[Kernel-packages] [Bug 1818747] Re: Crash in nvme_irq_check() when using threaded interrupts

Tue, 02 Apr 2019 03:47:26 -0700 

This bug was fixed in the package linux - 4.18.0-17.18

---------------
linux (4.18.0-17.18) cosmic; urgency=medium

  * linux: 4.18.0-17.18 -proposed tracker (LP: #1819624)

  * Packaging resync (LP: #1786013)
    - [Packaging] resync getabis
    - [Packaging] update helper scripts

  * C++ demangling support missing from perf (LP: #1396654)
    - [Packaging] fix a mistype

  * arm-smmu-v3 arm-smmu-v3.3.auto: CMD_SYNC timeout (LP: #1818162)
    - iommu/arm-smmu-v3: Fix unexpected CMD_SYNC timeout

  * Crash in nvme_irq_check() when using threaded interrupts (LP: #1818747)
    - nvme-pci: fix out of bounds access in nvme_cqe_pending

  * CVE-2019-9003
    - ipmi: fix use-after-free of user->release_barrier.rda

  * CVE-2019-9162
    - netfilter: nf_nat_snmp_basic: add missing length checks in ASN.1 cbs

  * CVE-2019-9213
    - mm: enforce min addr even if capable() in expand_downwards()

  * CVE-2019-3460
    - Bluetooth: Check L2CAP option sizes returned from l2cap_get_conf_opt

  * tun/tap: unable to manage carrier state from userland (LP: #1806392)
    - tun: implement carrier change

  * CVE-2019-8980
    - exec: Fix mem leak in kernel_read_file

  * [Packaging] Allow overlay of config annotations (LP: #1752072)
    - [Packaging] config-check: Add an include directive

  * amdgpu with mst WARNING on blanking (LP: #1814308)
    - drm/amd/display: Fix MST dp_blank REG_WAIT timeout

  * CVE-2019-7308
    - bpf: move {prev_,}insn_idx into verifier env
    - bpf: move tmp variable into ax register in interpreter
    - bpf: enable access to ax register also from verifier rewrite
    - bpf: restrict map value pointer arithmetic for unprivileged
    - bpf: restrict stack pointer arithmetic for unprivileged
    - bpf: restrict unknown scalars of mixed signed bounds for unprivileged
    - bpf: fix check_map_access smin_value test when pointer contains offset
    - bpf: prevent out of bounds speculation on pointer arithmetic
    - bpf: fix sanitation of alu op with pointer / scalar type from different
      paths
    - bpf: add various test cases to test_verifier
    - bpf: add various test cases to selftests

  * CVE-2017-5753
    - bpf: fix inner map masking to prevent oob under speculation

  * Use memblock quirk instead of delayed allocation for GICv3 LPI tables
    (LP: #1816425)
    - efi/arm: Revert "Defer persistent reservations until after paging_init()"
    - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve
      table

  * efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted (LP: #1814982)
    - efi/arm/arm64: Allow SetVirtualAddressMap() to be omitted

  * Update ENA driver to version 2.0.3K (LP: #1816806)
    - net: ena: update driver version from 2.0.2 to 2.0.3
    - net: ena: fix race between link up and device initalization
    - net: ena: fix crash during failed resume from hibernation

  * Silent "Unknown key" message when pressing keyboard backlight hotkey
    (LP: #1817063)
    - platform/x86: dell-wmi: Ignore new keyboard backlight change event

  * CVE-2018-19824
    - ALSA: usb-audio: Fix UAF decrement if card has no live interfaces in 
card.c

  * CVE-2019-3459
    - Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer

  * CONFIG_TEST_BPF is disabled (LP: #1813955)
    - [Config]: Reenable TEST_BPF

  * installer does not support iSCSI iBFT (LP: #1817321)
    - d-i: add iscsi_ibft to scsi-modules

  * CVE-2019-7222
    - KVM: x86: work around leak of uninitialized stack contents (CVE-2019-7222)

  * CVE-2019-7221
    - KVM: nVMX: unconditionally cancel preemption timer in free_nested
      (CVE-2019-7221)

  * CVE-2019-6974
    - kvm: fix kvm_ioctl_create_device() reference counting (CVE-2019-6974)

  * hns3 nic speed may not match optical port speed (LP: #1817969)
    - net: hns3: Config NIC port speed same as that of optical module

  * [Hyper-V] srcu: Lock srcu_data structure in srcu_gp_start() (LP: #1802021)
    - srcu: Lock srcu_data structure in srcu_gp_start()

  * libsas disks can have non-unique by-path names (LP: #1817784)
    - scsi: libsas: Fix rphy phy_identifier for PHYs with end devices attached

  * Bluetooth not working (Intel CyclonePeak) (LP: #1817518)
    - Bluetooth: btusb: Add support for Intel bluetooth device 8087:0029

  * CVE-2019-8912
    - net: crypto set sk to NULL when af_alg_release.
    - net: socket: set sock->sk to NULL after calling proto_ops::release()

  * 4.18.0 thinkpad_acpi : thresholds for BAT1 not writable (LP: #1812099)
    - platform/x86: thinkpad_acpi: Fix multi-battery bug

  * [ALSA] [PATCH] System76 darp5 and oryp5 fixups (LP: #1815831)
    - ALSA: hda/realtek - Headset microphone support for System76 darp5
    - ALSA: hda/realtek - Headset microphone and internal speaker support for
      System76 oryp5

  * CVE-2019-8956
    - sctp: walk the list of asoc safely

  * Constant noise in the headphone on Lenovo X1 machines (LP: #1817263)
    - ALSA: hda/realtek: Disable PC beep in passthrough on alc285

 -- Kleber Sacilotto de Souza <kleber.so...@canonical.com>  Wed, 13 Mar
2019 12:52:13 +0100

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1818747

Title:
  Crash in nvme_irq_check() when using threaded interrupts

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  Fix Released
Status in linux source package in Cosmic:
  Fix Released
Status in linux source package in Disco:
  Fix Released

Bug description:
  [Impact]
  kernel crashes under load w/ nvme.use_threaded_interrupts=1

  [Test Case]
  Boot w/ nvme.use_threaded_interrupts=1

  sudo fio -name=randread -numjobs=8 -filename=/dev/nvme0n1 -rw=randread
  -ioengine=libaio -direct=1 -iodepth=64 -sync=0 -norandommap
  -group_reporting -runtime=300 -time_based -bs=4k

  [  284.756476] CPU: 0 PID: 1047 Comm: irq/97-nvme0q1 Not tainted 
4.18.0-15-generic #16~18.04.1-Ubuntu
  [  284.765420] Hardware name: Huawei D06 /D06, BIOS Hisilicon D06 UEFI RC0 - 
V1.13.01 02/14/2019
  [  284.773930] pstate: 00400089 (nzcv daIf +PAN -UAO)
  [  284.778711] pc : nvme_irq_check+0x30/0x48 [nvme]
  [  284.783319] lr : __handle_irq_event_percpu+0x68/0x228
  [  284.788356] sp : ffff000008003e70

  [Fix]
  dcca166272722 nvme-pci: fix out of bounds access in nvme_cqe_pending

  [Regression Risk]
  Restricted to systems w/ NVMe. There are no upstream patches marked as Fixing 
the upstream change, which suggests it is not yet know to introduce regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1818747/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to