[Kernel-packages] [Bug 1788432] Re: 4.15 s390x kernel BUG at /build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!

Wed, 24 Apr 2019 01:43:33 -0700 

** Changed in: ubuntu-z-systems
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1788432

Title:
  4.15 s390x kernel BUG at /build/linux-
  Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!

Status in Ubuntu on IBM z Systems:
  Fix Released
Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  Fix Released
Status in linux source package in Cosmic:
  Fix Released

Bug description:
  [SRU Justification]

  == Impact ==
  Several helper functions in the s390x code which handle accessing sysfs 
attributes were missing protection against races. Concurrent access would be 
able to trigger kernel bugs.

  == Fix ==
  The following two upstream commits (from v5.0 upstream) will fix the issue:

  78b1a52e05c9 virtio/s390: fix race in ccw_io_helper()
  2448a299ec41 virtio/s390: avoid race on vcdev->config

  == Testcase ==
  see below

  == Risk of Regression ==
  Changes are isolated to architecture code and are verified by running the 
stress testing, so overall should be low.


  uname -a
  Linux ckingvm1 4.15.0-33-generic #36-Ubuntu SMP Wed Aug 15 13:42:17 UTC 2018 
s390x s390x s390x GNU/Linux

  and same for 4.15.0-29-generic and 4.17.0-8-generic

  Steps to reproduce this bug:

  git clone git://kernel.ubuntu.com/cking/stress-ng
  cd stress-ng
  make clean
  make

  And run with:

  ./stress-ng --sysfs 0 -t 60

  .. wait a few seconds and then:

  [  119.445891] ------------[ cut here ]------------
  [  119.445898] kernel BUG at 
/build/linux-Gycr4Z/linux-4.15.0/drivers/block/virtio_blk.c:565!
  [  119.446093] illegal operation: 0001 ilc:1 [#3] SMP
  [  119.446100] Modules linked in: binfmt_misc zfs(PO) zunicode(PO) zavl(PO) 
icp(PO) isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 
des_generic vfio_ccw sha512_s390 sha256_s390 vfio_mdev sha1_s390 sha_common 
mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm ib_core 
iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi nfsd auth_rpcgss nfs_acl 
lockd grace sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate raid10 
raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq 
libcrc32c raid1 raid0 linear virtio_net crc32_vx_s390 virtio_blk
  [  119.446166] CPU: 1 PID: 5420 Comm: stress-ng-sysfs Tainted: P      D    O  
   4.15.0-33-generic #36-Ubuntu
  [  119.446168] Hardware name: IBM 2964 N63 400 (KVM/Linux)
  [  119.446170] Krnl PSW : 0000000012d313d3 00000000405835bc 
(virtblk_cache_type_show+0x82/0x88 [virtio_blk])
  [  119.446177]            R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 
RI:0 EA:3
  [  119.446194] Krnl GPRS: de6dc5c2779af7d7 000000007ffaba20 0000000000000040 
0000000000006545
  [  119.446196]            000003ff800058da 0000000000006546 000000006bf537c0 
000000006b60a100
  [  119.446198]            0000000000000000 0000000000690648 000000007cc3de40 
000000007a74b000
  [  119.446202]            000003ff80008210 0000000000000000 000003ff800058da 
000000007ac1bce8
  [  119.446210] Krnl Code: 000003ff80005912: ebbff0a80004      lmg     
%r11,%r15,168(%r15)
  [  119.446210]            000003ff80005918: c0f400000560      brcl    
15,3ff800063d8
  [  119.446210]           #000003ff8000591e: a7f40001          brc     
15,3ff80005920
  [  119.446210]           >000003ff80005922: 0707              bcr     0,%r7
  [  119.446210]            000003ff80005924: 0707              bcr     0,%r7
  [  119.446210]            000003ff80005926: 0707              bcr     0,%r7
  [  119.446210]            000003ff80005928: c00400000000      brcl    
0,3ff80005928
  [  119.446210]            000003ff8000592e: eb6ff0480024      stmg    
%r6,%r15,72(%r15)
  [  119.446226] Call Trace:
  [  119.446229] ([<000003ff800058da>] virtblk_cache_type_show+0x3a/0x88 
[virtio_blk])
  [  119.446234]  [<0000000000690684>] dev_attr_show+0x3c/0x80
  [  119.446240]  [<0000000000424ab4>] sysfs_kf_seq_show+0xbc/0x1a8
  [  119.446259]  [<00000000003b048c>] seq_read+0xec/0x4c8
  [  119.446262]  [<00000000003821ea>] vfs_read+0x8a/0x150
  [  119.446274]  [<0000000000382786>] SyS_read+0x66/0xe0
  [  119.446278]  [<00000000008e3028>] system_call+0xdc/0x2c8
  [  119.446279] Last Breaking-Event-Address:
  [  119.446281]  [<000003ff8000591e>] virtblk_cache_type_show+0x7e/0x88 
[virtio_blk]
  [  119.446283]
  [  119.446284] ---[ end trace 2c2403d726047e4a ]---

  For  4.17.0-8-generic:
  [   25.170715] kernel BUG at drivers/block/virtio_blk.c:574!
  [   25.170795] illegal operation: 0001 ilc:1 [#1] SMP
  [   25.170797] Modules linked in: lttng_statedump(OE) lttng_clock(OE) 
lttng_lib_ring_buffer(OE) binfmt_misc zfs(PO) zunicode(PO) zavl(PO) icp(PO) 
isofs zcommon(PO) znvpair(PO) spl(O) ghash_s390 prng aes_s390 des_s390 
des_generic sha512_s390 sha256_s390 sha1_s390 sha_common vfio_ccw vfio_mdev 
mdev vfio_iommu_type1 vfio sch_fq_codel ib_iser rdma_cm iw_cm ib_cm nfsd 
ib_core auth_rpcgss iscsi_tcp nfs_acl lockd grace libiscsi_tcp libiscsi 
scsi_transport_iscsi sunrpc ip_tables x_tables btrfs zstd_compress zlib_deflate 
raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor 
raid6_pq libcrc32c raid1 raid0 linear virtio_net virtio_blk crc32_vx_s390
  [   25.170835] CPU: 0 PID: 5590 Comm: stress-ng-sysfs Tainted: P           OE 
    4.17.0-8-generic #9-Ubuntu
  [   25.170837] Hardware name: IBM 2964 N63 400 (KVM/Linux)
  [   25.170839] Krnl PSW : 0000000005f0c968 0000000026542d57 
(virtblk_cache_type_show+0x7c/0x80 [virtio_blk])
  [   25.170846]            R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 
RI:0 EA:3
  [   25.170849] Krnl GPRS: de6dc5c209bf9e6f 000000007ff91320 0000000000000040 
0000000000000891
  [   25.170850]            0000000000000000 0000000000000892 0000000000000000 
000000007176e800
  [   25.170852]            000000006f447f00 0000000000684300 000000006f492b40 
000000006ca7a000
  [   25.170853]            000003ff80018218 000000007b5e6e40 000003ff8001561a 
000000006f447ce8
  [   25.170861] Krnl Code: 000003ff8001564c: ebbff0a80004      lmg     
%r11,%r15,168(%r15)
  [   25.170861]            000003ff80015652: c0f40000065b      brcl    
15,3ff80016308
  [   25.170861]           #000003ff80015658: a7f40001          brc     
15,3ff8001565a
  [   25.170861]           >000003ff8001565c: 0707              bcr     0,%r7
  [   25.170861]            000003ff8001565e: 0707              bcr     0,%r7
  [   25.170861]            000003ff80015660: c00400000000      brcl    
0,3ff80015660
  [   25.170861]            000003ff80015666: eb6ff0480024      stmg    
%r6,%r15,72(%r15)
  [   25.170861]            000003ff8001566c: a7f13f80          tmll    
%r15,16256
  [   25.170878] Call Trace:
  [   25.170881] ([<000003ff8001561a>] virtblk_cache_type_show+0x3a/0x80 
[virtio_blk])
  [   25.170888]  [<000000000068433c>] dev_attr_show+0x3c/0x78
  [   25.170895]  [<000000000042539c>] sysfs_kf_seq_show+0xbc/0x1a0
  [   25.170899]  [<00000000003b16b8>] seq_read+0x180/0x4f8
  [   25.170903]  [<000000000038433a>] vfs_read+0x8a/0x148
  [   25.170905]  [<0000000000384882>] ksys_read+0x62/0xd0
  [   25.170909]  [<00000000008db738>] system_call+0xdc/0x2c8
  [   25.170910] Last Breaking-Event-Address:
  [   25.170912]  [<000003ff80015658>] virtblk_cache_type_show+0x78/0x80 
[virtio_blk]
  [   25.170913]
  [   25.170914] ---[ end trace 14f89544f0f55795 ]---

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-z-systems/+bug/1788432/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to