 82 e8 00 00 00 > > Jul 10 01:05:53 localhost multipathd: path checkers start up > Jul 10 01:05:53 localhost kernel: RIP > [<ffffffffa051e1d4>] :scsi_dh_rdac:submit_inquiry+0x42/0x8d > Jul 10 01:05:53 localhost multipathd: dm-4: add map (uevent) > Jul 10 01:05:53 localhost kernel: RSP <ffff81003c511dd0> > Jul 10 01:05:53 localhost multipathd: dm-4: devmap already registered > Jul 10 01:05:53 localhost kernel: CR2: 0000000000000000 > Jul 10 01:05:53 localhost kernel: ---[ end trace > f05af9e56671650e ]--- > Jul 10 01:08:52 localhost multipathd: dm-3: add map (uevent) > Jul 10 01:08:52 localhost multipathd: dm-3: devmap already registered > Jul 10 01:08:52 localhost multipathd: dm-2: remove map (uevent) > Jul 10 01:08:52 localhost multipathd: mpath2: map in use > Jul 10 01:08:52 localhost multipathd: mpath2: can't flush > Jul 10 01:11:52 localhost multipathd: dm-2: add map (uevent) > Jul 10 01:11:52 localhost multipathd: dm-2: devmap already registered > > Please provide any feedback that you may have. > > Thanks, > Yanqing > -- dm-devel mailing list dm-devel@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/dm-devel
