Hi,
Fedora got a bug report on an early version of 4.13.2
https://paste.fedoraproject.org/paste/t-Yx23LN5QwJ7oPZLj3zrg
[ 5.913866] usercopy: kernel memory overwrite attempt detected to
(null) (<null>) (16 bytes)
[ 5.914199] ------------[ cut here ]------------
[ 5.914201] kernel BUG at mm/usercopy.c:72!
[ 5.914279] invalid opcode: 0000 [#1] SMP
[ 5.914293] Modules linked in: ppdev joydev virtio_balloon parport_pc
parport i2c_piix4 virtio_blk virtio_net virtio_console qxl
drm_kms_helper ttm drm virtio_pci virtio_ring serio_raw virtio
ata_generic pata_acpi
[ 5.914353] CPU: 1 PID: 916 Comm: hdparm Not tainted
4.13.2-300.fc27.x86_64 #1
[ 5.914372] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[ 5.914387] task: ffff930a7a67b1c0 task.stack: ffffacef407b8000
[ 5.914411] RIP: 0010:__check_object_size+0x123/0x1b0
[ 5.914425] RSP: 0018:ffffacef407bbc20 EFLAGS: 00010282
[ 5.914440] RAX: 000000000000005a RBX: 0000000000000010 RCX:
0000000000000000
[ 5.914458] RDX: 0000000000000000 RSI: ffff930a7d5ce348 RDI:
ffff930a7d5ce348
[ 5.914476] RBP: ffffacef407bbc40 R08: 00000005a68f139a R09:
0000000000000000
[ 5.914494] R10: 0000000000000001 R11: 0000000000000000 R12:
0000000000000000
[ 5.914512] R13: 0000000000000010 R14: 0000000000000000 R15:
0000000000000010
[ 5.914531] FS: 00007f03e4008740(0000) GS:ffff930a7d400000(0000)
knlGS:0000000000000000
[ 5.914552] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 5.914567] CR2: 00007fff67496fe8 CR3: 0000000079ee2000 CR4:
00000000000006e0
[ 5.914588] Call Trace:
[ 5.914599] sg_io+0xe2/0x400
[ 5.914611] ? __might_fault+0x85/0x90
[ 5.914622] scsi_cmd_ioctl+0x2e0/0x4a0
[ 5.914637] scsi_cmd_blk_ioctl+0x42/0x50
[ 5.914651] virtblk_ioctl+0x56/0x70 [virtio_blk]
[ 5.914666] blkdev_ioctl+0x8f7/0x9b0
[ 5.914679] block_ioctl+0x43/0x50
[ 5.914689] do_vfs_ioctl+0xa6/0x6c0
[ 5.914702] SyS_ioctl+0x79/0x90
[ 5.914714] entry_SYSCALL_64_fastpath+0x1f/0xbe
[ 5.914727] RIP: 0033:0x7f03e3b220d7
[ 5.914737] RSP: 002b:00007fff674992f8 EFLAGS: 00000202 ORIG_RAX:
0000000000000010
[ 5.914758] RAX: ffffffffffffffda RBX: 000000007af2c337 RCX:
00007f03e3b220d7
[ 5.914776] RDX: 00007fff67499320 RSI: 0000000000002285 RDI:
0000000000000003
[ 5.914794] RBP: 00007fff674971b0 R08: 0000000000000000 R09:
0000000000000000
[ 5.914812] R10: 0000000000000003 R11: 0000000000000202 R12:
0000000000000000
[ 5.914830] R13: 00007f03e401dbd8 R14: 00007fff674971d8 R15:
00007f03e4021488
[ 5.914851] Code: 48 0f 45 d1 48 c7 c6 88 75 cb aa 48 c7 c1 0a ab cc
aa 48 0f 45 f1 49 89 d9 49 89 c0 4c 89 f1 48 c7 c7 28 ab cc aa e8 4e 14
e6 ff <0f> 0b f3 c3 48 8b 3d 12 c6 b4 00 48 8b 0d 63 e6 b7 00 be 00 00
[ 5.914938] RIP: __check_object_size+0x123/0x1b0 RSP: ffffacef407bbc20
[ 5.914955] ---[ end trace 7d2ed87f8ebaa2ce ]---
This is from blk_fill_sghdr_rq (block/scsi_ioctl.c:336) and the cryptic
output is saying that req->cmd is NULL. Is this a known issue? I haven't
attempted a bisect yet as I've been at Linux Plumbers.
Thanks,
Laura
Thanks,
Laura
On Fri, Sep 15, 2017 at 09:54:08AM -0700, Laura Abbott wrote:
> Hi,
>
> Fedora got a bug report on an early version of 4.13.2
> https://paste.fedoraproject.org/paste/t-Yx23LN5QwJ7oPZLj3zrg
Can you check if the issue goes away when you disable
CONFIG_VIRTIO_BLK_SCSI?
On 09/15/2017 10:37 AM, Christoph Hellwig wrote:
> On Fri, Sep 15, 2017 at 09:54:08AM -0700, Laura Abbott wrote:
>> Hi,
>>
>> Fedora got a bug report on an early version of 4.13.2
>> https://paste.fedoraproject.org/paste/t-Yx23LN5QwJ7oPZLj3zrg
>
> Can you check if the issue goes away when you disable
> CONFIG_VIRTIO_BLK_SCSI?
>
Yes, the issue goes away when CONFIG_VIRTIO_BLK_SCSI is
disabled.
Thanks,
Laura
On Sat, Sep 16, 2017 at 04:16:06PM -0700, Laura Abbott wrote:
> Yes, the issue goes away when CONFIG_VIRTIO_BLK_SCSI is
> disabled.
Ok, so it's probably related to follow ups to the scsi_request split.
That being said, I would highly recommend turning off
CONFIG_VIRTIO_BLK_SCSI in fedora. The feature has caused more trouble
than it helped with, and should never have been added (saying that as
the person who added it). It was never supported with virtio 1.0 devices
and has been disabled in qemu by default for quite a while.
On 09/17/2017 04:57 PM, Christoph Hellwig wrote:
> On Sat, Sep 16, 2017 at 04:16:06PM -0700, Laura Abbott wrote:
>> Yes, the issue goes away when CONFIG_VIRTIO_BLK_SCSI is
>> disabled.
>
> Ok, so it's probably related to follow ups to the scsi_request split.
>
> That being said, I would highly recommend turning off
> CONFIG_VIRTIO_BLK_SCSI in fedora. The feature has caused more trouble
> than it helped with, and should never have been added (saying that as
> the person who added it). It was never supported with virtio 1.0 devices
> and has been disabled in qemu by default for quite a while.
>
Thanks for the pointer, I went and turned it off on our 4.13 based
kernels.
Laura