[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
This bug was fixed in the package linux - 4.4.0-203.235 --- linux (4.4.0-203.235) xenial; urgency=medium * xenial/linux: 4.4.0-203.235 -proposed tracker (LP: #1914140) * Ubuntu 16.04 kernel 4.4.0-202 basic commands hanging (LP: #1913853) - SAUCE: Revert "mm: check that mm is still valid in madvise()" linux (4.4.0-202.234) xenial; urgency=medium * xenial/linux: 4.4.0-202.234 -proposed tracker (LP: #1913086) * DMI entry syntax fix for Pegatron / ByteSpeed C15B (LP: #1910639) - Input: i8042 - unbreak Pegatron C15B * CVE-2020-29372 - mm: check that mm is still valid in madvise() * errinjct open fails on IBM POWER LPAR (LP: #1908710) - powerpc/rtas: Fix typo of ibm, open-errinjct in RTAS filter * 4.4 kernel panics in kvm wake_up() handler (LP: #1908428) - kvm: vmx: rename vmx_pre/post_block to pi_pre/post_block - KVM: VMX: extract __pi_post_block - KVM: VMX: avoid double list add with VT-d posted interrupts * restore reverted commit "crypto: arm64/sha - avoid non-standard inline asm tricks" (LP: #1907489) - crypto: arm64/sha - avoid non-standard inline asm tricks * CVE-2020-29374 - gup: document and work around "COW can break either way" issue * Xenial update: v4.4.249 upstream stable release (LP: #1910139) - spi: bcm2835aux: Fix use-after-free on unbind - spi: bcm2835aux: Restore err assignment in bcm2835aux_spi_probe - ARC: stack unwinding: don't assume non-current task is sleeping - platform/x86: acer-wmi: add automatic keyboard background light toggle key as KEY_LIGHTS_TOGGLE - Input: cm109 - do not stomp on control URB - Input: i8042 - add Acer laptops to the i8042 reset list - [Config] updateconfigs for SPI_DYNAMIC - spi: Prevent adding devices below an unregistering controller - net/mlx4_en: Avoid scheduling restart task if it is already running - tcp: fix cwnd-limited bug for TSO deferral where we send nothing - net: stmmac: delete the eee_ctrl_timer after napi disabled - net: bridge: vlan: fix error return code in __vlan_add() - USB: dummy-hcd: Fix uninitialized array use in init() - USB: add RESET_RESUME quirk for Snapscan 1212 - ALSA: usb-audio: Fix potential out-of-bounds shift - ALSA: usb-audio: Fix control 'access overflow' errors from chmap - xhci: Give USB2 ports time to enter U3 in bus suspend - USB: sisusbvga: Make console support depend on BROKEN - [Config] updateconfigs for USB_SISUSBVGA_CON - ALSA: pcm: oss: Fix potential out-of-bounds shift - serial: 8250_omap: Avoid FIFO corruption caused by MDR1 access - USB: serial: cp210x: enable usb generic throttle/unthrottle - scsi: bnx2i: Requires MMU - can: softing: softing_netdev_open(): fix error handling - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait - dm table: Remove BUG_ON(in_interrupt()) - soc/tegra: fuse: Fix index bug in get_process_id - USB: serial: option: add interface-number sanity check to flag handling - USB: gadget: f_rndis: fix bitrate for SuperSpeed and above - usb: chipidea: ci_hdrc_imx: Pass DISABLE_DEVICE_STREAMING flag to imx6ul - media: msi2500: assign SPI bus number dynamically - Bluetooth: Fix slab-out-of-bounds read in hci_le_direct_adv_report_evt() - drm/gma500: fix double free of gma_connector - ARM: p2v: fix handling of LPAE translation in BE mode - crypto: talitos - Fix return type of current_desc_hdr() - spi: img-spfi: fix reference leak in img_spfi_resume - ASoC: pcm: DRAIN support reactivation - Bluetooth: Fix null pointer dereference in hci_event_packet() - spi: spi-ti-qspi: fix reference leak in ti_qspi_setup - spi: tegra20-slink: fix reference leak in slink ops of tegra20 - spi: tegra20-sflash: fix reference leak in tegra_sflash_resume - spi: tegra114: fix reference leak in tegra spi ops - RDMa/mthca: Work around -Wenum-conversion warning - MIPS: BCM47XX: fix kconfig dependency bug for BCM47XX_BCMA - media: solo6x10: fix missing snd_card_free in error handling case - drm/omap: dmm_tiler: fix return error code in omap_dmm_probe() - Input: ads7846 - fix integer overflow on Rt calculation - Input: ads7846 - fix unaligned access on 7845 - powerpc/feature: Fix CPU_FTRS_ALWAYS by removing CPU_FTRS_GENERIC_32 - soc: ti: knav_qmss: fix reference leak in knav_queue_probe - soc: ti: Fix reference imbalance in knav_dma_probe - drivers: soc: ti: knav_qmss_queue: Fix error return code in knav_queue_probe - memstick: fix a double-free bug in memstick_check - ARM: dts: at91: sama5d4_xplained: add pincontrol for USB Host - ARM: dts: at91: sama5d3_xplained: add pincontrol for USB Host - orinoco: Move context allocation after processing the skb - cw1200: fix missing destroy_workqueue() on error in cw1200_init_common - mips: cdmm: fix use-after-free in mips_cdmm_bus_discover - NFSv4.
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
#VERIFICATION The user who brought this bug to our attention, had tested a test kernel with the relevant commits included and had confirmed that it addresses the bug. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
Hi Ioanna, may you please verify the kernel in -proposed resolves this bug? Thank you! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- xenial' to 'verification-done-xenial'. If the problem still exists, change the tag 'verification-needed-xenial' to 'verification-failed- xenial'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
** Changed in: linux (Ubuntu Xenial) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
** Changed in: linux (Ubuntu Xenial) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
** Changed in: linux (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
** Description changed: + [Description] + User reported that 4.4 kernels are affected by the bug in [1]. The bug presents itself with the following trace : [219901.424329] CPU: 19 PID: 0 Comm: swapper/19 Tainted: G OE 4.4.0-133-generic #159~14.04.1-Ubuntu [219901.441800] task: 885f62e63fc0 ti: 885f62e7c000 task.ti: 885f62e7c000 [219901.449408] RIP: 0010:[] [] wakeup_handler+0x6d/0xa0 [kvm_intel] [219901.458791] RSP: 0018:885f7c043f70 EFLAGS: 00010083 [219901.464217] RAX: 885f7c04 RBX: dead00b8 RCX: 885f7c0586c0 [219901.471480] RDX: dead0100 RSI: RDI: 885f7c0586b0 [219901.478741] RBP: 885f7c043f90 R08: R09: c7ffc2ec9069 [219901.486003] R10: 0494 R11: 885f7c057370 R12: 000186b0 [219901.493267] R13: 0013 R14: 000186c0 R15: 885f62e7c000 [219901.500528] FS: () GS:885f7c04() knlGS: [219901.511738] CS: 0010 DS: ES: CR0: 80050033 [219901.517597] CR2: 7f6d57098000 CR3: 003183dfe000 CR4: 00362670 [219901.524860] DR0: DR1: DR2: [219901.532121] DR3: DR6: fffe0ff0 DR7: 0400 [219901.539384] Stack: [219901.541509] 0013 [219901.549120] 885f7c043fa8 8102fa99 81f40200 885f62e7fe98 [219901.556747] 8182131f 885f62e7fde8 885f62e7c000 [219901.565006] Call Trace: - [219901.567567] + [219901.567567] [219901.569592] [] smp_kvm_posted_intr_wakeup_ipi+0x59/0x70 [219901.576795] [] kvm_posted_intr_wakeup_ipi+0xbf/0xd0 - [219901.583431] + [219901.583431] [219901.585456] [] ? hard_disable_TSC+0x30/0x30 [219901.591621] [] ? native_safe_halt+0x6/0x10 [219901.597479] [] default_idle+0x1e/0xe0 [219901.602900] [] arch_cpu_idle+0x15/0x20 [219901.608416] [] default_idle_call+0x2a/0x40 [219901.614270] [] cpu_startup_entry+0x2e0/0x350 [219901.620305] [] start_secondary+0x16c/0x190 - The root cause is blocked_vcpu_on_cpu list is corrupted. This bug is fixed with the patchset found in [2]. - Only the first 3 (out of 4) of them have made their way in upstream kernel and + Only the first 3 (out of 4) of them have made their way in upstream kernel and are the ones needed to fix the bug. - A test kernel with the fixing patches have been provided to the user and they - confirmed that it resolves the issue. + [Test case] + It was not possible to reproduce this bug locally. + A test kernel with the fixing patches has been provided to the user and they confirmed that it resolves the issue. + + [Regression Potential] + + The patches have been accepted upstream in 4.14 and so far there are no known regressions. + Backporting the patches was necessary; original patches modify pi_pre/post_block functions which are not present in 4.4. + These functions are introduced by upstream commit bc22512bb24c(kvm: vmx: rename vmx_pre/post_block to pi_pre/post_block). + Appropriate changes where made for the patches to modify vmx_pre/post_block function without changing the functionality of the patches. + Testing has not revealed any regressions. + + + [Other] + + Only 4.4 kernels are affected. + [1] https://marc.info/?l=kvm&m=149559827906211&w=2 [2] https://lore.kernel.org/lkml/20170606105707.23207-1-pbonz...@redhat.com/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1908428] Re: 4.4 kernel panics in kvm wake_up() handler
** Changed in: linux (Ubuntu) Status: Incomplete => Confirmed ** Changed in: linux (Ubuntu Xenial) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1908428 Title: 4.4 kernel panics in kvm wake_up() handler To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1908428/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs