From: Hannes Reinecke <hare@suse.de>
To: Steffen Maier <maier@linux.vnet.ibm.com>,
Johannes Thumshirn <jthumshirn@suse.de>
Cc: "Martin K . Petersen" <martin.petersen@oracle.com>,
Christoph Hellwig <hch@infradead.org>,
Linux Kernel Mailinglist <linux-kernel@vger.kernel.org>,
Linux SCSI Mailinglist <linux-scsi@vger.kernel.org>,
Martin Schwidefsky <schwidefsky@de.ibm.com>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Anil Gurumurthy <anil.gurumurthy@qlogic.com>,
Sudarsana Kalluru <sudarsana.kalluru@qlogic.com>,
"James E.J. Bottomley" <jejb@linux.vnet.ibm.com>,
Tyrel Datwyler <tyreld@linux.vnet.ibm.com>,
Benjamin Herrenschmidt <benh@kernel.crashing.org>,
Paul Mackerras <paulus@samba.org>,
Michael Ellerman <mpe@ellerman.id.au>,
Johannes Thumshirn <jth@kernel.org>,
James Smart <james.smart@avagotech.com>,
Dick Kennedy <dick.kennedy@avagotech.com>,
"supporter:QLOGIC QLA2XXX FC-SCSI DRIVER"
<qla2xxx-upstream@qlogic.com>,
"open list:S390 ZFCP DRIVER" <linux-s390@vger.kernel.org>,
"open list:LINUX FOR POWERPC (32-BIT AND 64-BIT)"
<linuxppc-dev@lists.ozlabs.org>,
"open list:FCOE SUBSYSTEM (libfc, libfcoe,
fcoe)" <fcoe-devel@open-fcoe.org>,
Ulrich Weigand <Ulrich.Weigand@de.ibm.com>,
Richard Biener <rguenther@suse.de>
Subject: Re: [PATCH v2 02/16] scsi: don't use fc_bsg_job::request and fc_bsg_job::reply directly
Date: Fri, 28 Oct 2016 13:31:12 +0200 [thread overview]
Message-ID: <d9a73963-1ade-2b6f-77bd-044e19675fd8@suse.de> (raw)
In-Reply-To: <4b411836-e76f-b67a-3d49-ad3d51b8f216@linux.vnet.ibm.com>
On 10/28/2016 11:53 AM, Steffen Maier wrote:
>
>
> On 10/13/2016 06:24 PM, Johannes Thumshirn wrote:
>> On Thu, Oct 13, 2016 at 05:15:25PM +0200, Steffen Maier wrote:
>>> I'm puzzled.
>>>
>>> $ git bisect start fc_bsg master
>
>>>> 3087864ce3d7282f59021245d8a5f83ef1caef18 is the first bad commit
>>>> commit 3087864ce3d7282f59021245d8a5f83ef1caef18
>>>> Author: Johannes Thumshirn <jthumshirn@suse.de>
>>>> Date: Wed Oct 12 15:06:28 2016 +0200
>>>>
>>>> scsi: don't use fc_bsg_job::request and fc_bsg_job::reply directly
>>>>
>>>> Don't use fc_bsg_job::request and fc_bsg_job::reply directly,
>>>> but use
>>>> helper variables bsg_request and bsg_reply. This will be
>>>> helpfull when
>>>> transitioning to bsg-lib.
>>>>
>>>> Signed-off-by: Johannes Thumshirn <jthumshirn@suse.de>
>>>>
>>>> :040000 040000 140c4b6829d5cfaec4079716e0795f63f8bc3bd2
>>>> 0d9fe225615679550be91fbd9f84c09ab1e280fc M drivers
>>>
>>> From there (on the reverse bisect path) I get the following Oops,
>>> except for the full patch set having another stack trace as in my
>>> previous
>>> mail (dying in zfcp code).
>>>
>>
>> [...]
>>
>>>
>>>> @@ -3937,6 +3944,7 @@ fc_bsg_request_handler(struct request_queue
>>>> *q, struct Scsi_Host *shost,
>>>> struct request *req;
>>>> struct fc_bsg_job *job;
>>>> enum fc_dispatch_result ret;
>>>> + struct fc_bsg_reply *bsg_reply;
>>>>
>>>> if (!get_device(dev))
>>>> return;
>>>> @@ -3973,8 +3981,9 @@ fc_bsg_request_handler(struct request_queue
>>>> *q, struct Scsi_Host *shost,
>>>> /* check if we have the msgcode value at least */
>>>> if (job->request_len < sizeof(uint32_t)) {
>>>> BUG_ON(job->reply_len < sizeof(uint32_t));
>>>> - job->reply->reply_payload_rcv_len = 0;
>>>> - job->reply->result = -ENOMSG;
>>>> + bsg_reply = job->reply;
>>>> + bsg_reply->reply_payload_rcv_len = 0;
>>>> + bsg_reply->result = -ENOMSG;
>
> Compiler optimization re-ordered above two lines and the first pointer
> derefence is bsg_reply->result [field offset 0] where bsg_reply is NULL.
> The assignment tries to write to memory at address NULL causing the
> kernel page fault.
>
I spoke to our compiler people, and they strongly believed this not to
be the case. Or, put it the other way round, if such a thing would
happen it would be a compiler issue.
Have you checked the compiler output?
Cheers,
Hannes
--
Dr. Hannes Reinecke Teamlead Storage & Networking
hare@suse.de +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton
HRB 21284 (AG Nürnberg)
WARNING: multiple messages have this Message-ID (diff)
From: Hannes Reinecke <hare-l3A5Bk7waGM@public.gmane.org>
To: Steffen Maier
<maier-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
Johannes Thumshirn <jthumshirn-l3A5Bk7waGM@public.gmane.org>
Cc: Benjamin Herrenschmidt
<benh-XVmvHMARGAS8U2dJNN8I7kB+6BGkLq7r@public.gmane.org>,
Heiko Carstens
<heiko.carstens-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
Paul Mackerras <paulus-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>,
"open list:S390 ZFCP DRIVER"
<linux-s390-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Dick Kennedy
<dick.kennedy-1wcpHE2jlwO1Z/+hSey0Gg@public.gmane.org>,
"James E.J. Bottomley"
<jejb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
Linux SCSI Mailinglist
<linux-scsi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Michael Ellerman <mpe-Gsx/Oe8HsFggBc27wqDAHg@public.gmane.org>,
Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
"open list:FCOE SUBSYSTEM (libfc, libfcoe,
fcoe)" <fcoe-devel-s9riP+hp16TNLxjTenLetw@public.gmane.org>,
Ulrich Weigand
<Ulrich.Weigand-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
Tyrel Datwyler
<tyreld-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>,
"supporter:QLOGIC QLA2XXX FC-SCSI DRIVER"
<qla2xxx-upstream-h88ZbnxC6KDQT0dZR+AlfA@public.gmane.org>,
Richard Biener <rguenther-l3A5Bk7waGM@public.gmane.org>,
Sudarsana Kalluru
<sudarsana.kalluru-h88ZbnxC6KDQT0dZR+AlfA@public.gmane.org>,
"Martin K . Petersen"
<martin.petersen-QHcLZuEGTsvQT0dZR+AlfA@public.gmane.org>,
Anil Gurumurthy
<anil.gurumurthy-h88ZbnxC6KDQT0dZR+AlfA@public.gmane.org>,
Linux Kernel Mailinglist <linux-kernel@vger>
Subject: Re: [PATCH v2 02/16] scsi: don't use fc_bsg_job::request and fc_bsg_job::reply directly
Date: Fri, 28 Oct 2016 13:31:12 +0200 [thread overview]
Message-ID: <d9a73963-1ade-2b6f-77bd-044e19675fd8@suse.de> (raw)
In-Reply-To: <4b411836-e76f-b67a-3d49-ad3d51b8f216-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
On 10/28/2016 11:53 AM, Steffen Maier wrote:
>
>
> On 10/13/2016 06:24 PM, Johannes Thumshirn wrote:
>> On Thu, Oct 13, 2016 at 05:15:25PM +0200, Steffen Maier wrote:
>>> I'm puzzled.
>>>
>>> $ git bisect start fc_bsg master
>
>>>> 3087864ce3d7282f59021245d8a5f83ef1caef18 is the first bad commit
>>>> commit 3087864ce3d7282f59021245d8a5f83ef1caef18
>>>> Author: Johannes Thumshirn <jthumshirn-l3A5Bk7waGM@public.gmane.org>
>>>> Date: Wed Oct 12 15:06:28 2016 +0200
>>>>
>>>> scsi: don't use fc_bsg_job::request and fc_bsg_job::reply directly
>>>>
>>>> Don't use fc_bsg_job::request and fc_bsg_job::reply directly,
>>>> but use
>>>> helper variables bsg_request and bsg_reply. This will be
>>>> helpfull when
>>>> transitioning to bsg-lib.
>>>>
>>>> Signed-off-by: Johannes Thumshirn <jthumshirn-l3A5Bk7waGM@public.gmane.org>
>>>>
>>>> :040000 040000 140c4b6829d5cfaec4079716e0795f63f8bc3bd2
>>>> 0d9fe225615679550be91fbd9f84c09ab1e280fc M drivers
>>>
>>> From there (on the reverse bisect path) I get the following Oops,
>>> except for the full patch set having another stack trace as in my
>>> previous
>>> mail (dying in zfcp code).
>>>
>>
>> [...]
>>
>>>
>>>> @@ -3937,6 +3944,7 @@ fc_bsg_request_handler(struct request_queue
>>>> *q, struct Scsi_Host *shost,
>>>> struct request *req;
>>>> struct fc_bsg_job *job;
>>>> enum fc_dispatch_result ret;
>>>> + struct fc_bsg_reply *bsg_reply;
>>>>
>>>> if (!get_device(dev))
>>>> return;
>>>> @@ -3973,8 +3981,9 @@ fc_bsg_request_handler(struct request_queue
>>>> *q, struct Scsi_Host *shost,
>>>> /* check if we have the msgcode value at least */
>>>> if (job->request_len < sizeof(uint32_t)) {
>>>> BUG_ON(job->reply_len < sizeof(uint32_t));
>>>> - job->reply->reply_payload_rcv_len = 0;
>>>> - job->reply->result = -ENOMSG;
>>>> + bsg_reply = job->reply;
>>>> + bsg_reply->reply_payload_rcv_len = 0;
>>>> + bsg_reply->result = -ENOMSG;
>
> Compiler optimization re-ordered above two lines and the first pointer
> derefence is bsg_reply->result [field offset 0] where bsg_reply is NULL.
> The assignment tries to write to memory at address NULL causing the
> kernel page fault.
>
I spoke to our compiler people, and they strongly believed this not to
be the case. Or, put it the other way round, if such a thing would
happen it would be a compiler issue.
Have you checked the compiler output?
Cheers,
Hannes
--
Dr. Hannes Reinecke Teamlead Storage & Networking
hare-l3A5Bk7waGM@public.gmane.org +49 911 74053 688
SUSE LINUX GmbH, Maxfeldstr. 5, 90409 Nürnberg
GF: F. Imendörffer, J. Smithard, J. Guild, D. Upmanyu, G. Norton
HRB 21284 (AG Nürnberg)
next prev parent reply other threads:[~2016-10-28 11:31 UTC|newest]
Thread overview: 90+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-12 13:06 [PATCH v2 00/16] Convert FibreChannel bsg code to use bsg-lib Johannes Thumshirn
2016-10-12 13:06 ` [PATCH v2 01/16] scsi: Get rid of struct fc_bsg_buffer Johannes Thumshirn
2016-10-13 9:01 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 02/16] scsi: don't use fc_bsg_job::request and fc_bsg_job::reply directly Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:25 ` Hannes Reinecke
2016-10-13 11:25 ` Hannes Reinecke
2016-10-13 11:25 ` Hannes Reinecke
2016-10-13 15:15 ` Steffen Maier
2016-10-13 15:15 ` Steffen Maier
2016-10-13 15:15 ` Steffen Maier
2016-10-13 16:24 ` Johannes Thumshirn
2016-10-13 16:24 ` Johannes Thumshirn
2016-10-13 16:24 ` Johannes Thumshirn
2016-10-28 9:53 ` Steffen Maier
2016-10-28 9:53 ` Steffen Maier
2016-10-28 9:53 ` Steffen Maier
2016-10-28 11:31 ` Hannes Reinecke [this message]
2016-10-28 11:31 ` Hannes Reinecke
2016-10-28 11:31 ` Hannes Reinecke
2016-10-28 13:53 ` Steffen Maier
2016-10-28 13:53 ` Steffen Maier
2016-10-28 13:53 ` Steffen Maier
2016-10-28 16:29 ` Andreas Krebbel1
2016-10-28 16:29 ` Andreas Krebbel1
2016-10-28 16:29 ` Andreas Krebbel1
2016-10-30 17:56 ` Johannes Thumshirn
2016-10-30 17:56 ` Johannes Thumshirn
2016-10-30 17:56 ` Johannes Thumshirn
2016-10-12 13:06 ` [PATCH v2 03/16] scsi: fc: Export fc_bsg_jobdone and use it in FC drivers Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:27 ` Hannes Reinecke
2016-10-13 11:27 ` Hannes Reinecke
2016-10-13 11:27 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 04/16] scsi: Unify interfaces of fc_bsg_jobdone and bsg_job_done Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:33 ` Hannes Reinecke
2016-10-13 11:33 ` Hannes Reinecke
2016-10-13 11:33 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 05/16] scsi: fc: provide fc_bsg_to_shost() helper Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:34 ` Hannes Reinecke
2016-10-13 11:34 ` Hannes Reinecke
2016-10-13 11:34 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 06/16] scsi: fc: provide fc_bsg_to_rport() helper Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:34 ` Hannes Reinecke
2016-10-13 11:34 ` Hannes Reinecke
2016-10-13 11:34 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 07/16] scsi: libfc: don't set FC_RQST_STATE_DONE before calling fc_bsg_jobdone() Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:38 ` Hannes Reinecke
2016-10-13 11:38 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 08/16] scsi: fc: implement kref backed reference counting Johannes Thumshirn
2016-10-13 11:42 ` Hannes Reinecke
2016-10-13 14:40 ` Johannes Thumshirn
2016-10-12 13:06 ` [PATCH v2 09/16] block: add reference counting for struct bsg_job Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:43 ` Hannes Reinecke
2016-10-13 11:43 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 10/16] scsi: change FC drivers to use 'struct bsg_job' Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:44 ` Hannes Reinecke
2016-10-13 11:44 ` Hannes Reinecke
2016-10-13 11:44 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 11/16] scsi: fc: Use bsg_destroy_job Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:45 ` Hannes Reinecke
2016-10-13 11:45 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 12/16] scsi: fc: use bsg_softirq_done Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:45 ` Hannes Reinecke
2016-10-13 11:45 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 13/16] scsi: fc: use bsg_job_done Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:46 ` Hannes Reinecke
2016-10-13 11:46 ` Hannes Reinecke
2016-10-13 11:46 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 14/16] block: add bsg_job_put() and bsg_job_get() Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:47 ` Hannes Reinecke
2016-10-13 11:47 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 15/16] scsi: fc: move FC transport's bsg code to bsg-lib Johannes Thumshirn
2016-10-13 11:49 ` Hannes Reinecke
2016-10-12 13:06 ` [PATCH v2 16/16] block: unexport bsg_softirq_done() again Johannes Thumshirn
2016-10-12 13:06 ` Johannes Thumshirn
2016-10-13 11:50 ` Hannes Reinecke
2016-10-13 11:50 ` Hannes Reinecke
2016-10-12 15:54 ` [PATCH v2 00/16] Convert FibreChannel bsg code to use bsg-lib Steffen Maier
2016-10-13 7:39 ` Johannes Thumshirn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d9a73963-1ade-2b6f-77bd-044e19675fd8@suse.de \
--to=hare@suse.de \
--cc=Ulrich.Weigand@de.ibm.com \
--cc=anil.gurumurthy@qlogic.com \
--cc=benh@kernel.crashing.org \
--cc=dick.kennedy@avagotech.com \
--cc=fcoe-devel@open-fcoe.org \
--cc=hch@infradead.org \
--cc=heiko.carstens@de.ibm.com \
--cc=james.smart@avagotech.com \
--cc=jejb@linux.vnet.ibm.com \
--cc=jth@kernel.org \
--cc=jthumshirn@suse.de \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=linuxppc-dev@lists.ozlabs.org \
--cc=maier@linux.vnet.ibm.com \
--cc=martin.petersen@oracle.com \
--cc=mpe@ellerman.id.au \
--cc=paulus@samba.org \
--cc=qla2xxx-upstream@qlogic.com \
--cc=rguenther@suse.de \
--cc=schwidefsky@de.ibm.com \
--cc=sudarsana.kalluru@qlogic.com \
--cc=tyreld@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.