Re: pnpbios oops on boot w/ 2.5.47

From: Adam Belay (ambx1@neo.rr.com)
Date: Sun Nov 17 2002 - 12:34:43 EST


On Sat, Nov 16, 2002 at 08:35:54PM -0800, Andrew Morton wrote:
> Adam Belay wrote:
> >
> > The typo appears to be in pnpbios_set_resources. Andrew: Is this where you
> > found it?
>
> Well no.
>
> > --- a/drivers/pnp/pnpbios/core.c Wed Nov 6 17:51:53 2002
> > +++ b/drivers/pnp/pnpbios/core.c Sat Nov 16 23:03:00 2002
> > @@ -1285,9 +1285,9 @@
> > return -EBUSY;
> > if (flags == PNP_DYNAMIC && !pnp_is_dynamic(dev))
> > return -EPERM;
> > - node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> > if (pnp_bios_dev_node_info(&node_info) != 0)
> > return -ENODEV;
> > + node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
>
> As far as I can see, max_node_size is never initialised anywhere.
>
> mnm:/usr/src/25> grep -rI max_node_size .
> ./drivers/pnp/pnpbios/core.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/core.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/core.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/core.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/proc.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/proc.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/proc.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./drivers/pnp/pnpbios/proc.c: node = pnpbios_kmalloc(node_info.max_node_size, GFP_KERNEL);
> ./fs/reiserfs/fix_node.c: int total_node_size, max_node_size, current_item_size;
> ./fs/reiserfs/fix_node.c: max_node_size = MAX_CHILD_SIZE (PATH_H_PBUFFER (tb->tb_path, h));
> ./fs/reiserfs/fix_node.c: if (i == max_node_size)
> ./fs/reiserfs/fix_node.c: return (i / max_node_size + 1);
> ./fs/reiserfs/fix_node.c: cur_free = max_node_size;
> ./fs/reiserfs/fix_node.c: if (total_node_size + current_item_size <= max_node_size) {
> ./fs/reiserfs/fix_node.c: if (current_item_size > max_node_size) {
> ./fs/reiserfs/fix_node.c: current_item_size, max_node_size);
> ./fs/reiserfs/fix_node.c: free_space = max_node_size - total_node_size - IH_SIZE;
> ./include/linux/pnpbios.h: __u16 max_node_size;

It may not appear to be initialized but in reality it actually is. pnp_bios_dev_node_info
recieves a pointer to the node_info structure containing max_node_size. It then passes the
pointer to __pnp_bios_dev_node_info which then passes the pointer to call_pnp_bios.
call_pnp_bios is in assembler primarily and writes data directly to the pointer almost as if
it were a buffer. As a result the structure contains a value for max_node_size.

I appreciate your input. Let me know if you need any additional information.

Thanks,
Adam
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Nov 23 2002 - 22:00:20 EST