[Group.of.nepali.translators] [Bug 1858834] Re: ipc/sem.c : process loops infinitely in exit_sem()
** Changed in: linux (Ubuntu Disco)
Status: Fix Committed => Won't Fix
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1858834
Title:
ipc/sem.c : process loops infinitely in exit_sem()
Status in linux package in Ubuntu:
Fix Released
Status in linux source package in Xenial:
Fix Released
Status in linux source package in Bionic:
Fix Released
Status in linux source package in Disco:
Won't Fix
Status in linux source package in Eoan:
Fix Released
Status in linux source package in Focal:
Fix Released
Bug description:
[Description]
Commit a97955844807 ("ipc,sem: remove uneeded sem_undo_list lock usage
in exit_sem()") removes a lock that is needed. This leads to a process
looping infinitely in exit_sem() and can also lead to a crash.
[Test case]
Using the reproducer found in [1] is fairly easy to reach a point where
one of the child processes is looping infinitely in exit_sem between
for(;;) and if (semid == -1) block, while it's trying to free its last
sem_undo structure which has already been freed by freeary().
Once commit a97955844807 ("ipc,sem: remove uneeded sem_undo_list lock
usage in exit_sem()") the issue is not reproducible any more.
[Other]
Patch submitted upstream :
https://lkml.org/lkml/2019/12/11/1718
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1694779
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1858834/+subscriptions
___
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1858834] Re: ipc/sem.c : process loops infinitely in exit_sem()
This bug was fixed in the package linux - 4.15.0-96.97
---
linux (4.15.0-96.97) bionic; urgency=medium
* CVE-2020-8834
- KVM: PPC: Book3S HV: Factor fake-suspend handling out of
kvmppc_save/restore_tm
- KVM: PPC: Book3S PR: Move kvmppc_save_tm/kvmppc_restore_tm to separate
file
- KVM: PPC: Book3S PR: Add guest MSR parameter for
kvmppc_save_tm()/kvmppc_restore_tm()
linux (4.15.0-94.95) bionic; urgency=medium
* bionic/linux: 4.15.0-94.95 -proposed tracker (LP: #1868984)
* Missing wireless network interface after kernel 5.3.0-43 upgrade with eoan
(LP: #1868442)
- iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
linux (4.15.0-93.94) bionic; urgency=medium
* bionic/linux: 4.15.0-93.94 -proposed tracker (LP: #1868764)
* quotactl04 from ubuntu_ltp_syscalls failed with B (LP: #1868665)
- ext4: fix mount failure with quota configured as module
linux (4.15.0-92.93) bionic; urgency=medium
* bionic/linux: 4.15.0-92.93 -proposed tracker (LP: #1867272)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
* Introduce the new NVIDIA 440 series, and add 5.4 Linux compatibility to the
340 and 390 series (LP: #1854485)
- [Packaging] NVIDIA -- add support for the 435 and the 440 series
* Stop using get_scalar_status command in Dell AIO uart backlight driver
(LP: #1865402)
- SAUCE: platform/x86: dell-uart-backlight: add get_display_mode command
* Bionic update: upstream stable patchset 2020-03-12 (LP: #1867194)
- RDMA/core: Fix locking in ib_uverbs_event_read
- gpio: zynq: Report gpio direction at boot
- arm64: ptrace: nofpsimd: Fail FP/SIMD regset operations
- KVM: arm: Fix DFSR setting for non-LPAE aarch32 guests
- KVM: arm: Make inject_abt32() inject an external abort instead
- mtd: onenand_base: Adjust indentation in onenand_read_ops_nolock
- mtd: sharpslpart: Fix unsigned comparison to zero
- padata: fix null pointer deref of pd->pinst
- Input: synaptics - switch T470s to RMI4 by default
- Input: synaptics - enable SMBus on ThinkPad L470
- Input: synaptics - remove the LEN0049 dmi id from topbuttonpad list
- ALSA: hda/realtek - Fix silent output on MSI-GL73
- ALSA: usb-audio: Apply sample rate quirk for Audioengine D1
- arm64: cpufeature: Set the FP/SIMD compat HWCAP bits properly
- ALSA: usb-audio: sound: usb: usb true/false for bool return type
- ext4: don't assume that mmp_nodename/bdevname have NUL
- ext4: fix support for inode sizes > 1024 bytes
- ext4: fix checksum errors with indexed dirs
- ext4: add cond_resched() to ext4_protect_reserved_inode
- ext4: improve explanation of a mount failure caused by a misconfigured
kernel
- Btrfs: fix race between using extent maps and merging them
- btrfs: ref-verify: fix memory leaks
- btrfs: print message when tree-log replay starts
- btrfs: log message when rw remount is attempted with unclean tree-log
- arm64: ssbs: Fix context-switch when SSBS is present on all CPUs
- perf/x86/amd: Add missing L2 misses event spec to AMD Family 17h's event
map
- IB/hfi1: Close window for pq and request coliding
- IB/rdmavt: Reset all QPs when the device is shut down
- RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq
- RDMA/core: Fix protection fault in get_pkey_idx_qp_list
- s390/time: Fix clk type in get_tod_clock
- perf/x86/intel: Fix inaccurate period in context switch for auto-reload
- hwmon: (pmbus/ltc2978) Fix PMBus polling of MFR_COMMON definitions.
- jbd2: move the clearing of b_modified flag to the journal_unmap_buffer()
- jbd2: do not clear the BH_Mapped flag when forgetting a metadata buffer
- KVM: x86/mmu: Fix struct guest_walker arrays for 5-level paging
* Bionic update: upstream stable patchset 2020-03-09 (LP: #1866678)
- kernel/module: Fix memleak in module_add_modinfo_attrs()
- media: iguanair: fix endpoint sanity check
- x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
- iwlwifi: mvm: fix NVM check for 3168 devices
- sparc32: fix struct ipc64_perm type definition
- cls_rsvp: fix rsvp_policy
- gtp: use __GFP_NOWARN to avoid memalloc warning
- l2tp: Allow duplicate session creation with UDP
- net: hsr: fix possible NULL deref in hsr_handle_frame()
- net_sched: fix an OOB access in cls_tcindex
- bnxt_en: Fix TC queue mapping.
- tcp: clear tp->total_retrans in tcp_disconnect()
- tcp: clear tp->delivered in tcp_disconnect()
- tcp: clear tp->data_segs{in|out} in tcp_disconnect()
- tcp: clear tp->segs_{in|out} in tcp_disconnect()
- rxrpc: Fix insufficient receive notification generation
- rxrpc: Fix NULL pointer deref due to call->conn being cleared on
disconnect
- media: uvcvideo: Avoid cyclic entity chains due to malformed USB
descriptors
- mfd:
[Group.of.nepali.translators] [Bug 1858834] Re: ipc/sem.c : process loops infinitely in exit_sem()
This bug was fixed in the package linux - 4.4.0-177.207
---
linux (4.4.0-177.207) xenial; urgency=medium
* xenial/linux: 4.4.0-177.207 -proposed tracker (LP: #1867243)
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
* Xenial update: 4.4.214 upstream stable release (LP: #1864775)
- media: iguanair: fix endpoint sanity check
- x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
- sparc32: fix struct ipc64_perm type definition
- ASoC: qcom: Fix of-node refcount unbalance to link->codec_of_node
- cls_rsvp: fix rsvp_policy
- net: hsr: fix possible NULL deref in hsr_handle_frame()
- net_sched: fix an OOB access in cls_tcindex
- tcp: clear tp->total_retrans in tcp_disconnect()
- tcp: clear tp->segs_{in|out} in tcp_disconnect()
- media: uvcvideo: Avoid cyclic entity chains due to malformed USB
descriptors
- mfd: dln2: More sanity checking for endpoints
- brcmfmac: Fix memory leak in brcmf_usbdev_qinit
- usb: gadget: legacy: set max_speed to super-speed
- usb: gadget: f_ncm: Use atomic_t to track in-flight request
- usb: gadget: f_ecm: Use atomic_t to track in-flight request
- ALSA: dummy: Fix PCM format loop in proc output
- lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
- powerpc/pseries: Advance pfn if section is not present in
lmb_is_removable()
- mmc: spi: Toggle SPI polarity, do not hardcode it
- PCI: keystone: Fix link training retries initiation
- crypto: api - Check spawn->alg under lock in crypto_drop_spawn
- scsi: qla2xxx: Fix mtcp dump collection failure
- power: supply: ltc2941-battery-gauge: fix use-after-free
- of: Add OF_DMA_DEFAULT_COHERENT & select it on powerpc
- dm space map common: fix to ensure new block isn't already in use
- crypto: pcrypt - Do not clear MAY_SLEEP flag in original request
- crypto: api - Fix race condition in crypto_spawn_alg
- crypto: picoxcell - adjust the position of tasklet_init and fix missed
tasklet_kill
- btrfs: set trans->drity in btrfs_commit_transaction
- ARM: tegra: Enable PLLP bypass during Tegra124 LP1
- mwifiex: fix unbalanced locking in mwifiex_process_country_ie()
- sunrpc: expiry_time should be seconds not timeval
- KVM: x86: Refactor prefix decoding to prevent Spectre-v1/L1TF attacks
- KVM: x86: Protect DR-based index computations from Spectre-v1/L1TF attacks
- KVM: x86: Protect kvm_hv_msr_[get|set]_crash_data() from Spectre-v1/L1TF
attacks
- KVM: x86: Protect ioapic_write_indirect() from Spectre-v1/L1TF attacks
- KVM: x86: Protect MSR-based index computations in pmu.h from
Spectre-v1/L1TF
attacks
- KVM: x86: Protect ioapic_read_indirect() from Spectre-v1/L1TF attacks
- KVM: x86: Protect MSR-based index computations from Spectre-v1/L1TF
attacks
in x86.c
- KVM: x86: Protect x86_decode_insn from Spectre-v1/L1TF attacks
- KVM: x86: Protect MSR-based index computations in fixed_msr_to_seg_unit()
from Spectre-v1/L1TF attacks
- KVM: PPC: Book3S HV: Uninit vCPU if vcore creation fails
- KVM: PPC: Book3S PR: Free shared page if mmu initialization fails
- KVM: x86: Free wbinvd_dirty_mask if vCPU creation fails
- scsi: qla2xxx: Fix the endianness of the qla82xx_get_fw_size() return type
- scsi: csiostor: Adjust indentation in csio_device_reset
- scsi: qla4xxx: Adjust indentation in qla4xxx_mem_free
- ext2: Adjust indentation in ext2_fill_super
- powerpc/44x: Adjust indentation in ibm4xx_denali_fixup_memsize
- NFC: pn544: Adjust indentation in pn544_hci_check_presence
- ppp: Adjust indentation into ppp_async_input
- net: smc911x: Adjust indentation in smc911x_phy_configure
- net: tulip: Adjust indentation in {dmfe, uli526x}_init_module
- mfd: da9062: Fix watchdog compatible string
- mfd: rn5t618: Mark ADC control register volatile
- net: systemport: Avoid RBUF stuck in Wake-on-LAN mode
- bonding/alb: properly access headers in bond_alb_xmit()
- NFS: Fix memory leaks and corruption in readdir
- NFS: Fix bool initialization/comparison
- NFS: Directory page cache pages need to be locked when read
- Btrfs: fix assertion failure on fsync with NO_HOLES enabled
- btrfs: remove trivial locking wrappers of tree mod log
- Btrfs: fix race between adding and putting tree mod seq elements and nodes
- drm: atmel-hlcdc: enable clock before configuring timing engine
- KVM: x86: drop picdev_in_range()
- KVM: x86: Refactor picdev_write() to prevent Spectre-v1/L1TF attacks
- KVM: x86: Protect pmu_intel.c from Spectre-v1/L1TF attacks
- KVM: x86: Protect kvm_lapic_reg_write() from Spectre-v1/L1TF attacks
- btrfs: flush write bio if we loop in extent_write_cache_pages
- KVM: x86/mmu: Apply max PA check for MMIO sptes to 32-bit KVM
- KVM: VMX: Add non-canonical check
[Group.of.nepali.translators] [Bug 1858834] Re: ipc/sem.c : process loops infinitely in exit_sem()
This bug was fixed in the package linux - 5.3.0-46.38
---
linux (5.3.0-46.38) eoan; urgency=medium
* eoan/linux: 5.3.0-43.36 -proposed tracker (LP: #1867301)
* Fix AMD Stoney Ridge screen flickering under 4K resolution (LP: #1864005)
- iommu/amd: Disable IOMMU on Stoney Ridge systems
* Allow BPF tracing under lockdown (LP: #1868626)
- Revert "UBUNTU: SAUCE: (efi-lockdown) Lock down kprobes"
- Revert "bpf: Restrict bpf when kernel lockdown is in confidentiality mode"
* Missing wireless network interface after kernel 5.3.0-43 upgrade with eoan
(LP: #1868442)
- iwlwifi: mvm: Do not require PHY_SKU NVM section for 3168 devices
* Packaging resync (LP: #1786013)
- [Packaging] resync getabis
- [Packaging] update helper scripts
* iSCSI-target: Deleting a LUN hangs in the kernel (LP: #1862682)
- scsi: Revert "target/core: Inline transport_lun_remove_cmd()"
* Stop using get_scalar_status command in Dell AIO uart backlight driver
(LP: #1865402)
- SAUCE: platform/x86: dell-uart-backlight: add get_display_mode command
* Eoan update: upstream stable patchset 2020-03-11 (LP: #1867051)
- Revert "drm/sun4i: dsi: Change the start delay calculation"
- ovl: fix lseek overflow on 32bit
- kernel/module: Fix memleak in module_add_modinfo_attrs()
- media: iguanair: fix endpoint sanity check
- ocfs2: fix oops when writing cloned file
- x86/cpu: Update cached HLE state on write to TSX_CTRL_CPUID_CLEAR
- udf: Allow writing to 'Rewritable' partitions
- printk: fix exclusive_console replaying
- iwlwifi: mvm: fix NVM check for 3168 devices
- sparc32: fix struct ipc64_perm type definition
- cls_rsvp: fix rsvp_policy
- gtp: use __GFP_NOWARN to avoid memalloc warning
- l2tp: Allow duplicate session creation with UDP
- net: hsr: fix possible NULL deref in hsr_handle_frame()
- net_sched: fix an OOB access in cls_tcindex
- net: stmmac: Delete txtimer in suspend()
- bnxt_en: Fix TC queue mapping.
- tcp: clear tp->total_retrans in tcp_disconnect()
- tcp: clear tp->delivered in tcp_disconnect()
- tcp: clear tp->data_segs{in|out} in tcp_disconnect()
- tcp: clear tp->segs_{in|out} in tcp_disconnect()
- rxrpc: Fix use-after-free in rxrpc_put_local()
- rxrpc: Fix insufficient receive notification generation
- rxrpc: Fix missing active use pinning of rxrpc_local object
- rxrpc: Fix NULL pointer deref due to call->conn being cleared on
disconnect
- media: uvcvideo: Avoid cyclic entity chains due to malformed USB
descriptors
- mfd: dln2: More sanity checking for endpoints
- ipc/msg.c: consolidate all xxxctl_down() functions
- tracing: Fix sched switch start/stop refcount racy updates
- rcu: Avoid data-race in rcu_gp_fqs_check_wake()
- brcmfmac: Fix memory leak in brcmf_usbdev_qinit
- usb: typec: tcpci: mask event interrupts when remove driver
- usb: gadget: legacy: set max_speed to super-speed
- usb: gadget: f_ncm: Use atomic_t to track in-flight request
- usb: gadget: f_ecm: Use atomic_t to track in-flight request
- ALSA: usb-audio: Fix endianess in descriptor validation
- ALSA: dummy: Fix PCM format loop in proc output
- mm/memory_hotplug: fix remove_memory() lockdep splat
- mm: move_pages: report the number of non-attempted pages
- media/v4l2-core: set pages dirty upon releasing DMA buffers
- media: v4l2-core: compat: ignore native command codes
- media: v4l2-rect.h: fix v4l2_rect_map_inside() top/left adjustments
- lib/test_kasan.c: fix memory leak in kmalloc_oob_krealloc_more()
- irqdomain: Fix a memory leak in irq_domain_push_irq()
- platform/x86: intel_scu_ipc: Fix interrupt support
- ALSA: hda: Add Clevo W65_67SB the power_save blacklist
- KVM: arm64: Correct PSTATE on exception entry
- KVM: arm/arm64: Correct CPSR on exception entry
- KVM: arm/arm64: Correct AArch32 SPSR on exception entry
- KVM: arm64: Only sign-extend MMIO up to register width
- MIPS: fix indentation of the 'RELOCS' message
- MIPS: boot: fix typo in 'vmlinux.lzma.its' target
- s390/mm: fix dynamic pagetable upgrade for hugetlbfs
- powerpc/xmon: don't access ASDR in VMs
- powerpc/pseries: Advance pfn if section is not present in
lmb_is_removable()
- smb3: fix signing verification of large reads
- PCI: tegra: Fix return value check of pm_runtime_get_sync()
- mmc: spi: Toggle SPI polarity, do not hardcode it
- ACPI: video: Do not export a non working backlight interface on MSI
MS-7721
boards
- ACPI / battery: Deal with design or full capacity being reported as -1
- ACPI / battery: Use design-cap for capacity calculations if full-cap is
not
available
- ACPI / battery: Deal better with neither design nor full capacity not
being
reported
- alarmtimer: Unregister wakeup source when module get fails
- ubifs: don't trigger
[Group.of.nepali.translators] [Bug 1858834] Re: ipc/sem.c : process loops infinitely in exit_sem()
This bug was fixed in the package linux - 5.4.0-18.22 --- linux (5.4.0-18.22) focal; urgency=medium * focal/linux: 5.4.0-18.22 -proposed tracker (LP: #1866488) * Packaging resync (LP: #1786013) - [Packaging] resync getabis - [Packaging] update helper scripts * Add sysfs attribute to show remapped NVMe (LP: #1863621) - SAUCE: ata: ahci: Add sysfs attribute to show remapped NVMe device count * [20.04 FEAT] Compression improvements in Linux kernel (LP: #1830208) - lib/zlib: add s390 hardware support for kernel zlib_deflate - s390/boot: rename HEAP_SIZE due to name collision - lib/zlib: add s390 hardware support for kernel zlib_inflate - s390/boot: add dfltcc= kernel command line parameter - lib/zlib: add zlib_deflate_dfltcc_enabled() function - btrfs: use larger zlib buffer for s390 hardware compression - [Config] Introducing s390x specific kernel config option CONFIG_ZLIB_DFLTCC * [UBUNTU 20.04] s390x/pci: increase CONFIG_PCI_NR_FUNCTIONS to 512 in kernel config (LP: #1866056) - [Config] Increase CONFIG_PCI_NR_FUNCTIONS from 64 to 512 starting with focal on s390x * CONFIG_IP_MROUTE_MULTIPLE_TABLES is not set (LP: #1865332) - [Config] CONFIG_IP_MROUTE_MULTIPLE_TABLES=y * Dell XPS 13 9300 Intel 1650S wifi [34f0:1651] fails to load firmware (LP: #1865962) - iwlwifi: remove IWL_DEVICE_22560/IWL_DEVICE_FAMILY_22560 - iwlwifi: 22000: fix some indentation - iwlwifi: pcie: rx: use rxq queue_size instead of constant - iwlwifi: allocate more receive buffers for HE devices - iwlwifi: remove some outdated iwl22000 configurations - iwlwifi: assume the driver_data is a trans_cfg, but allow full cfg * [FOCAL][REGRESSION] Intel Gen 9 brightness cannot be controlled (LP: #1861521) - Revert "USUNTU: SAUCE: drm/i915: Force DPCD backlight mode on Dell Precision 4K sku" - Revert "UBUNTU: SAUCE: drm/i915: Force DPCD backlight mode on X1 Extreme 2nd Gen 4K AMOLED panel" - SAUCE: drm/dp: Introduce EDID-based quirks - SAUCE: drm/i915: Force DPCD backlight mode on X1 Extreme 2nd Gen 4K AMOLED panel - SAUCE: drm/i915: Force DPCD backlight mode for some Dell CML 2020 panels * [20.04 FEAT] Enable proper kprobes on ftrace support (LP: #1865858) - s390/ftrace: save traced function caller - s390: support KPROBES_ON_FTRACE * alsa/sof: load different firmware on different platforms (LP: #1857409) - ASoC: SOF: Intel: hda: use fallback for firmware name - ASoC: Intel: acpi-match: split CNL tables in three - ASoC: SOF: Intel: Fix CFL and CML FW nocodec binary names. * [UBUNTU 20.04] Enable CONFIG_NET_SWITCHDEV in kernel config for s390x starting with focal (LP: #1865452) - [Config] Enable CONFIG_NET_SWITCHDEV in kernel config for s390x starting with focal * Focal update: v5.4.24 upstream stable release (LP: #1866333) - io_uring: grab ->fs as part of async offload - EDAC: skx_common: downgrade message importance on missing PCI device - net: dsa: b53: Ensure the default VID is untagged - net: fib_rules: Correctly set table field when table number exceeds 8 bits - net: macb: ensure interface is not suspended on at91rm9200 - net: mscc: fix in frame extraction - net: phy: restore mdio regs in the iproc mdio driver - net: sched: correct flower port blocking - net/tls: Fix to avoid gettig invalid tls record - nfc: pn544: Fix occasional HW initialization failure - qede: Fix race between rdma destroy workqueue and link change event - Revert "net: dev: introduce support for sch BYPASS for lockless qdisc" - udp: rehash on disconnect - sctp: move the format error check out of __sctp_sf_do_9_1_abort - bnxt_en: Improve device shutdown method. - bnxt_en: Issue PCIe FLR in kdump kernel to cleanup pending DMAs. - bonding: add missing netdev_update_lockdep_key() - net: export netdev_next_lower_dev_rcu() - bonding: fix lockdep warning in bond_get_stats() - ipv6: Fix route replacement with dev-only route - ipv6: Fix nlmsg_flags when splitting a multipath route - ipmi:ssif: Handle a possible NULL pointer reference - drm/msm: Set dma maximum segment size for mdss - sched/core: Don't skip remote tick for idle CPUs - timers/nohz: Update NOHZ load in remote tick - sched/fair: Prevent unlimited runtime on throttled group - dax: pass NOWAIT flag to iomap_apply - mac80211: consider more elements in parsing CRC - cfg80211: check wiphy driver existence for drvinfo report - s390/zcrypt: fix card and queue total counter wrap - qmi_wwan: re-add DW5821e pre-production variant - qmi_wwan: unconditionally reject 2 ep interfaces - NFSv4: Fix races between open and dentry revalidation - perf/smmuv3: Use platform_get_irq_optional() for wired interrupt - perf/x86/intel: Add Elkhart Lake support - perf/x86/cstate: Add Tremont
