2002-01-07 06:30:55

by Zwane Mwaikambo

[permalink] [raw]
Subject: [PATCH] More loop/BIO breakage (ll_rw_blk.c:1359)

Hi Jens,
Oops reproducible by doing a "mount /dev/fd0 /floppy -o loop".
Decoded oops at the end.

loop.c
static inline void loop_handle_bio(struct loop_device *lo, struct bio
*bio)
{
<snip>
} else {
struct bio *rbh = bio->bi_private;

ret = do_bio_blockbacked(lo, bio, rbh);
bio_endio(rbh, !ret, bio_sectors(bio)); <== [1]
loop_put_buffer(bio);
}
}

ll_rw_blk.c
static int end_bio_bh_io_sync(struct bio *bio, int nr_sectors)
{
struct buffer_head *bh = bio->bi_private;

BIO_BUG_ON(nr_sectors != (bh->b_size >> 9)); <== [2]

[1] We send the incorrect bio parameter to bio_sectors, therefore ending
up with 0 for nr_sectors when the parameters filter down to ll_rw_blk.c

[2] We end up with zero here...

Now i just have to figure out why mount complains about no valid
filesystems

--- linux/drivers/block/loop.c.orig Sun Jan 6 13:05:06 2002
+++ linux/drivers/block/loop.c Sun Jan 6 13:05:26 2002
@@ -525,7 +525,7 @@

ret = do_bio_blockbacked(lo, bio, rbh);

- bio_endio(rbh, !ret, bio_sectors(bio));
+ bio_endio(rbh, !ret, bio_sectors(rbh));
loop_put_buffer(bio);
}
}



kernel BUG at ll_rw_blk.c:1359!
invalid operand: 0000
CPU: 0
EIP: 0010:[<c020db95>] Not tainted
EFLAGS: 00010286
eax: 00000020 ebx: ca31bb64 ecx: c0314c44 edx: 0000243f
esi: cbf1c1e4 edi: cbb61000 ebp: cbb61000 esp: ca311f94
ds: 0018 es: 0018 ss: 0018
Process loop0 (pid: 705, stackpage=ca311000)
Stack: c02f138a 0000054f cbf1c1e4 cb272ae4 c014e4d9 cbf1c1e4 00000000
cc9190e2
cbf1c1e4 00000001 00000000 cbb61000 cb272ae4 cbf1c1e4 01b61000
cadb9f28
00000200 00000000 00000000 00000f00 cadb9f28 00000200 00000000
c0107286
Call Trace: [<c014e4d9>] [<cc9190e2>] [<c0107286>] [<cc918ec0>]

Code: 0f 0b 58 5a 8b 46 0c 83 e0 01 50 53 ff 53 34 56 e8 26 01 f4

>>EIP; c020db95 <end_bio_bh_io_sync+25/50> <=====
Trace; c014e4d9 <bio_endio+29/40>
Trace; cc9190e2 <[loop]loop_thread+222/280>
Trace; c0107286 <kernel_thread+26/30>
Trace; cc918ec0 <[loop]loop_thread+0/280>
Code; c020db95 <end_bio_bh_io_sync+25/50>
00000000 <_EIP>:
Code; c020db95 <end_bio_bh_io_sync+25/50> <=====
0: 0f 0b ud2a <=====
Code; c020db97 <end_bio_bh_io_sync+27/50>
2: 58 pop %eax
Code; c020db98 <end_bio_bh_io_sync+28/50>
3: 5a pop %edx
Code; c020db99 <end_bio_bh_io_sync+29/50>
4: 8b 46 0c mov 0xc(%esi),%eax
Code; c020db9c <end_bio_bh_io_sync+2c/50>
7: 83 e0 01 and $0x1,%eax
Code; c020db9f <end_bio_bh_io_sync+2f/50>
a: 50 push %eax
Code; c020dba0 <end_bio_bh_io_sync+30/50>
b: 53 push %ebx
Code; c020dba1 <end_bio_bh_io_sync+31/50>
c: ff 53 34 call *0x34(%ebx)
Code; c020dba4 <end_bio_bh_io_sync+34/50>
f: 56 push %esi
Code; c020dba5 <end_bio_bh_io_sync+35/50>
10: e8 26 01 f4 00 call f4013b <_EIP+0xf4013b> c114dcd0
<_end+d5c340/c4346d0>



2002-01-07 07:49:30

by Jens Axboe

[permalink] [raw]
Subject: Re: [PATCH] More loop/BIO breakage (ll_rw_blk.c:1359)

On Mon, Jan 07 2002, Zwane Mwaikambo wrote:
> Hi Jens,
> Oops reproducible by doing a "mount /dev/fd0 /floppy -o loop".
> Decoded oops at the end.
>
> loop.c
> static inline void loop_handle_bio(struct loop_device *lo, struct bio
> *bio)
> {
> <snip>
> } else {
> struct bio *rbh = bio->bi_private;
>
> ret = do_bio_blockbacked(lo, bio, rbh);
> bio_endio(rbh, !ret, bio_sectors(bio)); <== [1]
> loop_put_buffer(bio);
> }
> }

Ah excellent, nice work. Applied.

--
Jens Axboe