kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #177481
[Bug 1556264] Re: [Hyper-V] vmbus: Fix a bug in hv_need_to_signal_on_read()
This bug was fixed in the package linux - 3.13.0-86.130
---------------
linux (3.13.0-86.130) trusty; urgency=low
[ Kamal Mostafa ]
* Release Tracking Bug
- LP: #1571718
[ Benjamin Tissoires ]
* SAUCE: Input: synaptics - handle spurious release of trackstick
buttons, again
- LP: #1553811
[ K. Y. Srinivasan ]
* SAUCE: (noup): Drivers: hv: vmbus: Fix a bug in
hv_need_to_signal_on_read()
- LP: #1556264
[ Kamal Mostafa ]
* [debian] BugLink: close LP: bugs only for Launchpad urls
* [Config] updateconfigs after v3.13.11-ckt38
[ Tim Gardner ]
* [Debian] Fix linux-doc dangling symlinks
- LP: #661306
[ Upstream Kernel Changes ]
* Revert "jffs2: Fix lock acquisition order bug in jffs2_write_begin"
- LP: #1562900
* [stable-only] AIO: properly check iovec sizes
- LP: #1562900
* Input: aiptek - fix crash on detecting device without endpoints
- LP: #1562900
* wext: fix message delay/ordering
- LP: #1562900
* cfg80211/wext: fix message ordering
- LP: #1562900
* mac80211: fix use of uninitialised values in RX aggregation
- LP: #1562900
* libata: fix HDIO_GET_32BIT ioctl
- LP: #1562900
* mac80211: minstrel_ht: set default tx aggregation timeout to 0
- LP: #1562900
* jffs2: Fix page lock / f->sem deadlock
- LP: #1562900
* Fix directory hardlinks from deleted directories
- LP: #1562900
* iommu/amd: Fix boot warning when device 00:00.0 is not iommu covered
- LP: #1562900
* libata: Align ata_device's id on a cacheline
- LP: #1562900
* vfio: fix ioctl error handling
- LP: #1562900
* ALSA: ctl: Fix ioctls for X32 ABI
- LP: #1562900
* ALSA: rawmidi: Fix ioctls X32 ABI
- LP: #1562900
* ALSA: timer: Fix broken compat timer user status ioctl
- LP: #1562900
* ALSA: timer: Fix ioctls for X32 ABI
- LP: #1562900
* cifs: fix out-of-bounds access in lease parsing
- LP: #1562900
* CIFS: Fix SMB2+ interim response processing for read requests
- LP: #1562900
* ALSA: hdspm: Fix wrong boolean ctl value accesses
- LP: #1562900
* ALSA: hdspm: Fix zero-division
- LP: #1562900
* ALSA: hdsp: Fix wrong boolean ctl value accesses
- LP: #1562900
* USB: cp210x: Add ID for Parrot NMEA GPS Flight Recorder
- LP: #1562900
* ASoC: wm8958: Fix enum ctl accesses in a wrong type
- LP: #1562900
* ASoC: wm8994: Fix enum ctl accesses in a wrong type
- LP: #1562900
* ASoC: wm_adsp: Fix enum ctl accesses in a wrong type
- LP: #1562900
* USB: serial: option: add support for Telit LE922 PID 0x1045
- LP: #1562900
* USB: serial: option: add support for Quectel UC20
- LP: #1562900
* ALSA: seq: oss: Don't drain at closing a client
- LP: #1562900
* drm/ast: Fix incorrect register check for DRAM width
- LP: #1562900
* drm/radeon/pm: update current crtc info after setting the powerstate
- LP: #1562900
* PM / sleep / x86: Fix crash on graph trace through x86 suspend
- LP: #1562900
* ALSA: hda - Fix mic issues on Acer Aspire E1-472
- LP: #1562900
* MIPS: traps: Fix SIGFPE information leak from `do_ov' and
`do_trap_or_bp'
- LP: #1562900
* ubi: Fix out of bounds write in volume update code
- LP: #1562900
* KVM: VMX: disable PEBS before a guest entry
- LP: #1562900
* ext4: iterate over buffer heads correctly in move_extent_per_page()
- LP: #1562900
* net/mlx4_core: Allow resetting VF admin mac to zero
- LP: #1562900
* ipv6: re-enable fragment header matching in ipv6_find_hdr
- LP: #1562900
* cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind
- LP: #1562900
* net: moxa: fix an error code
- LP: #1562900
* IB/core: Use GRH when the path hop-limit > 0
- LP: #1562900
* Linux 3.13.11-ckt37
- LP: #1562900
* Drivers: hv_vmbus: Fix signal to host condition
- LP: #1556264
* [stable-only] pipe: Fix buffer offset after partially failed read
- LP: #1563916
* EDAC, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr()
- LP: #1567615
* tty: Fix GPF in flush_to_ldisc(), part 2
- LP: #1567615
* [media] media: v4l2-compat-ioctl32: fix missing length copy in
put_v4l2_buffer32
- LP: #1567615
* [media] pwc: Add USB id for Philips Spc880nc webcam
- LP: #1567615
* 8250: use callbacks to access UART_DLL/UART_DLM
- LP: #1567615
* net: irda: Fix use-after-free in irtty_open()
- LP: #1567615
* usb: retry reset if a device times out
- LP: #1567615
* HID: core: do not scan reports if the group is already set
- LP: #1567615
* HID: fix hid_ignore_special_drivers module parameter
- LP: #1567615
* scripts/coccinelle: modernize &
- LP: #1567615
* [media] adv7511: TX_EDID_PRESENT is still 1 after a disconnect
- LP: #1567615
* [media] saa7134: Fix bytesperline not being set correctly for planar
formats
- LP: #1567615
* perf tools: Dont stop PMU parsing on alias parse error
- LP: #1567615
* Bluetooth: btusb: Add new AR3012 ID 13d3:3395
- LP: #1542564, #1567615
* Bluetooth: Add new AR3012 ID 0489:e095
- LP: #1542944, #1567615
* aacraid: Fix memory leak in aac_fib_map_free
- LP: #1567615
* mtd: onenand: fix deadlock in onenand_block_markbad
- LP: #1567615
* PCI: Disable IO/MEM decoding for devices with non-compliant BARs
- LP: #1567615
* md/raid5: Compare apples to apples (or sectors to sectors)
- LP: #1567615
* Bluetooth: btusb: Add a new AR3012 ID 04ca:3014
- LP: #1546694, #1567615
* IB/srpt: Simplify srpt_handle_tsk_mgmt()
- LP: #1567615
* [media] bttv: Width must be a multiple of 16 when capturing planar
formats
- LP: #1567615
* watchdog: rc32434_wdt: fix ioctl error handling
- LP: #1567615
* xfs: fix two memory leaks in xfs_attr_list.c error paths
- LP: #1567615
* quota: Fix possible GPF due to uninitialised pointers
- LP: #1567615
* mtip32xx: Print exact time when an internal command is interrupted
- LP: #1567615
* KVM: i8254: change PIT discard tick policy
- LP: #1567615
* sched/cputime: Fix steal time accounting vs. CPU hotplug
- LP: #1567615
* rt2x00: add new rt2800usb device Buffalo WLI-UC-G450
- LP: #1567615
* pinctrl-bcm2835: Fix cut-and-paste error in "pull" parsing
- LP: #1567615
* perf/core: Fix perf_sched_count derailment
- LP: #1567615
* perf/x86/intel: Use PAGE_SIZE for PEBS buffer size on Core2
- LP: #1567615
* bcache: fix cache_set_flush() NULL pointer dereference on OOM
- LP: #1567615
* x86/PCI: Mark Broadwell-EP Home Agent & PCU as having non-compliant
BARs
- LP: #1567615
* be2iscsi: set the boot_kset pointer to NULL in case of failure
- LP: #1567615
* drm/radeon: Don't drop DP 2.7 Ghz link setup on some cards.
- LP: #1567615
* sg: fix dxferp in from_to case
- LP: #1567615
* jbd2: fix FS corruption possibility in jbd2_journal_destroy() on umount
path
- LP: #1567615
* Bluetooth: btusb: Add a new AR3012 ID 13d3:3472
- LP: #1552925, #1567615
* iser-target: Separate flows for np listeners and connections cma events
- LP: #1567615
* xtensa: ISS: don't hang if stdin EOF is reached
- LP: #1567615
* xtensa: clear all DBREAKC registers on start
- LP: #1567615
* bus: imx-weim: Take the 'status' property value into account
- LP: #1567615
* ALSA: intel8x0: Add clock quirk entry for AD1981B on IBM ThinkPad X41.
- LP: #1567615
* s390/pci: enforce fmb page boundary rule
- LP: #1567615
* Input: powermate - fix oops with malicious USB descriptors
- LP: #1567615
* net: mvneta: enable change MAC address when interface is up
- LP: #1567615
* HID: i2c-hid: fix OOB write in i2c_hid_set_or_send_report()
- LP: #1567615
* ALSA: hda - Fix unconditional GPIO toggle via automute
- LP: #1567615
* ALSA: usb-audio: Fix NULL dereference in create_fixed_stream_quirk()
- LP: #1567615
* ALSA: usb-audio: Add sanity checks for endpoint accesses
- LP: #1567615
* nfsd: fix deadlock secinfo+readdir compound
- LP: #1567615
* x86/iopl: Fix iopl capability check on Xen PV
- LP: #1567615
* Input: ims-pcu - sanity check against missing interfaces
- LP: #1567615
* x86/apic: Fix suspicious RCU usage in
smp_trace_call_function_interrupt()
- LP: #1567615
* USB: iowarrior: fix oops with malicious USB descriptors
- LP: #1567615
* USB: usb_driver_claim_interface: add sanity checking
- LP: #1567615
* USB: cdc-acm: more sanity checking
- LP: #1567615
* USB: uas: Reduce can_queue to MAX_CMNDS
- LP: #1567615
* tracing: Have preempt(irqs)off trace preempt disabled functions
- LP: #1567615
* tracing: Fix crash from reading trace_pipe with sendfile
- LP: #1567615
* splice: handle zero nr_pages in splice_to_pipe()
- LP: #1567615
* target: Fix target_release_cmd_kref shutdown comp leak
- LP: #1567615
* KVM: VMX: avoid guest hang on invalid invept instruction
- LP: #1567615
* KVM: fix spin_lock_init order on x86
- LP: #1567615
* tracing: Fix trace_printk() to print when not using bprintk()
- LP: #1567615
* fs/coredump: prevent fsuid=0 dumps into user-controlled directories
- LP: #1567615
* rapidio/rionet: fix deadlock on SMP
- LP: #1567615
* Input: ati_remote2 - fix crashes on detecting device with invalid
descriptor
- LP: #1567615
* MAINTAINERS: Update mailing list and web page for hwmon subsystem
- LP: #1567615
* ocfs2/dlm: fix race between convert and recovery
- LP: #1567615
* ocfs2/dlm: fix BUG in dlm_move_lockres_to_recovery_list
- LP: #1567615
* clk: xgene: Add missing parenthesis when clearing divider value
- LP: #1567615
* ppp: take reference on channels netns
- LP: #1567615
* mdio-sun4i: oops in error handling in probe
- LP: #1567615
* net: Fix use after free in the recvmmsg exit path
- LP: #1567615
* ethernet: micrel: fix some error codes
- LP: #1567615
* misc/bmp085: Enable building as a module
- LP: #1567615
* net/mlx5: Make command timeout way shorter
- LP: #1567615
* ipvs: correct initial offset of Call-ID header search in SIP
persistence engine
- LP: #1567615
* ath9k: fix buffer overrun for ar9287
- LP: #1567615
* mtd: map: fix .set_vpp() documentation
- LP: #1567615
* ARM: OMAP3: Add cpuidle parameters table for omap3430
- LP: #1567615
* rtc: vr41xx: Wire up alarm_irq_enable
- LP: #1567615
* sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a
race
- LP: #1567615
* ipv4: fix broadcast packets reception
- LP: #1567615
* lpfc: fix misleading indentation
- LP: #1567615
* ASoC: s3c24xx: use const snd_soc_component_driver pointer
- LP: #1567615
* kbuild/mkspec: fix grub2 installkernel issue
- LP: #1567615
* paride: make 'verbose' parameter an 'int' again
- LP: #1567615
* ppp: ensure file->private_data can't be overridden
- LP: #1567615
* clk: versatile: sp810: support reentrance
- LP: #1567615
* drivers/misc/ad525x_dpot: AD5274 fix RDAC read back errors
- LP: #1567615
* perf stat: Document --detailed option
- LP: #1567615
* x86/iopl/64: Properly context-switch IOPL on Xen PV
- LP: #1567615
* Linux 3.13.11-ckt38
- LP: #1567615
* drm/radeon: add a dpm quirk for sapphire Dual-X R7 370 2G D5
- LP: #1571041
* hwmon: (max1111) Return -ENODEV from max1111_read_channel if not
instantiated
- LP: #1571041
* drm/radeon: add another R7 370 quirk
- LP: #1571041
* usb: renesas_usbhs: avoid NULL pointer derefernce in
usbhsf_pkt_handler()
- LP: #1571041
* usb: renesas_usbhs: disable TX IRQ before starting TX DMAC transfer
- LP: #1571041
* USB: mct_u232: add sanity checking in probe
- LP: #1571041
- CVE-2016-3136
* USB: cypress_m8: add endpoint sanity check
- LP: #1571041
- CVE-2016-3137
* USB: digi_acceleport: do sanity checking for the number of ports
- LP: #1571041
* ALSA: timer: Use mod_timer() for rearming the system timer
- LP: #1571041
* mm: fix invalid node in alloc_migrate_target()
- LP: #1571041
* iio: st_magn: always define ST_MAGN_TRIGGER_SET_STATE
- LP: #1571041
* USB: serial: ftdi_sio: Add support for ICP DAS I-756xU devices
- LP: #1571041
* USB: serial: cp210x: Adding GE Healthcare Device ID
- LP: #1571041
* USB: option: add "D-Link DWM-221 B1" device id
- LP: #1571041
* parisc: Avoid function pointers for kernel exception routines
- LP: #1571041
* ip6_tunnel: set rtnl_link_ops before calling register_netdevice
- LP: #1571041
* Linux 3.13.11-ckt39
- LP: #1571041
* include/linux/poison.h: fix LIST_POISON{1,2} offset
- LP: #1561389
- CVE-2016-0821
* ipv4: Don't do expensive useless work during inetdev destroy.
- LP: #1558847
- CVE-2016-3156
-- Kamal Mostafa <kamal@xxxxxxxxxxxxx> Mon, 18 Apr 2016 09:03:12 -0700
** Changed in: linux-lts-vivid (Ubuntu Trusty)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-vivid in Ubuntu.
https://bugs.launchpad.net/bugs/1556264
Title:
[Hyper-V] vmbus: Fix a bug in hv_need_to_signal_on_read()
Status in linux package in Ubuntu:
Fix Released
Status in linux-lts-vivid package in Ubuntu:
Fix Committed
Status in linux source package in Trusty:
Fix Released
Status in linux-lts-vivid source package in Trusty:
Fix Released
Status in linux source package in Wily:
Fix Released
Status in linux source package in Xenial:
Fix Released
Bug description:
The following patch has been submitted upstream in response to
investigation of customer issues with network connections hanging
under high load.
On the consumer side, we have interrupt driven flow management of the
producer. It is sufficient to base the signalling decision on the
amount of space that is available to write after the read is complete.
The current code samples the previous available space and uses this in
making the signalling decision. This state can be stale and is
unnecessary. Since the state can be stale, we end up not signalling
the host (when we should) and this can result in a hang. Fix this
problem by removing the unnecessary check.
I would like to thank Arseney Romanenko <arseneyr@xxxxxxxxxxxxx>
for pointing out this bug.
Signed-off-by: K. Y. Srinivasan <kys@xxxxxxxxxxxxx>
Tested-by: Dexuan Cui <decui@xxxxxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
---
drivers/hv/ring_buffer.c | 7 +++----
1 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/drivers/hv/ring_buffer.c b/drivers/hv/ring_buffer.c
index 5613e2b..085003a 100644
--- a/drivers/hv/ring_buffer.c
+++ b/drivers/hv/ring_buffer.c
@@ -103,8 +103,7 @@ static bool hv_need_to_signal(u32 old_write, struct hv_ring_buffer_info *rbi)
* there is room for the producer to send the pending packet.
*/
-static bool hv_need_to_signal_on_read(u32 prev_write_sz,
- struct hv_ring_buffer_info *rbi)
+static bool hv_need_to_signal_on_read(struct hv_ring_buffer_info *rbi)
{
u32 cur_write_sz;
u32 r_size;
@@ -120,7 +119,7 @@ static bool hv_need_to_signal_on_read(u32 prev_write_sz,
cur_write_sz = write_loc >= read_loc ? r_size - (write_loc - read_loc) :
read_loc - write_loc;
- if ((prev_write_sz < pending_sz) && (cur_write_sz >= pending_sz))
+ if (cur_write_sz >= pending_sz)
return true;
return false;
@@ -455,7 +454,7 @@ int hv_ringbuffer_read(struct hv_ring_buffer_info *inring_info,
/* Update the read index */
hv_set_next_read_location(inring_info, next_read_location);
- *signal = hv_need_to_signal_on_read(bytes_avail_towrite, inring_info);
+ *signal = hv_need_to_signal_on_read(inring_info);
return ret;
}
We have customers who are encountering this issue. Although this patch
is not yet accepted upstream, we would like to get them a test kernel
as soon as we can.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1556264/+subscriptions
References
