I was poking around with the files laying in /sys/block/md*/md/dev-*/super
and found this bug (NOTE: I attempted to read the file 2 times):
[ 5591.212764] ------------[ cut here ]------------
[ 5591.212773] kernel BUG at /usr/src/linux/dist/2.6.24.3/fs/sysfs/file.c:126!
[ 5591.212778] invalid opcode: 0000 [#1] PREEMPT SMP
[ 5591.212784] Modules linked in: xt_mark xt_mac xt_MARK iptable_mangle isofs nls_base usbhid ppp_deflate zlib_deflate zlib_inflate bsd_comp ppp_async crc_ccitt radeon drm nfsd lockd exportfs sunrpc parport_pc parport 8250_pnp snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm_oss snd_pcm snd_mixer_oss snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd soundcore snd_page_alloc i2c_i801 i2c_core sg sr_mod cdrom ata_piix libata asix usbnet mii ehci_hcd uhci_hcd usbcore intel_agp agpgart iptable_nat nf_nat xt_limit ipt_LOG xt_state xt_tcpudp ipt_recent nf_conntrack_ipv4 xt_conntrack nf_conntrack ipt_REJECT iptable_filter ip_tables x_tables tun bitrev crc32 ppp_generic slhc e1000 bridge llc reiserfs ext2 raid1 dm_snapshot dm_mirror dm_mod rtc 8250 serial_core
[ 5591.212886]
[ 5591.212891] Pid: 11834, comm: grep Not tainted (2.6.24.3 #2)
[ 5591.212895] EIP: 0060:[<c019465f>] EFLAGS: 00010212 CPU: 0
[ 5591.212905] EIP is at sysfs_read_file+0xd6/0xda
[ 5591.212909] EAX: 00000001 EBX: f7500b40 ECX: 00000000 EDX: f6d9dc6c
[ 5591.212914] ESI: 00001000 EDI: f6d9dc14 EBP: f7500b54 ESP: f183bf50
[ 5591.212918] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 5591.212923] Process grep (pid: 11834, ti=f183a000 task=f2cc7570 task.ti=f183a000)
[ 5591.212927] Stack: 00000004 0000001c 00008000 08062000 c034fb10 f6cf0ac4 f51ac380 08062000
[ 5591.212940] f183bfa0 00008000 c015d8ac f183bfa0 00000020 c0194589 f51ac380 fffffff7
[ 5591.212951] 00009001 f183a000 c015dcee f183bfa0 00000000 00000000 00000000 00000004
[ 5591.212963] Call Trace:
[ 5591.212992] [<c015d8ac>] vfs_read+0x89/0x117
[ 5591.213007] [<c0194589>] sysfs_read_file+0x0/0xda
[ 5591.213025] [<c015dcee>] sys_read+0x41/0x6a
[ 5591.213046] [<c0103402>] syscall_call+0x7/0xb
[ 5591.213076] [<c02a0000>] igmpv3_sendpack+0x4/0xb6
[ 5591.213103] =======================
[ 5591.213106] Code: e8 c2 79 11 00 89 f0 83 c4 18 5b 5e 5f 5d c3 b8 d0 00 00 00 e8 4f d8 fa ff 89 43 0c 85 c0 0f 85 74 ff ff ff be f4 ff ff ff eb d3 <0f> 0b eb fe 55 57 56 53 83 ec 04 89 c7 89 d5 89 0c 24 8b 74 24
[ 5591.213172] EIP: [<c019465f>] sysfs_read_file+0xd6/0xda SS:ESP 0068:f183bf50
[ 5591.213188] ---[ end trace 800d6d1bf01f2a42 ]---
[ 5606.444691] ------------[ cut here ]------------
[ 5606.444698] kernel BUG at /usr/src/linux/dist/2.6.24.3/fs/sysfs/file.c:126!
[ 5606.444702] invalid opcode: 0000 [#2] PREEMPT SMP
[ 5606.444706] Modules linked in: xt_mark xt_mac xt_MARK iptable_mangle isofs nls_base usbhid ppp_deflate zlib_deflate zlib_inflate bsd_comp ppp_async crc_ccitt radeon drm nfsd lockd exportfs sunrpc parport_pc parport 8250_pnp snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm_oss snd_pcm snd_mixer_oss snd_seq_dummy snd_seq_oss snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq snd_timer snd_seq_device snd soundcore snd_page_alloc i2c_i801 i2c_core sg sr_mod cdrom ata_piix libata asix usbnet mii ehci_hcd uhci_hcd usbcore intel_agp agpgart iptable_nat nf_nat xt_limit ipt_LOG xt_state xt_tcpudp ipt_recent nf_conntrack_ipv4 xt_conntrack nf_conntrack ipt_REJECT iptable_filter ip_tables x_tables tun bitrev crc32 ppp_generic slhc e1000 bridge llc reiserfs ext2 raid1 dm_snapshot dm_mirror dm_mod rtc 8250 serial_core
[ 5606.444777]
[ 5606.444780] Pid: 11835, comm: less Tainted: G D (2.6.24.3 #2)
[ 5606.444783] EIP: 0060:[<c019465f>] EFLAGS: 00010212 CPU: 0
[ 5606.444792] EIP is at sysfs_read_file+0xd6/0xda
[ 5606.444795] EAX: 00000001 EBX: f7500480 ECX: 00000000 EDX: f6d9dc6c
[ 5606.444798] ESI: 00001000 EDI: f6d9dc14 EBP: f7500494 ESP: ec4b9f50
[ 5606.444800] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[ 5606.444804] Process less (pid: 11835, ti=ec4b8000 task=f6c6c030 task.ti=ec4b8000)
[ 5606.444806] Stack: 00000005 0000001b 00000040 bfb05e6c c034fb10 f6cf0ac4 f51ac080 bfb05e6c
[ 5606.444815] ec4b9fa0 00000040 c015d8ac ec4b9fa0 c015cc31 c0194589 f51ac080 fffffff7
[ 5606.444823] bfb05e6c ec4b8000 c015dcee ec4b9fa0 00000000 00000000 00000000 00000005
[ 5606.444831] Call Trace:
[ 5606.444855] [<c015d8ac>] vfs_read+0x89/0x117
[ 5606.444864] [<c015cc31>] vfs_llseek+0x36/0x3c
[ 5606.444868] [<c0194589>] sysfs_read_file+0x0/0xda
[ 5606.444881] [<c015dcee>] sys_read+0x41/0x6a
[ 5606.444897] [<c0103402>] syscall_call+0x7/0xb
[ 5606.444922] [<c02a0000>] igmpv3_sendpack+0x4/0xb6
[ 5606.444945] =======================
[ 5606.444947] Code: e8 c2 79 11 00 89 f0 83 c4 18 5b 5e 5f 5d c3 b8 d0 00 00 00 e8 4f d8 fa ff 89 43 0c 85 c0 0f 85 74 ff ff ff be f4 ff ff ff eb d3 <0f> 0b eb fe 55 57 56 53 83 ec 04 89 c7 89 d5 89 0c 24 8b 74 24
[ 5606.444994] EIP: [<c019465f>] sysfs_read_file+0xd6/0xda SS:ESP 0068:ec4b9f50
[ 5606.445018] ---[ end trace 800d6d1bf01f2a42 ]---
.config is available on request Kernel is stock, no vendor/local
modifications
--
Lab tests show that use of micro$oft causes cancer in lab animals
Got Gas???
On Sat, 22 Mar 2008 18:25:31 -0400 Wakko Warner <[email protected]> wrote:
> I was poking around with the files laying in /sys/block/md*/md/dev-*/super
> and found this bug (NOTE: I attempted to read the file 2 times):
>
> [ 5591.212764] ------------[ cut here ]------------
> [ 5591.212773] kernel BUG at /usr/src/linux/dist/2.6.24.3/fs/sysfs/file.c:126!
hm, I didn't know 2.6.24 was affected.
Neil, should we backport this?
From: Linux Kernel Mailing List <[email protected]>
To: [email protected]
Subject: md: remove the 'super' sysfs attribute from devices in an 'md' array
Date: Thu, 20 Mar 2008 02:59:10 GMT
Sender: [email protected]
Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0e82989d95cc46cc58622381eafa54f7428ee679
Commit: 0e82989d95cc46cc58622381eafa54f7428ee679
Parent: 43d8eac44f28d384d2377dcdd1407f51f79dda55
Author: NeilBrown <[email protected]>
AuthorDate: Wed Mar 19 17:00:44 2008 -0700
Committer: Linus Torvalds <[email protected]>
CommitDate: Wed Mar 19 18:53:35 2008 -0700
md: remove the 'super' sysfs attribute from devices in an 'md' array
Exposing the binary blob which is the md 'super-block' via sysfs doesn't
really fit with the whole sysfs model, and ever since commit
8118a859dc7abd873193986c77a8d9bdb877adc8 ("sysfs: fix off-by-one error
in fill_read_buffer()") it doesn't actually work at all (as the size of
the blob is often one page).
(akpm: as in, fs/sysfs/file.c:fill_read_buffer() goes BUG)
So just remove it altogether. It isn't really useful.
Signed-off-by: Neil Brown <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
---
drivers/md/md.c | 12 ------------
1 files changed, 0 insertions(+), 12 deletions(-)
diff --git a/drivers/md/md.c b/drivers/md/md.c
index ccbbf63..61ccbd2 100644
--- a/drivers/md/md.c
+++ b/drivers/md/md.c
@@ -1864,17 +1864,6 @@ static struct rdev_sysfs_entry rdev_state =
__ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store);
static ssize_t
-super_show(mdk_rdev_t *rdev, char *page)
-{
- if (rdev->sb_loaded && rdev->sb_size) {
- memcpy(page, page_address(rdev->sb_page), rdev->sb_size);
- return rdev->sb_size;
- } else
- return 0;
-}
-static struct rdev_sysfs_entry rdev_super = __ATTR_RO(super);
-
-static ssize_t
errors_show(mdk_rdev_t *rdev, char *page)
{
return sprintf(page, "%d\n", atomic_read(&rdev->corrected_errors));
@@ -2060,7 +2049,6 @@ __ATTR(size, S_IRUGO|S_IWUSR, rdev_size_show, rdev_size_store);
static struct attribute *rdev_default_attrs[] = {
&rdev_state.attr,
- &rdev_super.attr,
&rdev_errors.attr,
&rdev_slot.attr,
&rdev_offset.attr,
On Saturday March 22, [email protected] wrote:
> On Sat, 22 Mar 2008 18:25:31 -0400 Wakko Warner <[email protected]> wrote:
>
> > I was poking around with the files laying in /sys/block/md*/md/dev-*/super
> > and found this bug (NOTE: I attempted to read the file 2 times):
> >
> > [ 5591.212764] ------------[ cut here ]------------
> > [ 5591.212773] kernel BUG at /usr/src/linux/dist/2.6.24.3/fs/sysfs/file.c:126!
>
> hm, I didn't know 2.6.24 was affected.
$ git describe 8118a859dc7abd873193986c77a8d9bdb877adc8
v2.6.24-rc3-412-g8118a85
Looks like everything since 2.6.24-rc3 is affected.
>
> Neil, should we backport this?
Yes, I think that would be best.
Thanks,
NeilBrown
>
>
> From: Linux Kernel Mailing List <[email protected]>
> To: [email protected]
> Subject: md: remove the 'super' sysfs attribute from devices in an 'md' array
> Date: Thu, 20 Mar 2008 02:59:10 GMT
> Sender: [email protected]
>
> Gitweb: http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=0e82989d95cc46cc58622381eafa54f7428ee679
> Commit: 0e82989d95cc46cc58622381eafa54f7428ee679
> Parent: 43d8eac44f28d384d2377dcdd1407f51f79dda55
> Author: NeilBrown <[email protected]>
> AuthorDate: Wed Mar 19 17:00:44 2008 -0700
> Committer: Linus Torvalds <[email protected]>
> CommitDate: Wed Mar 19 18:53:35 2008 -0700
>
> md: remove the 'super' sysfs attribute from devices in an 'md' array
>
> Exposing the binary blob which is the md 'super-block' via sysfs doesn't
> really fit with the whole sysfs model, and ever since commit
> 8118a859dc7abd873193986c77a8d9bdb877adc8 ("sysfs: fix off-by-one error
> in fill_read_buffer()") it doesn't actually work at all (as the size of
> the blob is often one page).
>
> (akpm: as in, fs/sysfs/file.c:fill_read_buffer() goes BUG)
>
> So just remove it altogether. It isn't really useful.
>
> Signed-off-by: Neil Brown <[email protected]>
> Signed-off-by: Andrew Morton <[email protected]>
> Signed-off-by: Linus Torvalds <[email protected]>
> ---
> drivers/md/md.c | 12 ------------
> 1 files changed, 0 insertions(+), 12 deletions(-)
>
> diff --git a/drivers/md/md.c b/drivers/md/md.c
> index ccbbf63..61ccbd2 100644
> --- a/drivers/md/md.c
> +++ b/drivers/md/md.c
> @@ -1864,17 +1864,6 @@ static struct rdev_sysfs_entry rdev_state =
> __ATTR(state, S_IRUGO|S_IWUSR, state_show, state_store);
>
> static ssize_t
> -super_show(mdk_rdev_t *rdev, char *page)
> -{
> - if (rdev->sb_loaded && rdev->sb_size) {
> - memcpy(page, page_address(rdev->sb_page), rdev->sb_size);
> - return rdev->sb_size;
> - } else
> - return 0;
> -}
> -static struct rdev_sysfs_entry rdev_super = __ATTR_RO(super);
> -
> -static ssize_t
> errors_show(mdk_rdev_t *rdev, char *page)
> {
> return sprintf(page, "%d\n", atomic_read(&rdev->corrected_errors));
> @@ -2060,7 +2049,6 @@ __ATTR(size, S_IRUGO|S_IWUSR, rdev_size_show, rdev_size_store);
>
> static struct attribute *rdev_default_attrs[] = {
> &rdev_state.attr,
> - &rdev_super.attr,
> &rdev_errors.attr,
> &rdev_slot.attr,
> &rdev_offset.attr,
> --
> To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html