2018-06-11 18:39:45 |
Kiran Kumar Modukuri |
bug |
|
|
added bug |
2018-06-11 18:42:19 |
Kiran Kumar Modukuri |
description |
== SRU Justification ==
[Impact]
Oops during heavy NFS + FSCache + Cachefiles use:
kernel BUG at /build/linux-Y09MKI/linux-4.4.0/fs/fscache/internal.h:321!
kernel BUG at /build/linux-Y09MKI/linux-4.4.0/fs/fscache/cookie.c:639!
[Cause]
1)Two threads are trying to do operate on a cookie and two objects.
2a)One thread tries to unmount the filesystem and in process goes over
a huge list of objects marking them dead and deleting the objects.
cookie->usage is also decremented in
nfs_fscache_release_super_cookie
-> __fscache_relinquish_cookie
->__fscache_cookie_put
->BUG_ON(atomic_read(&cookie->usage) <= 0);
2b)second thread tries to lookup an object for reading data in fscache_alloc_object
1) cachefiles_alloc_object-> fscache_object_init -> assign cookie, but usage not bumped.
2) fscache_attach_object -> fails in cant_attach_object because the cookie's backing object
or cookie's->parent object are going away
3)fscache_put_object
-> cachefiles_put_object
->fscache_object_destroy
->fscache_cookie_put
->BUG_ON(atomic_read(&cookie->usage) <= 0);
[Fix]
Bump up the cookie usage in fscache_object_init,
when it is first being assigned a cookie atomically such that the cookie
is added and bumped up if its refcount is not zero.
remove the assignment in the attach_object.
[Testcase]
A user has run ~100 hours of NFS stress tests and not seen this bug recur.
[Regression Potential]
- Limited to fscache/cachefiles. |
== SRU Justification ==
[Impact]
Oops during heavy NFS + FSCache + Cachefiles use:
kernel BUG at /build/linux-Y09MKI/linux-4.4.0/fs/fscache/internal.h:321!
kernel BUG at /build/linux-Y09MKI/linux-4.4.0/fs/fscache/cookie.c:639!
[Cause]
1)Two threads are trying to do operate on a cookie and two objects.
2a)One thread tries to unmount the filesystem and in process goes over
a huge list of objects marking them dead and deleting the objects.
cookie->usage is also decremented in following path
nfs_fscache_release_super_cookie
-> __fscache_relinquish_cookie
->__fscache_cookie_put
->BUG_ON(atomic_read(&cookie->usage) <= 0);
2b)second thread tries to lookup an object for reading data in
following path
fscache_alloc_object
1) cachefiles_alloc_object
-> fscache_object_init
-> assign cookie, but usage not bumped.
2) fscache_attach_object -> fails in cant_attach_object because the
cookie's backing object or cookie's->parent object are going away
3)fscache_put_object
-> cachefiles_put_object
->fscache_object_destroy
->fscache_cookie_put
->BUG_ON(atomic_read(&cookie->usage) <= 0);
[Fix]
Bump up the cookie usage in fscache_object_init,
when it is first being assigned a cookie atomically such that the cookie
is added and bumped up if its refcount is not zero.
remove the assignment in the attach_object.
[Testcase]
A user has run ~100 hours of NFS stress tests and not seen this bug recur.
[Regression Potential]
- Limited to fscache/cachefiles. |
|
2018-06-11 19:00:05 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
2018-06-12 20:29:45 |
Joseph Salisbury |
linux (Ubuntu): importance |
Undecided |
Medium |
|
2018-06-12 20:29:50 |
Joseph Salisbury |
linux (Ubuntu): status |
Incomplete |
Triaged |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Bionic |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Bionic) |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Xenial |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Xenial) |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
nominated for series |
|
Ubuntu Trusty |
|
2018-08-24 15:15:34 |
Kleber Sacilotto de Souza |
bug task added |
|
linux (Ubuntu Trusty) |
|
2018-08-24 15:15:39 |
Kleber Sacilotto de Souza |
linux (Ubuntu Trusty): status |
New |
Fix Committed |
|
2018-08-27 10:31:18 |
Kleber Sacilotto de Souza |
linux (Ubuntu Xenial): status |
New |
Fix Committed |
|
2018-08-27 11:05:00 |
Brad Figg |
tags |
|
verification-needed-trusty |
|
2018-08-27 14:51:09 |
Kleber Sacilotto de Souza |
linux (Ubuntu Bionic): status |
New |
Fix Committed |
|
2018-08-28 15:00:02 |
David Coronel |
bug |
|
|
added subscriber David Coronel |
2018-08-28 17:02:02 |
Brad Figg |
tags |
verification-needed-trusty |
verification-needed-bionic verification-needed-trusty |
|
2018-08-28 20:25:48 |
Launchpad Janitor |
linux (Ubuntu): status |
Triaged |
Fix Released |
|
2018-08-28 20:25:48 |
Launchpad Janitor |
cve linked |
|
2018-9363 |
|
2018-08-29 11:04:32 |
Brad Figg |
tags |
verification-needed-bionic verification-needed-trusty |
verification-needed-bionic verification-needed-trusty verification-needed-xenial |
|
2018-09-04 17:40:47 |
David Coronel |
tags |
verification-needed-bionic verification-needed-trusty verification-needed-xenial |
verification-done-xenial verification-needed-bionic verification-needed-trusty |
|
2018-09-10 17:53:06 |
Launchpad Janitor |
linux (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2018-09-10 17:53:06 |
Launchpad Janitor |
cve linked |
|
2018-1118 |
|
2018-09-10 17:53:42 |
Launchpad Janitor |
linux (Ubuntu Trusty): status |
Fix Committed |
Fix Released |
|
2018-09-10 17:53:42 |
Launchpad Janitor |
cve linked |
|
2018-3620 |
|
2018-09-10 17:53:42 |
Launchpad Janitor |
cve linked |
|
2018-3646 |
|
2018-09-10 17:54:50 |
Launchpad Janitor |
linux (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2019-02-14 15:51:56 |
Andy Whitcroft |
tags |
verification-done-xenial verification-needed-bionic verification-needed-trusty |
kernel-fixup-verification-needed-bionic verification-done-xenial verification-needed-trusty |
|
2019-02-14 16:17:41 |
Andy Whitcroft |
tags |
kernel-fixup-verification-needed-bionic verification-done-xenial verification-needed-trusty |
kernel-fixup-verification-needed-bionic verification-done-bionic verification-done-xenial verification-needed-trusty |
|
2019-07-24 21:13:45 |
Brad Figg |
tags |
kernel-fixup-verification-needed-bionic verification-done-bionic verification-done-xenial verification-needed-trusty |
cscc kernel-fixup-verification-needed-bionic verification-done-bionic verification-done-xenial verification-needed-trusty |
|