pty03 from pty in ubuntu_ltp failed on Eoan
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-kernel-tests |
Fix Released
|
Undecided
|
Po-Hsu Lin | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Po-Hsu Lin | ||
Xenial |
Fix Released
|
Undecided
|
Po-Hsu Lin | ||
Bionic |
Fix Released
|
Undecided
|
Po-Hsu Lin | ||
Disco |
Won't Fix
|
Undecided
|
Po-Hsu Lin | ||
Eoan |
Fix Released
|
Undecided
|
Po-Hsu Lin |
Bug Description
== Justification ==
The test case pty03 from pty in ubuntu_ltp is failing with kernel NULL
pointer dereference:
[ 951.306823] BUG: kernel NULL pointer dereference, address: 0000000000000020
[ 951.309960] #PF: supervisor write access in kernel mode
[ 951.312130] #PF: error_code(0x0002) - not-present page
[ 951.314227] PGD 0 P4D 0
[ 951.315278] Oops: 0002 [#1] SMP PTI
[ 951.316705] CPU: 1 PID: 39102 Comm: pty03 Not tainted 5.4.0-12-generic #15-Ubuntu
[ 951.319737] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.2-1ubuntu1 04/01/2014
[ 951.322713] RIP: 0010:queue_
[ 951.352494] Call Trace:
[ 951.353244] slip_write_
[ 951.354600] tty_wakeup+
[ 951.355539] pty_unthrottle+
[ 951.356560] tty_unthrottle+
[ 951.357566] __tty_perform_
[ 951.358768] n_tty_ioctl_
[ 951.359955] n_tty_ioctl+
[ 951.360930] tty_ioctl+
[ 951.361882] ? __switch_
[ 951.363049] ? __switch_
[ 951.364191] ? __switch_
[ 951.365261] ? __switch_
[ 951.366382] ? __switch_
[ 951.367452] ? __switch_
[ 951.368523] ? __switch_
[ 951.369693] ? __switch_
[ 951.370829] ? __switch_
[ 951.371923] ? __switch_
[ 951.372998] ? __switch_
[ 951.374097] ? __switch_
[ 951.375183] ? __switch_
[ 951.376288] ? __switch_
[ 951.377390] ? __switch_
[ 951.378863] do_vfs_
[ 951.380269] ? __schedule+
[ 951.381761] ksys_ioctl+
[ 951.383076] __x64_sys_
[ 951.384510] do_syscall_
[ 951.385896] entry_SYSCALL_
== Fixes ==
Indicated by the test case, this issue can be fixed by:
* 0ace17d5 (can, slip: Protect tty->disc_data in write_wakeup and
close with RCU)
This patch can be cherry-picked into all of our kernels.
== Test ==
Test kernels could be found here:
https:/
Tested on KVM nodes and the patched kernels work as expected, there
will be no more kernel null pointer dereference issue, and the test
can finish properly.
== Regression potential ==
Low, changes limited to two specific drivers for serial line TTY. This
issue can be reproduced quite easily and the patched kernels show
positive results.
== Original Bug Report ==
startup='Thu Feb 6 02:45:23 2020'
tst_test.c:1215: INFO: Timeout per run is 0h 05m 00s
pty03.c:101: INFO: Creating PTY with SLIP line discipline
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Test timeouted, sending SIGKILL!
Cannot kill test processes!
Congratulation, likely test hit a kernel bug.
Exitting uncleanly...
tag=pty03 stime=1580957123 dur=350 exit=exited stat=1 core=no cu=0 cs=0
This is a new test case, so it's not a regression.
CVE References
tags: | added: eoan sru-20200127 ubuntu-ltp |
tags: | added: 5.3 |
summary: |
- pty03 from ubuntu_ltp failed on Eoan + pty03 from pty in ubuntu_ltp failed on Eoan |
Changed in linux (Ubuntu Eoan): | |
status: | New → Confirmed |
description: | updated |
Changed in linux (Ubuntu Xenial): | |
status: | New → Confirmed |
Changed in linux (Ubuntu Bionic): | |
status: | Confirmed → In Progress |
assignee: | nobody → Po-Hsu Lin (cypressyew) |
Changed in ubuntu-kernel-tests: | |
assignee: | nobody → Po-Hsu Lin (cypressyew) |
status: | Confirmed → In Progress |
Changed in linux (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Disco): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Eoan): | |
status: | In Progress → Fix Committed |
tags: | added: sru-20200217 |
Changed in linux (Ubuntu): | |
status: | In Progress → Fix Released |
Changed in linux (Ubuntu Disco): | |
status: | Fix Committed → Won't Fix |
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:
apport-collect 1862114
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the Ubuntu Kernel Team.