lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Wed, 25 Oct 2017 09:57:08 +0800
From:   kernel test robot <fengguang.wu@...el.com>
To:     Bart Van Assche <bart.vanassche@....com>
Cc:     LKP <lkp@...org>, linux-scsi@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        virtualization@...ts.linux-foundation.org,
        Jens Axboe <axboe@...nel.dk>, wfg@...ux.intel.com
Subject: a570843ee9 ("virtio_blk: Fix an SG_IO regression"):  kernel BUG
 at include/linux/scatterlist.h:92!

Greetings,

0day kernel testing robot got the below dmesg and the first bad commit is

https://git.kernel.org/pub/scm/linux/kernel/git/axboe/linux-block.git for-linus

commit a570843ee9f0d1f613ccf167c6ddb95aaa3f509c
Author:     Bart Van Assche <bart.vanassche@....com>
AuthorDate: Tue Oct 24 08:04:36 2017 +0200
Commit:     Jens Axboe <axboe@...nel.dk>
CommitDate: Tue Oct 24 07:47:16 2017 -0600

    virtio_blk: Fix an SG_IO regression
    
    Avoid that submitting an SG_IO ioctl triggers a kernel oops that
    is preceded by:
    
    usercopy: kernel memory overwrite attempt detected to (null) (<null>) (6 bytes)
    kernel BUG at mm/usercopy.c:72!
    
    Additionally, make it easier to diagnose crashes like the one
    fixed by this patch.
    
    Reported-by: Dann Frazier <dann.frazier@...onical.com>
    Fixes: commit ca18d6f769d2 ("block: Make most scsi_req_init() calls implicit")
    Signed-off-by: Bart Van Assche <bart.vanassche@....com>
    Tested-by: Dann Frazier <dann.frazier@...onical.com>
    Cc: Dann Frazier <dann.frazier@...onical.com>
    Cc: Martin K. Petersen <martin.petersen@...cle.com>
    Cc: <stable@...r.kernel.org> # v4.13
    Signed-off-by: Jens Axboe <axboe@...nel.dk>

875397464a  Merge branch 'nvme-4.14' of git://git.infradead.org/nvme into for-linus
a570843ee9  virtio_blk: Fix an SG_IO regression
a570843ee9  virtio_blk: Fix an SG_IO regression
+-------------------------------------------+------------+------------+------------+
|                                           | 875397464a | a570843ee9 | a570843ee9 |
+-------------------------------------------+------------+------------+------------+
| boot_successes                            | 37         | 4          | 4          |
| boot_failures                             | 0          | 11         | 11         |
| kernel_BUG_at_include/linux/scatterlist.h | 0          | 11         | 11         |
| invalid_opcode:#[##]                      | 0          | 11         | 11         |
| Kernel_panic-not_syncing:Fatal_exception  | 0          | 11         | 11         |
+-------------------------------------------+------------+------------+------------+

/etc/rcS.d/S00fbsetup: line 3: /sbin/modprobe: not found
[   13.837041] rc (245) used greatest stack depth: 13632 bytes left
Starting udev
[   14.814165] udevadm (257) used greatest stack depth: 13360 bytes left
[   15.128722] ------------[ cut here ]------------
[   15.131755] kernel BUG at include/linux/scatterlist.h:92!
[   15.135624] invalid opcode: 0000 [#1] SMP
[   15.138724] Modules linked in:
[   15.141381] CPU: 0 PID: 261 Comm: udevd Not tainted 4.14.0-rc5-00038-ga570843 #48
[   15.146353] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1 04/01/2014
[   15.152690] task: ffffa0e3e7c9c340 task.stack: ffffb2f180a08000
[   15.156851] RIP: 0010:sg_assign_page+0x16/0x2e
[   15.159923] RSP: 0018:ffffb2f180a0b9e8 EFLAGS: 00010293
[   15.167822] RAX: 0000000087654321 RBX: ffffa0e3ea16f248 RCX: ffffa0e3e7424b08
[   15.183066] RDX: 0000000000000000 RSI: fffff2e600883a00 RDI: ffffa0e3ea2a41f8
[   15.187252] RBP: ffffb2f180a0b9e8 R08: 000000052d22ceb2 R09: ffffa0e3e7424a80
[   15.191824] R10: ffffb2f180a0b8e8 R11: 0000000000004704 R12: ffffa0e3ea2a41f8
[   15.196063] R13: 0000000000000014 R14: ffffa0e3ea2a41f8 R15: ffffa0e3ea2a4080
[   15.200217] FS:  00007f923d33d700(0000) GS:ffffa0e3efa00000(0000) knlGS:0000000000000000
[   15.205139] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   15.208338] CR2: 00007ffed11dcf68 CR3: 000000002744f004 CR4: 00000000001606f0
[   15.213302] Call Trace:
[   15.215631]  blk_rq_map_sg+0x228/0x3cd
[   15.218466]  virtio_queue_rq+0xd0/0x1e5
[   15.221570]  ? blk_mq_get_driver_tag+0x91/0xf6
[   15.224803]  blk_mq_dispatch_rq_list+0x195/0x2b0
[   15.227598]  blk_mq_sched_dispatch_requests+0x146/0x167
[   15.230733]  __blk_mq_run_hw_queue+0x68/0xd8
[   15.233415]  __blk_mq_delay_run_hw_queue+0x67/0xba
[   15.236257]  blk_mq_run_hw_queue+0x14/0x16
[   15.239477]  blk_mq_sched_insert_request+0xd8/0x11f
[   15.243490]  blk_execute_rq_nowait+0x78/0xd3
[   15.246775]  blk_execute_rq+0x68/0x9f
[   15.249864]  virtblk_serial_show+0x79/0xd7
[   15.253033]  ? virtblk_cache_type_show+0x46/0x46
[   15.256436]  dev_attr_show+0x25/0x49
[   15.259273]  sysfs_kf_seq_show+0x7f/0xcf
[   15.262768]  kernfs_seq_show+0x27/0x29
[   15.265724]  seq_read+0x177/0x333
[   15.268372]  kernfs_fop_read+0x3c/0x15d
[   15.271562]  __vfs_read+0x26/0x9d
[   15.274213]  ? fsnotify_perm+0x63/0x6f
[   15.276933]  ? security_file_permission+0x3b/0x42
[   15.280369]  ? rw_verify_area+0x7c/0xb5
[   15.283008]  vfs_read+0xb7/0xef
[   15.285395]  SyS_read+0x50/0x7e
[   15.287702]  entry_SYSCALL_64_fastpath+0x1f/0xbe
[   15.290831] RIP: 0033:0x7f923ce63cf0
[   15.293299] RSP: 002b:00007ffed11dcad8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   15.296542] RAX: ffffffffffffffda RBX: ffffffffa5128e4a RCX: 00007f923ce63cf0
[   15.300152] RDX: 0000000000001000 RSI: 00007ffed11dcae0 RDI: 0000000000000004
[   15.304009] RBP: ffffb2f180a0bf98 R08: 0000000000937ebc R09: 00007f923ceb9c50
[   15.307885] R10: 3a30303a30303030 R11: 0000000000000246 R12: 0000000000000046
[   15.311815] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000942ff3
[   15.315720]  ? trace_hardirqs_off_caller+0x3f/0xa1
[   15.318761] Code: 00 00 00 75 0b 48 83 bf 18 01 00 00 00 0f 95 c0 83 e0 01 5d c3 55 40 f6 c6 03 48 89 e5 74 02 0f 0b b8 21 43 65 87 48 39 07 74 02 <0f> 0b 48 8b 47 08 a8 01 74 02 0f 0b 83 e0 03 48 09 c6 48 89 77 
[   15.330449] RIP: sg_assign_page+0x16/0x2e RSP: ffffb2f180a0b9e8
[   15.334064] ---[ end trace 33be88842cc9b58e ]---
[   15.337050] Kernel panic - not syncing: Fatal exception

                                                          # HH:MM RESULT GOOD BAD GOOD_BUT_DIRTY DIRTY_NOT_BAD
git bisect start f87a8651aad0983d194b9688fe06921be29f7c28 bb176f67090ca54869fc1262c913aa69d2ede070 --
git bisect  bad f58179bc54ed2bde90a55cecfa2bb40948fb7fb8  # 07:24  B      0    11   25   1  Merge 'tip/locking/core' into devel-spot-201710250552
git bisect good 057aa65e2803457d6baab53bf335b9b479be0424  # 07:52  G     10     0    0   0  Merge 'rockchip/for-next' into devel-spot-201710250552
git bisect good 3540fb496ed4a91280579e9250543fbf9845227c  # 08:08  G     11     0    0   0  Merge 'usb/usb-testing' into devel-spot-201710250552
git bisect  bad 1b444e55dd9bfb2c61c75d002d69f5c4d1a361b6  # 08:18  B      0     9   22   0  Merge 'open-channel-ssd/for-4.15/cnex' into devel-spot-201710250552
git bisect  bad ba1317402d6391acb478b36f656c1cd3652f3e54  # 08:27  B      0     9   24   2  Merge 'gfs2/dev' into devel-spot-201710250552
git bisect  bad 922dd1dcce5deb7c56dc053ae3a61dd492ad0626  # 08:39  B      0     5   23   4  Merge 'block/for-linus' into devel-spot-201710250552
git bisect good bd9f07590a17f3158b51fb869dca723f1f606bdc  # 08:56  G     11     0    0   0  nvme-rdma: Fix possible double free in reconnect flow
git bisect good 875397464a55dd750198f799626959ad4cf45563  # 09:06  G     11     0    0   0  Merge branch 'nvme-4.14' of git://git.infradead.org/nvme into for-linus
git bisect  bad a570843ee9f0d1f613ccf167c6ddb95aaa3f509c  # 09:17  B      0    11   24   0  virtio_blk: Fix an SG_IO regression
# first bad commit: [a570843ee9f0d1f613ccf167c6ddb95aaa3f509c] virtio_blk: Fix an SG_IO regression
git bisect good 875397464a55dd750198f799626959ad4cf45563  # 09:24  G     31     0    0   0  Merge branch 'nvme-4.14' of git://git.infradead.org/nvme into for-linus
# extra tests on HEAD of linux-devel/devel-spot-201710250552
git bisect  bad f87a8651aad0983d194b9688fe06921be29f7c28  # 09:25  B      0    14   44   1  0day head guard for 'devel-spot-201710250552'
# extra tests on tree/branch block/for-linus
git bisect  bad a570843ee9f0d1f613ccf167c6ddb95aaa3f509c  # 09:31  B      0    11   25   0  virtio_blk: Fix an SG_IO regression
# extra tests with first bad commit reverted
git bisect good fe92c073050308bb1baee9b2b5ff53961249a321  # 09:56  G     11     0    0   0  Revert "virtio_blk: Fix an SG_IO regression"

---
0-DAY kernel test infrastructure                Open Source Technology Center
https://lists.01.org/pipermail/lkp                          Intel Corporation

Download attachment "dmesg-yocto-ivb41-116:20171025091600:x86_64-allyesdebian:4.14.0-rc5-00038-ga570843:48.gz" of type "application/gzip" (31011 bytes)

View attachment "reproduce-yocto-ivb41-116:20171025091600:x86_64-allyesdebian:4.14.0-rc5-00038-ga570843:48" of type "text/plain" (903 bytes)

View attachment "config-4.14.0-rc5-00038-ga570843" of type "text/plain" (163008 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ