kernel-packages team mailing list archive

Thread
Date
[Bug 1534054] Missing required logs.

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
Date: Thu, 14 Jan 2016 08:30:13 -0000
Reply-to: Bug 1534054 <1534054@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:

apport-collect 1534054

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.

** Changed in: linux (Ubuntu)
       Status: New => Incomplete

** Tags added: trusty

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1534054

Title:
  use-after-free found by KASAN in blk_mq_register_disk

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  The error message can be observed in the dmesg when the guest VM
  booted with v3.13.0-65 with KASAN enabled.

  ==================================================================
  BUG: KASan: use after free in blk_mq_register_disk+0x193/0x260 at addr ffff8801ec247400
  Read of size 8 by task swapper/0/1
  =============================================================================
  BUG kmalloc-32 (Not tainted): kasan: bad access detected
  -----------------------------------------------------------------------------

  Disabling lock debugging due to kernel taint
  INFO: Slab 0xffffea0007b091c0 objects=128 used=128 fp=0x          (null) flags=0x2ffff0000000080
  INFO: Object 0xffff8801ec247400 @offset=1024 fp=0xffff8801ec247420

  Bytes b4 ffff8801ec2473f0: 00 ac 71 ef 01 88 ff ff 00 ac 79 ef 01 88 ff ff  ..q.......y.....
  Object ffff8801ec247400: 20 74 24 ec 01 88 ff ff 2f 76 69 72 74 75 61 6c   t$...../virtual
  Object ffff8801ec247410: 2f 62 64 69 2f 32 35 33 3a 30 00 00 00 00 00 00  /bdi/253:0......
  CPU: 0 PID: 1 Comm: swapper/0 Tainted: G    B         3.13.0-65-generic #105
  Hardware name: OpenStack Foundation OpenStack Nova, BIOS 1.7.5-20150310_111955-batsu 04/01/2014
   ffffea0007b091c0 ffff8801ec0cb9a8 ffffffff81a6ce35 ffff8801ef001c00
   ffff8801ec0cb9d8 ffffffff81244aed ffff8801ef001c00 ffffea0007b091c0
   ffff8801ec247400 ffff8801ef79ac98 ffff8801ec0cba00 ffffffff8124ac36
  Call Trace:
   [<ffffffff81a6ce35>] dump_stack+0x45/0x56
   [<ffffffff81244aed>] print_trailer+0xfd/0x170
   [<ffffffff8124ac36>] object_err+0x36/0x40
   [<ffffffff8124cbf9>] kasan_report_error+0x1e9/0x3a0
   [<ffffffff81319427>] ? sysfs_get+0x17/0x50
   [<ffffffff814dee6b>] ? kobject_add_internal+0x29b/0x4a0
   [<ffffffff8124d260>] kasan_report+0x40/0x50
   [<ffffffff81696f00>] ? dev_printk_emit+0x20/0x40
   [<ffffffff814ae7c3>] ? blk_mq_register_disk+0x193/0x260
   [<ffffffff8124bee9>] __asan_load8+0x69/0xa0
   [<ffffffff814ae7c3>] blk_mq_register_disk+0x193/0x260
   [<ffffffff814a1572>] blk_register_queue+0xd2/0x170
   [<ffffffff814b24cf>] add_disk+0x31f/0x720
   [<ffffffff816ced9a>] virtblk_probe+0x58a/0x980
   [<ffffffff816cd4c0>] ? virtblk_restore+0x100/0x100
   [<ffffffff81601b8e>] virtio_dev_probe+0x1be/0x280
   [<ffffffff8169d620>] ? __device_attach+0x70/0x70
   [<ffffffff8169d0d2>] driver_probe_device+0xe2/0x5c0
   [<ffffffff8169d620>] ? __device_attach+0x70/0x70
   [<ffffffff8169d6e3>] __driver_attach+0xc3/0xd0
   [<ffffffff8169a355>] bus_for_each_dev+0x95/0xe0
   [<ffffffff8169c89b>] driver_attach+0x2b/0x30
   [<ffffffff8169c298>] bus_add_driver+0x268/0x360
   [<ffffffff8169dfe3>] driver_register+0xd3/0x1a0
   [<ffffffff8218e4b9>] ? loop_init+0x14b/0x14b
   [<ffffffff8160213c>] register_virtio_driver+0x3c/0x60
   [<ffffffff8218e50c>] init+0x53/0x80
   [<ffffffff8100212a>] do_one_initcall+0xda/0x1a0
   [<ffffffff8213816b>] kernel_init_freeable+0x1eb/0x27e
   [<ffffffff81a5bcd0>] ? rest_init+0x80/0x80
   [<ffffffff81a5bcde>] kernel_init+0xe/0x130
   [<ffffffff81a83028>] ret_from_fork+0x58/0x90
   [<ffffffff81a5bcd0>] ? rest_init+0x80/0x80
  Memory state around the buggy address:
   ffff8801ec247300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
   ffff8801ec247380: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  >ffff8801ec247400: fb fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc
                     ^
   ffff8801ec247480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
   ffff8801ec247500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
  ==================================================================

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1534054/+subscriptions
References

[Bug 1534054] [NEW] use-after-free found by KASAN in blk_mq_register_disk
From: Gavin Guo, 2016-01-14