Bug 1119498 - libiscsi, iser patch causes kernel NULL pointer dereference
Summary: libiscsi, iser patch causes kernel NULL pointer dereference
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 20
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2014-07-14 23:15 UTC by Pat Blair
Modified: 2014-07-17 04:29 UTC (History)
8 users (show)

Fixed In Version: kernel-3.15.5-200.fc20
Clone Of:
Environment:
Last Closed: 2014-07-17 04:29:46 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)
kernel lockup 1 (2.11 MB, image/jpeg)
2014-07-14 23:15 UTC, Pat Blair
no flags Details
kernel lockup 2 (2.27 MB, image/jpeg)
2014-07-14 23:16 UTC, Pat Blair
no flags Details

Description Pat Blair 2014-07-14 23:15:34 UTC
Created attachment 918010 [details]
kernel lockup 1

Description of problem:
When booting to an iSCSI target on kernel 3.15.3 and 3.15.4 it appears that a recent commit is causing a NULL pointer dereference

Version-Release number of selected component (if applicable):
kernel-3.15.4-200.fc20.x86_64
kernel-3.15.3-200.fc20.x86_64

How reproducible:
Booting multi-user or single-user to an iSCSI target

Actual results:
Kernel locks up with the following messages, to name a few:
[   19.672549] BUG: unable to handle kernel NULL pointer dereference at 000000000000000c [   19.680405] IP: [] iscsi_tcp_segment_done+0x2a8/0x370 [libiscsi_tcp]

Expected results:
System boots multi/single-user successfully

Additional info:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/drivers/scsi?h=linux-3.15.y&id=04423ddea30a7fb7232636eda8aed55ea5b972fe 
Looks to be the problem commit as referenced in this message: http://www.spinics.net/linux/lists/kernel/msg1776379.html

The fix may have already been commited to -stable upstream here: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/log/?id=refs%2Ftags%2Fv3.15.5&qt=grep&q=iscsi
but does not appear to be in the fedora kernel yet

Apologies for the attached pictures, it's been difficult to gather boot messages with our setup, but if more information is needed we can definitely provide it!

Comment 1 Pat Blair 2014-07-14 23:16:40 UTC
Created attachment 918012 [details]
kernel lockup 2

Comment 2 Josh Boyer 2014-07-15 12:51:48 UTC
Could you please try the 3.15.5 kernel build?  It contains this commit:

commit 65e98a83a95c5c3e5b6e686173054a557626909c
Author: Martin K. Petersen <martin.petersen>
Date:   Tue Jun 24 16:59:35 2014 +0200

    SCSI: use the scsi data buffer length to extract transfer size
    
    commit 5616b0a46ed82eb9a093f752fc4d7bd3cc688583 upstream.
    

which is the commit you pointed to in the mailing list threads.

Comment 3 Pat Blair 2014-07-15 13:49:34 UTC
Just tested 3.15.5-200.fc20.x86_64 and this resolves the error, thanks!

Comment 4 Fedora Update System 2014-07-15 14:19:51 UTC
kernel-3.15.5-200.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/kernel-3.15.5-200.fc20

Comment 5 Fedora Update System 2014-07-17 04:29:46 UTC
kernel-3.15.5-200.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.