ahc_target_state check starget valid

[Justin I believe that you are the maintainer for the aic7xxx 
driver, could you look this over and if you concur with this
change push it up.]

Since 2.6.12-git1 we have been seeing the Oops below when accessing
/proc files for the aix7xxx driver.  This seems to be as a result of
a new abstraction for scsi targets.  Looking at other uses of the
aic7xxx 'starget[]' seems to indicate that it is possible for this 
to be NULL.  The patch below adds a check to ahc_dump_target_state
before we attempt to map it to a scsi target.

Unable to handle kernel NULL pointer dereference at virtual address 00000124
 printing eip:
c02482dc
*pde = 1b971001
*pte = 00000000
Oops: 0000 [#1]
SMP
CPU:    2
EIP:    0060:[<c02482dc>]    Not tainted VLI
EFLAGS: 00010296   (2.6.12-git4-autokern1)
EIP is at scsi_is_host_device+0x4/0x18
eax: 00000014   ebx: 00000014   ecx: 00000000   edx: e017fb80
esi: 00000000   edi: ddc0b100   ebp: dffe3ef4   esp: dffe3dac
ds: 007b   es: 007b   ss: 0068
Process cp (pid: 6942, threadinfo=dffe2000 task=dcc27a60)
Stack: c026825b 00000014 00000000 dffe3ef4 dfc55600 0000000f 41268703 c02687c9
       dfc55600 dffe3ef4 00000007 00000041 00000000 00000000 dffe3f68 00000c00
       db6aa000 dffe3f64 37636961 3a393938 746c5520 36316172 69572030 43206564
Call Trace:
 [<c026825b>] ahc_dump_target_state+0xa3/0x10c
 [<c02687c9>] ahc_linux_proc_info+0x199/0x1ca
 [<c0141af6>] do_anonymous_page+0x1ee/0x21c
 [<c0141b0e>] do_anonymous_page+0x206/0x21c
 [<c0141b79>] do_no_page+0x55/0x3d8
 [<c0135f15>] prep_new_page+0x49/0x50
 [<c01365a3>] buffered_rmqueue+0x153/0x1b4
 [<c0136a4b>] __alloc_pages+0x3bb/0x3c8
 [<c024ff3b>] proc_scsi_read+0x2b/0x44
 [<c017d5d8>] proc_file_read+0xec/0x200
 [<c01506b5>] vfs_read+0x8d/0xec
 [<c0150924>] sys_read+0x40/0x6c
 [<c0102df9>] syscall_call+0x7/0xb
Code: fd ff 83 c4 04 c3 90 68 20 ce 3a c0 e8 ca 31 fd ff 83 c4 04 c3 89 f6 68 20 ce 3a c0 e8 46 32 fd ff 83 c4 04 c3 89 f6 8b 44 24 04 <81> b8 10 01 00 00 80 7d 24 c0 0f 94 c0 0f b6 c0 c3 8d 76 00 8b
 <1>Unable to handle kernel NULL pointer dereference at virtual address 00000124 printing eip:
c02482dc
*pde = 1ff59001
*pte = 00000000

Signed-off-by: Andy Whitcroft <[email protected]>
---
 aic7xxx_proc.c |    2 ++
 1 files changed, 2 insertions(+)
diff -upN reference/drivers/scsi/aic7xxx/aic7xxx_proc.c current/drivers/scsi/aic7xxx/aic7xxx_proc.c
--- reference/drivers/scsi/aic7xxx/aic7xxx_proc.c
+++ current/drivers/scsi/aic7xxx/aic7xxx_proc.c
@@ -155,6 +155,8 @@ ahc_dump_target_state(struct ahc_softc *
 	copy_info(info, "\tUser: ");
 	ahc_format_transinfo(info, &tinfo->user);
 	starget = ahc->platform_data->starget[target_offset];
+	if (starget == NULL)
+		return;
 	targ = scsi_transport_target_data(starget);
 	if (targ == NULL)
 		return;
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Prev by Date: Re: Patch of a new driver for kernel 2.4.x that need review
• Next by Date: Re: 2.6.12-mm1 & 2K lun testing (JFS problem ?)
• Previous by thread: [PATCH] ppc32: Add support for Freescale e200 (Book-E) core
• Next by thread: 2.6.12 breaks 8139cp
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]