kernel-packages team mailing list archive

[Rob Schmidt <1301439@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

I've found a reproducible bug in 3.8.0 kernels installed in precise.

We did an EFI install and it used this newer kernel which seemed to be
selected from:

linux-signed-generic-lts-raring

dmesg output:

[366681.745292] general protection fault: 0000 [#1] SMP
[366681.745640] Modules linked in: btrfs(F) ufs(F) qnx4(F) hfsplus(F) hfs(F) minix(F) ntfs(F) msdos(F) jfs(F) xfs(F) libcrc32c(F)
reiserfs(F) vhost_net(F) macvtap(F) macvlan(F) ip6table_filter(F) ip6_tables(F) iptable_filter(F) ip_tables(F) ipmi_devintf(F) ebt
able_nat(F) ebtables(F) x_tables(F) ipmi_si(F) ipmi_msghandler(F) coretemp(F) kvm_intel(F) kvm(F) ghash_clmulni_intel(F) aesni_int
el(F) ablk_helper(F) cryptd(F) lrw(F) bridge(F) aes_x86_64(F) xts(F) gf128mul(F) stp(F) llc(F) gpio_ich(F) dm_multipath(F) scsi_dh
(F) sb_edac(F) microcode(F) edac_core(F) ioatdma(F) mei(F) joydev(F) lpc_ich(F) nfsd(F) mac_hid(F) wmi(F) nfs_acl(F) auth_rpcgss(F
) nfs(F) lp(F) parport(F) fscache(F) lockd(F) sunrpc(F) nls_iso8859_1(F) ext2(F) zfs(POF) zcommon(POF) znvpair(POF) zavl(POF) zuni
code(POF) spl(OF) zlib_deflate(F) ses(F) enclosure(F) hid_generic(F) igb(F) mpt2sas(F) usbhid(F) ahci(F) dca(F) ptp(F) scsi_transp
ort_sas(F) hid(F) megaraid_sas(F) libahci(F) pps_core(F) raid_class(F)
[366681.752501] CPU 18
[366681.752644] Pid: 5937, comm: vhost-9024 Tainted: PF          O 3.8.0-29-generic #42~precise1-Ubuntu Supermicro X9DRD-7LN4F(-JB
OD)/X9DRD-EF/X9DRD-7LN4F
[366681.753558] RIP: 0010:[<ffffffff816df39e>]  [<ffffffff816df39e>] put_compound_page.part.12+0x34/0x11f
[366681.754192] RSP: 0018:ffff88178840bbb8  EFLAGS: 00010292
[366681.754547] RAX: ffff8817d750b200 RBX: 2424242424242424 RCX: ffff8817d750b6c0
[366681.755033] RDX: 0000000000000000 RSI: ffff8817d750b600 RDI: ffff8817d750b600
[366681.755514] RBP: ffff88178840bbc8 R08: 0000000000000001 R09: 0000000000001000
[366681.755995] R10: ffff8817689a4518 R11: 0000000000000001 R12: ffff8817d750b600
[366681.756474] R13: 000000000000edd2 R14: ffffffff814f354b R15: 0000000000000042
[366681.756957] FS:  0000000000000000(0000) GS:ffff88207fcc0000(0000) knlGS:0000000000000000
[366681.757500] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[366681.757886] CR2: 00007fa51d6e6590 CR3: 0000002027561000 CR4: 00000000000427e0
[366681.758380] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[366681.759020] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[366681.759480] Process vhost-9024 (pid: 5937, threadinfo ffff88178840a000, task ffff88101ad5dd00)
[366681.759962] Stack:
[366681.760103]  ffff881f86698f00 0000000000000012 ffff88178840bbd8 ffffffff81141b7c
[366681.760646]  ffff88178840bbe8 ffffffff81141f4c ffff88178840bc08 ffffffff815d57a8
[366681.761188]  ffff881f86698f00 ffff881f86698f00 ffff88178840bc18 ffffffff815d58c5
[366681.761725] Call Trace:
[366681.761899]  [<ffffffff81141b7c>] put_compound_page+0x3c/0x50
[366681.777499]  [<ffffffff81141f4c>] put_page+0x2c/0x40
[366681.795022]  [<ffffffff815d57a8>] skb_release_data.part.43+0x48/0x110
[366681.811077]  [<ffffffff815d58c5>] skb_release_data+0x55/0x60
[366681.826501]  [<ffffffff815d58ee>] __kfree_skb+0x1e/0x30
[366681.841922]  [<ffffffff815d5945>] kfree_skb+0x45/0xc0
[366681.856525]  [<ffffffff814f354b>] tun_get_user+0x61b/0x640
[366681.871554]  [<ffffffff814f35c4>] tun_sendmsg+0x54/0x80
[366681.885502]  [<ffffffffa04b8ca7>] handle_tx+0x307/0x5e0 [vhost_net]
[366681.899875]  [<ffffffffa04b8fb5>] handle_tx_kick+0x15/0x20 [vhost_net]
[366681.913024]  [<ffffffffa04b5e9d>] vhost_worker+0xfd/0x1a0 [vhost_net]
[366681.926011]  [<ffffffffa04b5da0>] ? vhost_set_memory+0x130/0x130 [vhost_net]
[366681.939190]  [<ffffffff8107f1b0>] kthread+0xc0/0xd0
[366681.951561]  [<ffffffff8107f0f0>] ? flush_kthread_worker+0xb0/0xb0
[366681.964097]  [<ffffffff816fc82c>] ret_from_fork+0x7c/0xb0
[366681.976040]  [<ffffffff8107f0f0>] ? flush_kthread_worker+0xb0/0xb0
[366681.988050] Code: 41 54 49 89 fc 53 48 8b 07 f6 c4 80 0f 84 9f 00 00 00 48 8b 5f 30 48 8b 07 f6 c4 80 0f 84 8f 00 00 00 48 39
df 0f 84 86 00 00 00 <8b> 53 1c 85 d2 74 7f 8d 4a 01 48 8d 73 1c 89 d0 f0 0f b1 4b 1c
[366682.024399] RIP  [<ffffffff816df39e>] put_compound_page.part.12+0x34/0x11f
[366682.036323]  RSP <ffff88178840bbb8>
[366682.073799] ---[ end trace ab95cd543919cb1f ]---


reproduced by doing an nfs export from zfs running on the host (It is possible it is related to zfs, but it doesn't show up in the call trace).

I've reproduced it on two similar machines.

I've also checked it against newer version of qemu (1.5) didn't resolve
the problem.

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete


** Tags: raring

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1301439

Title:
  General Protection fault

Status in “linux” package in Ubuntu:
  Incomplete

Bug description:
  I've found a reproducible bug in 3.8.0 kernels installed in precise.

  We did an EFI install and it used this newer kernel which seemed to be
  selected from:

  linux-signed-generic-lts-raring

  dmesg output:

  [366681.745292] general protection fault: 0000 [#1] SMP
  [366681.745640] Modules linked in: btrfs(F) ufs(F) qnx4(F) hfsplus(F) hfs(F) minix(F) ntfs(F) msdos(F) jfs(F) xfs(F) libcrc32c(F)
  reiserfs(F) vhost_net(F) macvtap(F) macvlan(F) ip6table_filter(F) ip6_tables(F) iptable_filter(F) ip_tables(F) ipmi_devintf(F) ebt
  able_nat(F) ebtables(F) x_tables(F) ipmi_si(F) ipmi_msghandler(F) coretemp(F) kvm_intel(F) kvm(F) ghash_clmulni_intel(F) aesni_int
  el(F) ablk_helper(F) cryptd(F) lrw(F) bridge(F) aes_x86_64(F) xts(F) gf128mul(F) stp(F) llc(F) gpio_ich(F) dm_multipath(F) scsi_dh
  (F) sb_edac(F) microcode(F) edac_core(F) ioatdma(F) mei(F) joydev(F) lpc_ich(F) nfsd(F) mac_hid(F) wmi(F) nfs_acl(F) auth_rpcgss(F
  ) nfs(F) lp(F) parport(F) fscache(F) lockd(F) sunrpc(F) nls_iso8859_1(F) ext2(F) zfs(POF) zcommon(POF) znvpair(POF) zavl(POF) zuni
  code(POF) spl(OF) zlib_deflate(F) ses(F) enclosure(F) hid_generic(F) igb(F) mpt2sas(F) usbhid(F) ahci(F) dca(F) ptp(F) scsi_transp
  ort_sas(F) hid(F) megaraid_sas(F) libahci(F) pps_core(F) raid_class(F)
  [366681.752501] CPU 18
  [366681.752644] Pid: 5937, comm: vhost-9024 Tainted: PF          O 3.8.0-29-generic #42~precise1-Ubuntu Supermicro X9DRD-7LN4F(-JB
  OD)/X9DRD-EF/X9DRD-7LN4F
  [366681.753558] RIP: 0010:[<ffffffff816df39e>]  [<ffffffff816df39e>] put_compound_page.part.12+0x34/0x11f
  [366681.754192] RSP: 0018:ffff88178840bbb8  EFLAGS: 00010292
  [366681.754547] RAX: ffff8817d750b200 RBX: 2424242424242424 RCX: ffff8817d750b6c0
  [366681.755033] RDX: 0000000000000000 RSI: ffff8817d750b600 RDI: ffff8817d750b600
  [366681.755514] RBP: ffff88178840bbc8 R08: 0000000000000001 R09: 0000000000001000
  [366681.755995] R10: ffff8817689a4518 R11: 0000000000000001 R12: ffff8817d750b600
  [366681.756474] R13: 000000000000edd2 R14: ffffffff814f354b R15: 0000000000000042
  [366681.756957] FS:  0000000000000000(0000) GS:ffff88207fcc0000(0000) knlGS:0000000000000000
  [366681.757500] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  [366681.757886] CR2: 00007fa51d6e6590 CR3: 0000002027561000 CR4: 00000000000427e0
  [366681.758380] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
  [366681.759020] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
  [366681.759480] Process vhost-9024 (pid: 5937, threadinfo ffff88178840a000, task ffff88101ad5dd00)
  [366681.759962] Stack:
  [366681.760103]  ffff881f86698f00 0000000000000012 ffff88178840bbd8 ffffffff81141b7c
  [366681.760646]  ffff88178840bbe8 ffffffff81141f4c ffff88178840bc08 ffffffff815d57a8
  [366681.761188]  ffff881f86698f00 ffff881f86698f00 ffff88178840bc18 ffffffff815d58c5
  [366681.761725] Call Trace:
  [366681.761899]  [<ffffffff81141b7c>] put_compound_page+0x3c/0x50
  [366681.777499]  [<ffffffff81141f4c>] put_page+0x2c/0x40
  [366681.795022]  [<ffffffff815d57a8>] skb_release_data.part.43+0x48/0x110
  [366681.811077]  [<ffffffff815d58c5>] skb_release_data+0x55/0x60
  [366681.826501]  [<ffffffff815d58ee>] __kfree_skb+0x1e/0x30
  [366681.841922]  [<ffffffff815d5945>] kfree_skb+0x45/0xc0
  [366681.856525]  [<ffffffff814f354b>] tun_get_user+0x61b/0x640
  [366681.871554]  [<ffffffff814f35c4>] tun_sendmsg+0x54/0x80
  [366681.885502]  [<ffffffffa04b8ca7>] handle_tx+0x307/0x5e0 [vhost_net]
  [366681.899875]  [<ffffffffa04b8fb5>] handle_tx_kick+0x15/0x20 [vhost_net]
  [366681.913024]  [<ffffffffa04b5e9d>] vhost_worker+0xfd/0x1a0 [vhost_net]
  [366681.926011]  [<ffffffffa04b5da0>] ? vhost_set_memory+0x130/0x130 [vhost_net]
  [366681.939190]  [<ffffffff8107f1b0>] kthread+0xc0/0xd0
  [366681.951561]  [<ffffffff8107f0f0>] ? flush_kthread_worker+0xb0/0xb0
  [366681.964097]  [<ffffffff816fc82c>] ret_from_fork+0x7c/0xb0
  [366681.976040]  [<ffffffff8107f0f0>] ? flush_kthread_worker+0xb0/0xb0
  [366681.988050] Code: 41 54 49 89 fc 53 48 8b 07 f6 c4 80 0f 84 9f 00 00 00 48 8b 5f 30 48 8b 07 f6 c4 80 0f 84 8f 00 00 00 48 39
  df 0f 84 86 00 00 00 <8b> 53 1c 85 d2 74 7f 8d 4a 01 48 8d 73 1c 89 d0 f0 0f b1 4b 1c
  [366682.024399] RIP  [<ffffffff816df39e>] put_compound_page.part.12+0x34/0x11f
  [366682.036323]  RSP <ffff88178840bbb8>
  [366682.073799] ---[ end trace ab95cd543919cb1f ]---

  
  reproduced by doing an nfs export from zfs running on the host (It is possible it is related to zfs, but it doesn't show up in the call trace).

  I've reproduced it on two similar machines.

  I've also checked it against newer version of qemu (1.5) didn't
  resolve the problem.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1301439/+subscriptions