kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #184923
[Bug 1594402] [NEW] On function vmacache_find issue.
Public bug reported:
This is verry bad on file mm/vmacache.c function vmacache_find try to run with nonexistent pointer.
result of perl report is bellow:
vmacache_find /proc/kcore
│ ◆
│ ▒
│ ▒
│ Disassembly of section load0: ▒
│ ▒
│ ffffffff811b87c0 <load0>: ▒
│ nop ▒
│ mov %gs:0xd3c0,%rcx ▒
│ xor %eax,%eax ▒
│ cmp 0x380(%rcx),%rdi ▒
20,00 │ ↓ je 1a ▒
│19: ← retq ▒
│1a: testb $0x20,0x16(%rcx) ▒
20,00 │ ↓ je 22 ▒
│ repz retq ▒
│22: mov 0x10(%rdi),%edx ▒
20,00 │ cmp 0x390(%rcx),%edx ▒
│ ↓ je 60 ▒
│ mov %edx,0x390(%rcx) ▒
│ movq $0x0,0x398(%rcx) ▒
│ movq $0x0,0x3a0(%rcx) ▒
│ movq $0x0,0x3a8(%rcx) ▒
│ movq $0x0,0x3b0(%rcx) ▒
│ ← retq ▒
│60: xor %edx,%edx ▒
│62: movslq %edx,%rax ▒
│ mov 0x398(%rcx,%rax,8),%rax ▒
│ test %rax,%rax ▒
│ ↓ je 83 ▒
20,00 │ cmp 0x40(%rax),%rdi ▒
20,00 │ ↓ jne 8e ▒
│ cmp %rsi,(%rax) ▒
│ ↓ ja 83 ▒
│ cmp 0x8(%rax),%rsi ▒
│ ↑ jb 19
This bug have negative impact on players running on browser firefox and
icrease latency of multiple media applications
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-24-generic 4.4.0-24.43
ProcVersionSignature: Ubuntu 4.4.0-24.43-generic 4.4.10
Uname: Linux 4.4.0-24-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/pcmC0D0p: asu 3110 F...m pulseaudio
/dev/snd/controlC0: asu 3110 F.... pulseaudio
CurrentDesktop: MATE
Date: Mon Jun 20 17:01:20 2016
InstallationDate: Installed on 2016-04-29 (52 days ago)
InstallationMedia: Ubuntu-Studio 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
IwConfig:
lo no wireless extensions.
enp1s0 no wireless extensions.
MachineType: Olidata S.p.A. ALABAMA
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-24-generic root=/dev/mapper/192--168--0--108--vg-root ro
RelatedPackageVersions:
linux-restricted-modules-4.4.0-24-generic N/A
linux-backports-modules-4.4.0-24-generic N/A
linux-firmware 1.157
RfKill:
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/08/2008
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: S0101
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: To be filled by O.E.M.
dmi.board.vendor: To be filled by O.E.M.
dmi.board.version: To be filled by O.E.M.
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: To Be Filled By O.E.M.
dmi.chassis.version: To Be Filled By O.E.M.
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrS0101:bd07/08/2008:svnOlidataS.p.A.:pnALABAMA:pvrToBeFilledByO.E.M.:rvnTobefilledbyO.E.M.:rnTobefilledbyO.E.M.:rvrTobefilledbyO.E.M.:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
dmi.product.name: ALABAMA
dmi.product.version: To Be Filled By O.E.M.
dmi.sys.vendor: Olidata S.p.A.
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug xenial
** Patch added: "Tested on linux-4.6.2"
https://bugs.launchpad.net/bugs/1594402/+attachment/4687288/+files/break_acces_on_null_address.patch
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1594402
Title:
On function vmacache_find issue.
Status in linux package in Ubuntu:
New
Bug description:
This is verry bad on file mm/vmacache.c function vmacache_find try to run with nonexistent pointer.
result of perl report is bellow:
vmacache_find /proc/kcore
│ ◆
│ ▒
│ ▒
│ Disassembly of section load0: ▒
│ ▒
│ ffffffff811b87c0 <load0>: ▒
│ nop ▒
│ mov %gs:0xd3c0,%rcx ▒
│ xor %eax,%eax ▒
│ cmp 0x380(%rcx),%rdi ▒
20,00 │ ↓ je 1a ▒
│19: ← retq ▒
│1a: testb $0x20,0x16(%rcx) ▒
20,00 │ ↓ je 22 ▒
│ repz retq ▒
│22: mov 0x10(%rdi),%edx ▒
20,00 │ cmp 0x390(%rcx),%edx ▒
│ ↓ je 60 ▒
│ mov %edx,0x390(%rcx) ▒
│ movq $0x0,0x398(%rcx) ▒
│ movq $0x0,0x3a0(%rcx) ▒
│ movq $0x0,0x3a8(%rcx) ▒
│ movq $0x0,0x3b0(%rcx) ▒
│ ← retq ▒
│60: xor %edx,%edx ▒
│62: movslq %edx,%rax ▒
│ mov 0x398(%rcx,%rax,8),%rax ▒
│ test %rax,%rax ▒
│ ↓ je 83 ▒
20,00 │ cmp 0x40(%rax),%rdi ▒
20,00 │ ↓ jne 8e ▒
│ cmp %rsi,(%rax) ▒
│ ↓ ja 83 ▒
│ cmp 0x8(%rax),%rsi ▒
│ ↑ jb 19
This bug have negative impact on players running on browser firefox
and icrease latency of multiple media applications
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: linux-image-4.4.0-24-generic 4.4.0-24.43
ProcVersionSignature: Ubuntu 4.4.0-24.43-generic 4.4.10
Uname: Linux 4.4.0-24-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/pcmC0D0p: asu 3110 F...m pulseaudio
/dev/snd/controlC0: asu 3110 F.... pulseaudio
CurrentDesktop: MATE
Date: Mon Jun 20 17:01:20 2016
InstallationDate: Installed on 2016-04-29 (52 days ago)
InstallationMedia: Ubuntu-Studio 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
IwConfig:
lo no wireless extensions.
enp1s0 no wireless extensions.
MachineType: Olidata S.p.A. ALABAMA
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-24-generic root=/dev/mapper/192--168--0--108--vg-root ro
RelatedPackageVersions:
linux-restricted-modules-4.4.0-24-generic N/A
linux-backports-modules-4.4.0-24-generic N/A
linux-firmware 1.157
RfKill:
SourcePackage: linux
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 07/08/2008
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: S0101
dmi.board.asset.tag: To Be Filled By O.E.M.
dmi.board.name: To be filled by O.E.M.
dmi.board.vendor: To be filled by O.E.M.
dmi.board.version: To be filled by O.E.M.
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: To Be Filled By O.E.M.
dmi.chassis.version: To Be Filled By O.E.M.
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrS0101:bd07/08/2008:svnOlidataS.p.A.:pnALABAMA:pvrToBeFilledByO.E.M.:rvnTobefilledbyO.E.M.:rnTobefilledbyO.E.M.:rvrTobefilledbyO.E.M.:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
dmi.product.name: ALABAMA
dmi.product.version: To Be Filled By O.E.M.
dmi.sys.vendor: Olidata S.p.A.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1594402/+subscriptions
Follow ups