[linux-yocto] [linux-yocto-4.12][PATCH 1/1] ide:ide-cd: fix kernel panic resulting from missing scsi_req_init

Bruce Ashfield bruce.ashfield at windriver.com
Thu Nov 2 16:34:49 PDT 2017 

On 2017-11-01 10:40 PM, Hongxu Jia wrote:
> Hi Bruce,
> 
> The upstream accepted it, and merged to kernel 4.14.
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=79d73346ac05bc31f2e96f899c4e9aaaa616a8d4 
> 
> 
> For 4.12, we could not directly backport from 4.14,
> please merge this patch.

merged, with some cleanups done to the commit log.

Bruce

> 
> //Hongxu
> 
> On 2017年11月02日 01:54, Bruce Ashfield wrote:
>> On 2017-10-31 10:01 PM, Hongxu Jia wrote:
>>> Since we split the scsi_request out of struct request, while the
>>> standard prep_rq_fn builds 10 byte cmds, it missed to invoke
>>> scsi_req_init() to initialize certain fields of a scsi_request
>>> structure (.__cmd[], .cmd, .cmd_len and .sense_len but no other
>>> members of struct scsi_request).
>>>
>>> An example panic on virtual machines (qemu/virtualbox) to boot
>>> from IDE cdrom:
>>> ...
>>> [    8.754381] Call Trace:
>>> [    8.755419]  blk_peek_request+0x182/0x2e0
>>> [    8.755863]  blk_fetch_request+0x1c/0x40
>>> [    8.756148]  ? ktime_get+0x40/0xa0
>>> [    8.756385]  do_ide_request+0x37d/0x660
>>> [    8.756704]  ? cfq_group_service_tree_add+0x98/0xc0
>>> [    8.757011]  ? cfq_service_tree_add+0x1e5/0x2c0
>>> [    8.757313]  ? ktime_get+0x40/0xa0
>>> [    8.757544]  __blk_run_queue+0x3d/0x60
>>> [    8.757837]  queue_unplugged+0x2f/0xc0
>>> [    8.758088]  blk_flush_plug_list+0x1f4/0x240
>>> [    8.758362]  blk_finish_plug+0x2c/0x40
>>> ...
>>> [    8.770906] RIP: ide_cdrom_prep_fn+0x63/0x180 RSP: ffff92aec018bae8
>>> [    8.772329] ---[ end trace 6408481e551a85c9 ]---
>>> ...
>>>
>>> Fixes: 82ed4db499b8 ("block: split scsi_request out of struct request")
>>>
>>> Upstream-Status: Submitted [linux-block at vger.kernel.org]
>>
>> I'll drop this during merge, but do you have a link to the mailing
>> list archive for this ?
>>
>> We should capture that, and I'd like to follow along to see what
>> upstream says.
>>
>> Bruce
>>
>>>
>>> Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
>>> ---
>>>   drivers/ide/ide-cd.c | 1 +
>>>   1 file changed, 1 insertion(+)
>>>
>>> diff --git a/drivers/ide/ide-cd.c b/drivers/ide/ide-cd.c
>>> index 07e5ff3..f13ad9d 100644
>>> --- a/drivers/ide/ide-cd.c
>>> +++ b/drivers/ide/ide-cd.c
>>> @@ -1329,6 +1329,7 @@ static int ide_cdrom_prep_fs(struct 
>>> request_queue *q, struct request *rq)
>>>       unsigned long blocks = blk_rq_sectors(rq) / (hard_sect >> 9);
>>>       struct scsi_request *req = scsi_req(rq);
>>>   +    scsi_req_init(rq);
>>>       memset(req->cmd, 0, BLK_MAX_CDB);
>>>         if (rq_data_dir(rq) == READ)
>>>
>>
>>
>

More information about the linux-yocto mailing list