Difference between revisions of "Kernel bugs"

From CRIU
Jump to navigation Jump to search
 
(23 intermediate revisions by 2 users not shown)
Line 1: Line 1:
We have the [https://ci.openvz.org/job/CRIU/view/All/job/CRIU-linux-next/ CRIU-linux-next] job to check all kernel changes before they move into the upstream kernel.
+
We have implemented [[Continuous integration#Kernel testing]] to check if any recent kernel changes break CRIU, to catch those before they appear in the vanilla kernel. This article documents Linux kernel bugs found using this method.
  
 
== Found bugs ==
 
== Found bugs ==
  
This table lists the linux-next kernel bugs found using CI.
+
Note that the list is probably incomplete; there were a few bugs found and fixed before we cared to document it here.
 
 
Note that the list is incomplete; there were about a dozen bugs found and fixed before we started documenting it here.
 
  
 
{| class="wikitable sortable"
 
{| class="wikitable sortable"
 
! Date
 
! Date
 
! Bug description
 
! Bug description
 +
|-
 +
|20140924
 +
| [https://lkml.org/lkml/2014/9/24/328 linux-next: cgroup_mount() falls asleep forever]
 
|-
 
|-
 
|20150316
 
|20150316
Line 15: Line 16:
 
|-
 
|-
 
|20150928
 
|20150928
|skbuff: Fix skb checksum partial check.
+
|skbuff: Fix skb checksum partial check
 
|-
 
|-
 
|20160512
 
|20160512
 
| kernfs: kernfs_sop_show_path: don't return 0 after seq_dentry call
 
| kernfs: kernfs_sop_show_path: don't return 0 after seq_dentry call
 +
|-
 +
|20160531
 +
| [http://www.spinics.net/lists/autofs/msg01174.html autofs: don't stuck in a loop if vfs_write returns an error]
 
|-
 
|-
 
|20161024
 
|20161024
Line 39: Line 43:
 
|-
 
|-
 
|20170321
 
|20170321
|[https://lkml.org/lkml/2017/3/20/1075 linux-next: x86: Unalbe to run x32 processes on the x86_64 kernel]
+
|[https://lkml.org/lkml/2017/3/20/1075 linux-next: x86: Unable to run x32 processes on the x86_64 kernel]
 +
|-
 +
| 20170417
 +
| [https://lkml.org/lkml/2017/4/14/472 Re: cgroup: avoid attaching a cgroup root to two different superblocks]
 +
|-
 +
|20170419
 +
| [https://lkml.org/lkml/2017/4/19/674 Re: irq/affinity: Fix extra vecs calculation]
 +
|-
 +
|20170609
 +
| [https://patchwork.kernel.org/patch/9776857/ fs: don't forget to put old mntns in mntns_install]
 +
|-
 +
| 20170524
 +
| [https://patchwork.kernel.org/patch/9812791/ linux-next: BUG: Bad page state in process ip6tables-save pfn:1499f4]
 +
|-
 +
|20170516
 +
| [https://www.mail-archive.com/netdev@vger.kernel.org/msg168631.html <nowiki>Re: [net-next,v2,1/3] net/sock: factor out dequeue/peek with offset code</nowiki>]
 +
|-
 +
|20170628
 +
| [https://patchwork.ozlabs.org/patch/770887/ netfilter: nf_ct_dccp/sctp: fix memory leak after netns cleanup]
 +
|-
 +
| 20170629
 +
| [https://lkml.org/lkml/2017/6/29/710 BUG: Dentry ffff9f795a08fe60{i=af565f,n=lo} still in use (1) unmount of proc proc]
 +
|-
 +
| 20170629
 +
|[https://www.spinics.net/lists/cgroups/msg17666.html kmemleaks reports a lot of cases around memcg_create_kmem_cache]
 +
|-
 +
| 20170831
 +
|[https://patchwork.kernel.org/patch/9933787/ tip:x86/apic x86/idt: Fix the X86_TRAP_BP gate]
 +
|-
 +
| 20171008
 +
|[https://www.mail-archive.com/netdev@vger.kernel.org/msg192535.html net-next: WARNING: CPU: 0 PID: 1544 at net/ipv4/tcp_input.c:889]
 +
|-
 +
| 20171019
 +
| [https://patchwork.kernel.org/patch/10018129/ x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit]
 +
|-
 +
| 20171018
 +
| [https://www.spinics.net/lists/kernel/msg2628938.html pid: Replace pid bitmap implementation with IDR API]
 +
|-
 +
| 20171218
 +
| [https://lkml.org/lkml/2017/12/18/1278 Re: 2/2 fs, elf: drop MAP_FIXED usage from ...]
 +
|-
 +
| 20171220
 +
|[https://www.spinics.net/lists/kernel/msg2681576.html Re: virtio: make VIRTIO a menuconfig to ease disabling it all]
 +
|-
 +
|20180212
 +
|[https://lkml.org/lkml/2018/2/13/25 Re: [tip:x86/boot] x86/boot/compressed/64: Handle 5-level paging boot if kernel is above 4G]
 +
|-
 +
| 20180330
 +
| [https://lkml.org/lkml/2018/3/30/623 autofs4: use wake_up() instead of wake_up_interruptible]
 +
|-
 +
| 20180330
 +
| [https://lkml.org/lkml/2018/3/30/592 Re: 03/10 genksyms: generate lexer and parser during build instead of shipping]
 +
|-
 +
| 20180104
 +
| [https://lkml.org/lkml/2018/4/4/804 Re: v8, 11/18 mm, dax: enable filesystems to trigger dev_pagemap ->page_free callbacks]
 +
|-
 +
| 20180515
 +
| [https://www.spinics.net/lists/netdev/msg502456.html linux-next: BUG: KASAN: use-after-free in tun_chr_close]
 +
|-
 +
| 20180504
 +
| [https://www.spinics.net/lists/linux-mm/msg151667.html Re: mm: access to uninitialized struct page]
 +
|-
 +
| 20180606
 +
| [https://www.spinics.net/lists/netdev/msg507122.html net: do not allow changing SO_REUSEADDR/SO_REUSEPORT on bound sockets]
 +
|-
 +
|20180608
 +
| [https://lkml.org/lkml/2018/6/8/439 kconfig: reference environment variables directly and remove 'option env=']
 +
|-
 +
|20180607
 +
| [https://patchwork.kernel.org/patch/10434075/ vmsplice: lift import_iovec() into do_vmsplice()]
 +
|-
 +
|20180618
 +
| [https://lkml.org/lkml/2018/6/18/1425 proc: Add fs_context support to procfs]
 +
|-
 +
|20180622
 +
| [https://lkml.org/lkml/2018/6/22/518 kernfs, sysfs, cgroup, intel_rdt: Support fs_context ]
 +
|-
 +
|20180816
 +
|[https://patchwork.kernel.org/patch/10567109/ dhowells/mount-api: proc: set a proper user namespace for fs_context]
 +
|-
 +
| 20180906
 +
| [https://www.spinics.net/lists/linux-fsdevel/msg131986.html dhowells/mount-api: fs: return -ENOPARAM from security_fs_context_parse_param by default]
 +
|-
 +
| 20180910
 +
| [https://www.spinics.net/lists/linux-fsdevel/msg131937.html dhowells/mount-api: general protection fault in mqueue_get_tree]
 
|}
 
|}
  
 
[[Category:Testing]]
 
[[Category:Testing]]
 +
 +
== See also ==
 +
 +
* [[Continuous integration]]

Latest revision as of 00:34, 14 September 2018

We have implemented Continuous integration#Kernel testing to check if any recent kernel changes break CRIU, to catch those before they appear in the vanilla kernel. This article documents Linux kernel bugs found using this method.

Found bugs[edit]

Note that the list is probably incomplete; there were a few bugs found and fixed before we cared to document it here.

Date Bug description
20140924 linux-next: cgroup_mount() falls asleep forever
20150316 tcp_metrics: fix wrong lockdep annotations
20150928 skbuff: Fix skb checksum partial check
20160512 kernfs: kernfs_sop_show_path: don't return 0 after seq_dentry call
20160531 autofs: don't stuck in a loop if vfs_write returns an error
20161024 mm: Add a user_ns owner to mm_struct and fix ptrace_may_access
20161114 BUG: unable to handle kernel NULL pointer dereference in __sk_mem_raise_allocated()
20161114 linux-next: net->netns_ids is used after calling idr_destroy for it
20170124 seccomp: dump core when using SECCOMP_RET_KILL
20170310 linux-next: WARNING: CPU: 1 PID: 24110 at fs/dcache.c:1445 umount_check+0x81/0x90
20170310 linux-next: WARNING: CPU: 0 PID: 1 at lib/refcount.c:114 refcount_inc+0x37/0x40
20170321 linux-next: x86: Unable to run x32 processes on the x86_64 kernel
20170417 Re: cgroup: avoid attaching a cgroup root to two different superblocks
20170419 Re: irq/affinity: Fix extra vecs calculation
20170609 fs: don't forget to put old mntns in mntns_install
20170524 linux-next: BUG: Bad page state in process ip6tables-save pfn:1499f4
20170516 Re: [net-next,v2,1/3] net/sock: factor out dequeue/peek with offset code
20170628 netfilter: nf_ct_dccp/sctp: fix memory leak after netns cleanup
20170629 BUG: Dentry ffff9f795a08fe60{i=af565f,n=lo} still in use (1) unmount of proc proc
20170629 kmemleaks reports a lot of cases around memcg_create_kmem_cache
20170831 tip:x86/apic x86/idt: Fix the X86_TRAP_BP gate
20171008 net-next: WARNING: CPU: 0 PID: 1544 at net/ipv4/tcp_input.c:889
20171019 x86/unwind: Make CONFIG_UNWINDER_ORC=y the default in kconfig for 64-bit
20171018 pid: Replace pid bitmap implementation with IDR API
20171218 Re: 2/2 fs, elf: drop MAP_FIXED usage from ...
20171220 Re: virtio: make VIRTIO a menuconfig to ease disabling it all
20180212 Re: [tip:x86/boot x86/boot/compressed/64: Handle 5-level paging boot if kernel is above 4G]
20180330 autofs4: use wake_up() instead of wake_up_interruptible
20180330 Re: 03/10 genksyms: generate lexer and parser during build instead of shipping
20180104 Re: v8, 11/18 mm, dax: enable filesystems to trigger dev_pagemap ->page_free callbacks
20180515 linux-next: BUG: KASAN: use-after-free in tun_chr_close
20180504 Re: mm: access to uninitialized struct page
20180606 net: do not allow changing SO_REUSEADDR/SO_REUSEPORT on bound sockets
20180608 kconfig: reference environment variables directly and remove 'option env='
20180607 vmsplice: lift import_iovec() into do_vmsplice()
20180618 proc: Add fs_context support to procfs
20180622 kernfs, sysfs, cgroup, intel_rdt: Support fs_context
20180816 dhowells/mount-api: proc: set a proper user namespace for fs_context
20180906 dhowells/mount-api: fs: return -ENOPARAM from security_fs_context_parse_param by default
20180910 dhowells/mount-api: general protection fault in mqueue_get_tree

See also[edit]