Bug 76184

Summary: NULL pointer dereference in aha152x_cs when acessing SCSI device
Product: [Retired] Red Hat Linux Reporter: Need Real Name <griswold>
Component: kernel-pcmcia-csAssignee: Dave Jones <davej>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 8.0CC: pfrields
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2004-11-25 08:25:13 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
Stack traces from /var/log/messages and cdrecord output none

Description Need Real Name 2002-10-17 21:49:15 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2b) Gecko/20021015

Description of problem:
At first I was not able to get my Adaptec 1460 PCMCIA SCSI card to work using
the default Red Hat Linux 8.0 kernel (2.4.18-14).  I would get the error "trying
software interrupt, lost." when I inserted the card (see bug 67285
(https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=67285) for more
information).  Using Google, I found some information on the Linux Kernel
Mailing List about this problem.  Using the information at
http://www.uwsg.iu.edu/hypermail/linux/kernel/0207.2/0209.html, I modified
aha152x.c and rebuilt the kernel.  Now I am able to insert the card and see the
SCSI devices.

However, when I try to access the devices, the commands coredump.  I've tried
using cdrecord to write some information to a CD-R, xsane to scan an image, and
cp to copy a file from a CD.  In each case, the command crashes after trying to
read from or write to the SCSI device.  It is interesting to note that I've been
able to use ls to list files on a CD without any problem.

After seeing this problem with both my CD-RW drive and scanner, I looked in
/var/log/messages to see if there were any kernel errors.  Each time, I found
the message "Unable to handle kernel NULL pointer dereference at virtual address
00000034" followed by a stack trace.  It looks like it is coming from the
aha152x_cs driver, since I found this as well:

  EIP is at aha152x_internal_queue [aha152x_cs] 0x104


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Insert Adaptec 1460 card with CD-RW and scanner attached.
2. mount /dev/scd0 /mnt/cdrw
3. cp /mnt/cdrw/myfile /tmp

Can also try getting a preview from the scanner using xsane, or writing some
data to a CD-R using cdrecord.


Actual Results:  Get a segmentation fault from cp/xsane/cdrecord.  Find stack
trace /var/log/messages.


Expected Results:  The command should copy the file, scan the image, or write
the data instead of segfaulting.  Should not find stack trace in /var/log/messages.

Additional info:

Scanner is Epson Perfection 1200s, and CD-RW is an HP CD-Writer+ 9210 8x/4x/32x.
 Laptop is an HP Pavilion XH136.  All of this hardware worked without any
problems under Red Hat 7.1 and 7.2.
Comment 1 Need Real Name 2002-10-17 21:51:22 UTC 
Created attachment 80864 [details]
Stack traces from /var/log/messages and cdrecord output
Comment 2 Need Real Name 2002-10-22 04:43:26 UTC 
Upgraded to kernel 2.4.18-17.8.0, and it fixed this problem.  It looks like
aha152x.c was changed quite a bit from 2.4.18-14.  It also fixed the problem in
bug 67285.