Bug #1711401 “accessing /dev/hvc1 with stress-ng on Ubuntu xenia...” : Bugs : linux package : Ubuntu

Colin Ian King (colin-king) on 2017-08-17

Changed in linux (Ubuntu):
status:	New → In Progress
importance:	Undecided → High
assignee:	nobody → Colin Ian King (colin-king)

Revision history for this message

Colin Ian King (colin-king) wrote on 2017-08-17:

#1

Download full text (5.1 KiB)

Device is OK with 4.12, however, with 4.12 we get another issue:

[ 3996.652718] INFO: rcu_sched self-detected stall on CPU
[ 3996.652730] 23-...: (1 GPs behind) idle=73a/140000000000002/0 softirq=5179/5179 fqs=2475
[ 3996.652735] (t=5250 jiffies g=6889 c=6888 q=189)
[ 3996.652748] Task dump for CPU 23:
[ 3996.652749] kopald S 0 975 2 0x00000804
[ 3996.652752] Call Trace:
[ 3996.652759] [c000000fefafb0b0] [c000000000135a24] sched_show_task+0xd4/0x150 (unreliable)
[ 3996.652763] [c000000fefafb120] [c000000000c36b3c] rcu_dump_cpu_stacks+0xd0/0x134
[ 3996.652767] [c000000fefafb170] [c0000000001867a0] rcu_check_callbacks+0x8a0/0xb10
[ 3996.652769] [c000000fefafb2a0] [c000000000192958] update_process_times+0x48/0x90
[ 3996.652773] [c000000fefafb2d0] [c0000000001a9f60] tick_sched_handle.isra.8+0x30/0xb0
[ 3996.652775] [c000000fefafb300] [c0000000001aa044] tick_sched_timer+0x64/0xd0
[ 3996.652778] [c000000fefafb340] [c000000000193424] __hrtimer_run_queues+0x144/0x370
[ 3996.652780] [c000000fefafb3c0] [c00000000019449c] hrtimer_interrupt+0xfc/0x350
[ 3996.652784] [c000000fefafb490] [c000000000024658] __timer_interrupt+0x88/0x250
[ 3996.652787] [c000000fefafb4e0] [c000000000024a30] timer_interrupt+0x90/0xe0
[ 3996.652791] [c000000fefafb510] [c00000000000b6e0] restore_check_irq_replay+0x54/0x70
[ 3996.652795] --- interrupt: 901 at arch_local_irq_restore+0x74/0x90
LR = arch_local_irq_restore+0x74/0x90
[ 3996.652797] [c000000fefafb800] [c000000000194530] hrtimer_interrupt+0x190/0x350 (unreliable)
[ 3996.652801] [c000000fefafb820] [c000000000c3298c] __do_softirq+0xcc/0x41c
[ 3996.652804] [c000000fefafb900] [c0000000000fafa8] irq_exit+0xe8/0x120
[ 3996.652807] [c000000fefafb920] [c000000000024a34] timer_interrupt+0x94/0xe0
[ 3996.652810] [c000000fefafb950] [c00000000000b6e0] restore_check_irq_replay+0x54/0x70
[ 3996.652815] --- interrupt: 901 at lock_timer_base+0x70/0x100
LR = schedule_timeout+0x334/0x420
[ 3996.652817] [c000000fefafbc40] [0000000000000001] 0x1 (unreliable)
[ 3996.652821] [c000000fefafbca0] [c000000000c30a14] schedule_timeout+0x334/0x420
[ 3996.652824] [c000000fefafbd80] [c000000000095bf0] kopald+0x90/0xe0
[ 3996.652827] [c000000fefafbdc0] [c0000000001214cc] kthread+0x1ac/0x1c0
[ 3996.652831] [c000000fefafbe30] [c00000000000b2e8] ret_from_kernel_thread+0x5c/0x74
[ 4000.060643] NMI watchdog: BUG: soft lockup - CPU#23 stuck for 23s! [kopald:975]
[ 4000.060653] Modules linked in: kvm_hv kvm_pr kvm cuse userio hci_vhci bluetooth ecdh_generic uhid hid vhost_net vhost tap snd_seq snd_seq_device snd_timer snd soundcore powernv_op_panel uio_pdrv_genirq ipmi_powernv ipmi_devintf powernv_rng leds_powernv ibmpowernv vmx_crypto ipmi_msghandler uio ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear dm_round_robin ses enclosure scsi_transport_sas crct10dif_vpmsum crc32c_vpmsum tg3 ipr scsi_dh_emc scsi_dh_rdac scsi_dh_alua dm_multipath
[ 4000.060735] CPU: 23 PID: 975 Comm: kopald Not tainted 4.12.0-11-generic #12
[ 4000...

Device is OK with 4.12, however, with 4.12 we get another issue:

[ 3996.652718] INFO: rcu_sched self-detected stall on CPU
[ 3996.652730] 	23-...: (1 GPs behind) idle=73a/140000000000002/0 softirq=5179/5179 fqs=2475 
[ 3996.652735] 	 (t=5250 jiffies g=6889 c=6888 q=189)
[ 3996.652748] Task dump for CPU 23:
[ 3996.652749] kopald          S    0   975      2 0x00000804
[ 3996.652752] Call Trace:
[ 3996.652759] [c000000fefafb0b0] [c000000000135a24] sched_show_task+0xd4/0x150 (unreliable)
[ 3996.652763] [c000000fefafb120] [c000000000c36b3c] rcu_dump_cpu_stacks+0xd0/0x134
[ 3996.652767] [c000000fefafb170] [c0000000001867a0] rcu_check_callbacks+0x8a0/0xb10
[ 3996.652769] [c000000fefafb2a0] [c000000000192958] update_process_times+0x48/0x90
[ 3996.652773] [c000000fefafb2d0] [c0000000001a9f60] tick_sched_handle.isra.8+0x30/0xb0
[ 3996.652775] [c000000fefafb300] [c0000000001aa044] tick_sched_timer+0x64/0xd0
[ 3996.652778] [c000000fefafb340] [c000000000193424] __hrtimer_run_queues+0x144/0x370
[ 3996.652780] [c000000fefafb3c0] [c00000000019449c] hrtimer_interrupt+0xfc/0x350
[ 3996.652784] [c000000fefafb490] [c000000000024658] __timer_interrupt+0x88/0x250
[ 3996.652787] [c000000fefafb4e0] [c000000000024a30] timer_interrupt+0x90/0xe0
[ 3996.652791] [c000000fefafb510] [c00000000000b6e0] restore_check_irq_replay+0x54/0x70
[ 3996.652795] --- interrupt: 901 at arch_local_irq_restore+0x74/0x90
                   LR = arch_local_irq_restore+0x74/0x90
[ 3996.652797] [c000000fefafb800] [c000000000194530] hrtimer_interrupt+0x190/0x350 (unreliable)
[ 3996.652801] [c000000fefafb820] [c000000000c3298c] __do_softirq+0xcc/0x41c
[ 3996.652804] [c000000fefafb900] [c0000000000fafa8] irq_exit+0xe8/0x120
[ 3996.652807] [c000000fefafb920] [c000000000024a34] timer_interrupt+0x94/0xe0
[ 3996.652810] [c000000fefafb950] [c00000000000b6e0] restore_check_irq_replay+0x54/0x70
[ 3996.652815] --- interrupt: 901 at lock_timer_base+0x70/0x100
                   LR = schedule_timeout+0x334/0x420
[ 3996.652817] [c000000fefafbc40] [0000000000000001] 0x1 (unreliable)
[ 3996.652821] [c000000fefafbca0] [c000000000c30a14] schedule_timeout+0x334/0x420
[ 3996.652824] [c000000fefafbd80] [c000000000095bf0] kopald+0x90/0xe0
[ 3996.652827] [c000000fefafbdc0] [c0000000001214cc] kthread+0x1ac/0x1c0
[ 3996.652831] [c000000fefafbe30] [c00000000000b2e8] ret_from_kernel_thread+0x5c/0x74
[ 4000.060643] NMI watchdog: BUG: soft lockup - CPU#23 stuck for 23s! [kopald:975]
[ 4000.060653] Modules linked in: kvm_hv kvm_pr kvm cuse userio hci_vhci bluetooth ecdh_generic uhid hid vhost_net vhost tap snd_seq snd_seq_device snd_timer snd soundcore powernv_op_panel uio_pdrv_genirq ipmi_powernv ipmi_devintf powernv_rng leds_powernv ibmpowernv vmx_crypto ipmi_msghandler uio ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi autofs4 btrfs raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear dm_round_robin ses enclosure scsi_transport_sas crct10dif_vpmsum crc32c_vpmsum tg3 ipr scsi_dh_emc scsi_dh_rdac scsi_dh_alua dm_multipath
[ 4000.060735] CPU: 23 PID: 975 Comm: kopald Not tainted 4.12.0-11-generic #12
[ 4000.060737] task: c000000fefa5b800 task.stack: c000000fefaf8000
[ 4000.060739] NIP: c0000000000165f4 LR: c0000000000165f4 CTR: c000000000024200
[ 4000.060740] REGS: c000000fefafb580 TRAP: 0901   Not tainted  (4.12.0-11-generic)
[ 4000.060741] MSR: 9000000000009033 <SF,HV,EE,ME,IR,DR,RI,LE>
[ 4000.060748]   CR: 28000224  XER: 20000000
[ 4000.060749] CFAR: c000000000024a30 SOFTE: 1 
               GPR00: c000000000c3298c c000000fefafb800 c0000000015a8e00 0000000000000900 
               GPR04: c000000fffac0400 0000000000000000 0000000001f4024e c000000fefa5b800 
               GPR08: 0000000000000000 c000000fefaf8000 0000000000000000 0000000000000005 
               GPR12: c0000000000920b8 c00000000facf180 
[ 4000.060764] NIP [c0000000000165f4] arch_local_irq_restore+0x74/0x90
[ 4000.060766] LR [c0000000000165f4] arch_local_irq_restore+0x74/0x90
[ 4000.060767] Call Trace:
[ 4000.060769] [c000000fefafb800] [c000000000194530] hrtimer_interrupt+0x190/0x350 (unreliable)
[ 4000.060773] [c000000fefafb820] [c000000000c3298c] __do_softirq+0xcc/0x41c
[ 4000.060776] [c000000fefafb900] [c0000000000fafa8] irq_exit+0xe8/0x120
[ 4000.060779] [c000000fefafb920] [c000000000024a34] timer_interrupt+0x94/0xe0
[ 4000.060782] [c000000fefafb950] [c00000000000b6e0] restore_check_irq_replay+0x54/0x70
[ 4000.060787] --- interrupt: 901 at lock_timer_base+0x70/0x100
                   LR = schedule_timeout+0x334/0x420
[ 4000.060788] [c000000fefafbc40] [0000000000000001] 0x1 (unreliable)
[ 4000.060791] [c000000fefafbca0] [c000000000c30a14] schedule_timeout+0x334/0x420
[ 4000.060795] [c000000fefafbd80] [c000000000095bf0] kopald+0x90/0xe0
[ 4000.060798] [c000000fefafbdc0] [c0000000001214cc] kthread+0x1ac/0x1c0
[ 4000.060801] [c000000fefafbe30] [c00000000000b2e8] ret_from_kernel_thread+0x5c/0x74
[ 4000.060802] Instruction dump:
[ 4000.060804] 994d02ba 2fa30000 409e0024 e92d0020 61298000 7d210164 38210020 e8010010 
[ 4000.060810] 7c0803a6 4e800020 60420000 4bff3f35 <60000000> 4bffffe4 60420000 e92d0020

Colin Ian King (colin-king) on 2017-08-17

summary:

- accessing /dev/hvc1 with stress-ng on Ubuntu xenia causes crash
+ accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash

Revision history for this message

Colin Ian King (colin-king) wrote on 2017-08-18:

#2

OK in 4.10

Revision history for this message

Colin Ian King (colin-king) wrote on 2017-08-18:

#3

Fix is upstream commit:

From bbc3dfe8805de86874b1a1b1429a002e8670043e Mon Sep 17 00:00:00 2001
From: Sam Mendoza-Jonas <email address hidden>
Date: Mon, 11 Jul 2016 13:38:57 +1000
Subject: [PATCH] tty/hvc: Use IRQF_SHARED for OPAL hvc consoles

Revision history for this message

Colin Ian King (colin-king) wrote on 2017-08-18:

#4

Fix only required in Xenial, issue does not occur in Zesty upwards.

description:

updated

Kleber Sacilotto de Souza (kleber-souza) on 2017-08-24

Changed in linux (Ubuntu Xenial):
status:	New → Fix Committed

Revision history for this message

Kleber Sacilotto de Souza (kleber-souza) wrote on 2017-09-01:

#5

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags:

added: verification-needed-xenial

Revision history for this message

Po-Hsu Lin (cypressyew) wrote on 2017-09-04:

#6

The smoke test has passed on the ppc64le system "modoc" with Xenial kernel, thanks!

00:26:13 DEBUG| [stdout] Summary:
00:26:13 DEBUG| [stdout] Stressors run: 147
00:26:13 DEBUG| [stdout] Skipped: 2, bind-mount sock-diag
00:26:13 DEBUG| [stdout] Failed: 0,
00:26:13 DEBUG| [stdout] Oopsed: 0,
00:26:13 DEBUG| [stdout] Passed: 145, af-alg affinity aio aiol bigheap brk cache cap chdir chmod chown chroot clock clone context cpu crypt cyclic daemon dccp dentry dev dir dirdeep dnotify dup epoll eventfd fallocate fanotify fault fcntl fiemap fifo filename flock fork fp-error fstat full futex get getdent getrandom handle hdd icache icmp-flood inode-flags inotify io iomix ioprio itimer key kill klog lease link locka lockbus lockf lockofd madvise malloc membarrier memfd memrate memthrash mergesort mincore mknod mlock mmap mmapfork mmapmany mq mremap msg msync netdev netlink-proc nice null open personality pipe poll procfs pthread ptrace pty radixsort readahead rename rlimit rmap rtc schedpolicy sctp seal seccomp seek sem sem-sysv sendfile shm shm-sysv sigfd sigfpe sigpending sigq sigsegv sigsuspend sleep sock softlockup splice stackmmap stream switch symlink sync-file sysfs sysinfo tee timer timerfd tlb-shootdown tmpfs tsearch udp udp-flood unshare urandom userfaultfd utime vfork vm vm-rw vm-splice wait yield zero zombie

tags:

added: verification-done-xenial
removed: verification-needed-xenial

Colin Ian King (colin-king) on 2017-09-04

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released
status:	Fix Released → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2017-09-18:

#7

Download full text (14.4 KiB)

This bug was fixed in the package linux - 4.4.0-96.119

---------------
linux (4.4.0-96.119) xenial; urgency=low

* linux: 4.4.0-96.119 -proposed tracker (LP: #1716613)

  * kernel panic -not syncing: Fatal exception: panic_on_oops (LP: #1708399)
    - s390/mm: no local TLB flush for clearing-by-ASCE IDTE
    - SAUCE: s390/mm: fix local TLB flushing vs. detach of an mm address space
    - SAUCE: s390/mm: fix race on mm->context.flush_mm

* CVE-2017-1000251
- Bluetooth: Properly check L2CAP config option output buffer length

linux (4.4.0-95.118) xenial; urgency=low

* linux: 4.4.0-95.118 -proposed tracker (LP: #1715651)

  * Xenial update to 4.4.78 stable release broke Address Sanitizer
    (LP: #1715636)
    - mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes

linux (4.4.0-94.117) xenial; urgency=low

* linux: 4.4.0-94.117 -proposed tracker (LP: #1713462)

  * mwifiex causes kernel oops when AP mode is enabled (LP: #1712746)
    - SAUCE: net/wireless: do not dereference invalid pointer
    - SAUCE: mwifiex: do not dereference invalid pointer

  * Backport more recent Broadcom bnxt_en driver (LP: #1711056)
    - SAUCE: bnxt_en_bpo: Import bnxt_en driver version 1.8.1
    - SAUCE: bnxt_en_bpo: Drop distro out-of-tree detection logic
    - SAUCE: bnxt_en_bpo: Remove unnecessary compile flags
    - SAUCE: bnxt_en_bpo: Move config settings to Kconfig
    - SAUCE: bnxt_en_bpo: Remove PCI_IDs handled by the regular driver
    - SAUCE: bnxt_en_bpo: Rename the backport driver to bnxt_en_bpo
    - bnxt_en_bpo: [Config] Enable CONFIG_BNXT_BPO=m

  * HID: multitouch: Support ALPS PTP Stick and Touchpad devices (LP: #1712481)
    - HID: multitouch: Support PTP Stick and Touchpad device
    - SAUCE: HID: multitouch: Support ALPS PTP stick with pid 0x120A

* igb: Support using Broadcom 54616 as PHY (LP: #1712024)
- SAUCE: igb: add support for using Broadcom 54616 as PHY

  * IPR driver causes multipath to fail paths/stuck IO on Medium Errors
    (LP: #1682644)
    - scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION

  * accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash
    (LP: #1711401)
    - tty/hvc: Use IRQF_SHARED for OPAL hvc consoles

  * memory-hotplug test needs to be fixed (LP: #1710868)
    - selftests: typo correction for memory-hotplug test
    - selftests: check hot-pluggagble memory for memory-hotplug test
    - selftests: check percentage range for memory-hotplug test
    - selftests: add missing test name in memory-hotplug test
    - selftests: fix memory-hotplug test

* HP lt4132 LTE/HSPA+ 4G Module (03f0:a31d) does not work (LP: #1707643)
- net: cdc_mbim: apply "NDP to end" quirk to HP lt4132

  * Migrating KSM page causes the VM lock up as the KSM page merging list is too
    large (LP: #1680513)
    - ksm: introduce ksm_max_page_sharing per page deduplication limit
    - ksm: fix use after free with merge_across_nodes = 0
    - ksm: cleanup stable_node chain collapse case
    - ksm: swap the two output parameters of chain/chain_prune
    - ksm: optimize refile of stable_node_dup at the head of the chain

* sort ABI files with C.UTF-8 locale (LP: #1712345)
- [Packaging] sort ABI ...

This bug was fixed in the package linux - 4.4.0-96.119

---------------
linux (4.4.0-96.119) xenial; urgency=low

* linux: 4.4.0-96.119 -proposed tracker (LP: #1716613)

* kernel panic -not syncing: Fatal exception: panic_on_oops (LP: #1708399)
    - s390/mm: no local TLB flush for clearing-by-ASCE IDTE
    - SAUCE: s390/mm: fix local TLB flushing vs. detach of an mm address space
    - SAUCE: s390/mm: fix race on mm->context.flush_mm

* CVE-2017-1000251
    - Bluetooth: Properly check L2CAP config option output buffer length

linux (4.4.0-95.118) xenial; urgency=low

* linux: 4.4.0-95.118 -proposed tracker (LP: #1715651)

* Xenial update to 4.4.78 stable release broke Address Sanitizer
    (LP: #1715636)
    - mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes

linux (4.4.0-94.117) xenial; urgency=low

* linux: 4.4.0-94.117 -proposed tracker (LP: #1713462)

* mwifiex causes kernel oops when AP mode is enabled (LP: #1712746)
    - SAUCE: net/wireless: do not dereference invalid pointer
    - SAUCE: mwifiex: do not dereference invalid pointer

* Backport more recent Broadcom bnxt_en driver (LP: #1711056)
    - SAUCE: bnxt_en_bpo: Import bnxt_en driver version 1.8.1
    - SAUCE: bnxt_en_bpo: Drop distro out-of-tree detection logic
    - SAUCE: bnxt_en_bpo: Remove unnecessary compile flags
    - SAUCE: bnxt_en_bpo: Move config settings to Kconfig
    - SAUCE: bnxt_en_bpo: Remove PCI_IDs handled by the regular driver
    - SAUCE: bnxt_en_bpo: Rename the backport driver to bnxt_en_bpo
    - bnxt_en_bpo: [Config] Enable CONFIG_BNXT_BPO=m

* HID: multitouch: Support ALPS PTP Stick and Touchpad devices (LP: #1712481)
    - HID: multitouch: Support PTP Stick and Touchpad device
    - SAUCE: HID: multitouch: Support ALPS PTP stick with pid 0x120A

* igb: Support using Broadcom 54616 as PHY (LP: #1712024)
    - SAUCE: igb: add support for using Broadcom 54616 as PHY

* IPR driver causes multipath to fail paths/stuck IO on Medium Errors
    (LP: #1682644)
    - scsi: ipr: do not set DID_PASSTHROUGH on CHECK CONDITION

* accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash
    (LP: #1711401)
    - tty/hvc: Use IRQF_SHARED for OPAL hvc consoles

* memory-hotplug test needs to be fixed (LP: #1710868)
    - selftests: typo correction for memory-hotplug test
    - selftests: check hot-pluggagble memory for memory-hotplug test
    - selftests: check percentage range for memory-hotplug test
    - selftests: add missing test name in memory-hotplug test
    - selftests: fix memory-hotplug test

* HP lt4132 LTE/HSPA+ 4G Module (03f0:a31d) does not work (LP: #1707643)
    - net: cdc_mbim: apply "NDP to end" quirk to HP lt4132

* Migrating KSM page causes the VM lock up as the KSM page merging list is too
    large (LP: #1680513)
    - ksm: introduce ksm_max_page_sharing per page deduplication limit
    - ksm: fix use after free with merge_across_nodes = 0
    - ksm: cleanup stable_node chain collapse case
    - ksm: swap the two output parameters of chain/chain_prune
    - ksm: optimize refile of stable_node_dup at the head of the chain

* sort ABI files with C.UTF-8 locale (LP: #1712345)
    - [Packaging] sort ABI files with C.UTF-8 locale

* Include Broadcom GPL modules in Xenial Kernel (LP: #1665783)
    - [Config] OpenNSL Kconfig/Makefile
    - Import OpenNSL v3.1.0.17
    - [Config] CONFIG_OPENNSL=y for amd64
    - OpenNSL: Enable Kconfig and build
    - SAUCE: opennsl: add proper CFLAGS

* Xenial update to 4.4.83 stable release (LP: #1711557)
    - cpuset: fix a deadlock due to incomplete patching of cpusets_enabled()
    - mm: ratelimit PFNs busy info message
    - iscsi-target: fix memory leak in iscsit_setup_text_cmd()
    - iscsi-target: Fix iscsi_np reset hung task during parallel delete
    - fuse: initialize the flock flag in fuse_file on allocation
    - nfs/flexfiles: fix leak of nfs4_ff_ds_version arrays
    - USB: serial: option: add D-Link DWM-222 device ID
    - USB: serial: cp210x: add support for Qivicon USB ZigBee dongle
    - USB: serial: pl2303: add new ATEN device id
    - usb: musb: fix tx fifo flush handling again
    - USB: hcd: Mark secondary HCD as dead if the primary one died
    - staging:iio:resolver:ad2s1210 fix negative IIO_ANGL_VEL read
    - iio: accel: bmc150: Always restore device to normal mode after suspend-
      resume
    - iio: light: tsl2563: use correct event code
    - uas: Add US_FL_IGNORE_RESIDUE for Initio Corporation INIC-3069
    - USB: Check for dropped connection before switching to full speed
    - usb: core: unlink urbs from the tail of the endpoint's urb_list
    - usb: quirks: Add no-lpm quirk for Moshi USB to Ethernet Adapter
    - usb:xhci:Add quirk for Certain failing HP keyboard on reset after resume
    - iio: adc: vf610_adc: Fix VALT selection value for REFSEL bits
    - pnfs/blocklayout: require 64-bit sector_t
    - pinctrl: sunxi: add a missing function of A10/A20 pinctrl driver
    - pinctrl: samsung: Remove bogus irq_[un]mask from resource management
    - Linux 4.4.83

* Xenial update to 4.4.82 stable release (LP: #1711535)
    - tcp: avoid setting cwnd to invalid ssthresh after cwnd reduction states
    - net: fix keepalive code vs TCP_FASTOPEN_CONNECT
    - bpf, s390: fix jit branch offset related to ldimm64
    - net: sched: set xt_tgchk_param par.nft_compat as 0 in ipt_init_target
    - tcp: fastopen: tcp_connect() must refresh the route
    - net: avoid skb_warn_bad_offload false positives on UFO
    - sparc64: Prevent perf from running during super critical sections
    - KVM: arm/arm64: Handle hva aging while destroying the vm
    - mm/mempool: avoid KASAN marking mempool poison checks as use-after-free
    - Linux 4.4.82

* Xenial update to 4.4.81 stable release (LP: #1711526)
    - libata: array underflow in ata_find_dev()
    - workqueue: restore WQ_UNBOUND/max_active==1 to be ordered
    - ALSA: hda - Fix speaker output from VAIO VPCL14M1R
    - ASoC: do not close shared backend dailink
    - KVM: async_pf: make rcu irq exit if not triggered from idle task
    - mm/page_alloc: Remove kernel address exposure in free_reserved_area()
    - ext4: fix SEEK_HOLE/SEEK_DATA for blocksize < pagesize
    - ext4: fix overflow caused by missing cast in ext4_resize_fs()
    - ARM: dts: armada-38x: Fix irq type for pca955
    - media: platform: davinci: return -EINVAL for VPFE_CMD_S_CCDC_RAW_PARAMS
      ioctl
    - target: Avoid mappedlun symlink creation during lun shutdown
    - iscsi-target: Always wait for kthread_should_stop() before kthread exit
    - iscsi-target: Fix early sk_data_ready LOGIN_FLAGS_READY race
    - iscsi-target: Fix initial login PDU asynchronous socket close OOPs
    - iscsi-target: Fix delayed logout processing greater than
      SECONDS_FOR_LOGOUT_COMP
    - iser-target: Avoid isert_conn->cm_id dereference in isert_login_recv_done
    - mm, mprotect: flush TLB if potentially racing with a parallel reclaim
      leaving stale TLB entries
    - media: lirc: LIRC_GET_REC_RESOLUTION should return microseconds
    - f2fs: sanity check checkpoint segno and blkoff
    - drm: rcar-du: fix backport bug
    - saa7164: fix double fetch PCIe access condition
    - ipv4: ipv6: initialize treq->txhash in cookie_v[46]_check()
    - net: Zero terminate ifr_name in dev_ifname().
    - ipv6: avoid overflow of offset in ip6_find_1stfragopt
    - ipv4: initialize fib_trie prior to register_netdev_notifier call.
    - rtnetlink: allocate more memory for dev_set_mac_address()
    - mcs7780: Fix initialization when CONFIG_VMAP_STACK is enabled
    - openvswitch: fix potential out of bound access in parse_ct
    - packet: fix use-after-free in prb_retire_rx_blk_timer_expired()
    - ipv6: Don't increase IPSTATS_MIB_FRAGFAILS twice in ip6_fragment()
    - net: ethernet: nb8800: Handle all 4 RGMII modes identically
    - dccp: fix a memleak that dccp_ipv6 doesn't put reqsk properly
    - dccp: fix a memleak that dccp_ipv4 doesn't put reqsk properly
    - dccp: fix a memleak for dccp_feat_init err process
    - sctp: don't dereference ptr before leaving _sctp_walk_{params, errors}()
    - sctp: fix the check for _sctp_walk_params and _sctp_walk_errors
    - net/mlx5: Fix command bad flow on command entry allocation failure
    - net: phy: Correctly process PHY_HALTED in phy_stop_machine()
    - net: phy: Fix PHY unbind crash
    - xen-netback: correctly schedule rate-limited queues
    - sparc64: Measure receiver forward progress to avoid send mondo timeout
    - wext: handle NULL extra data in iwe_stream_add_point better
    - sh_eth: R8A7740 supports packet shecksumming
    - net: phy: dp83867: fix irq generation
    - tg3: Fix race condition in tg3_get_stats64().
    - x86/boot: Add missing declaration of string functions
    - phy state machine: failsafe leave invalid RUNNING state
    - scsi: qla2xxx: Get mutex lock before checking optrom_state
    - drm/virtio: fix framebuffer sparse warning
    - virtio_blk: fix panic in initialization error path
    - ARM: 8632/1: ftrace: fix syscall name matching
    - mm, slab: make sure that KMALLOC_MAX_SIZE will fit into MAX_ORDER
    - lib/Kconfig.debug: fix frv build failure
    - signal: protect SIGNAL_UNKILLABLE from unintentional clearing.
    - mm: don't dereference struct page fields of invalid pages
    - workqueue: implicit ordered attribute should be overridable
    - Linux 4.4.81

* Xenial update to 4.4.80 stable release (LP: #1710646)
    - af_key: Add lock to key dump
    - pstore: Make spinlock per zone instead of global
    - powerpc/pseries: Fix of_node_put() underflow during reconfig remove
    - crypto: authencesn - Fix digest_null crash
    - md/raid5: add thread_group worker async_tx_issue_pending_all
    - drm/vmwgfx: Fix gcc-7.1.1 warning
    - drm/nouveau/bar/gf100: fix access to upper half of BAR2
    - KVM: PPC: Book3S HV: Context-switch EBB registers properly
    - KVM: PPC: Book3S HV: Restore critical SPRs to host values on guest exit
    - KVM: PPC: Book3S HV: Reload HTM registers explicitly
    - KVM: PPC: Book3S HV: Save/restore host values of debug registers
    - Revert "powerpc/numa: Fix percpu allocations to be NUMA aware"
    - Staging: comedi: comedi_fops: Avoid orphaned proc entry
    - drm/rcar: Nuke preclose hook
    - drm: rcar-du: Perform initialization/cleanup at probe/remove time
    - drm: rcar-du: Simplify and fix probe error handling
    - perf intel-pt: Fix ip compression
    - perf intel-pt: Fix last_ip usage
    - perf intel-pt: Use FUP always when scanning for an IP
    - perf intel-pt: Ensure never to set 'last_ip' when packet 'count' is zero
    - xfs: don't BUG() on mixed direct and mapped I/O
    - nfc: fdp: fix NULL pointer dereference
    - net: phy: Do not perform software reset for Generic PHY
    - isdn: Fix a sleep-in-atomic bug
    - isdn/i4l: fix buffer overflow
    - ath10k: fix null deref on wmi-tlv when trying spectral scan
    - wil6210: fix deadlock when using fw_no_recovery option
    - mailbox: always wait in mbox_send_message for blocking Tx mode
    - mailbox: skip complete wait event if timer expired
    - mailbox: handle empty message in tx_tick
    - mpt3sas: Don't overreach ioc->reply_post[] during initialization
    - kaweth: fix firmware download
    - kaweth: fix oops upon failed memory allocation
    - sched/cgroup: Move sched_online_group() back into css_online() to fix crash
    - PM / Domains: defer dev_pm_domain_set() until genpd->attach_dev succeeds if
      present
    - RDMA/uverbs: Fix the check for port number
    - libnvdimm, btt: fix btt_rw_page not returning errors
    - ipmi/watchdog: fix watchdog timeout set on reboot
    - v4l: s5c73m3: fix negation operator
    - pstore: Allow prz to control need for locking
    - pstore: Correctly initialize spinlock and flags
    - pstore: Use dynamic spinlock initializer
    - net: skb_needs_check() accepts CHECKSUM_NONE for tx
    - sched/cputime: Fix prev steal time accouting during CPU hotplug
    - xen/blkback: don't free be structure too early
    - xen/blkback: don't use xen_blkif_get() in xen-blkback kthread
    - tpm: fix a kernel memory leak in tpm-sysfs.c
    - tpm: Replace device number bitmap with IDR
    - x86/mce/AMD: Make the init code more robust
    - r8169: add support for RTL8168 series add-on card.
    - ARM: dts: n900: Mark eMMC slot with no-sdio and no-sd flags
    - net/mlx4: Remove BUG_ON from ICM allocation routine
    - drm/msm: Ensure that the hardware write pointer is valid
    - drm/msm: Verify that MSM_SUBMIT_BO_FLAGS are set
    - vfio-pci: use 32-bit comparisons for register address for gcc-4.5
    - irqchip/keystone: Fix "scheduling while atomic" on rt
    - ASoC: tlv320aic3x: Mark the RESET register as volatile
    - spi: dw: Make debugfs name unique between instances
    - ASoC: nau8825: fix invalid configuration in Pre-Scalar of FLL
    - irqchip/mxs: Enable SKIP_SET_WAKE and MASK_ON_SUSPEND
    - openrisc: Add _text symbol to fix ksym build error
    - dmaengine: ioatdma: Add Skylake PCI Dev ID
    - dmaengine: ioatdma: workaround SKX ioatdma version
    - dmaengine: ti-dma-crossbar: Add some 'of_node_put()' in error path.
    - ARM64: zynqmp: Fix W=1 dtc 1.4 warnings
    - ARM64: zynqmp: Fix i2c node's compatible string
    - ARM: s3c2410_defconfig: Fix invalid values for NF_CT_PROTO_*
    - ACPI / scan: Prefer devices without _HID/_CID for _ADR matching
    - usb: gadget: Fix copy/pasted error message
    - Btrfs: adjust outstanding_extents counter properly when dio write is split
    - tools lib traceevent: Fix prev/next_prio for deadline tasks
    - xfrm: Don't use sk_family for socket policy lookups
    - perf tools: Install tools/lib/traceevent plugins with install-bin
    - perf symbols: Robustify reading of build-id from sysfs
    - video: fbdev: cobalt_lcdfb: Handle return NULL error from devm_ioremap
    - vfio-pci: Handle error from pci_iomap
    - arm64: mm: fix show_pte KERN_CONT fallout
    - nvmem: imx-ocotp: Fix wrong register size
    - sh_eth: enable RX descriptor word 0 shift on SH7734
    - ALSA: usb-audio: test EP_FLAG_RUNNING at urb completion
    - HID: ignore Petzl USB headlamp
    - scsi: fnic: Avoid sending reset to firmware when another reset is in
      progress
    - scsi: snic: Return error code on memory allocation failure
    - ASoC: dpcm: Avoid putting stream state to STOP when FE stream is paused
    - Linux 4.4.80

* Please only recommend or suggest initramfs-tools | linux-initramfs-tool for
    kernels able to boot without initramfs (LP: #1700972)
    - [Debian] Don't depend on initramfs-tools

-- Stefan Bader <stefan.bader@canonical.com>  Tue, 12 Sep 2017 15:40:01 +0200

Changed in linux (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Colin Ian King (colin-king) on 2017-09-19

Changed in linux (Ubuntu):
status:	In Progress → Fix Released

Ubuntu
linux package

accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Affects		Status	Importance	Assigned to	Milestone
	linux (Ubuntu)	Fix Released	High	Colin Ian King
	Xenial	Fix Released	Undecided	Unassigned

Ubuntulinux package

accessing /dev/hvc1 with stress-ng on Ubuntu xenial causes crash

Bug Description

CVE References

Other bug subscribers

Remote bug watches

Ubuntu
linux package