[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #10 from commit-h...@freebsd.org --- A commit references this bug: Author: dim Date: Sun Dec 18 14:31:12 UTC 2016 New revision: 310228 URL: https://svnweb.freebsd.org/changeset/base/310228 Log: MFC r310013 (by cperciva): Check that blkfront devices have a non-zero number of sectors and a non-zero sector size. Such a device would be a virtual disk of zero bytes; clearly not useful, and not something we should try to attach. As a fortuitous side effect, checking that these values are non-zero here results in them not *becoming* zero later on the function. This odd behaviour began with r309124 (clang 3.9.0) but is challenging to debug; making any changes to this function whatsoever seems to affect the llvm optimizer behaviour enough to make the unexpected zeroing of the sector_size variable cease. PR: 215209 Security: The potential for variables to unexpectedly become zero has worrying consequences for security in general, but not so much in this particular context. MFC r310086: In xbd_connect(), use correct scanf conversion specifiers for the feature_barrier and feature_flush variables. Otherwise, adjacent variables on the stack, such as sector_size, may be overwritten, with disastrous results. Note that I did not see a good reason to revert the addition of zero checks introduced in r310013. Better safe than sorry. PR: 215209 Tested by:royger Changes: _U stable/10/ stable/10/sys/dev/xen/blkfront/blkfront.c _U stable/11/ stable/11/sys/dev/xen/blkfront/blkfront.c _U stable/9/ _U stable/9/sys/ stable/9/sys/dev/xen/blkfront/blkfront.c -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #9 from commit-h...@freebsd.org --- A commit references this bug: Author: dim Date: Sun Dec 18 14:31:12 UTC 2016 New revision: 310228 URL: https://svnweb.freebsd.org/changeset/base/310228 Log: MFC r310013 (by cperciva): Check that blkfront devices have a non-zero number of sectors and a non-zero sector size. Such a device would be a virtual disk of zero bytes; clearly not useful, and not something we should try to attach. As a fortuitous side effect, checking that these values are non-zero here results in them not *becoming* zero later on the function. This odd behaviour began with r309124 (clang 3.9.0) but is challenging to debug; making any changes to this function whatsoever seems to affect the llvm optimizer behaviour enough to make the unexpected zeroing of the sector_size variable cease. PR: 215209 Security: The potential for variables to unexpectedly become zero has worrying consequences for security in general, but not so much in this particular context. MFC r310086: In xbd_connect(), use correct scanf conversion specifiers for the feature_barrier and feature_flush variables. Otherwise, adjacent variables on the stack, such as sector_size, may be overwritten, with disastrous results. Note that I did not see a good reason to revert the addition of zero checks introduced in r310013. Better safe than sorry. PR: 215209 Tested by:royger Changes: _U stable/10/ stable/10/sys/dev/xen/blkfront/blkfront.c _U stable/11/ stable/11/sys/dev/xen/blkfront/blkfront.c _U stable/9/ _U stable/9/sys/ stable/9/sys/dev/xen/blkfront/blkfront.c -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #7 from commit-h...@freebsd.org --- A commit references this bug: Author: cperciva Date: Tue Dec 13 06:54:14 UTC 2016 New revision: 310013 URL: https://svnweb.freebsd.org/changeset/base/310013 Log: Check that blkfront devices have a non-zero number of sectors and a non-zero sector size. Such a device would be a virtual disk of zero bytes; clearly not useful, and not something we should try to attach. As a fortuitous side effect, checking that these values are non-zero here results in them not *becoming* zero later on the function. This odd behaviour began with r309124 (clang 3.9.0) but is challenging to debug; making any changes to this function whatsoever seems to affect the llvm optimizer behaviour enough to make the unexpected zeroing of the sector_size variable cease. PR: 215209 Security: The potential for variables to unexpectedly become zero has worrying consequences for security in general, but not so much in this particular context. Changes: head/sys/dev/xen/blkfront/blkfront.c -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #6 from Sylvain Garrigues--- (In reply to Colin Percival from comment #5) I had a system running CURRENT as of Nov. 3 so it was pre-r309124 and I upgraded to CURRENT as of Dec. 10. At first since the machine didn't survive a reboot I thought I did a bad mergemaster on passwd files. So I installed a fresh EC2 AMI which also happened to be from CURRENT-amd64-2016-12-10 and I had the same issue. I looked at the console and saw the kernel panic. Tried the EC2 AMI from CURRENT-amd64-2016-11-30, same problem. Finally tried the EC2 AMI from CURRENT-amd64-2016-11-01, NO problem. -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #4 from Roger Pau Monné--- I don't seem to be able to reproduce this with r309875, can you check if you still get the panic with that or any later revision? Thanks, Roger. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 Roger Pau Monnéchanged: What|Removed |Added CC||roy...@freebsd.org --- Comment #3 from Roger Pau Monné --- I'm aware of this, I've already realised last week but haven't been able to debug it. Will get to it now. In the meantime, you can boot the the previous kernel using: > boot kernel.old From the loader command line. -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 Mark Linimonchanged: What|Removed |Added CC|freebsd-am...@freebsd.org | Assignee|freebsd-b...@freebsd.org|freebsd-xen@FreeBSD.org -- You are receiving this mail because: You are the assignee for the bug. You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 --- Comment #2 from Colin Percival--- This seems to have been introduced by the import of clang 3.9.0 in r309124. I'll work on tracking this down further next week; I'm working on NFS right now and it's best if I don't context-switch. As you say, best to avoid HEAD right now on EC2. -- You are receiving this mail because: You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"
[Bug 215209] Kernel panic at boot under XEN: integer divide fault while in kernel mode
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=215209 Sylvain Garrigueschanged: What|Removed |Added CC||freebsd-xen@FreeBSD.org, ||sylv...@sylvaingarrigues.co ||m -- You are receiving this mail because: You are on the CC list for the bug. ___ freebsd-xen@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-xen To unsubscribe, send any mail to "freebsd-xen-unsubscr...@freebsd.org"