3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on i386

Bug #1812845 reported by Po-Hsu Lin
18
This bug affects 2 people
Affects Status Importance Assigned to Milestone
ubuntu-kernel-tests
Fix Released
Undecided
Andrea Righi
linux (Ubuntu)
Fix Released
Undecided
Unassigned
Xenial
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Undecided
Unassigned
Cosmic
Fix Released
Undecided
Unassigned
Disco
Fix Released
Undecided
Unassigned

Bug Description

SRU Justification:

[Impact]

 * Parity page in btrfs raid56 is incorrectly unmapped, allowing to easily trigger a reference counter bug on i386 causing a kernel panic

 * The fix unmaps the right rbio pages and adds the proper kunmap() call for the parity page

[Test Case]

 * create a raid5 btrfs filesystem:
   # mkfs.btrfs -m raid5 -d raid5 /dev/sdb /dev/sdc /dev/sdd /dev/sde

 * mount it:
   # mount /dev/sdb /mnt

 * run btrfs scrub in a loop:
   # while :; do btrfs scrub start -BR /mnt; done

[Fix]

 * https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3897b6f0a859288c22fb793fad11ec2327e60fcd

kunmap(p_page) was completely left out, so we never
did an unmap for the p_page and the loop unmapping the rbio page was
iterating over the wrong number of stripes: unmapping should be done
with nr_data instead of rbio->real_stripes.

[Regression Potential]

 * This is an upstream fix, tested on the affected platform. The bug is affecting only btrfs raid5/6 users on architectures where kunamp() is not a no-op (like i386). It is also a very small patch, so backport changes are minimal.

[Original bug report]

This issue was not spotted on AMD64

Reproduce rate: 100%

The following command is the key to trigger this:
    btrfs scrub start -BR $MNT

Steps:
# (Install necessary packages)
# git clone --depth=1 git://kernel.ubuntu.com/ubuntu/autotest-client-tests
# TMP=/tmp/tmp MNT=/tmp/mnt
# mkdir -p $TMP; mkdir -p $MNT
# cd autotest-client-tests/ubuntu_btrfs_kernel_fixes
# TMP=/tmp/tmp MNT=/tmp/mnt ./3b080b2564287be91605bfd1d5ee985696e61d3c.sh

Trace:
 [ 494.357824] ------------[ cut here ]------------
 [ 494.357828] kernel BUG at /build/linux-bnzN1b/linux-4.15.0/mm/highmem.c:350!
 [ 494.365079] invalid opcode: 0000 [#1] SMP
 [ 494.369205] Modules linked in: cfg80211 intel_powerclamp ipmi_ssif gpio_ich coretemp kvm_intel kvm ipmi_si irqbypass input_leds joydev dcdbas intel_cstate ipmi_devintf sch_fq_codel shpchp i7core_edac lpc_ich ipmi_msghandler acpi_power_meter mac_hid ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear mgag200 i2c_algo_bit ttm drm_kms_helper hid_generic syscopyarea sysfillrect usbhid sysimgblt mpt3sas fb_sys_fops drm hid raid_class bnx2 scsi_transport_sas pata_acpi wmi
 [ 494.430188] CPU: 2 PID: 2093 Comm: kworker/u16:1 Not tainted 4.15.0-43-generic #46-Ubuntu
 [ 494.438618] Hardware name: Dell Inc. PowerEdge R310/05XKKK, BIOS 1.11.0 09/18/2012
 [ 494.446494] Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
 [ 494.453657] EIP: kunmap_high+0xaa/0xb0
 [ 494.457571] EFLAGS: 00010246 CPU: 2
 [ 494.461229] EAX: 00000115 EBX: fffff000 ECX: 00000001 EDX: 00000000
 [ 494.467840] ESI: 00000004 EDI: 00000004 EBP: f4883e44 ESP: f4883e40
 [ 494.474264] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
 [ 494.479931] CR0: 80050033 CR2: 005885e0 CR3: 0fe16000 CR4: 000006f0
 [ 494.486353] Call Trace:
 [ 494.488967] kunmap+0x3e/0x50
 [ 494.492140] finish_parity_scrub+0x24d/0x570 [btrfs]
 [ 494.497226] ? update_load_avg+0x64f/0x830
 [ 494.501528] validate_rbio_for_parity_scrub+0xc2/0xd0 [btrfs]
 [ 494.507527] raid56_parity_scrub_end_io+0x53/0x70 [btrfs]
 [ 494.513058] bio_endio+0xb9/0x110
 [ 494.516574] ? end_workqueue_fn+0x2c/0x40 [btrfs]
 [ 494.521435] end_workqueue_fn+0x33/0x40 [btrfs]
 [ 494.526139] normal_work_helper+0x7d/0x2f0 [btrfs]
 [ 494.531087] btrfs_endio_raid56_helper+0x10/0x20 [btrfs]
 [ 494.536621] process_one_work+0x1b9/0x3d0
 [ 494.540799] worker_thread+0x37/0x420
 [ 494.544628] kthread+0xf0/0x110
 [ 494.547931] ? process_one_work+0x3d0/0x3d0
 [ 494.552282] ? kthread_create_worker_on_cpu+0x20/0x20
 [ 494.557488] ? kthread_create_worker_on_cpu+0x20/0x20
 [ 494.562701] ret_from_fork+0x2e/0x38
 [ 494.566441] Code: 2d ee ff 58 8b 5d fc c9 c3 90 8d b4 26 00 00 00 00 a1 80 d1 c4 cf 31 c9 3d 80 d1 c4 cf 0f 95 c1 eb bc 8d b4 26 00 00 00 00 0f 0b <0f> 0b 8d 74 26 00 66 66 66 66 90 55 89 e5 56 53 31 db e8 1f ef
 [ 494.585751] EIP: kunmap_high+0xaa/0xb0 SS:ESP: 0068:f4883e40
 [ 494.591688] ---[ end trace 5e6d708abb85eeba ]---

Follow up with CPU soft lockup.

Please find the attachment for the complete log.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: linux-image-4.15.0-43-generic 4.15.0-43.46
ProcVersionSignature: User Name 4.15.0-43.46-generic 4.15.18
Uname: Linux 4.15.0-43-generic i686
AlsaDevices:
 total 0
 crw-rw---- 1 root audio 116, 1 Jan 22 11:54 seq
 crw-rw---- 1 root audio 116, 33 Jan 22 11:54 timer
AplayDevices: Error: [Errno 2] No such file or directory: 'aplay': 'aplay'
ApportVersion: 2.20.9-0ubuntu7.5
Architecture: i386
ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord': 'arecord'
AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1:
Date: Tue Jan 22 11:54:49 2019
IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig': 'iwconfig'
MachineType: Dell Inc. PowerEdge R310
PciMultimedia:

ProcFB: 0 mgadrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-43-generic root=UUID=6aaa11f6-d386-4c0c-b4b8-38e6c408980a ro console=ttyS0,115200n8
RelatedPackageVersions:
 linux-restricted-modules-4.15.0-43-generic N/A
 linux-backports-modules-4.15.0-43-generic N/A
 linux-firmware 1.173.3
RfKill: Error: [Errno 2] No such file or directory: 'rfkill': 'rfkill'
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 09/18/2012
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.11.0
dmi.board.name: 05XKKK
dmi.board.vendor: Dell Inc.
dmi.board.version: A05
dmi.chassis.type: 23
dmi.chassis.vendor: Dell Inc.
dmi.modalias: dmi:bvnDellInc.:bvr1.11.0:bd09/18/2012:svnDellInc.:pnPowerEdgeR310:pvr:rvnDellInc.:rn05XKKK:rvrA05:cvnDellInc.:ct23:cvr:
dmi.product.name: PowerEdge R310
dmi.sys.vendor: Dell Inc.

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Po-Hsu Lin (cypressyew) wrote : Re: 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes triggers system hang on Bionic i386

This issue could be found on Cosmic.

tags: added: cosmic
no longer affects: ubuntu-kernel-tests
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Spotted on X / D / mainline 5.0rc2 as well.

syslog for 5.0rc2:
[ 157.662397] ------------[ cut here ]------------
[ 157.662401] kernel BUG at mm/highmem.c:349!
[ 157.666725] invalid opcode: 0000 [#1] SMP PTI
[ 157.671086] CPU: 1 PID: 162 Comm: kworker/u16:4 Not tainted 5.0.0-050000rc2-generic #201901171452
[ 157.680017] Hardware name: Dell Inc. PowerEdge R310/05XKKK, BIOS 1.11.0 09/18/2012
[ 157.687684] Workqueue: btrfs-endio-raid56 btrfs_endio_raid56_helper [btrfs]
[ 157.694774] EIP: kunmap_high+0xb2/0xc0
[ 157.698661] Code: d4 8d b4 26 00 00 00 00 6a 00 b8 a0 d7 cf d9 b9 01 00 00 00 ba 03 00 00 00 e8 4a 79 ec ff 8b 5d fc 58 c9 c3 8d 74 26 00 0f 0b <0f> 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 66 66 66 66 90 55 89 e5
[ 157.717962] EAX: 000001d5 EBX: fffff000 ECX: 00000001 EDX: 00000000
[ 157.724560] ESI: 00000004 EDI: 00000004 EBP: f45dfe5c ESP: f45dfe58
[ 157.730918] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246
[ 157.737962] CR0: 80050033 CR2: 0225610c CR3: 19eca000 CR4: 000006f0
[ 157.744384] Call Trace:
[ 157.747009] kunmap+0x3e/0x50
[ 157.750192] finish_parity_scrub+0x315/0x570 [btrfs]
[ 157.755316] validate_rbio_for_parity_scrub+0xca/0xd0 [btrfs]
[ 157.761318] raid56_parity_scrub_end_io+0x53/0x70 [btrfs]
[ 157.766833] bio_endio+0xee/0x150
[ 157.770333] ? end_workqueue_fn+0x2c/0x40 [btrfs]
[ 157.775211] end_workqueue_fn+0x33/0x40 [btrfs]
[ 157.779799] normal_work_helper+0xc5/0x2e0 [btrfs]
[ 157.784868] btrfs_endio_raid56_helper+0x10/0x20 [btrfs]
[ 157.790313] process_one_work+0x1d4/0x3a0
[ 157.794479] worker_thread+0x37/0x400
[ 157.798310] kthread+0xf0/0x110
[ 157.801620] ? pwq_unbound_release_workfn+0xb0/0xb0
[ 157.806656] ? kthread_park+0x90/0x90
[ 157.810478] ret_from_fork+0x2e/0x38
[ 157.814220] Modules linked in: intel_powerclamp coretemp kvm_intel dcdbas kvm ipmi_ssif irqbypass joydev input_leds ipmi_si intel_cstate acpi_power_meter mac_hid ipmi_devintf i7core_edac ipmi_msghandler sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic gpio_ich mgag200 i2c_algo_bit ttm drm_kms_helper syscopyarea usbhid sysfillrect hid sysimgblt mpt3sas fb_sys_fops drm pata_acpi raid_class lpc_ich bnx2 scsi_transport_sas wmi
[ 157.873824] ---[ end trace f9b1fc7e1f35ab27 ]---
[ 157.887583] EIP: kunmap_high+0xb2/0xc0
[ 157.891437] Code: d4 8d b4 26 00 00 00 00 6a 00 b8 a0 d7 cf d9 b9 01 00 00 00 ba 03 00 00 00 e8 4a 79 ec ff 8b 5d fc 58 c9 c3 8d 74 26 00 0f 0b <0f> 0b 8d b4 26 00 00 00 00 8d 74 26 00 90 66 66 66 66 90 55 89 e5
[ 157.910746] EAX: 000001d5 EBX: fffff000 ECX: 00000001 EDX: 00000000
[ 157.917276] ESI: 00000004 EDI: 00000004 EBP: f45dfe5c ESP: d9ed1e5c
[ 157.923699] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 EFLAGS: 00010246
[ 157.930744] CR0: 80050033 CR2: 0225610c CR3: 19eca000 CR4: 000006f0

tags: added: disco kernel-bug-exists-upstream xenial
summary: 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
- triggers system hang on Bionic i386
+ triggers system hang on i386
Andrea Righi (arighi)
Changed in ubuntu-kernel-tests:
assignee: nobody → Andrea Righi (arighi)
Revision history for this message
Andrea Righi (arighi) wrote :

This patch seems to fix the problem for me.

See also:
https://lkml.org/lkml/2019/3/13/181

tags: added: patch
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in linux (Ubuntu Bionic):
status: New → Confirmed
Changed in linux (Ubuntu Cosmic):
status: New → Confirmed
Changed in linux (Ubuntu Xenial):
status: New → Confirmed
Po-Hsu Lin (cypressyew)
Changed in ubuntu-kernel-tests:
status: New → In Progress
Changed in linux (Ubuntu Disco):
status: Confirmed → In Progress
status: In Progress → Confirmed
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

I have the test disabled on i386, so we can still run other tests without being interrupted.
https://kernel.ubuntu.com/git/ubuntu/autotest-client-tests.git/commit/?id=47c843d9a608f212b9b1138b410151ae1e8f5b24

Will need to add this back after we got the fix applied.

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Just found that this issue for autotest-client-tests has already been addressed in 3c2347e74, so we're good, previous commit reverted. https://kernel.ubuntu.com/git/ubuntu/autotest-client-tests.git/commit/?id=e8225af0687c7cb804458fa6cd03956739f24d39

Andrea Righi (arighi)
description: updated
Andrea Righi (arighi)
description: updated
Changed in linux (Ubuntu Cosmic):
status: Confirmed → Fix Committed
Changed in linux (Ubuntu Bionic):
status: Confirmed → Fix Committed
Changed in linux (Ubuntu Disco):
status: Confirmed → Fix Committed
Changed in linux (Ubuntu Xenial):
status: Confirmed → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-cosmic' to 'verification-done-cosmic'. If the problem still exists, change the tag 'verification-needed-cosmic' to 'verification-failed-cosmic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-cosmic
tags: added: verification-needed-bionic
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-bionic' to 'verification-done-bionic'. If the problem still exists, change the tag 'verification-needed-bionic' to 'verification-failed-bionic'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-xenial
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed-xenial'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Test 3b080b2564287be91605bfd1d5ee985696e61d3c and 5fbc7c59fd22c5a6531b40b0759624b680a95e52 and have passed on X-i386 (node pepe)

tags: added: verification-done-xenial
removed: verification-needed-xenial
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (50.5 KiB)

This bug was fixed in the package linux - 5.0.0-11.12

---------------
linux (5.0.0-11.12) disco; urgency=medium

  * linux: 5.0.0-11.12 -proposed tracker (LP: #1824383)

  * hns3: PPU_PF_ABNORMAL_INT_ST over_8bd_no_fe found [error status=0x1]
    (LP: #1824194)
    - net: hns3: fix for not calculating tx bd num correctly

  * disco: unable to use iptables/enable ufw under -virtual kernel
    (LP: #1823862)
    - [Packaging] add bpfilter to linux-modules

  * Make shiftfs a module rather than built-in (LP: #1824354)
    - [Config] CONFIG_SHIFT_FS=m

  * shiftfs: chown sets untranslated ids in lower fs (LP: #1824350)
    - SAUCE: shiftfs: use translated ids when chaning lower fs attrs

  * [Hyper-V] KVP daemon fails to start on first boot of disco VM (LP: #1820063)
    - [Packaging] bind hv_kvp_daemon startup to hv_kvp device

linux (5.0.0-10.11) disco; urgency=medium

  * linux: 5.0.0-10.11 -proposed tracker (LP: #1823936)

  * Apparmor enforcement failure in lxc selftests (LP: #1823379)
    - SAUCE: apparmor: Restore Y/N in /sys for apparmor's "enabled"

  * systemd cause kernel trace "BUG: unable to handle kernel paging request at
    6db23a14" on Cosmic i386 (LP: #1813244)
    - openvswitch: fix flow actions reallocation

linux (5.0.0-9.10) disco; urgency=medium

  * linux: 5.0.0-9.10 -proposed tracker (LP: #1823228)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync git-ubuntu-log
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next/hinic: replace disable_irq_nosync/enable_irq

  * Add uid shifting overlay filesystem (shiftfs) (LP: #1823186)
    - shiftfs: uid/gid shifting bind mount
    - shiftfs: rework and extend
    - shiftfs: support some btrfs ioctls
    - [Config] enable shiftfs

  * Cannot boot or install - have to use nomodeset (LP: #1821820)
    - Revert "drm/i915/fbdev: Actually configure untiled displays"

  * Disco update: v5.0.6 upstream stable release (LP: #1823060)
    - netfilter: nf_tables: fix set double-free in abort path
    - dccp: do not use ipv6 header for ipv4 flow
    - genetlink: Fix a memory leak on error path
    - gtp: change NET_UDP_TUNNEL dependency to select
    - ipv6: make ip6_create_rt_rcu return ip6_null_entry instead of NULL
    - mac8390: Fix mmio access size probe
    - mISDN: hfcpci: Test both vendor & device ID for Digium HFC4S
    - net: aquantia: fix rx checksum offload for UDP/TCP over IPv6
    - net: datagram: fix unbounded loop in __skb_try_recv_datagram()
    - net/packet: Set __GFP_NOWARN upon allocation in alloc_pg_vec
    - net: phy: meson-gxl: fix interrupt support
    - net: rose: fix a possible stack overflow
    - net: stmmac: fix memory corruption with large MTUs
    - net-sysfs: call dev_hold if kobject_init_and_add success
    - net: usb: aqc111: Extend HWID table by QNAP device
    - packets: Always register packet sk in the same order
    - rhashtable: Still do rehash when we get EEXIST
    - sctp: get sctphdr by offset in sctp_compute_cksum
    - sctp: use memdup_user instead of vmemdup_user
    - tcp: do not use ipv6 header for ipv4 flow
    - tipc: allow servic...

Changed in linux (Ubuntu Disco):
status: Fix Committed → Fix Released
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Test 3b080b2564287be91605bfd1d5ee985696e61d3c and 5fbc7c59fd22c5a6531b40b0759624b680a95e52 and have passed on B-i386 (node pepe)

tags: added: verification-done-bionic
removed: verification-needed-bionic
Revision history for this message
Po-Hsu Lin (cypressyew) wrote :

Test 3b080b2564287be91605bfd1d5ee985696e61d3c and 5fbc7c59fd22c5a6531b40b0759624b680a95e52 and have passed on C-i386 (node pepe)

tags: added: verification-done-cosmic
removed: verification-needed-cosmic
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (15.4 KiB)

This bug was fixed in the package linux - 4.4.0-146.172

---------------
linux (4.4.0-146.172) xenial; urgency=medium

  * linux: 4.4.0-146.172 -proposed tracker (LP: #1822834)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
    triggers system hang on i386 (LP: #1812845)
    - btrfs: raid56: properly unmap parity page in finish_parity_scrub()

  * Xenial update: 4.4.177 upstream stable release (LP: #1822271)
    - ceph: avoid repeatedly adding inode to mdsc->snap_flush_list
    - numa: change get_mempolicy() to use nr_node_ids instead of MAX_NUMNODES
    - KEYS: allow reaching the keys quotas exactly
    - mfd: ti_am335x_tscadc: Use PLATFORM_DEVID_AUTO while registering mfd cells
    - mfd: twl-core: Fix section annotations on {,un}protect_pm_master
    - mfd: db8500-prcmu: Fix some section annotations
    - mfd: ab8500-core: Return zero in get_register_interruptible()
    - mfd: qcom_rpm: write fw_version to CTRL_REG
    - mfd: wm5110: Add missing ASRC rate register
    - mfd: mc13xxx: Fix a missing check of a register-read failure
    - net: hns: Fix use after free identified by SLUB debug
    - MIPS: ath79: Enable OF serial ports in the default config
    - scsi: qla4xxx: check return code of qla4xxx_copy_from_fwddb_param
    - scsi: isci: initialize shost fully before calling scsi_add_host()
    - MIPS: jazz: fix 64bit build
    - isdn: i4l: isdn_tty: Fix some concurrency double-free bugs
    - atm: he: fix sign-extension overflow on large shift
    - leds: lp5523: fix a missing check of return value of lp55xx_read
    - isdn: avm: Fix string plus integer warning from Clang
    - RDMA/srp: Rework SCSI device reset handling
    - KEYS: user: Align the payload buffer
    - KEYS: always initialize keyring_index_key::desc_len
    - batman-adv: fix uninit-value in batadv_interface_tx()
    - net/packet: fix 4gb buffer limit due to overflow check
    - team: avoid complex list operations in team_nl_cmd_options_set()
    - sit: check if IPv6 enabled before calling ip6_err_gen_icmpv6_unreach()
    - net/mlx4_en: Force CHECKSUM_NONE for short ethernet frames
    - ARCv2: Enable unaligned access in early ASM code
    - Revert "bridge: do not add port to router list when receives query with
      source 0.0.0.0"
    - libceph: handle an empty authorize reply
    - drm/msm: Unblock writer if reader closes file
    - ASoC: Intel: Haswell/Broadwell: fix setting for .dynamic field
    - ALSA: compress: prevent potential divide by zero bugs
    - thermal: int340x_thermal: Fix a NULL vs IS_ERR() check
    - usb: dwc3: gadget: Fix the uninitialized link_state when udc starts
    - usb: gadget: Potential NULL dereference on allocation error
    - ASoC: dapm: change snprintf to scnprintf for possible overflow
    - ASoC: imx-audmux: change snprintf to scnprintf for possible overflow
    - ARC: fix __ffs return value to avoid build warnings
    - mac80211: fix miscounting of ttl-dropped frames
    - serial: fsl_lpuart: fix maximum acceptable baud rate with over-sampling
    - scsi: csiostor: fix NULL pointer de...

Changed in linux (Ubuntu Xenial):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (6.9 KiB)

This bug was fixed in the package linux - 4.18.0-18.19

---------------
linux (4.18.0-18.19) cosmic; urgency=medium

  * linux: 4.18.0-18.19 -proposed tracker (LP: #1822796)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
    triggers system hang on i386 (LP: #1812845)
    - btrfs: raid56: properly unmap parity page in finish_parity_scrub()

  * [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
    - ACPI / property: Allow multiple property compatible _DSD entries
    - PCI / ACPI: Identify untrusted PCI devices
    - iommu/vt-d: Force IOMMU on for platform opt in hint
    - iommu/vt-d: Do not enable ATS for untrusted devices
    - thunderbolt: Export IOMMU based DMA protection support to userspace
    - iommu/vt-d: Disable ATS support on untrusted devices

  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next: hinic: fix a problem in free_tx_poll()
    - hinic: remove ndo_poll_controller
    - net-next/hinic: add checksum offload and TSO support
    - hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
    - net-next/hinic:replace multiply and division operators
    - net-next/hinic:add rx checksum offload for HiNIC
    - net-next/hinic:fix a bug in set mac address
    - net-next/hinic: fix a bug in rx data flow
    - net: hinic: fix null pointer dereference on pointer hwdev
    - hinic: optmize rx refill buffer mechanism
    - net-next/hinic:add shutdown callback
    - net-next/hinic: replace disable_irq_nosync/enable_irq

  * [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
    - Fonts: New Terminus large console font
    - [Config]: enable highdpi Terminus 16x32 font support

  * [19.04 FEAT] qeth: Enhanced link speed - kernel part (LP: #1814892)
    - s390/qeth: report 25Gbit link speed

  * Avoid potential memory corruption on HiSilicon SoCs (LP: #1819546)
    - iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads

  * CVE-2017-5715
    - x86/speculation: Apply IBPB more strictly to avoid cross-process data leak
    - x86/speculation: Propagate information about RSB filling mitigation to sysfs
    - x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC
      variant
    - x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support
    - x86/retpoline: Remove minimal retpoline support
    - x86/speculation: Update the TIF_SSBD comment
    - x86/speculation: Clean up spectre_v2_parse_cmdline()
    - x86/speculation: Remove unnecessary ret variable in cpu_show_common()
    - x86/speculation: Move STIPB/IBPB string conditionals out of
      cpu_show_common()
    - x86/speculation: Disable STIBP when enhanced IBRS is in use
    - x86/speculation: Rename SSBD update functions
    - x86/speculation: Reorganize speculation control MSRs update
    - sched/smt: Make sched_smt_present track topology
    - x86/Kconfig: Select SCHED_SMT if SMP enabled
    - sched/smt: Expose sched_smt_present static key
    - x86/speculation: Rework SMT state change
    - x86/l1tf: Show actual SMT state
    - x86/speculation: R...

Read more...

Changed in linux (Ubuntu Cosmic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (14.6 KiB)

This bug was fixed in the package linux - 4.15.0-48.51

---------------
linux (4.15.0-48.51) bionic; urgency=medium

  * linux: 4.15.0-48.51 -proposed tracker (LP: #1822820)

  * Packaging resync (LP: #1786013)
    - [Packaging] update helper scripts
    - [Packaging] resync retpoline extraction

  * 3b080b2564287be91605bfd1d5ee985696e61d3c in ubuntu_btrfs_kernel_fixes
    triggers system hang on i386 (LP: #1812845)
    - btrfs: raid56: properly unmap parity page in finish_parity_scrub()

  * [P9][LTCTest][Opal][FW910] cpupower monitor shows multiple stop Idle_Stats
    (LP: #1719545)
    - cpupower : Fix header name to read idle state name

  * [amdgpu] screen corruption when using touchpad (LP: #1818617)
    - drm/amdgpu/gmc: steal the appropriate amount of vram for fw hand-over (v3)
    - drm/amdgpu: Free VGA stolen memory as soon as possible.

  * [SRU][B/C/OEM]IOMMU: add kernel dma protection (LP: #1820153)
    - ACPICA: AML parser: attempt to continue loading table after error
    - ACPI / property: Allow multiple property compatible _DSD entries
    - PCI / ACPI: Identify untrusted PCI devices
    - iommu/vt-d: Force IOMMU on for platform opt in hint
    - iommu/vt-d: Do not enable ATS for untrusted devices
    - thunderbolt: Export IOMMU based DMA protection support to userspace
    - iommu/vt-d: Disable ATS support on untrusted devices

  * Add basic support to NVLink2 passthrough (LP: #1819989)
    - powerpc/powernv/npu: Do not try invalidating 32bit table when 64bit table is
      enabled
    - powerpc/powernv: call OPAL_QUIESCE before OPAL_SIGNAL_SYSTEM_RESET
    - powerpc/powernv: Export opal_check_token symbol
    - powerpc/powernv: Make possible for user to force a full ipl cec reboot
    - powerpc/powernv/idoa: Remove unnecessary pcidev from pci_dn
    - powerpc/powernv: Move npu struct from pnv_phb to pci_controller
    - powerpc/powernv/npu: Move OPAL calls away from context manipulation
    - powerpc/pseries/iommu: Use memory@ nodes in max RAM address calculation
    - powerpc/pseries/npu: Enable platform support
    - powerpc/pseries: Remove IOMMU API support for non-LPAR systems
    - powerpc/powernv/npu: Check mmio_atsd array bounds when populating
    - powerpc/powernv/npu: Fault user page into the hypervisor's pagetable

  * Huawei Hi1822 NIC has poor performance (LP: #1820187)
    - net-next: hinic: fix a problem in free_tx_poll()
    - hinic: remove ndo_poll_controller
    - net-next/hinic: add checksum offload and TSO support
    - hinic: Fix l4_type parameter in hinic_task_set_tunnel_l4
    - net-next/hinic:replace multiply and division operators
    - net-next/hinic:add rx checksum offload for HiNIC
    - net-next/hinic:fix a bug in set mac address
    - net-next/hinic: fix a bug in rx data flow
    - net: hinic: fix null pointer dereference on pointer hwdev
    - hinic: optmize rx refill buffer mechanism
    - net-next/hinic:add shutdown callback
    - net-next/hinic: replace disable_irq_nosync/enable_irq

  * [CONFIG] please enable highdpi font FONT_TER16x32 (LP: #1819881)
    - Fonts: New Terminus large console font
    - [Config]: enable highdpi Terminus 16x32 font support

  * [19.04 FEAT] qeth: Enhanced link...

Changed in linux (Ubuntu Bionic):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote : Update Released

The verification of the Stable Release Update for linux-azure has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Po-Hsu Lin (cypressyew)
Changed in ubuntu-kernel-tests:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Duplicates of this bug

Other bug subscribers