BUG at /build/buildd/linux-2.6.38/mm/swapfile.c:255

Bug #854050 reported by Scott Moser
52
This bug affects 8 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Fix Released
Medium
Unassigned
Natty
Fix Released
Medium
Stefan Bader
Oneiric
Fix Released
Medium
Stefan Bader

Bug Description

SRU Justification:

Impact: An upstream change in 2.6.31 tried to simplify the conditions of having the lazy mmu mode in paravirt disabled. With that in mind several instances where the lazy mmu mode was disabled explicitly have been removed. However it was found that from k(un)map_atomic there is a chance to cause an oops.

Fix: The following patch has been sent upstream (currently it is only in the -mm tree and linux-next). It has been tested to fix the problem on 2.6.38. The specific symptom seen, seems to have come up since 2.6.37, however the lines of code that are re-introduced have been removed since 2.6.31.

Testcase: Trying to do forks under high load should trigger the issue (at least on 2.6.37+ kernels)

--

I'm filing this bug in response to threads at [1] and [2]. From those threads, we see reported that
 * the instance becomes unavailable.
 * the issue is reported to have to have been seen multiple different instance types
    [TYPE: m2.xlarge, m1.large, t1.micro ( all types have hung ) ]
 * at [2] there is BUG_ON output pointing at swap, but I would not have expected a user of an m2.xlarge to be using swap, so I personally suspect that that hang is different.

[1] http://groups.google.com/group/ec2ubuntu/browse_frm/thread/57ff20c6370f7bb9
[2] https://forums.aws.amazon.com/message.jspa?messageID=262300

ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: linux-image-2.6.38-8-virtual 2.6.38-8.42
ProcVersionSignature: User Name 2.6.38-8.42-virtual 2.6.38.2
Uname: Linux 2.6.38-8-virtual x86_64
AlsaDevices:
 total 0
 crw------- 1 root root 116, 1 2011-09-19 17:02 seq
 crw------- 1 root root 116, 33 2011-09-19 17:02 timer
AplayDevices: Error: [Errno 2] No such file or directory
Architecture: amd64
ArecordDevices: Error: [Errno 2] No such file or directory
CurrentDmesg: [ 16.930013] eth0: no IPv6 routers present
Date: Mon Sep 19 17:23:59 2011
Ec2AMI: ami-1aad5273
Ec2AMIManifest: (unknown)
Ec2AvailabilityZone: us-east-1c
Ec2InstanceType: t1.micro
Ec2Kernel: aki-427d952b
Ec2Ramdisk: unavailable
Lspci:

Lsusb: Error: command ['lsusb'] failed with exit code 1:
ProcEnviron:
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcKernelCmdLine: root=LABEL=uec-rootfs ro console=hvc0
ProcModules: acpiphp 24097 0 - Live 0x0000000000000000
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Scott Moser (smoser) wrote :
Revision history for this message
Brad Figg (brad-figg) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 854050

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Scott Moser (smoser)
Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
Ben Howard (darkmuggle-deactivatedaccount) wrote :

Reposting stack trace from AWS Forum:
http://1031641.210729 ------------ cut here ------------
http://1031641.210760 kernel BUG at /build/buildd/linux-2.6.38/mm/swapfile.c:2552!
http://1031641.210775 invalid opcode: 0000 1 SMP
http://1031641.210788 last sysfs file: /sys/devices/system/cpu/cpu1/cache/index2/shared_cpu_map
http://1031641.210799 Modules linked in: acpiphp
http://1031641.210813
http://1031641.210820 Pid: 21621, comm: apache2 Not tainted 2.6.38-8-virtual #42-Ubuntu
http://1031641.210840 EIP: 0061:<c0218816> EFLAGS: 00210246 CPU: 0
http://1031641.210865 EIP is at swap_count_continued.clone.15+0x1a6/0x1b0
http://1031641.210875 EAX: f57ba9c1 EBX: 000009c1 ECX: 80000000 EDX: 00000000
http://1031641.210884 ESI: ed01f540 EDI: 00000080 EBP: e6fa3e18 ESP: e6fa3e08
http://1031641.210893 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0069
http://1031641.210903 Process apache2 (pid: 21621, ti=e6fa2000 task=df235860 task.ti=e6fa2000)
http://1031641.210915 Stack:
http://1031641.210924 ed3d8700 eadcfc00 00000040 0000c9c1 e6fa3e40 c021896d 00000080 c063655d
http://1031641.210956 e6fa3e40 0000c9c1 edc52000 0000c9c1 00000000 00000000 e6fa3e4c c0219820
http://1031641.210987 e72c8e20 e6fa3eac c0209471 00000000 80000000 00000041 c08c08c0 00000000
http://1031641.211018 Call Trace:
http://1031641.211028 <c021896d> swap_entry_free+0x14d/0x170
http://1031641.211044 <c063655d> ? _raw_spin_lock+0xd/0x10
http://1031641.211055 <c0219820> swap_free+0x20/0x30
http://1031641.211066 <c0209471> do_swap_page+0x3b1/0x670
http://1031641.211077 <c020aee9> handle_pte_fault+0x259/0x2f0
http://1031641.211090 <c0105a54> ? pte_mfn_to_pfn+0xa4/0xc0
http://1031641.211103 <c013c95c> ? kmap_atomic_prot+0x4c/0x120
http://1031641.211114 <c020bbe9> handle_mm_fault+0x109/0x190
http://1031641.211126 <c0639d00> ? do_page_fault+0x0/0x490
http://1031641.211136 <c0639e5e> do_page_fault+0x15e/0x490
http://1031641.211148 <c020f9ad> ? sys_brk+0xdd/0x110
http://1031641.211158 <c0639d00> ? do_page_fault+0x0/0x490
http://1031641.211169 <c063706f> error_code+0x67/0x6c
http://1031641.211177 Code: ff 89 f0 e8 3d 42 f2 ff 01 d8 8d 76 00 c6 00 00 ba 01 00 00 00 eb 9b 89 f8 3c 80 0f 94 c0 e9 90 fe ff ff 0f 0b 0f 0b 0f 0b 0f 0b <0f> 0b 90 8d b4 26 00 00 00 00 55 89 e5 57 56 53 83 ec 14 3e 8d
http://1031641.211372 EIP: <c0218816> swap_count_continued.clone.15+0x1a6/0x1b0 SS:ESP 0069:e6fa3e08
http://1031641.211406 --- end trace f28cba30297d4784 ---
{/code}

Edited by: aoghina on May 28, 2011 12:18 PM

Changed in linux (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Stefan Bader (smb) wrote :

The ami which was reported to cause the problems, as well as the traces I saw so far are about ubuntu 11.04 but at least with a kernel at the level of release (2.6.38-8.42). It is probably part of the problem that "the Ubuntu image" not necessarily is the latest one. Even if any bug was fixed by stable updates, if only the initial release kernel is in use it does not help.

Following some of the other aws links about the problem with the stack trace including reference to paging, it does not seem to be completely understood. Roughly it seems the issue started with 2.6.37 and is ongoing.

https://lkml.org/lkml/2011/8/26/310

There is a patch mentioned there with the suggestion to revert. But that only got in with 3.0 afaics which would make it unlikely to be the reason. I will try to look at those reproducers mentioned to see whether I can trigger any crash with those as a next step.

Revision history for this message
Stefan Bader (smb) wrote :

So far I have not been successful in reproducing the crash above. Neither on Amazon instances, nor on my own testsystem. Though I only used the eatmem code mentioned in the LKML thread. There was a php example in some other threads but that seemed to require some other hosts for communication.
I will keep my eye on the upstream thread (actually threads, I think there was another one by the same message/problem).

Revision history for this message
Lauri Ojansivu (xet7) wrote :

In this related Amazon forum thread:
https://forums.aws.amazon.com/thread.jspa?threadID=73763&tstart=0
is link to a patch:
https://lkml.org/lkml/2011/9/22/331

Could the affected people test does this fix it? And if yes, get it into Ubuntu kernel? At leas on LKML it has been confirmed to work:
https://lkml.org/lkml/2011/9/22/354

I'm also investigating if this bug is for Apache only, if switching to Nginx and PHP-FPM would work.

Revision history for this message
Stefan Bader (smb) wrote :

That patch has been submitted today (basically the one referenced above). According to the commit ID that is said to introduce the problem, this would affect everything back to 2.6.32 (Lucid). However potentially for Lucid only the non-ec2 kernels as for ec2 we got a very different xen codebase.

Revision history for this message
Stefan Bader (smb) wrote :

As I understand it this would affect forks under heavy load, so not only apache would be at risk. If there is need I could provide test kernel packages, I am just not sure which release to start with. Please let me know. Also has someone succeeded in re-creating the problem without apache involvement? Though I might have an idea for that with the explanation in the patch.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Amazon EC2 instance where we had this has this in boot log with latest updates:
Booting 'Ubuntu 11.04, kernel 2.6.38-11-virtual'
That 2.6.38-11-virtual kernel is in Ubuntu Natty repositories as I just searched. It's for x86_64. If test kernel package is created, how do I prevent other Ubuntu kernel updates overwriting it?
Anyway, on our case on AWS Apache starts to consume lots of memory and then crash with this bug on high load.
So, test packages welcome.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

x86 version of the same package is also used on some servers that don't need so much memory so it would be nice to have too.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Stefan, we currently have instances crashing all the time during high load due to this bug so test packages for this are needed. Thanks!

Dave Walker (davewalker)
tags: added: server-o-ro
Revision history for this message
Stefan Bader (smb) wrote :

I put the kernel packages to http://people.canonical.com/~smb/lp854050/
The version number is overriding the current 11.04 kernel but I cannot prevent a newer official kernel package to override that when it gets released.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Thanks! We have started to use x86 version and will monitor the situation how it stays up.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Since installing patched kernel we have not needed to manually terminate instances and site has been available all the time. The bug has not appeared again.

Currently running instances have uptime of:
- 1 day 6 min
- 13:14
- 2:33

Currently there is low traffic so only 3 instances in use. Autoscaling or elb health check has automatically terminated single instances and started new ones depending on load. So this fix has really helped us!

What is the process of getting this fix into main Ubuntu kernel, so that it does not need to be patched in every time? Do you need more info about something?

Revision history for this message
Stefan Bader (smb) wrote :

Right now I am waiting to see this change really get into the upstream kernel tree. As soon as that happens I would start the SRU process. At some point there will be an update here saying that proposed kernels are ready for verification. At that time your help in testing those is needed and highly appreciated.

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Thanks a lot! We will test proposed kernels then. This kernel patch fixed problem for us, no downtime since the change.

tags: added: patch
Stefan Bader (smb)
description: updated
Revision history for this message
Stefan Bader (smb) wrote :

This would be the backported version of the upstream patch. Since the change that is taken back was in 2.6.31 there may be a problem in Maverick and Lucid as well. But I am not sure that this problem has been observed there. At least this specific crash seems to have started with 2.6.37 only.

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

The attachment "[PATCH] x86_paravirt: Partially revert "remove lazy mode in interrupts".txt" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

Stefan Bader (smb)
Changed in linux (Ubuntu Natty):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → Fix Committed
Changed in linux (Ubuntu Oneiric):
assignee: nobody → Stefan Bader (stefan-bader-canonical)
importance: Undecided → Medium
status: New → Fix Committed
Revision history for this message
Lauri Ojansivu (xet7) wrote :

Could we have test kernel for current Ubuntu Oneiric version?

Revision history for this message
Lauri Ojansivu (xet7) wrote :
Download full text (5.1 KiB)

Ubuntu kernel has updates to 12:
Booting 'Ubuntu 11.04, kernel 2.6.38-12-virtual'

And here's the same bug again:
cloud-init boot finished at Mon, 07 Nov 2011 10:06:53 +0000. Up 31.47 seconds
[82511.071442] ------------[ cut here ]------------
[82511.071467] kernel BUG at /build/buildd/linux-2.6.38/mm/swapfile.c:2552!
[82511.071477] invalid opcode: 0000 [#1] SMP
[82511.071490] last sysfs file: /sys/devices/system/cpu/cpu1/cache/index2/shared_cpu_map
[82511.071501] Modules linked in: nfsd exportfs nfs lockd fscache nfs_acl auth_rpcgss sunrpc acpiphp
[82511.071540]
[82511.071548] Pid: 15603, comm: apache2 Not tainted 2.6.38-12-virtual #51-Ubuntu
[82511.071583] EIP: 0061:[<c0218bb6>] EFLAGS: 00210246 CPU: 1
[82511.071597] EIP is at swap_count_continued.clone.15+0x1a6/0x1b0
[82511.071614] EAX: f57a68f5 EBX: 000008f5 ECX: 80000000 EDX: 00000000
[82511.071624] ESI: ed1c9820 EDI: 00000080 EBP: e6e55de8 ESP: e6e55dd8
[82511.071634] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0069
[82511.071649] Process apache2 (pid: 15603, ti=e6e54000 task=e4c225e0 task.ti=e6e54000)
[82511.071659] Stack:
[82511.071665] ed3d9e80 eac760c0 00000000 000058f5 e6e55e10 c0218d0d 00000080 c0636fed
[82511.071693] e6e55e10 000058f5 edc65000 000058f5 e6e55eec eac760c0 e6e55e24 c021ae31
[82511.071722] e54f1de0 e6e55eec 00000000 e6e55e80 c0209d53 5eab6025 80000000 ecc7a100
[82511.071751] Call Trace:
[82511.071761] [<c0218d0d>] swap_entry_free+0x14d/0x170
[82511.071774] [<c0636fed>] ? _raw_spin_lock+0xd/0x10
[82511.071785] [<c021ae31>] free_swap_and_cache+0x51/0x100
[82511.071796] [<c0209d53>] zap_pte_range+0x2d3/0x410
[82511.071809] [<c0105755>] ? pte_pfn_to_mfn+0x85/0xa0
[82511.071821] [<c0209fa5>] unmap_page_range+0x115/0x1b0
[82511.071831] [<c020a607>] unmap_vmas+0x137/0x280
[82511.071842] [<c02109de>] exit_mmap+0x9e/0x160
[82511.071855] [<c0156c1b>] mmput+0x3b/0xd0
[82511.071865] [<c015cd0e>] exit_mm+0xfe/0x130
[82511.071875] [<c0637138>] ? _raw_spin_lock_irq+0x18/0x20
[82511.071886] [<c015ce59>] do_exit+0x119/0x350
[82511.071896] [<c020f8ae>] ? do_munmap+0x1fe/0x280
[82511.071907] [<c015d1ee>] do_group_exit+0x3e/0xa0
[82511.071917] [<c015d268>] sys_exit_group+0x18/0x20
[82511.071928] [<c010ab5f>] sysenter_do_call+0x12/0x28
[82511.071937] Code: ff 89 f0 e8 dd 40 f2 ff 01 d8 8d 76 00 c6 00 00 ba 01 00 00 00 eb 9b 89 f8 3c 80 0f 94 c0 e9 90 fe ff ff 0f 0b 0f 0b 0f 0b 0f 0b <0f> 0b 90 8d b4 26 00 00 00 00 55 89 e5 57 56 53 83 ec 14 3e 8d
[82511.072010] EIP: [<c0218bb6>] swap_count_continued.clone.15+0x1a6/0x1b0 SS:ESP 0069:e6e55dd8
[82511.072010] ---[ end trace 8c1ca21999464a70 ]---
[82511.072010] Fixing recursive fault but reboot is needed!
[82511.072010] BUG: scheduling while atomic: apache2/15603/0x00000002
[82511.072010] Modules linked in: nfsd exportfs nfs lockd fscache nfs_acl auth_rpcgss sunrpc acpiphp
[82511.072010] Pid: 15603, comm: apache2 Tainted: G D 2.6.38-12-virtual #51-Ubuntu
[82511.072010] Call Trace:
[82511.072010] [<c0147dd2>] ? __schedule_bug+0x62/0x70
[82511.072010] [<c06351e3>] ? schedule+0x713/0x740
[82511.072010] [<c015975b>] ? vprintk+0x18b/0x480
[82511.072010] [<c015d05b>] ? do_exit+0x31b/0x350
[82511.072010] [<c06349a9...

Read more...

Revision history for this message
Lauri Ojansivu (xet7) wrote :

In the meantime we'll try to freeze previous working kernel version so it does not update automatically yet.

Revision history for this message
Herton R. Krzesinski (herton) wrote :

This bug is awaiting verification that the kernel for Natty in -proposed solves the problem (2.6.38-13.52). Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-natty' to 'verification-done-natty'.

If verification is not done by one week from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-natty
Revision history for this message
Lauri Ojansivu (xet7) wrote :
Download full text (15.0 KiB)

We have tested it under high load and it has performed well, here's the boot log, nothing bug related was there:

    Xen Minimal OS!
  start_info: 0xb1a000(VA)
    nr_pages: 0x6cc00
  shared_inf: 0xbff4a000(MA)
     pt_base: 0xb1d000(VA)
nr_pt_frames: 0x9
    mfn_list: 0x967000(VA)
   mod_start: 0x0(VA)
     mod_len: 0
       flags: 0x0
    cmd_line: root=/dev/sda1 ro 4
  stack: 0x946780-0x966780
MM: Init
      _text: 0x0(VA)
     _etext: 0x621f5(VA)
   _erodata: 0x76000(VA)
     _edata: 0x7b6d4(VA)
stack start: 0x946780(VA)
       _end: 0x966d34(VA)
  start_pfn: b29
    max_pfn: 6cc00
Mapping memory range 0xc00000 - 0x6cc00000
setting 0x0-0x76000 readonly
skipped 0x1000
MM: Initialise page allocator for e8a000(e8a000)-0(6cc00000)
MM: done
Demand map pfns at 6cc01000-7cc01000.
Heap resides at 7cc02000-bcc02000.
Initialising timer interface
Initialising console ... done.
gnttab_table mapped at 0x6cc01000.
Initialising scheduler
Thread "Idle": pointer: 0x7cc02008, stack: 0x6c850000
Initialising xenbus
Thread "xenstore": pointer: 0x7cc02478, stack: 0x6c860000
Dummy main: start_info=0x966880
Thread "main": pointer: 0x7cc028e8, stack: 0x6c870000
"main" "root=/dev/sda1" "ro" "4"
vbd 2049 is hd0
******************* BLKFRONT for device/vbd/2049 **********

backend at /local/domain/0/backend/vbd/15/2049
Failed to read /local/domain/0/backend/vbd/15/2049/feature-barrier.
Failed to read /local/domain/0/backend/vbd/15/2049/feature-flush-cache.
16777216 sectors of 0 bytes
**************************
vbd 2050 is hd1
******************* BLKFRONT for device/vbd/2050 **********

backend at /local/domain/0/backend/vbd/15/2050
Failed to read /local/domain/0/backend/vbd/15/2050/feature-barrier.
Failed to read /local/domain/0/backend/vbd/15/2050/feature-flush-cache.
712971264 sectors of 0 bytes
**************************
vbd 2051 is hd2
******************* BLKFRONT for device/vbd/2051 **********

backend at /local/domain/0/backend/vbd/15/2051
Failed to read /local/domain/0/backend/vbd/15/2051/feature-barrier.
Failed to read /local/domain/0/backend/vbd/15/2051/feature-flush-cache.
1835008 sectors of 0 bytes
**************************

    [H
    [J Booting 'Ubuntu 11.04, kernel 2.6.38-13-virtual'

root (hd0)

 Filesystem type is ext2fs, using whole disk

kernel /boot/vmlinuz-2.6.38-13-virtual root=LABEL=uec-rootfs ro console=hvc0

initrd /boot/initrd.img-2.6.38-13-virtual

close blk: backend at /local/domain/0/backend/vbd/15/2049
close blk: backend at /local/domain/0/backend/vbd/15/2050
close blk: backend at /local/domain/0/backend/vbd/15/2051
[ 0.000000] Reserving virtual address space above 0xf5800000
[ 0.000000] Initializing cgroup subsys cpuset
[ 0.000000] Initializing cgroup subsys cpu
[ 0.000000] Linux version 2.6.38-13-virtual (buildd@zirconium) (gcc version 4.5.2 (Ubuntu/Linaro 4.5.2-8ubuntu4) ) #52-Ubuntu SMP Tue Nov 8 18:54:04 UTC 2011 (Ubuntu 2.6.38-13.52-virtual 2.6.38.8)
[ 0.000000] ACPI in unprivileged domain disabled
[ 0.000000] released 0 pages of unused memory
[ 0.000000] BIOS-provided physical RAM map:
[ 0.000000] Xen: 0000000000000000 - 00000000000a0000 (usable)
[ 0.000000] Xen: 00000000000a0000 - ...

tags: added: verification-done-natty
removed: verification-needed-natty
Revision history for this message
Lauri Ojansivu (xet7) wrote :

Is there anything else that is needed to continue this SRU process for Natty?

And how about this patch with Oneiric? We'd like to upgrade to Oneiric at some point, at development environment there's some instances updated already but have not yet tested with Apache under high load, it would be safer to test with patch enabled kernel.

Revision history for this message
Herton R. Krzesinski (herton) wrote :

@Lauri Ojansivu: the natty update is on testing/QA now, if everything goes well we should have the update officially released in 1 week, nothing else needed.

About oneiric, the fix is scheduled to be included in next update, just wait here when the update is ready to be verified, I'll ask here for verification of oneiric update.

Revision history for this message
Herton R. Krzesinski (herton) wrote :

This bug is awaiting verification that the kernel for Oneiric in -proposed solves the problem (3.0.0-14.23). Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-oneiric' to 'verification-done-oneiric'.

If verification is not done by one week from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-oneiric
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 2.6.38-13.52

---------------
linux (2.6.38-13.52) natty-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #887379

  [ Konrad Rzeszutek Wilk ]

  * SAUCE: x86/paravirt: Partially revert "remove lazy mode in interrupts"
    - LP: #854050

  [ Ming Lei ]

  * SAUCE: [media] uvcvideo: Set alternate setting 0 on resume if the bus
    has been reset
    - LP: #816484

  [ Seth Forshee ]

  * SAUCE: acer-wmi: Add wireless quirk for Lenovo 3000 N200
    - LP: #857297

  [ Upstream Kernel Changes ]

  * Make TASKSTATS require root access, CVE-2011-2494
    - LP: #866021
    - CVE-2011-2494
  * proc: restrict access to /proc/PID/io, CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * proc: fix a race in do_io_accounting(), CVE-2011-2495
    - LP: #866025
    - CVE-2011-2495
  * staging: comedi: fix infoleak to userspace, CVE-2011-2909
    - LP: #869261
    - CVE-2011-2909
  * perf tools: do not look at ./config for configuration, CVE-2011-2905
    - LP: #869259
    - CVE-2011-2905
  * e1000e: workaround for packet drop on 82579 at 100Mbps
    - LP: #870127
  * eCryptfs: Remove unnecessary grow_file() function
    - LP: #745836
  * eCryptfs: Remove ECRYPTFS_NEW_FILE crypt stat flag
    - LP: #745836
  * block: blkdev_get() should access ->bd_disk only after success
    - LP: #857170
  * ipv6: restore correct ECN handling on TCP xmit
    - LP: #872179
  * nl80211: fix overflow in ssid_len - CVE-2011-2517
    - LP: #869245
    - CVE-2011-2517
  * ksm: fix NULL pointer dereference in scan_get_next_rmap_item() -
    CVE-2011-2183
    - LP: #869227
    - CVE-2011-2183
  * NLM: Don't hang forever on NLM unlock requests - CVE-2011-2491
    - LP: #869237
    - CVE-2011-2491
  * KVM: fix kvmclock regression due to missing clock update
    - LP: #795717
  * drm/i915: don't enable plane, pipe and PLL prematurely
    - LP: #812638
  * drm/i915: add pipe/plane enable/disable functions
    - LP: #812638
 -- Herton Ronaldo Krzesinski <email address hidden> Mon, 07 Nov 2011 22:11:51 -0200

Changed in linux (Ubuntu Natty):
status: Fix Committed → Fix Released
Revision history for this message
Stefan Bader (smb) wrote :

Note, that there is now a proposed kernel for Oneiric with the patch applied. It would be good if someone could also provide feedback about that kernel. Thanks

Revision history for this message
Lauri Ojansivu (xet7) wrote :

Coworker tested some time today but his time run out and had already shut down instances before getting logs. So I'll tomorrow test more, but also I see that time to test it is running out, and we need this patch in Oneiric so that upgrading to Oneiric isn't blocked. I will post results of our tests tomorrow, it's already 23:20 here so too late to test at night. How much there is time to test left?

Lauri Ojansivu (xet7)
tags: added: verification-done-oneiric
removed: verification-needed-oneiric
Revision history for this message
Herton R. Krzesinski (herton) wrote :

@Lauri Ojansivu: testing until friday is fine.

Revision history for this message
Herton R. Krzesinski (herton) wrote :

@Lauri Ojansivu: once you finish testing, please change the tag back to verification-done-oneiric.

tags: added: verification-needed-oneiric
removed: verification-done-oneiric
Revision history for this message
Rolf Timmermans (rolftimmermans) wrote :

We have been suffering from this problem on an Amazon EC2 instance running Oneiric. The instance was freezing about once a day on busy days due to forking done by apache-mpm-prefork.

After installing the proposed kernel 3.0.0-14.23, we have not seen the error reoccur. As far as we are concerned, this appears to be fixed.

tags: added: verification-done-oneiric
removed: verification-needed-oneiric
Revision history for this message
Lauri Ojansivu (xet7) wrote :

Rolf, thanks a lot for testing it! And I think it's enough you have tested it in production for this verification to be done.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 3.2.0-3.7

---------------
linux (3.2.0-3.7) precise; urgency=low

  [ Stefan Bader ]

  * SAUCE: x86/paravirt: PTE updates in k(un)map_atomic need to be
    synchronous, regardless of lazy_mmu mode
    - LP: #854050

  [ Tim Gardner ]

  * rebase to v3.2-rc4
 -- Leann Ogasawara <email address hidden> Fri, 02 Dec 2011 11:53:56 -0800

Changed in linux (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (24.8 KiB)

This bug was fixed in the package linux - 3.0.0-14.23

---------------
linux (3.0.0-14.23) oneiric-proposed; urgency=low

  [Herton R. Krzesinski]

  * Release Tracking Bug
    - LP: #893213

  [ Andy Whitcroft ]

  * debian: add locking to protect debian/files from parallel update

  [ Konrad Rzeszutek Wilk ]

  * SAUCE: x86/paravirt: Partially revert "remove lazy mode in interrupts"
    - LP: #854050

  [ Leann Ogasawara ]

  * Revert "ubuntu: fsam7400 disable driver"
    - LP: #876030

  [ Seth Forshee ]

  * [Config] Enable EVENT_POWER_TRACING_DEPRECATED=y for powertop

  [ Tim Gardner ]

  * Add postinit and postrm scripts to the extras package
    - LP: #882120
  * [Config] CONFIG_R6040=m
    - LP: #650899
  * [Config] CONFIG_MEMSTICK_R592=m
    - LP: #238208
  * [Config] CONFIG_HID_ACRUX_FF=y
    - LP: #890952

  [ Upstream Kernel Changes ]

  * Revert "NFS: Ensure that writeback_single_inode() calls write_inode()
    when syncing"
    - LP: #890952
  * sparc64: Force the execute bit in OpenFirmware's translation entries.
    - LP: #881420
  * sched/rt: Migrate equal priority tasks to available CPUs
    - LP: #881420
  * sched: Fix up wchan borkage
    - LP: #881420
  * ide-disk: Fix request requeuing
    - LP: #881420
  * posix-cpu-timers: Cure SMP wobbles
    - LP: #881420
  * lis3: fix regression of HP DriveGuard with 8bit chip
    - LP: #881420
  * ASoC: use a valid device for dev_err() in Zylonite
    - LP: #881420
  * ASoC: Fix setting update bits for WM8753_LADC and WM8753_RADC
    - LP: #881420
  * drm/radeon: Update AVIVO cursor coordinate origin before x/yorigin
    calculation.
    - LP: #881420
  * drm/radeon/kms: fix regression in DP aux defer handling
    - LP: #881420
  * drm/radeon/kms: add retry limits for native DP aux defer
    - LP: #881420
  * drm/radeon/kms: fix channel_remap setup (v2)
    - LP: #881420
  * ptp: fix L2 event message recognition
    - LP: #881420
  * x86/PCI: use host bridge _CRS info on ASUS M2V-MX SE
    - LP: #881420
  * qla2xxx: Fix crash in qla2x00_abort_all_cmds() on unload
    - LP: #881420
  * libsas: fix panic when single phy is disabled on a wide port
    - LP: #881420
  * md: Avoid waking up a thread after it has been freed.
    - LP: #881420
  * dm table: avoid crash if integrity profile changes
    - LP: #881420
  * mmc: mxs-mmc: fix clock rate setting
    - LP: #881420
  * exec: do not call request_module() twice from search_binary_handler()
    - LP: #881420
  * ARM: mach-ux500: enable fix for ARM errata 754322
    - LP: #881420
  * drm/radeon/kms: retry aux transactions if there are status flags
    - LP: #881420
  * drm/radeon/kms: use hardcoded dig encoder to transmitter mapping for
    DCE4.1
    - LP: #881420
  * ipv6: fix NULL dereference in udp6_ufo_fragment()
    - LP: #881420
  * ahci: Enable SB600 64bit DMA on Asus M3A
    - LP: #881420
  * MIPS: PM: Use struct syscore_ops instead of sysdevs for PM (v2)
    - LP: #881420
  * ftrace: Fix regression of :mod:module function enabling
    - LP: #881420
  * ftrace: Fix regression where ftrace breaks when modules are loaded
    - LP: #881420
  * ftrace: Fix warning when CONFIG_FUNCTION_TRACER is not defined
    - LP: #881420
  * ...

Changed in linux (Ubuntu Oneiric):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.