[Kernel-packages] [Bug 1626737] Re: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops
I didn't find a simpler reproducer on the CLI, and the systemd test now does not call rmmod any more, so there's no handle on this any more. ** Changed in: linux (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1626737 Title: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops Status in linux package in Ubuntu: Invalid Status in systemd package in Ubuntu: Fix Released Bug description: Since upgrading to 4.8.0-14, the "storage" autopkgtest of systemd is broken. This uses scsi_debug to get a test hard drive, which is reset between the test through unloading/reloading the module. This has worked fine so far (and still works on amd64/i386), but now regularly triggers a kernel oops: [ 161.120362] Unable to handle kernel paging request for data at address 0x [ 161.120468] Faulting instruction address: 0xc0538ecc [ 161.120517] Oops: Kernel access of bad area, sig: 11 [#1] [ 161.120555] SMP NR_CPUS=2048 NUMA pSeries [ 161.120595] Modules linked in: dm_crypt dm_mod xts algif_skcipher af_alg sd_mod sg xt_TCPMSS xt_tcpudp iptable_mangle ghash_generic gf128mul vmx_crypto virtio_balloon ip_tables x_tables autofs4 ext4 crc16 jbd2 fscrypto mbcache crc32c_generic btrfs xor raid6_pq ohci_pci ehci_pci ohci_hcd virtio_blk virtio_net ehci_hcd usbcore crc32c_vpmsum usb_common virtio_pci virtio_ring virtio [last unloaded: scsi_debug] [ 161.121016] CPU: 0 PID: 5473 Comm: rmmod Not tainted 4.8.0-15-generic #16-Ubuntu [ 161.121067] task: c0005ae51980 task.stack: c0005ef58000 [ 161.121110] NIP: c0538ecc LR: c0538ee0 CTR: c00f7250 [ 161.121162] REGS: c0005ef5b9f0 TRAP: 0300 Not tainted (4.8.0-15-generic) [ 161.121213] MSR: 80010280b033CR: 28002444 XER: 2000 [ 161.121390] CFAR: c009a8e0 DAR: DSISR: 4000 SOFTE: 1 GPR00: c0538e98 c0005ef5bc70 c0f67b00 GPR04: d1302018 0002 c10d7b00 GPR08: c0fa7b00 0063 0073 0004 GPR12: 28002844 cfb8 GPR16: 0100331f11f0 384b3890 384b3848 GPR20: 384b3830 384b3870 384b38a8 384b3888 GPR24: 3fffd23d6e70 c0ebdec8 fffe d1302018 GPR28: c0ebdeb8 [ 161.122099] NIP [c0538ecc] ddebug_remove_module+0x8c/0x160 [ 161.122143] LR [c0538ee0] ddebug_remove_module+0xa0/0x160 [ 161.122186] Call Trace: [ 161.122205] [c0005ef5bc70] [c0538e98] ddebug_remove_module+0x58/0x160 (unreliable) [ 161.122280] [c0005ef5bd10] [c018961c] free_module+0x21c/0x3c0 [ 161.122333] [c0005ef5bd60] [c0189a38] SyS_delete_module+0x278/0x2f0 [ 161.122394] [c0005ef5be30] [c00095e0] system_call+0x38/0x108 [ 161.122445] Instruction dump: [ 161.122472] 3d42fff5 e92a63b8 7fa9e000 7d3d4b78 ebe9 419e00bc 7d3e4b78 3b40fffe [ 161.122561] 4818 7fbfe000 7ffdfb78 7ffefb78 419e0060 e87e0010 7f64db78 [ 161.122651] ---[ end trace 5f19b96c7077a0e0 ]--- This isn't reproducible by merely loading and unloading the module, it apparently needs to get some actual exercise. I'll find a simpler reproducer than running the systemd test tomorrow morning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626737/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1626737] Re: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops
This bug was fixed in the package systemd - 231-9 --- systemd (231-9) unstable; urgency=medium * pid1: process zero-length notification messages again. Just remove the assertion, the "n" value was not used anyway. This fixes a local DoS due to unprocessed/unclosed fds which got introduced by the previous fix. (Closes: #839171) (LP: #1628687) * pid1: Robustify manager_dispatch_notify_fd() * test/networkd-test.py: Add missing writeConfig() helper function. -- Martin PittThu, 29 Sep 2016 23:39:24 +0200 ** Changed in: systemd (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1626737 Title: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops Status in linux package in Ubuntu: Confirmed Status in systemd package in Ubuntu: Fix Released Bug description: Since upgrading to 4.8.0-14, the "storage" autopkgtest of systemd is broken. This uses scsi_debug to get a test hard drive, which is reset between the test through unloading/reloading the module. This has worked fine so far (and still works on amd64/i386), but now regularly triggers a kernel oops: [ 161.120362] Unable to handle kernel paging request for data at address 0x [ 161.120468] Faulting instruction address: 0xc0538ecc [ 161.120517] Oops: Kernel access of bad area, sig: 11 [#1] [ 161.120555] SMP NR_CPUS=2048 NUMA pSeries [ 161.120595] Modules linked in: dm_crypt dm_mod xts algif_skcipher af_alg sd_mod sg xt_TCPMSS xt_tcpudp iptable_mangle ghash_generic gf128mul vmx_crypto virtio_balloon ip_tables x_tables autofs4 ext4 crc16 jbd2 fscrypto mbcache crc32c_generic btrfs xor raid6_pq ohci_pci ehci_pci ohci_hcd virtio_blk virtio_net ehci_hcd usbcore crc32c_vpmsum usb_common virtio_pci virtio_ring virtio [last unloaded: scsi_debug] [ 161.121016] CPU: 0 PID: 5473 Comm: rmmod Not tainted 4.8.0-15-generic #16-Ubuntu [ 161.121067] task: c0005ae51980 task.stack: c0005ef58000 [ 161.121110] NIP: c0538ecc LR: c0538ee0 CTR: c00f7250 [ 161.121162] REGS: c0005ef5b9f0 TRAP: 0300 Not tainted (4.8.0-15-generic) [ 161.121213] MSR: 80010280b033 CR: 28002444 XER: 2000 [ 161.121390] CFAR: c009a8e0 DAR: DSISR: 4000 SOFTE: 1 GPR00: c0538e98 c0005ef5bc70 c0f67b00 GPR04: d1302018 0002 c10d7b00 GPR08: c0fa7b00 0063 0073 0004 GPR12: 28002844 cfb8 GPR16: 0100331f11f0 384b3890 384b3848 GPR20: 384b3830 384b3870 384b38a8 384b3888 GPR24: 3fffd23d6e70 c0ebdec8 fffe d1302018 GPR28: c0ebdeb8 [ 161.122099] NIP [c0538ecc] ddebug_remove_module+0x8c/0x160 [ 161.122143] LR [c0538ee0] ddebug_remove_module+0xa0/0x160 [ 161.122186] Call Trace: [ 161.122205] [c0005ef5bc70] [c0538e98] ddebug_remove_module+0x58/0x160 (unreliable) [ 161.122280] [c0005ef5bd10] [c018961c] free_module+0x21c/0x3c0 [ 161.122333] [c0005ef5bd60] [c0189a38] SyS_delete_module+0x278/0x2f0 [ 161.122394] [c0005ef5be30] [c00095e0] system_call+0x38/0x108 [ 161.122445] Instruction dump: [ 161.122472] 3d42fff5 e92a63b8 7fa9e000 7d3d4b78 ebe9 419e00bc 7d3e4b78 3b40fffe [ 161.122561] 4818 7fbfe000 7ffdfb78 7ffefb78 419e0060 e87e0010 7f64db78 [ 161.122651] ---[ end trace 5f19b96c7077a0e0 ]--- This isn't reproducible by merely loading and unloading the module, it apparently needs to get some actual exercise. I'll find a simpler reproducer than running the systemd test tomorrow morning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626737/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1626737] Re: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops
** Changed in: linux (Ubuntu) Importance: Undecided => Medium -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1626737 Title: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops Status in linux package in Ubuntu: Confirmed Status in systemd package in Ubuntu: Fix Committed Bug description: Since upgrading to 4.8.0-14, the "storage" autopkgtest of systemd is broken. This uses scsi_debug to get a test hard drive, which is reset between the test through unloading/reloading the module. This has worked fine so far (and still works on amd64/i386), but now regularly triggers a kernel oops: [ 161.120362] Unable to handle kernel paging request for data at address 0x [ 161.120468] Faulting instruction address: 0xc0538ecc [ 161.120517] Oops: Kernel access of bad area, sig: 11 [#1] [ 161.120555] SMP NR_CPUS=2048 NUMA pSeries [ 161.120595] Modules linked in: dm_crypt dm_mod xts algif_skcipher af_alg sd_mod sg xt_TCPMSS xt_tcpudp iptable_mangle ghash_generic gf128mul vmx_crypto virtio_balloon ip_tables x_tables autofs4 ext4 crc16 jbd2 fscrypto mbcache crc32c_generic btrfs xor raid6_pq ohci_pci ehci_pci ohci_hcd virtio_blk virtio_net ehci_hcd usbcore crc32c_vpmsum usb_common virtio_pci virtio_ring virtio [last unloaded: scsi_debug] [ 161.121016] CPU: 0 PID: 5473 Comm: rmmod Not tainted 4.8.0-15-generic #16-Ubuntu [ 161.121067] task: c0005ae51980 task.stack: c0005ef58000 [ 161.121110] NIP: c0538ecc LR: c0538ee0 CTR: c00f7250 [ 161.121162] REGS: c0005ef5b9f0 TRAP: 0300 Not tainted (4.8.0-15-generic) [ 161.121213] MSR: 80010280b033CR: 28002444 XER: 2000 [ 161.121390] CFAR: c009a8e0 DAR: DSISR: 4000 SOFTE: 1 GPR00: c0538e98 c0005ef5bc70 c0f67b00 GPR04: d1302018 0002 c10d7b00 GPR08: c0fa7b00 0063 0073 0004 GPR12: 28002844 cfb8 GPR16: 0100331f11f0 384b3890 384b3848 GPR20: 384b3830 384b3870 384b38a8 384b3888 GPR24: 3fffd23d6e70 c0ebdec8 fffe d1302018 GPR28: c0ebdeb8 [ 161.122099] NIP [c0538ecc] ddebug_remove_module+0x8c/0x160 [ 161.122143] LR [c0538ee0] ddebug_remove_module+0xa0/0x160 [ 161.122186] Call Trace: [ 161.122205] [c0005ef5bc70] [c0538e98] ddebug_remove_module+0x58/0x160 (unreliable) [ 161.122280] [c0005ef5bd10] [c018961c] free_module+0x21c/0x3c0 [ 161.122333] [c0005ef5bd60] [c0189a38] SyS_delete_module+0x278/0x2f0 [ 161.122394] [c0005ef5be30] [c00095e0] system_call+0x38/0x108 [ 161.122445] Instruction dump: [ 161.122472] 3d42fff5 e92a63b8 7fa9e000 7d3d4b78 ebe9 419e00bc 7d3e4b78 3b40fffe [ 161.122561] 4818 7fbfe000 7ffdfb78 7ffefb78 419e0060 e87e0010 7f64db78 [ 161.122651] ---[ end trace 5f19b96c7077a0e0 ]--- This isn't reproducible by merely loading and unloading the module, it apparently needs to get some actual exercise. I'll find a simpler reproducer than running the systemd test tomorrow morning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626737/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1626737] Re: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops
I adjusted the test to avoid "rmmod scsi_debug": https://anonscm.debian.org/cgit/pkg- systemd/systemd.git/commit/?id=be77e470d8 So there's still a bug there, but it won't block testing any more at least. And rmmod is always a bit brittle anyway, so let's avoid it. ** Changed in: systemd (Ubuntu) Importance: Undecided => Medium ** Changed in: systemd (Ubuntu) Status: New => Fix Committed ** Changed in: systemd (Ubuntu) Assignee: (unassigned) => Martin Pitt (pitti) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1626737 Title: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops Status in linux package in Ubuntu: Confirmed Status in systemd package in Ubuntu: Fix Committed Bug description: Since upgrading to 4.8.0-14, the "storage" autopkgtest of systemd is broken. This uses scsi_debug to get a test hard drive, which is reset between the test through unloading/reloading the module. This has worked fine so far (and still works on amd64/i386), but now regularly triggers a kernel oops: [ 161.120362] Unable to handle kernel paging request for data at address 0x [ 161.120468] Faulting instruction address: 0xc0538ecc [ 161.120517] Oops: Kernel access of bad area, sig: 11 [#1] [ 161.120555] SMP NR_CPUS=2048 NUMA pSeries [ 161.120595] Modules linked in: dm_crypt dm_mod xts algif_skcipher af_alg sd_mod sg xt_TCPMSS xt_tcpudp iptable_mangle ghash_generic gf128mul vmx_crypto virtio_balloon ip_tables x_tables autofs4 ext4 crc16 jbd2 fscrypto mbcache crc32c_generic btrfs xor raid6_pq ohci_pci ehci_pci ohci_hcd virtio_blk virtio_net ehci_hcd usbcore crc32c_vpmsum usb_common virtio_pci virtio_ring virtio [last unloaded: scsi_debug] [ 161.121016] CPU: 0 PID: 5473 Comm: rmmod Not tainted 4.8.0-15-generic #16-Ubuntu [ 161.121067] task: c0005ae51980 task.stack: c0005ef58000 [ 161.121110] NIP: c0538ecc LR: c0538ee0 CTR: c00f7250 [ 161.121162] REGS: c0005ef5b9f0 TRAP: 0300 Not tainted (4.8.0-15-generic) [ 161.121213] MSR: 80010280b033CR: 28002444 XER: 2000 [ 161.121390] CFAR: c009a8e0 DAR: DSISR: 4000 SOFTE: 1 GPR00: c0538e98 c0005ef5bc70 c0f67b00 GPR04: d1302018 0002 c10d7b00 GPR08: c0fa7b00 0063 0073 0004 GPR12: 28002844 cfb8 GPR16: 0100331f11f0 384b3890 384b3848 GPR20: 384b3830 384b3870 384b38a8 384b3888 GPR24: 3fffd23d6e70 c0ebdec8 fffe d1302018 GPR28: c0ebdeb8 [ 161.122099] NIP [c0538ecc] ddebug_remove_module+0x8c/0x160 [ 161.122143] LR [c0538ee0] ddebug_remove_module+0xa0/0x160 [ 161.122186] Call Trace: [ 161.122205] [c0005ef5bc70] [c0538e98] ddebug_remove_module+0x58/0x160 (unreliable) [ 161.122280] [c0005ef5bd10] [c018961c] free_module+0x21c/0x3c0 [ 161.122333] [c0005ef5bd60] [c0189a38] SyS_delete_module+0x278/0x2f0 [ 161.122394] [c0005ef5be30] [c00095e0] system_call+0x38/0x108 [ 161.122445] Instruction dump: [ 161.122472] 3d42fff5 e92a63b8 7fa9e000 7d3d4b78 ebe9 419e00bc 7d3e4b78 3b40fffe [ 161.122561] 4818 7fbfe000 7ffdfb78 7ffefb78 419e0060 e87e0010 7f64db78 [ 161.122651] ---[ end trace 5f19b96c7077a0e0 ]--- This isn't reproducible by merely loading and unloading the module, it apparently needs to get some actual exercise. I'll find a simpler reproducer than running the systemd test tomorrow morning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626737/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
[Kernel-packages] [Bug 1626737] Re: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops
** Also affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1626737 Title: [4.8.0-14/ppc64el regression] rmmod scsi_debug keeps causing kernel oops Status in linux package in Ubuntu: Confirmed Status in systemd package in Ubuntu: New Bug description: Since upgrading to 4.8.0-14, the "storage" autopkgtest of systemd is broken. This uses scsi_debug to get a test hard drive, which is reset between the test through unloading/reloading the module. This has worked fine so far (and still works on amd64/i386), but now regularly triggers a kernel oops: [ 161.120362] Unable to handle kernel paging request for data at address 0x [ 161.120468] Faulting instruction address: 0xc0538ecc [ 161.120517] Oops: Kernel access of bad area, sig: 11 [#1] [ 161.120555] SMP NR_CPUS=2048 NUMA pSeries [ 161.120595] Modules linked in: dm_crypt dm_mod xts algif_skcipher af_alg sd_mod sg xt_TCPMSS xt_tcpudp iptable_mangle ghash_generic gf128mul vmx_crypto virtio_balloon ip_tables x_tables autofs4 ext4 crc16 jbd2 fscrypto mbcache crc32c_generic btrfs xor raid6_pq ohci_pci ehci_pci ohci_hcd virtio_blk virtio_net ehci_hcd usbcore crc32c_vpmsum usb_common virtio_pci virtio_ring virtio [last unloaded: scsi_debug] [ 161.121016] CPU: 0 PID: 5473 Comm: rmmod Not tainted 4.8.0-15-generic #16-Ubuntu [ 161.121067] task: c0005ae51980 task.stack: c0005ef58000 [ 161.121110] NIP: c0538ecc LR: c0538ee0 CTR: c00f7250 [ 161.121162] REGS: c0005ef5b9f0 TRAP: 0300 Not tainted (4.8.0-15-generic) [ 161.121213] MSR: 80010280b033CR: 28002444 XER: 2000 [ 161.121390] CFAR: c009a8e0 DAR: DSISR: 4000 SOFTE: 1 GPR00: c0538e98 c0005ef5bc70 c0f67b00 GPR04: d1302018 0002 c10d7b00 GPR08: c0fa7b00 0063 0073 0004 GPR12: 28002844 cfb8 GPR16: 0100331f11f0 384b3890 384b3848 GPR20: 384b3830 384b3870 384b38a8 384b3888 GPR24: 3fffd23d6e70 c0ebdec8 fffe d1302018 GPR28: c0ebdeb8 [ 161.122099] NIP [c0538ecc] ddebug_remove_module+0x8c/0x160 [ 161.122143] LR [c0538ee0] ddebug_remove_module+0xa0/0x160 [ 161.122186] Call Trace: [ 161.122205] [c0005ef5bc70] [c0538e98] ddebug_remove_module+0x58/0x160 (unreliable) [ 161.122280] [c0005ef5bd10] [c018961c] free_module+0x21c/0x3c0 [ 161.122333] [c0005ef5bd60] [c0189a38] SyS_delete_module+0x278/0x2f0 [ 161.122394] [c0005ef5be30] [c00095e0] system_call+0x38/0x108 [ 161.122445] Instruction dump: [ 161.122472] 3d42fff5 e92a63b8 7fa9e000 7d3d4b78 ebe9 419e00bc 7d3e4b78 3b40fffe [ 161.122561] 4818 7fbfe000 7ffdfb78 7ffefb78 419e0060 e87e0010 7f64db78 [ 161.122651] ---[ end trace 5f19b96c7077a0e0 ]--- This isn't reproducible by merely loading and unloading the module, it apparently needs to get some actual exercise. I'll find a simpler reproducer than running the systemd test tomorrow morning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1626737/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp