** Description changed: [Impact] Hotplugging a SATA disk into a SAS controller may trigger a NULL pointer dereference, leading to a crash: [ 2366.923208] Unable to handle kernel NULL pointer dereference at virtual address 000007b8 ... [ 2368.766334] Call trace: [ 2368.781712] [<ffffffc00065c3b0>] sas_find_dev_by_rphy+0x48/0x118 [ 2368.800394] [<ffffffc00065c4a8>] sas_target_alloc+0x28/0x98 [ 2368.817975] [<ffffffc00063e920>] scsi_alloc_target+0x248/0x308 [ 2368.835570] [<ffffffc000640080>] __scsi_add_device+0xb8/0x160 [ 2368.853034] [<ffffffc0006e52d8>] ata_scsi_scan_host+0x190/0x230 [ 2368.871614] [<ffffffc0006e54b0>] ata_scsi_hotplug+0xc8/0xe8 [ 2368.889152] [<ffffffc0000da75c>] process_one_work+0x164/0x438 [ 2368.908003] [<ffffffc0000dab74>] worker_thread+0x144/0x4b0 [ 2368.924613] [<ffffffc0000e0ffc>] kthread+0xfc/0x110 [Test Case] Unplug a SATA disk from a SAS controller and insert a new SATA disk in its place. + [Fix] + The ATA_PFLAG_SCSI_HOTPLUG flag is what causes libsas to attempt to handle hot add/remove. However, for ata devices on a SAS controller, this should be handled by libata. The solution is to not set this flag for ATA devices on a SAS controller. + [Regression Risk] The fix is a clean cherry-pick from upstream that is tagged for stable. No subsequent patches in linux-next have a "Fixes:" marker referencing this patch, suggesting no regressions have been found since its introduction.
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1768948 Title: Hotplugging a SATA disk into a SAS controller may cause crash Status in linux package in Ubuntu: In Progress Status in linux source package in Bionic: In Progress Bug description: [Impact] Hotplugging a SATA disk into a SAS controller may trigger a NULL pointer dereference, leading to a crash: [ 2366.923208] Unable to handle kernel NULL pointer dereference at virtual address 000007b8 ... [ 2368.766334] Call trace: [ 2368.781712] [<ffffffc00065c3b0>] sas_find_dev_by_rphy+0x48/0x118 [ 2368.800394] [<ffffffc00065c4a8>] sas_target_alloc+0x28/0x98 [ 2368.817975] [<ffffffc00063e920>] scsi_alloc_target+0x248/0x308 [ 2368.835570] [<ffffffc000640080>] __scsi_add_device+0xb8/0x160 [ 2368.853034] [<ffffffc0006e52d8>] ata_scsi_scan_host+0x190/0x230 [ 2368.871614] [<ffffffc0006e54b0>] ata_scsi_hotplug+0xc8/0xe8 [ 2368.889152] [<ffffffc0000da75c>] process_one_work+0x164/0x438 [ 2368.908003] [<ffffffc0000dab74>] worker_thread+0x144/0x4b0 [ 2368.924613] [<ffffffc0000e0ffc>] kthread+0xfc/0x110 [Test Case] Unplug a SATA disk from a SAS controller and insert a new SATA disk in its place. [Fix] The ATA_PFLAG_SCSI_HOTPLUG flag is what causes libsas to attempt to handle hot add/remove. However, for ata devices on a SAS controller, this should be handled by libata. The solution is to not set this flag for ATA devices on a SAS controller. [Regression Risk] The fix is a clean cherry-pick from upstream that is tagged for stable. No subsequent patches in linux-next have a "Fixes:" marker referencing this patch, suggesting no regressions have been found since its introduction. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1768948/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
