| 2018-08-22 15:51:28 |
Colin Ian King |
bug |
|
|
added bug |
| 2018-08-22 15:51:35 |
Colin Ian King |
linux (Ubuntu): importance |
Undecided |
High |
|
| 2018-08-22 16:00:05 |
Ubuntu Kernel Bot |
linux (Ubuntu): status |
New |
Incomplete |
|
| 2018-08-22 16:00:07 |
Ubuntu Kernel Bot |
tags |
|
bionic |
|
| 2018-08-22 16:08:53 |
Joseph Salisbury |
linux (Ubuntu): status |
Incomplete |
Triaged |
|
| 2018-08-22 16:09:01 |
Joseph Salisbury |
nominated for series |
|
Ubuntu Bionic |
|
| 2018-08-22 16:09:01 |
Joseph Salisbury |
bug task added |
|
linux (Ubuntu Bionic) |
|
| 2018-08-22 16:09:06 |
Joseph Salisbury |
linux (Ubuntu Bionic): status |
New |
Triaged |
|
| 2018-08-22 16:09:09 |
Joseph Salisbury |
linux (Ubuntu Bionic): importance |
Undecided |
High |
|
| 2018-08-22 18:03:12 |
Colin Ian King |
linux (Ubuntu): assignee |
|
Colin Ian King (colin-king) |
|
| 2018-08-28 12:07:16 |
Colin Ian King |
description |
uname -a
Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 s390x s390x s390x GNU/Linux
and same for 4.15.0-29-generic and 4.17.0-8-generic
./stress-ng --sysfs 0 -t 60
.. wait a few seconds and then:
[ 119.445891] ------------[ cut here ]------------
[ 119.445898] kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
[ 119.446093] illegal operation: 0001 ilc:1 [#3] SMP
[ 119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net crc32_vx_s390 virtio_blk
[ 119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P D O 4.15.0-33-generic #36-Ubuntu
[ 119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc (virtblk_cache_type_show+0x82/0x88 [virtio_blk])
[ 119.446177] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 0000000000006545
[ 119.446196] 000003ff800058da 0000000000006546 000000006bf537c0 000000006b60a100
[ 119.446198] 0000000000000000 0000000000690648 000000007cc3de40 000000007a74b000
[ 119.446202] 000003ff80008210 0000000000000000 000003ff800058da 000000007ac1bce8
[ 119.446210] Krnl Code: 000003ff80005912: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 119.446210] 000003ff80005918: c0f400000560 brcl 15,3ff800063d8
[ 119.446210] #000003ff8000591e: a7f40001 brc 15,3ff80005920
[ 119.446210] >000003ff80005922: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005924: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005926: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005928: c00400000000 brcl 0,3ff80005928
[ 119.446210] 000003ff8000592e: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 119.446226] Call Trace:
[ 119.446229] ([<000003ff800058da>] virtblk_cache_type_show+0x3a/0x88 [virtio_blk])
[ 119.446234] [<0000000000690684>] dev_attr_show+0x3c/0x80
[ 119.446240] [<0000000000424ab4>] sysfs_kf_seq_show+0xbc/0x1a8
[ 119.446259] [<00000000003b048c>] seq_read+0xec/0x4c8
[ 119.446262] [<00000000003821ea>] vfs_read+0x8a/0x150
[ 119.446274] [<0000000000382786>] SyS_read+0x66/0xe0
[ 119.446278] [<00000000008e3028>] system_call+0xdc/0x2c8
[ 119.446279] Last Breaking-Event-Address:
[ 119.446281] [<000003ff8000591e>] virtblk_cache_type_show+0x7e/0x88 [virtio_blk]
[ 119.446283]
[ 119.446284] ---[ end trace 2c2403d726047e4a ]---
For 4.17.0-8-generic:
[ 25.170715] kernel BUG at drivers/block/virtio_blk.c:574!
[ 25.170795] illegal operation: 0001 ilc:1 [#1] SMP
[ 25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) lttng_lib_ring_buffer(OE) binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic sha512_s390 sha256_s390 sha1_s390 sha_common vfio_ccw vfio_mdev mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm nfsd ib_core auth_rpcgss iscsi_tcp nfs_acl lockd grace libiscsi_tcp libiscsi scsi_transport_iscsi sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net virtio_blk crc32_vx_s390
[ 25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P OE 4.17.0-8-generic #9-Ubuntu
[ 25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 (virtblk_cache_type_show+0x7c/0x80 [virtio_blk])
[ 25.170846] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 0000000000000891
[ 25.170850] 0000000000000000 0000000000000892 0000000000000000 000000007176e800
[ 25.170852] 000000006f447f00 0000000000684300 000000006f492b40 000000006ca7a000
[ 25.170853] 000003ff80018218 000000007b5e6e40 000003ff8001561a 000000006f447ce8
[ 25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 25.170861] 000003ff80015652: c0f40000065b brcl 15,3ff80016308
[ 25.170861] #000003ff80015658: a7f40001 brc 15,3ff8001565a
[ 25.170861] >000003ff8001565c: 0707 bcr 0,%r7
[ 25.170861] 000003ff8001565e: 0707 bcr 0,%r7
[ 25.170861] 000003ff80015660: c00400000000 brcl 0,3ff80015660
[ 25.170861] 000003ff80015666: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 25.170861] 000003ff8001566c: a7f13f80 tmll %r15,16256
[ 25.170878] Call Trace:
[ 25.170881] ([<000003ff8001561a>] virtblk_cache_type_show+0x3a/0x80 [virtio_blk])
[ 25.170888] [<000000000068433c>] dev_attr_show+0x3c/0x78
[ 25.170895] [<000000000042539c>] sysfs_kf_seq_show+0xbc/0x1a0
[ 25.170899] [<00000000003b16b8>] seq_read+0x180/0x4f8
[ 25.170903] [<000000000038433a>] vfs_read+0x8a/0x148
[ 25.170905] [<0000000000384882>] ksys_read+0x62/0xd0
[ 25.170909] [<00000000008db738>] system_call+0xdc/0x2c8
[ 25.170910] Last Breaking-Event-Address:
[ 25.170912] [<000003ff80015658>] virtblk_cache_type_show+0x78/0x80 [virtio_blk]
[ 25.170913]
[ 25.170914] ---[ end trace 14f89544f0f55795 ]--- |
uname -a
Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 s390x s390x s390x GNU/Linux
and same for 4.15.0-29-generic and 4.17.0-8-generic
Steps to reproduce this bug:
git clone git://kernel.ubuntu.com/cking/stress-ng
cd stress-ng
make clean
make
And run with:
./stress-ng --sysfs 0 -t 60
.. wait a few seconds and then:
[ 119.445891] ------------[ cut here ]------------
[ 119.445898] kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
[ 119.446093] illegal operation: 0001 ilc:1 [#3] SMP
[ 119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net crc32_vx_s390 virtio_blk
[ 119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P D O 4.15.0-33-generic #36-Ubuntu
[ 119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc (virtblk_cache_type_show+0x82/0x88 [virtio_blk])
[ 119.446177] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 0000000000006545
[ 119.446196] 000003ff800058da 0000000000006546 000000006bf537c0 000000006b60a100
[ 119.446198] 0000000000000000 0000000000690648 000000007cc3de40 000000007a74b000
[ 119.446202] 000003ff80008210 0000000000000000 000003ff800058da 000000007ac1bce8
[ 119.446210] Krnl Code: 000003ff80005912: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 119.446210] 000003ff80005918: c0f400000560 brcl 15,3ff800063d8
[ 119.446210] #000003ff8000591e: a7f40001 brc 15,3ff80005920
[ 119.446210] >000003ff80005922: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005924: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005926: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005928: c00400000000 brcl 0,3ff80005928
[ 119.446210] 000003ff8000592e: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 119.446226] Call Trace:
[ 119.446229] ([<000003ff800058da>] virtblk_cache_type_show+0x3a/0x88 [virtio_blk])
[ 119.446234] [<0000000000690684>] dev_attr_show+0x3c/0x80
[ 119.446240] [<0000000000424ab4>] sysfs_kf_seq_show+0xbc/0x1a8
[ 119.446259] [<00000000003b048c>] seq_read+0xec/0x4c8
[ 119.446262] [<00000000003821ea>] vfs_read+0x8a/0x150
[ 119.446274] [<0000000000382786>] SyS_read+0x66/0xe0
[ 119.446278] [<00000000008e3028>] system_call+0xdc/0x2c8
[ 119.446279] Last Breaking-Event-Address:
[ 119.446281] [<000003ff8000591e>] virtblk_cache_type_show+0x7e/0x88 [virtio_blk]
[ 119.446283]
[ 119.446284] ---[ end trace 2c2403d726047e4a ]---
For 4.17.0-8-generic:
[ 25.170715] kernel BUG at drivers/block/virtio_blk.c:574!
[ 25.170795] illegal operation: 0001 ilc:1 [#1] SMP
[ 25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) lttng_lib_ring_buffer(OE) binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic sha512_s390 sha256_s390 sha1_s390 sha_common vfio_ccw vfio_mdev mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm nfsd ib_core auth_rpcgss iscsi_tcp nfs_acl lockd grace libiscsi_tcp libiscsi scsi_transport_iscsi sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net virtio_blk crc32_vx_s390
[ 25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P OE 4.17.0-8-generic #9-Ubuntu
[ 25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 (virtblk_cache_type_show+0x7c/0x80 [virtio_blk])
[ 25.170846] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 0000000000000891
[ 25.170850] 0000000000000000 0000000000000892 0000000000000000 000000007176e800
[ 25.170852] 000000006f447f00 0000000000684300 000000006f492b40 000000006ca7a000
[ 25.170853] 000003ff80018218 000000007b5e6e40 000003ff8001561a 000000006f447ce8
[ 25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 25.170861] 000003ff80015652: c0f40000065b brcl 15,3ff80016308
[ 25.170861] #000003ff80015658: a7f40001 brc 15,3ff8001565a
[ 25.170861] >000003ff8001565c: 0707 bcr 0,%r7
[ 25.170861] 000003ff8001565e: 0707 bcr 0,%r7
[ 25.170861] 000003ff80015660: c00400000000 brcl 0,3ff80015660
[ 25.170861] 000003ff80015666: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 25.170861] 000003ff8001566c: a7f13f80 tmll %r15,16256
[ 25.170878] Call Trace:
[ 25.170881] ([<000003ff8001561a>] virtblk_cache_type_show+0x3a/0x80 [virtio_blk])
[ 25.170888] [<000000000068433c>] dev_attr_show+0x3c/0x78
[ 25.170895] [<000000000042539c>] sysfs_kf_seq_show+0xbc/0x1a0
[ 25.170899] [<00000000003b16b8>] seq_read+0x180/0x4f8
[ 25.170903] [<000000000038433a>] vfs_read+0x8a/0x148
[ 25.170905] [<0000000000384882>] ksys_read+0x62/0xd0
[ 25.170909] [<00000000008db738>] system_call+0xdc/0x2c8
[ 25.170910] Last Breaking-Event-Address:
[ 25.170912] [<000003ff80015658>] virtblk_cache_type_show+0x78/0x80 [virtio_blk]
[ 25.170913]
[ 25.170914] ---[ end trace 14f89544f0f55795 ]--- |
|
| 2018-08-28 12:22:34 |
Frank Heimes |
bug task added |
|
ubuntu-z-systems |
|
| 2018-08-28 12:22:42 |
Frank Heimes |
ubuntu-z-systems: status |
New |
Triaged |
|
| 2018-08-28 12:22:55 |
Frank Heimes |
ubuntu-z-systems: assignee |
|
bugproxy (bugproxy) |
|
| 2018-08-28 12:24:23 |
Frank Heimes |
tags |
bionic |
bionic reverse-proxy-bugzilla s390x |
|
| 2018-08-28 19:03:42 |
bugproxy |
tags |
bionic reverse-proxy-bugzilla s390x |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 |
|
| 2018-10-25 10:17:26 |
Frank Heimes |
linux (Ubuntu Bionic): status |
Triaged |
In Progress |
|
| 2018-10-25 10:17:30 |
Frank Heimes |
linux (Ubuntu): status |
Triaged |
In Progress |
|
| 2018-10-25 10:17:34 |
Frank Heimes |
ubuntu-z-systems: status |
Triaged |
In Progress |
|
| 2019-03-06 13:01:30 |
Frank Heimes |
linux (Ubuntu): status |
In Progress |
Fix Committed |
|
| 2019-03-19 14:47:50 |
Stefan Bader |
linux (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2019-03-19 14:48:23 |
Stefan Bader |
nominated for series |
|
Ubuntu Cosmic |
|
| 2019-03-19 14:48:23 |
Stefan Bader |
bug task added |
|
linux (Ubuntu Cosmic) |
|
| 2019-03-19 14:49:10 |
Stefan Bader |
linux (Ubuntu Cosmic): importance |
Undecided |
High |
|
| 2019-03-19 14:49:10 |
Stefan Bader |
linux (Ubuntu Cosmic): status |
New |
Triaged |
|
| 2019-03-19 15:14:58 |
Stefan Bader |
description |
uname -a
Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 s390x s390x s390x GNU/Linux
and same for 4.15.0-29-generic and 4.17.0-8-generic
Steps to reproduce this bug:
git clone git://kernel.ubuntu.com/cking/stress-ng
cd stress-ng
make clean
make
And run with:
./stress-ng --sysfs 0 -t 60
.. wait a few seconds and then:
[ 119.445891] ------------[ cut here ]------------
[ 119.445898] kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
[ 119.446093] illegal operation: 0001 ilc:1 [#3] SMP
[ 119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net crc32_vx_s390 virtio_blk
[ 119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P D O 4.15.0-33-generic #36-Ubuntu
[ 119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc (virtblk_cache_type_show+0x82/0x88 [virtio_blk])
[ 119.446177] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 0000000000006545
[ 119.446196] 000003ff800058da 0000000000006546 000000006bf537c0 000000006b60a100
[ 119.446198] 0000000000000000 0000000000690648 000000007cc3de40 000000007a74b000
[ 119.446202] 000003ff80008210 0000000000000000 000003ff800058da 000000007ac1bce8
[ 119.446210] Krnl Code: 000003ff80005912: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 119.446210] 000003ff80005918: c0f400000560 brcl 15,3ff800063d8
[ 119.446210] #000003ff8000591e: a7f40001 brc 15,3ff80005920
[ 119.446210] >000003ff80005922: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005924: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005926: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005928: c00400000000 brcl 0,3ff80005928
[ 119.446210] 000003ff8000592e: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 119.446226] Call Trace:
[ 119.446229] ([<000003ff800058da>] virtblk_cache_type_show+0x3a/0x88 [virtio_blk])
[ 119.446234] [<0000000000690684>] dev_attr_show+0x3c/0x80
[ 119.446240] [<0000000000424ab4>] sysfs_kf_seq_show+0xbc/0x1a8
[ 119.446259] [<00000000003b048c>] seq_read+0xec/0x4c8
[ 119.446262] [<00000000003821ea>] vfs_read+0x8a/0x150
[ 119.446274] [<0000000000382786>] SyS_read+0x66/0xe0
[ 119.446278] [<00000000008e3028>] system_call+0xdc/0x2c8
[ 119.446279] Last Breaking-Event-Address:
[ 119.446281] [<000003ff8000591e>] virtblk_cache_type_show+0x7e/0x88 [virtio_blk]
[ 119.446283]
[ 119.446284] ---[ end trace 2c2403d726047e4a ]---
For 4.17.0-8-generic:
[ 25.170715] kernel BUG at drivers/block/virtio_blk.c:574!
[ 25.170795] illegal operation: 0001 ilc:1 [#1] SMP
[ 25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) lttng_lib_ring_buffer(OE) binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic sha512_s390 sha256_s390 sha1_s390 sha_common vfio_ccw vfio_mdev mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm nfsd ib_core auth_rpcgss iscsi_tcp nfs_acl lockd grace libiscsi_tcp libiscsi scsi_transport_iscsi sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net virtio_blk crc32_vx_s390
[ 25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P OE 4.17.0-8-generic #9-Ubuntu
[ 25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 (virtblk_cache_type_show+0x7c/0x80 [virtio_blk])
[ 25.170846] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 0000000000000891
[ 25.170850] 0000000000000000 0000000000000892 0000000000000000 000000007176e800
[ 25.170852] 000000006f447f00 0000000000684300 000000006f492b40 000000006ca7a000
[ 25.170853] 000003ff80018218 000000007b5e6e40 000003ff8001561a 000000006f447ce8
[ 25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 25.170861] 000003ff80015652: c0f40000065b brcl 15,3ff80016308
[ 25.170861] #000003ff80015658: a7f40001 brc 15,3ff8001565a
[ 25.170861] >000003ff8001565c: 0707 bcr 0,%r7
[ 25.170861] 000003ff8001565e: 0707 bcr 0,%r7
[ 25.170861] 000003ff80015660: c00400000000 brcl 0,3ff80015660
[ 25.170861] 000003ff80015666: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 25.170861] 000003ff8001566c: a7f13f80 tmll %r15,16256
[ 25.170878] Call Trace:
[ 25.170881] ([<000003ff8001561a>] virtblk_cache_type_show+0x3a/0x80 [virtio_blk])
[ 25.170888] [<000000000068433c>] dev_attr_show+0x3c/0x78
[ 25.170895] [<000000000042539c>] sysfs_kf_seq_show+0xbc/0x1a0
[ 25.170899] [<00000000003b16b8>] seq_read+0x180/0x4f8
[ 25.170903] [<000000000038433a>] vfs_read+0x8a/0x148
[ 25.170905] [<0000000000384882>] ksys_read+0x62/0xd0
[ 25.170909] [<00000000008db738>] system_call+0xdc/0x2c8
[ 25.170910] Last Breaking-Event-Address:
[ 25.170912] [<000003ff80015658>] virtblk_cache_type_show+0x78/0x80 [virtio_blk]
[ 25.170913]
[ 25.170914] ---[ end trace 14f89544f0f55795 ]--- |
[SRU Justification]
== Impact ==
Several helper functions in the s390x code which handle accessing sysfs attributes were missing protection against races. Concurrent access would be able to trigger kernel bugs.
== Fix ==
The following two upstream commits (from v5.0 upstream) will fix the issue:
78b1a52e05c9 virtio/s390: fix race in ccw_io_helper()
2448a299ec41 virtio/s390: avoid race on vcdev->config
== Testcase ==
see below
== Risk of Regression ==
Changes are isolated to architecture code and are verified by running the stress testing, so overall should be low.
uname -a
Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 s390x s390x s390x GNU/Linux
and same for 4.15.0-29-generic and 4.17.0-8-generic
Steps to reproduce this bug:
git clone git://kernel.ubuntu.com/cking/stress-ng
cd stress-ng
make clean
make
And run with:
./stress-ng --sysfs 0 -t 60
.. wait a few seconds and then:
[ 119.445891] ------------[ cut here ]------------
[ 119.445898] kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
[ 119.446093] illegal operation: 0001 ilc:1 [#3] SMP
[ 119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net crc32_vx_s390 virtio_blk
[ 119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P D O 4.15.0-33-generic #36-Ubuntu
[ 119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc (virtblk_cache_type_show+0x82/0x88 [virtio_blk])
[ 119.446177] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 0000000000006545
[ 119.446196] 000003ff800058da 0000000000006546 000000006bf537c0 000000006b60a100
[ 119.446198] 0000000000000000 0000000000690648 000000007cc3de40 000000007a74b000
[ 119.446202] 000003ff80008210 0000000000000000 000003ff800058da 000000007ac1bce8
[ 119.446210] Krnl Code: 000003ff80005912: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 119.446210] 000003ff80005918: c0f400000560 brcl 15,3ff800063d8
[ 119.446210] #000003ff8000591e: a7f40001 brc 15,3ff80005920
[ 119.446210] >000003ff80005922: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005924: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005926: 0707 bcr 0,%r7
[ 119.446210] 000003ff80005928: c00400000000 brcl 0,3ff80005928
[ 119.446210] 000003ff8000592e: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 119.446226] Call Trace:
[ 119.446229] ([<000003ff800058da>] virtblk_cache_type_show+0x3a/0x88 [virtio_blk])
[ 119.446234] [<0000000000690684>] dev_attr_show+0x3c/0x80
[ 119.446240] [<0000000000424ab4>] sysfs_kf_seq_show+0xbc/0x1a8
[ 119.446259] [<00000000003b048c>] seq_read+0xec/0x4c8
[ 119.446262] [<00000000003821ea>] vfs_read+0x8a/0x150
[ 119.446274] [<0000000000382786>] SyS_read+0x66/0xe0
[ 119.446278] [<00000000008e3028>] system_call+0xdc/0x2c8
[ 119.446279] Last Breaking-Event-Address:
[ 119.446281] [<000003ff8000591e>] virtblk_cache_type_show+0x7e/0x88 [virtio_blk]
[ 119.446283]
[ 119.446284] ---[ end trace 2c2403d726047e4a ]---
For 4.17.0-8-generic:
[ 25.170715] kernel BUG at drivers/block/virtio_blk.c:574!
[ 25.170795] illegal operation: 0001 ilc:1 [#1] SMP
[ 25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) lttng_lib_ring_buffer(OE) binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 des_generic sha512_s390 sha256_s390 sha1_s390 sha_common vfio_ccw vfio_mdev mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm nfsd ib_core auth_rpcgss iscsi_tcp nfs_acl lockd grace libiscsi_tcp libiscsi scsi_transport_iscsi sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 linear virtio_net virtio_blk crc32_vx_s390
[ 25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P OE 4.17.0-8-generic #9-Ubuntu
[ 25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
[ 25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 (virtblk_cache_type_show+0x7c/0x80 [virtio_blk])
[ 25.170846] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3
[ 25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 0000000000000891
[ 25.170850] 0000000000000000 0000000000000892 0000000000000000 000000007176e800
[ 25.170852] 000000006f447f00 0000000000684300 000000006f492b40 000000006ca7a000
[ 25.170853] 000003ff80018218 000000007b5e6e40 000003ff8001561a 000000006f447ce8
[ 25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004 lmg %r11,%r15,168(%r15)
[ 25.170861] 000003ff80015652: c0f40000065b brcl 15,3ff80016308
[ 25.170861] #000003ff80015658: a7f40001 brc 15,3ff8001565a
[ 25.170861] >000003ff8001565c: 0707 bcr 0,%r7
[ 25.170861] 000003ff8001565e: 0707 bcr 0,%r7
[ 25.170861] 000003ff80015660: c00400000000 brcl 0,3ff80015660
[ 25.170861] 000003ff80015666: eb6ff0480024 stmg %r6,%r15,72(%r15)
[ 25.170861] 000003ff8001566c: a7f13f80 tmll %r15,16256
[ 25.170878] Call Trace:
[ 25.170881] ([<000003ff8001561a>] virtblk_cache_type_show+0x3a/0x80 [virtio_blk])
[ 25.170888] [<000000000068433c>] dev_attr_show+0x3c/0x78
[ 25.170895] [<000000000042539c>] sysfs_kf_seq_show+0xbc/0x1a0
[ 25.170899] [<00000000003b16b8>] seq_read+0x180/0x4f8
[ 25.170903] [<000000000038433a>] vfs_read+0x8a/0x148
[ 25.170905] [<0000000000384882>] ksys_read+0x62/0xd0
[ 25.170909] [<00000000008db738>] system_call+0xdc/0x2c8
[ 25.170910] Last Breaking-Event-Address:
[ 25.170912] [<000003ff80015658>] virtblk_cache_type_show+0x78/0x80 [virtio_blk]
[ 25.170913]
[ 25.170914] ---[ end trace 14f89544f0f55795 ]--- |
|
| 2019-03-19 15:15:24 |
Stefan Bader |
linux (Ubuntu Bionic): assignee |
|
Stefan Bader (smb) |
|
| 2019-03-19 15:15:47 |
Stefan Bader |
linux (Ubuntu Cosmic): status |
Triaged |
In Progress |
|
| 2019-03-19 15:15:47 |
Stefan Bader |
linux (Ubuntu Cosmic): assignee |
|
Stefan Bader (smb) |
|
| 2019-03-25 06:18:09 |
Khaled El Mously |
linux (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2019-03-25 06:18:13 |
Khaled El Mously |
linux (Ubuntu Cosmic): status |
In Progress |
Fix Committed |
|
| 2019-03-25 06:48:28 |
Frank Heimes |
ubuntu-z-systems: status |
In Progress |
Fix Committed |
|
| 2019-04-04 18:02:22 |
Ubuntu Kernel Bot |
tags |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-needed-cosmic |
|
| 2019-04-04 18:04:40 |
Ubuntu Kernel Bot |
tags |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-needed-cosmic |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-needed-bionic verification-needed-cosmic |
|
| 2019-04-05 13:39:18 |
Frank Heimes |
tags |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-needed-bionic verification-needed-cosmic |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-done verification-done-bionic verification-done-cosmic |
|
| 2019-04-23 21:35:02 |
Launchpad Janitor |
linux (Ubuntu Cosmic): status |
Fix Committed |
Fix Released |
|
| 2019-04-23 21:35:02 |
Launchpad Janitor |
cve linked |
|
2017-5715 |
|
| 2019-04-24 07:39:21 |
Launchpad Janitor |
linux (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2019-04-24 07:39:21 |
Launchpad Janitor |
cve linked |
|
2017-5754 |
|
| 2019-04-24 07:39:21 |
Launchpad Janitor |
cve linked |
|
2018-3639 |
|
| 2019-04-24 08:33:21 |
Frank Heimes |
ubuntu-z-systems: status |
Fix Committed |
Fix Released |
|
| 2019-07-24 20:23:24 |
Brad Figg |
tags |
architecture-s39064 bionic bugnameltc-170918 reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-done verification-done-bionic verification-done-cosmic |
architecture-s39064 bionic bugnameltc-170918 cscc reverse-proxy-bugzilla s390x severity-high targetmilestone-inin1804 verification-done verification-done-bionic verification-done-cosmic |
|
