kernel-packages team mailing list archive

Thread
Date
[Bug 1556562] Missing required logs.

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Brad Figg <brad.figg@xxxxxxxxxxxxx>
Date: Wed, 23 Mar 2016 16:00:08 -0000
Reply-to: Bug 1556562 <1556562@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:

apport-collect 1556562

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.

** Changed in: linux (Ubuntu)
       Status: New => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1556562

Title:
  VIA C7-D machine "kernel NULL pointer dereference" in
  skcipher_recvmsg_async

Status in linux package in Ubuntu:
  Incomplete
Status in linux source package in Wily:
  In Progress

Bug description:
  I'm working on an Lubuntu 15 machine. It was chosen because it
  supports VIA C7-D processor and the VIA PM400 chipset without crashing
  (also see ). Lubuntu 15 uses the 4.2 kernel:

    $ lsb_release -a
    No LSB modules are available.
    Distributor ID:	Ubuntu
    Description:	Ubuntu 15.10
    Release:	15.10
    Codename:	wily

  And:

    $ uname -a
    Linux via 4.2.0-30-generic #36-Ubuntu SMP Fri Feb 26 00:57:19 UTC 2016 i686 i686 i686 GNU/Linux

  When running a particular program (details below), it hangs in syscall
  248 and results in the following dmesg/syslog output. The process
  cannot be killed, the machine does not respond to a 'shutdown -r now',
  and the machine requires a hard reset.

  ...
  [ 4505.429577] BUG: unable to handle kernel NULL pointer dereference at 00000008
  [ 4505.429593] IP: [<f8a6ccf2>] skcipher_recvmsg_async.isra.13+0x4b2/0x500 [algif_skcipher]
  [ 4505.429607] *pdpt = 0000000034ee3001 *pde = 0000000000000000 
  [ 4505.429614] Oops: 0000 [#3] SMP 
  [ 4505.429621] Modules linked in: jitterentropy_rng drbg ansi_cprng algif_skcipher af_alg snd_hda_codec_realtek snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep snd_pcm snd_seq_midi snd_seq_midi_event snd_rawmidi padlock_sha snd_seq padlock_aes snd_seq_device via_cputemp snd_timer hwmon_vid via_rng snd input_leds serio_raw soundcore i2c_viapro shpchp 8250_fintek mac_hid parport_pc ppdev lp parport autofs4 pata_acpi hid_generic usbhid hid psmouse r8169 pata_via sata_via mii
  [ 4505.429689] CPU: 0 PID: 1532 Comm: afalgtest Tainted: G      D         4.2.0-30-generic #36-Ubuntu
  [ 4505.429695] Hardware name: To Be Filled By O.E.M. To Be Filled By O.E.M./Weibu, BIOS 080014  11/17/2011
  [ 4505.429700] task: f4e0e040 ti: f4e3c000 task.ti: f4e3c000
  [ 4505.429705] EIP: 0060:[<f8a6ccf2>] EFLAGS: 00010202 CPU: 0
  [ 4505.429712] EIP is at skcipher_recvmsg_async.isra.13+0x4b2/0x500 [algif_skcipher]
  [ 4505.429717] EAX: f3f97c00 EBX: f3f3ee00 ECX: f3f97c00 EDX: 00000000
  [ 4505.429722] ESI: f3f3ee00 EDI: 00000ff0 EBP: f4e3ddc8 ESP: f4e3dd70
  [ 4505.429726]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
  [ 4505.429731] CR0: 80050033 CR2: 00000008 CR3: 3247a520 CR4: 000006b0
  [ 4505.429735] Stack:
  [ 4505.429738]  f3f97df4 f3f97c00 f3f97de0 00000000 f3f97c04 00000020 f4e3dd00 00000018
  [ 4505.429750]  00001ff0 f3fb4400 f3f97c04 00000ff0 f4e3de40 f3f97de8 f4e3de38 f3fa0000
  [ 4505.429761]  00000002 00000002 f3f97c00 f1f58180 c1210510 f4e3de38 f4e3ddf4 f8a6cd6b
  [ 4505.429772] Call Trace:
  [ 4505.429788]  [<c1210510>] ? free_ioctx_users+0xa0/0xa0
  [ 4505.429795]  [<f8a6cd6b>] skcipher_recvmsg+0x2b/0x1f0 [algif_skcipher]
  [ 4505.429803]  [<f8a6c71a>] ? skcipher_check_key.isra.8+0x2a/0xb0 [algif_skcipher]
  [ 4505.429810]  [<f8a6cf61>] skcipher_recvmsg_nokey+0x31/0x40 [algif_skcipher]
  [ 4505.429820]  [<c164e1fd>] sock_recvmsg+0x3d/0x50
  [ 4505.429826]  [<c164e294>] sock_read_iter+0x84/0xd0
  [ 4505.429833]  [<c164e210>] ? sock_recvmsg+0x50/0x50
  [ 4505.429839]  [<c12108b0>] aio_run_iocb+0x110/0x2c0
  [ 4505.429846]  [<c164e210>] ? sock_recvmsg+0x50/0x50
  [ 4505.429854]  [<c1767b8f>] ? error_code+0x67/0x6c
  [ 4505.429865]  [<c11b25e4>] ? kmem_cache_alloc+0x1b4/0x1e0
  [ 4505.429875]  [<c11e5112>] ? __fdget+0x12/0x20
  [ 4505.429881]  [<c121168f>] do_io_submit+0x1ef/0x4a0
  [ 4505.429893]  [<c12ddd2f>] ? security_file_alloc+0x2f/0x50
  [ 4505.429900]  [<c1211960>] SyS_io_submit+0x20/0x30
  [ 4505.429911]  [<c176695f>] sysenter_do_call+0x12/0x12
  [ 4505.429915] Code: 00 00 00 75 24 8b 45 ac ff 52 0c 89 c7 83 ff 8d 75 8f 8b 45 e4 3e ff 80 fc 01 00 00 bf ef fd ff ff e9 62 fc ff ff 8d 76 00 89 c8 <ff> 52 08 89 c7 eb db 8b 45 e4 31 d2 8b 80 20 02 00 00 8b 58 1c
  [ 4505.429982] EIP: [<f8a6ccf2>] skcipher_recvmsg_async.isra.13+0x4b2/0x500 [algif_skcipher] SS:ESP 0068:f4e3dd70
  [ 4505.429991] CR2: 0000000000000008
  [ 4505.429997] ---[ end trace 3cce7cc6be0ad960 ]---

  **********

  The process details is this is a failed self test for the upcoming
  OpenSSL 1.1.0. The OpenSSL RT bug report for this issue is at
  http://rt.openssl.org/Ticket/Display.html?id=4411. Two attempts to
  debug it resulted in two hung processes:

  $ ps -A | grep afalgtest
  1030 pts/0    00:00:00 afalgtest
  1196 pts/0    00:00:00 afalgtest

  And:

  via:test$ sudo cat /proc/1030/syscall 
  248 0xb7fd6000 0x1 0xbfff98d4 0xb7fb9270 0xbfff98e0 0xb7ec45f7 0xbfff986c 0xb7fdbbe8
  via:test$ sudo cat /proc/1196/syscall 
  248 0xb7fd6000 0x1 0xbfff98d4 0xb7fb9270 0xbfff98e0 0xb7ec45f7 0xbfff986c 0xb7fdbbe8

  Its not clear to me what that particular syscall is:

  $ cat /usr/include/asm-generic/unistd.h
  ...
  /*
   * Architectures may provide up to 16 syscalls of their own
   * starting with this value.
   */
  #define __NR_arch_specific_syscall 244

  #define __NR_wait4 260
  __SC_COMP(__NR_wait4, sys_wait4, compat_sys_wait4)
  #define __NR_prlimit64 261
  __SYSCALL(__NR_prlimit64, sys_prlimit64)
  #define __NR_fanotify_init 262
  __SYSCALL(__NR_fanotify_init, sys_fanotify_init)
  #define __NR_fanotify_mark 263
  ...

  **********

  If interested, you should be able to duplicate it with the following.
  That's resuming you have the hardware.

  $ git clone git://git.openssl.org/openssl.git
  $ cd openssl

  $ ./config -d
  $ make
  $ make test/afalgtest
  $ cd test
  $ OPENSSL_ENGINES=../engines/afalg gdb ./afalgtest

  **********

  In this case, the hardware was selected for the VIA C7-D processor and
  the Padlock engine. Its relatively low-end, and can be found at
  http://www.amazon.com/gp/product/B01AXR2KBQ.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1556562/+subscriptions