Created attachment 178032 [details] 0001-smartmontools-fix-panic-on-INVARIANTS-enabled-kernel.patch smartmontools: fix panic on INVARIANTS enabled kernel after r308351 in base After r308351 commit the INVARIANTS enabled kernel gets too "eager" when checking the cam ccb flags. But the real problem was not the previous, but the smartmontools does not zeroed out the ccb on stack, and pass this dirty ccb to kernel, which is catched by an ASSERT. So fix this by filling up with 0 this ccb. This commit is similar, what's happen in r307684 in camcontrol. So this is the same followup patch in smartmontools. https://svnweb.freebsd.org/base?view=revision&revision=307684 https://svnweb.freebsd.org/base?view=revision&revision=308351 Sponsored-by: opBSD
Created attachment 178034 [details] picture from panic
How to reproduce: 1) add drives to smartd.conf cat > /usr/local/etc.smartd.conf<<EOF /dev/ada0 /dev/ada1 EOF 2) restart some times the smartd repeat 100 service smartd restart 3) wait for panic
Sounds like an upstream bug. Have you reported it to smartmontools?
Not yet, I have found this error an hour ago, but it's on my todo list.
https://www.smartmontools.org/ticket/780
Thank you for your patch, please proceed, accepted
markj/mav, can you take a look at base r306529? The kasserts added there can be triggered to panic from userland.
(In reply to Tijl Coosemans from comment #7) Hm, it seems that passdoioctl() should really be sanitizing the CCB flags. At least CAM_UNLOCKED cannot correctly be specified by userland.
Hi, why the status is still "maintainer feedback"? I approved this change long time ago, please commit.
Assign to markj for the kernel side.
A commit references this bug: Author: markj Date: Fri Mar 3 20:51:57 UTC 2017 New revision: 314624 URL: https://svnweb.freebsd.org/changeset/base/314624 Log: Reject userland CCBs that have CAM_UNLOCKED set. CAM_UNLOCKED is internal flag and cannot correctly be set by userland. Return EINVAL from CAMIOCOMMAND and CAMIOQUEUE if it is set. Also fix leaks in some of the error paths for CAMIOQUEUE. PR: 215356 Reviewed by: ken, mav MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D9869 Changes: head/sys/cam/cam_xpt.c head/sys/cam/scsi/scsi_pass.c
Forgotten to close?
The attached patch has been committed upstream and the kernel side has been fixed as well.
Iam hitting this bug easily in stable_11 , at the time of boot itself with smartd.conf having following field DEVICESCAN . Iam not seeing the commit yet in stable_11
A commit references this bug: Author: tijl Date: Wed Mar 14 09:57:58 UTC 2018 New revision: 330926 URL: https://svnweb.freebsd.org/changeset/base/330926 Log: MFC r314624: Reject userland CCBs that have CAM_UNLOCKED set. CAM_UNLOCKED is internal flag and cannot correctly be set by userland. Return EINVAL from CAMIOCOMMAND and CAMIOQUEUE if it is set. Also fix leaks in some of the error paths for CAMIOQUEUE. PR: 215356 Changes: _U stable/11/ stable/11/sys/cam/cam_xpt.c stable/11/sys/cam/scsi/scsi_pass.c
(In reply to commit-hook from comment #15) Thank you tijl for your quick response , I see the fix now and its working for me