Created attachment 314223 [details] Trace of the failed boot Description of problem: I see a kernel panic when I boot with the pci=use_crs parameter. There's no boundary checking done in setup_resource(). So it is possible to overrun the end of the array. Version-Release number of selected component (if applicable): RHEL 5.2 How reproducible: Steps to Reproduce: 1. Boot the system with pci=use_crs 2. 3. Actual results: Panic Expected results: Additional info: I'm opening this bugzilla as requested in BZ 437529. The link to the upstream patch that does the boundary checking is here: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=3d9befd2cdf65b1768b0d3078a65cc0ae9aa6412
Dan, are you saying that the bounds checking patch will solve the panic? P.
(In reply to comment #2) > Dan, are you saying that the bounds checking patch will solve the panic? > P. I believe that it will, but I haven't tested it applied to the RHEL kernel. I tested the vanilla 2.6.26 kernel that contains that patch, and it booted just fine. Although, the vanilla kernel also increased the size of the array from 8 to 16 so its less likely to run off the end.
Dan, I'm building x86_64 and i386 rpms with the boundary patch and that are based on build -104.el5. I will attach them to this BZ when they make it through our build system. I'll also look into increasing the size of the array -- no promises on increasing the size though as it might break kabi. P.
Created attachment 314271 [details] i686 kernel with patch Dan, please test. Thanks, P.
Created attachment 314272 [details] x86_64 rpm with patch Dan, please test. Thanks, P.
(In reply to comment #6) > Created an attachment (id=314272) [details] > x86_64 rpm with patch > Dan, please test. > Thanks, > P. The patched kernel looks good. I'll attach a trace.
Created attachment 314342 [details] Successful boot log
Created attachment 314390 [details] RHEL5 fix for this issue
in kernel-2.6.18-107.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
(In reply to comment #10) > in kernel-2.6.18-107.el5 > You can download this test kernel from http://people.redhat.com/dzickus/el5 I didn't see -107 on there, but I tried -116 and it worked fine.
Waiting for Unisys to verify Internal Status set to 'Waiting on Customer' This event sent from IssueTracker by balkov issue 199328
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-0225.html