mbox series

[SRU,I,0/1] kernel panic: NULL pointer dereference in wb_timer_f()

Message ID 20211019155309.65576-1-andrea.righi@canonical.com
Headers show
Series kernel panic: NULL pointer dereference in wb_timer_f() | expand

Message

Andrea Righi Oct. 19, 2021, 3:53 p.m. UTC 
BugLink: https://bugs.launchpad.net/bugs/1947557

[Impact]

It is possible to trigger a kernel panic with the latest impish kernel running
systemd autopkgtest using --enable-kvm with the test instances created by
systemd during the autotest. The panic happens in the host, not in the guest VM
executed by systemd.

[Test case]

Add --enable-kvm to the options in test/testdata/test-functions (systemd), run
`sudo autopkgtest . -- null`, wait for the panic to happen.

[Fix]

https://lore.kernel.org/lkml/YW6N2qXpBU3oc50q@arighi-desktop/T/#u

[Regression potential]

The fix is addressing a race in the block layer (in the buffered write
throttling code - block/blk-wbt.c) between a disk being released and the timer
callback that periodically checks if the latency for a specific block device
has been exceeded. If the fix is not correct we may still have a race in this
code, that can still show potential kernel panics in the block layer subsystem.

Comments

Kamal Mostafa Oct. 19, 2021, 4:08 p.m. UTC | #1 
LGTM.

Acked-by: Kamal Mostafa <kamal@canonical.com>

 -Kamal

On Tue, Oct 19, 2021 at 05:53:08PM +0200, Andrea Righi wrote:
> BugLink: https://bugs.launchpad.net/bugs/1947557
> 
> [Impact]
> 
> It is possible to trigger a kernel panic with the latest impish kernel running
> systemd autopkgtest using --enable-kvm with the test instances created by
> systemd during the autotest. The panic happens in the host, not in the guest VM
> executed by systemd.
> 
> [Test case]
> 
> Add --enable-kvm to the options in test/testdata/test-functions (systemd), run
> `sudo autopkgtest . -- null`, wait for the panic to happen.
> 
> [Fix]
> 
> https://lore.kernel.org/lkml/YW6N2qXpBU3oc50q@arighi-desktop/T/#u
> 
> [Regression potential]
> 
> The fix is addressing a race in the block layer (in the buffered write
> throttling code - block/blk-wbt.c) between a disk being released and the timer
> callback that periodically checks if the latency for a specific block device
> has been exceeded. If the fix is not correct we may still have a race in this
> code, that can still show potential kernel panics in the block layer subsystem.
> 
> 
> -- 
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Andrea Righi Oct. 19, 2021, 4:40 p.m. UTC | #2 
On Tue, Oct 19, 2021 at 05:53:08PM +0200, Andrea Righi wrote:
> BugLink: https://bugs.launchpad.net/bugs/1947557
> 
> [Impact]
> 
> It is possible to trigger a kernel panic with the latest impish kernel running
> systemd autopkgtest using --enable-kvm with the test instances created by
> systemd during the autotest. The panic happens in the host, not in the guest VM
> executed by systemd.
> 
> [Test case]
> 
> Add --enable-kvm to the options in test/testdata/test-functions (systemd), run
> `sudo autopkgtest . -- null`, wait for the panic to happen.
> 
> [Fix]
> 
> https://lore.kernel.org/lkml/YW6N2qXpBU3oc50q@arighi-desktop/T/#u
> 
> [Regression potential]
> 
> The fix is addressing a race in the block layer (in the buffered write
> throttling code - block/blk-wbt.c) between a disk being released and the timer
> callback that periodically checks if the latency for a specific block device
> has been exceeded. If the fix is not correct we may still have a race in this
> code, that can still show potential kernel panics in the block layer subsystem.

The upstream fix doesn't apply correctly to the impish kernel. I'll send
a v2 after testing the fix properly with the impish kernel. Sorry for
the noise.

-Andrea