4.15 s390x kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu on IBM z Systems |
Fix Released
|
Undecided
|
bugproxy | ||
linux (Ubuntu) |
Fix Released
|
High
|
Colin Ian King | ||
Bionic |
Fix Released
|
High
|
Stefan Bader | ||
Cosmic |
Fix Released
|
High
|
Stefan Bader |
Bug Description
[SRU Justification]
== Impact ==
Several helper functions in the s390x code which handle accessing sysfs attributes were missing protection against races. Concurrent access would be able to trigger kernel bugs.
== Fix ==
The following two upstream commits (from v5.0 upstream) will fix the issue:
78b1a52e05c9 virtio/s390: fix race in ccw_io_helper()
2448a299ec41 virtio/s390: avoid race on vcdev->config
== Testcase ==
see below
== Risk of Regression ==
Changes are isolated to architecture code and are verified by running the stress testing, so overall should be low.
uname -a
Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 s390x s390x s390x GNU/Linux
and same for 4.15.0-29-generic and 4.17.0-8-generic
Steps to reproduce this bug:
git clone git://kernel.
cd stress-ng
make clean
make
And run with:
./stress-ng --sysfs 0 -t 60
.. wait a few seconds and then:
[ 119.445891] ------------[ cut here ]------------
[ 119.445898] kernel BUG at /build/
[ 119.446093] illegal operation: 0001 ilc:1 [#3] SMP
[ 119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_
[ 119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P D O 4.15.0-33-generic #36-Ubuntu
[ 119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc (virtblk_
[ 119.446177] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 0000000000006545
[ 119.446196] 000003ff800058da 0000000000006546 000000006bf537c0 000000006b60a100
[ 119.446198] 0000000000000000 0000000000690648 000000007cc3de40 000000007a74b000
[ 119.446202] 000003ff80008210 0000000000000000 000003ff800058da 000000007ac1bce8
[ 119.446210] Krnl Code: 000003ff80005912: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 119.446210] 000003ff80005918: c0f400000560 brcl 15,3ff800063d8
[ 119.446210] #000003ff8000591e: a7f40001 brc 15,3ff80005920
[ 119.446210] >000003ff80005922: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005924: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005926: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005928: c00400000000 brcl 0,3ff80005928
[ 119.446210] 000003ff8000592e: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 119.446226] Call Trace:
[ 119.446229] ([<000003ff8000
[ 119.446234] [<0000000000690
[ 119.446240] [<0000000000424
[ 119.446259] [<00000000003b0
[ 119.446262] [<0000000000382
[ 119.446274] [<0000000000382
[ 119.446278] [<00000000008e3
[ 119.446279] Last Breaking-
[ 119.446281] [<000003ff80005
[ 119.446283]
[ 119.446284] ---[ end trace 2c2403d726047e4a ]---
For 4.17.0-8-generic:
[ 25.170715] kernel BUG at drivers/
[ 25.170795] illegal operation: 0001 ilc:1 [#1] SMP
[ 25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) lttng_lib_
[ 25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P OE 4.17.0-8-generic #9-Ubuntu
[ 25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 (virtblk_
[ 25.170846] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 0000000000000891
[ 25.170850] 0000000000000000 0000000000000892 0000000000000000 000000007176e800
[ 25.170852] 000000006f447f00 0000000000684300 000000006f492b40 000000006ca7a000
[ 25.170853] 000003ff80018218 000000007b5e6e40 000003ff8001561a 000000006f447ce8
[ 25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 25.170861] 000003ff80015652: c0f40000065b brcl 15,3ff80016308
[ 25.170861] #000003ff80015658: a7f40001 brc 15,3ff8001565a
[ 25.170861] >000003ff8001565c: 0707 bcr 0,%r7
[ 25.170861] 000003ff8001565e: 0707 bcr 0,%r7
[ 25.170861] 000003ff80015660: c00400000000 brcl 0,3ff80015660
[ 25.170861] 000003ff80015666: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 25.170861] 000003ff8001566c: a7f13f80 tmll %r15,16256
[ 25.170878] Call Trace:
[ 25.170881] ([<000003ff8001
[ 25.170888] [<0000000000684
[ 25.170895] [<0000000000425
[ 25.170899] [<00000000003b1
[ 25.170903] [<0000000000384
[ 25.170905] [<0000000000384
[ 25.170909] [<00000000008db
[ 25.170910] Last Breaking-
[ 25.170912] [<000003ff80015
[ 25.170913]
[ 25.170914] ---[ end trace 14f89544f0f55795 ]---
Changed in linux (Ubuntu): | |
importance: | Undecided → High |
Changed in linux (Ubuntu): | |
status: | Incomplete → Triaged |
Changed in linux (Ubuntu Bionic): | |
status: | New → Triaged |
importance: | Undecided → High |
description: | updated |
Changed in ubuntu-z-systems: | |
status: | New → Triaged |
assignee: | nobody → bugproxy (bugproxy) |
tags: | added: reverse-proxy-bugzilla s390x |
tags: | added: architecture-s39064 bugnameltc-170918 severity-high targetmilestone-inin1804 |
Changed in linux (Ubuntu Bionic): | |
status: | Triaged → In Progress |
Changed in linux (Ubuntu): | |
status: | Triaged → In Progress |
Changed in ubuntu-z-systems: | |
status: | Triaged → In Progress |
description: | updated |
Changed in linux (Ubuntu Bionic): | |
assignee: | nobody → Stefan Bader (smb) |
Changed in linux (Ubuntu Cosmic): | |
assignee: | nobody → Stefan Bader (smb) |
status: | Triaged → In Progress |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Cosmic): | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | In Progress → Fix Committed |
Changed in ubuntu-z-systems: | |
status: | Fix Committed → Fix Released |
tags: | added: cscc |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1788432
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.