← Back to team overview

kernel-packages team mailing list archive

[Bug 1594402] Re: On function vmacache_find issue.

 

** Tags added: patch

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1594402

Title:
  On function vmacache_find issue.

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  This is verry bad on file mm/vmacache.c function vmacache_find try to run with nonexistent pointer.
  result of perl report is bellow:
  vmacache_find  /proc/kcore                                                                                       
         │                                                                                                        ◆
         │                                                                                                        ▒
         │                                                                                                        ▒
         │    Disassembly of section load0:                                                                       ▒
         │                                                                                                        ▒
         │    ffffffff811b87c0 <load0>:                                                                           ▒
         │      nop                                                                                               ▒
         │      mov    %gs:0xd3c0,%rcx                                                                            ▒
         │      xor    %eax,%eax                                                                                  ▒
         │      cmp    0x380(%rcx),%rdi                                                                           ▒
   20,00 │    ↓ je     1a                                                                                         ▒
         │19: ← retq                                                                                              ▒
         │1a:   testb  $0x20,0x16(%rcx)                                                                           ▒
   20,00 │    ↓ je     22                                                                                         ▒
         │      repz   retq                                                                                       ▒
         │22:   mov    0x10(%rdi),%edx                                                                            ▒
   20,00 │      cmp    0x390(%rcx),%edx                                                                           ▒
         │    ↓ je     60                                                                                         ▒
         │      mov    %edx,0x390(%rcx)                                                                           ▒
         │      movq   $0x0,0x398(%rcx)                                                                           ▒
         │      movq   $0x0,0x3a0(%rcx)                                                                           ▒
         │      movq   $0x0,0x3a8(%rcx)                                                                           ▒
         │      movq   $0x0,0x3b0(%rcx)                                                                           ▒
         │    ← retq                                                                                              ▒
         │60:   xor    %edx,%edx                                                                                  ▒
         │62:   movslq %edx,%rax                                                                                  ▒
         │      mov    0x398(%rcx,%rax,8),%rax                                                                    ▒
         │      test   %rax,%rax                                                                                  ▒
         │    ↓ je     83                                                                                         ▒
   20,00 │      cmp    0x40(%rax),%rdi                                                                            ▒
   20,00 │    ↓ jne    8e                                                                                         ▒
         │      cmp    %rsi,(%rax)                                                                                ▒
         │    ↓ ja     83                                                                                         ▒
         │      cmp    0x8(%rax),%rsi                                                                             ▒
         │    ↑ jb     19                       

  This bug have negative impact on players running on browser firefox
  and icrease latency of multiple media applications

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: linux-image-4.4.0-24-generic 4.4.0-24.43
  ProcVersionSignature: Ubuntu 4.4.0-24.43-generic 4.4.10
  Uname: Linux 4.4.0-24-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/pcmC0D0p:   asu        3110 F...m pulseaudio
   /dev/snd/controlC0:  asu        3110 F.... pulseaudio
  CurrentDesktop: MATE
  Date: Mon Jun 20 17:01:20 2016
  InstallationDate: Installed on 2016-04-29 (52 days ago)
  InstallationMedia: Ubuntu-Studio 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1)
  IwConfig:
   lo        no wireless extensions.
   
   enp1s0    no wireless extensions.
  MachineType: Olidata S.p.A. ALABAMA
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-24-generic root=/dev/mapper/192--168--0--108--vg-root ro
  RelatedPackageVersions:
   linux-restricted-modules-4.4.0-24-generic N/A
   linux-backports-modules-4.4.0-24-generic  N/A
   linux-firmware                            1.157
  RfKill:
   
  SourcePackage: linux
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 07/08/2008
  dmi.bios.vendor: American Megatrends Inc.
  dmi.bios.version: S0101
  dmi.board.asset.tag: To Be Filled By O.E.M.
  dmi.board.name: To be filled by O.E.M.
  dmi.board.vendor: To be filled by O.E.M.
  dmi.board.version: To be filled by O.E.M.
  dmi.chassis.asset.tag: To Be Filled By O.E.M.
  dmi.chassis.type: 3
  dmi.chassis.vendor: To Be Filled By O.E.M.
  dmi.chassis.version: To Be Filled By O.E.M.
  dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrS0101:bd07/08/2008:svnOlidataS.p.A.:pnALABAMA:pvrToBeFilledByO.E.M.:rvnTobefilledbyO.E.M.:rnTobefilledbyO.E.M.:rvrTobefilledbyO.E.M.:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
  dmi.product.name: ALABAMA
  dmi.product.version: To Be Filled By O.E.M.
  dmi.sys.vendor: Olidata S.p.A.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1594402/+subscriptions


References