← Back to team overview

kernel-packages team mailing list archive

[Bug 1498602] Status changed to Confirmed

 

This change was made by a bot.

** Changed in: linux (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1498602

Title:
  kernel crash apparently involving telepathy

Status in linux package in Ubuntu:
  Confirmed

Bug description:
  http://askubuntu.com/questions/677032/what-caused-this-crash-shown-in-
  syslog

  Sep 21 12:38:02 pratchett org.freedesktop.Telepathy.AccountManager[2233]: (process:2488): GLib-GIO-WARNING **: netlink message was truncated; shouldn't happen...
  Sep 21 12:38:02 pratchett kernel: [45277.692643] BUG: unable to handle kernel NULL pointer dereference at           (null)
  Sep 21 12:38:02 pratchett kernel: [45277.692685] IP: [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
  Sep 21 12:38:02 pratchett kernel: [45277.692714] PGD 877fe067 PUD 0 
  Sep 21 12:38:02 pratchett kernel: [45277.692731] Oops: 0002 [#1] SMP 
  Sep 21 12:38:02 pratchett kernel: [45277.692748] Modules linked in: xt_conntrack ipt_REJECT nf_reject_ipv4 ebtable_filter ebtables ip6table_filter ip6_tables pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) ctr ccm xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter ip_tables x_tables binfmt_misc rfcomm bnep dell_wmi sparse_keymap dell_laptop dcdbas snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic dm_multipath scsi_dh intel_rapl iosf_mbi snd_hda_intel x86_pkg_temp_thermal intel_powerclamp snd_hda_controller coretemp snd_hda_codec arc4 kvm_intel snd_hwdep kvm crct10dif_pclmul ath9k crc32_pclmul snd_pcm ath9k_common uvcvideo ghash_clmulni_intel videobuf2_vmalloc videobuf2_memops ath9k_hw videobuf2_core v4l2_common videodev aesni_intel ath media aes_x86_64 lrw gf128mul snd_seq_midi glue_helper snd_seq_midi_event ablk_helper cryptd mac80211 ath3k btusb snd_rawmidi joydev bluetooth serio_raw snd_seq cfg80211 snd_seq_device snd_timer lpc_ich snd soundcore shpchp mei_me mei mac_hid parport_pc ppdev lp parport autofs4 btrfs xor raid6_pq hid_generic usbhid hid i915 i2c_algo_bit drm_kms_helper psmouse drm ahci libahci wmi video
  Sep 21 12:38:02 pratchett kernel: [45277.693306] CPU: 2 PID: 9668 Comm: Chrome_ChildIOT Tainted: G           OE  3.19.0-29-generic #31-Ubuntu
  Sep 21 12:38:02 pratchett kernel: [45277.693345] Hardware name: Dell Inc.          Dell System XPS L322X/0PJHXN, BIOS A09 05/15/2013
  Sep 21 12:38:02 pratchett kernel: [45277.693383] task: ffff8801bf7489d0 ti: ffff8801f8c4c000 task.ti: ffff8801f8c4c000
  Sep 21 12:38:02 pratchett kernel: [45277.693426] RIP: 0010:[<ffffffff816ad857>]  [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
  Sep 21 12:38:02 pratchett kernel: [45277.693462] RSP: 0018:ffff8801f8c4fb38  EFLAGS: 00010046
  Sep 21 12:38:02 pratchett kernel: [45277.693493] RAX: 0000000000000292 RBX: ffff8801c1ddb510 RCX: 0000000000000000
  Sep 21 12:38:02 pratchett kernel: [45277.693533] RDX: 0000000000000000 RSI: 0000000000000292 RDI: ffff8801c1ddb524
  Sep 21 12:38:02 pratchett kernel: [45277.693574] RBP: ffff8801f8c4fb58 R08: 0000000000000300 R09: ffff880236c03600
  Sep 21 12:38:02 pratchett kernel: [45277.693605] R10: 0000000000000292 R11: ffff8801f8c4ffd8 R12: ffff8801c1ddb510
  Sep 21 12:38:02 pratchett kernel: [45277.693635] R13: ffff8801c1ddb524 R14: ffff8801c1ddb480 R15: ffff8801c1ddaa00
  Sep 21 12:38:02 pratchett kernel: [45277.693666] FS:  00007fb4c2de3700(0000) GS:ffff88023f280000(0000) knlGS:0000000000000000
  Sep 21 12:38:02 pratchett kernel: [45277.693700] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  Sep 21 12:38:02 pratchett kernel: [45277.693724] CR2: 0000000000000000 CR3: 00000001724bf000 CR4: 00000000001407e0
  Sep 21 12:38:02 pratchett kernel: [45277.693754] Stack:
  Sep 21 12:38:02 pratchett kernel: [45277.693763]  0000000000000000 000000000000001c 0000000000000000 ffff8801c1ddb510
  Sep 21 12:38:02 pratchett kernel: [45277.693796]  ffff8801f8c4fc18 ffffffff81762ce4 ffff880200000000 ffff8801c1ddb510
  Sep 21 12:38:02 pratchett kernel: [45277.693837]  ffff8801f8c4ff08 ffff8801f8c4fc88 0000001c0000001c 000000000000001c
  Sep 21 12:38:02 pratchett kernel: [45277.693870] Call Trace:
  Sep 21 12:38:02 pratchett kernel: [45277.693889]  [<ffffffff81762ce4>] unix_stream_sendmsg+0x1e4/0x450
  Sep 21 12:38:02 pratchett kernel: [45277.693917]  [<ffffffff816a584c>] do_sock_sendmsg+0x8c/0x100
  Sep 21 12:38:02 pratchett kernel: [45277.693942]  [<ffffffff816a51ec>] ? copy_msghdr_from_user+0x15c/0x210
  Sep 21 12:38:02 pratchett kernel: [45277.693971]  [<ffffffff816a5ea8>] ___sys_sendmsg+0x348/0x360
  Sep 21 12:38:02 pratchett kernel: [45277.693997]  [<ffffffff811fdcb0>] ? pipe_read+0x300/0x340
  Sep 21 12:38:02 pratchett kernel: [45277.694022]  [<ffffffff811f46de>] ? new_sync_read+0x7e/0xb0
  Sep 21 12:38:02 pratchett kernel: [45277.694047]  [<ffffffff8112c792>] ? seccomp_phase1+0x92/0x270
  Sep 21 12:38:02 pratchett kernel: [45277.694073]  [<ffffffff816a65c2>] __sys_sendmsg+0x42/0x80
  Sep 21 12:38:02 pratchett kernel: [45277.694097]  [<ffffffff816a6612>] SyS_sendmsg+0x12/0x20
  Sep 21 12:38:02 pratchett kernel: [45277.694121]  [<ffffffff817cbe4d>] system_call_fastpath+0x16/0x1b
  Sep 21 12:38:02 pratchett kernel: [45277.694147] Code: 8d 6f 14 41 54 53 48 89 fb 4c 89 ef 49 89 f4 48 83 ec 08 e8 9c de 11 00 48 8b 53 08 49 89 1c 24 4c 89 ef 48 89 c6 49 89 54 24 08 <4c> 89 22 83 43 10 01 4c 89 63 08 e8 59 dd 11 00 48 83 c4 08 5b 
  Sep 21 12:38:02 pratchett kernel: [45277.694274] RIP  [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
  Sep 21 12:38:02 pratchett kernel: [45277.694308]  RSP <ffff8801f8c4fb38>

  
  That is a kernel bug -- no action any program can take should ever lead to a kernel panic.

  Judging from the stack trace:

  Telepathy sends a message, using the sendmsg system call, on a socket of type PF_UNIX.
  The process doing that is inside a seccomp compartment, i.e. does not have direct system access, so the system call is handled by marshalling the arguments to a data structure, and sending them to another process (so that process can look at whether the access is allowed, implementing more complex policies than what the kernel allows).
  The message is appended to the socket that will transport it to the program handling this.
  During this append operation, an invalid pointer is found. This can happen if a data structure is uninitialized, but this is certainly a kernel bug if there is a code path that can leave an uninitialized structure somewhere where it would be expected to be valid.

  The second error is a repeat of the first -- the data structure didn't
  get any better in the meantime.

  I'd report this as a bug against the kernel package that you are
  using, in this case linux-image-3.19.0-29-generic. If the problem can
  be reproduced, please include instructions to do so.

  This appears to be a weird interaction between Chrome and Telepathy
  that might itself warrant investigation, but the primary issue is that
  there is a way to reach an invalid state, and that should never
  happen.

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: linux-image-3.19.0-29-generic 3.19.0-29.31
  ProcVersionSignature: Ubuntu 3.19.0-29.31-generic 3.19.8-ckt6
  Uname: Linux 3.19.0-29-generic x86_64
  ApportVersion: 2.17.2-0ubuntu1.4
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  fred       2638 F.... pulseaudio
  CurrentDesktop: Unity
  Date: Tue Sep 22 13:39:21 2015
  DistributionChannelDescriptor:
   # This is a distribution channel descriptor
   # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-somerville-precise-amd64-20120703-2
  HibernationDevice: RESUME=UUID=7d5dc495-ada4-4ace-9665-639b9152a33d
  InstallationDate: Installed on 2013-08-21 (762 days ago)
  InstallationMedia: Ubuntu 12.04 "Precise" - Build amd64 LIVE Binary 20120703-15:08
  MachineType: Dell Inc. Dell System XPS L322X
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-29-generic root=UUID=0a96aa74-804d-4bdc-a152-9de72390e1e3 ro quiet splash vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.19.0-29-generic N/A
   linux-backports-modules-3.19.0-29-generic  N/A
   linux-firmware                             1.143.3
  SourcePackage: linux
  UpgradeStatus: Upgraded to vivid on 2015-04-24 (150 days ago)
  dmi.bios.date: 05/15/2013
  dmi.bios.vendor: Dell Inc.
  dmi.bios.version: A09
  dmi.board.name: 0PJHXN
  dmi.board.vendor: Dell Inc.
  dmi.board.version: A00
  dmi.chassis.type: 8
  dmi.chassis.vendor: Dell Inc.
  dmi.chassis.version: 0.1
  dmi.modalias: dmi:bvnDellInc.:bvrA09:bd05/15/2013:svnDellInc.:pnDellSystemXPSL322X:pvr:rvnDellInc.:rn0PJHXN:rvrA00:cvnDellInc.:ct8:cvr0.1:
  dmi.product.name: Dell System XPS L322X
  dmi.sys.vendor: Dell Inc.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1498602/+subscriptions


References