Ubuntu
linux package

kernel BUG at /build/buildd/linux-3.2.0/mm/slub.c:3427!; EIP is at kfree+0x10f/0x120

Bug #1003624 reported by Rafael Cavalcanti
18
This bug affects 3 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Expired
Low
Unassigned

Bug Description

Just a few days ago I fresh installed Ubuntu 12.04 32-bits in my laptop.
I have a bluetooth dongle attached to an USB port and a bluetooth mouse paired with it.

Since the installation I've been experiencing multiple crashes, quite randomly, until I found out that turning off my bluetooth mouse solved it. In fact, I had to do it so I could install Ubuntu.

As I said, I couldn't find yet a clearly situation in which the crash occurs. It can happen just a few seconds after turning the mouse on, hours later, or when returning from a suspension state. Actually, the only certain situation for a crash I found out is when returning from suspension mode.

So, some steps to reproduce this bug are:
1) Turn on bluetooth mouse
2) Turn on computer and log on Ubuntu
3) Wait
or, alternatively:
3.0) Suspend your session
3.1) Return from suspension

Results can be three:
A) Computer is completely frozen, showing the last screen. Mouse cursor is on the screen, you can't move it and any keyboard command has no effects (I can't go to terminal nor restart X).
B) Similar to A, but the screen is black, showing just the cursor.
C) Screen shows lots of messages, probably from a kernel oops.

In all cases, I have to do a hard reboot.
I've been experiencing this issue since Ubuntu 11.10 (Ubuntu 11.04 worked flawlessly). However, I don't think it's just an Ubuntu related issue. Trying to install Fedora 16 also resulted in multiple crashes.

I tried to reproduce these situations, and I'm attaching the correspondent kern.log here. However, I didn't found any relevant information in the output of Situation 2 and 3.
Situation 1) Turned the mouse on, with system already running. Just a few seconds after, screen went black (with cursor in it) and totally frozen. Had to do a hard reboot.
Situation 2) Turned the mouse on before booting the system. After login, waited a few moments and entered suspension mode. After some moments returned from suspension. Ubuntu was froozen in lock screen.
Situation 3) After the crash in situation 2, turned again the computer on. After login, moved the mouse a bit and screen froze.

I tried to reproduce the kernel oops, but wasn't successful. So I am attaching the kern.log of one of the kernel oops I had yesterday. I think it will be useful.

Finally, I just like to add it's very common my wallpaper and other preferences are gone after a crash like that, and I have to do change them all over again.

WORKAROUND: Disable Bluetooth.
---
AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24.
AplayDevices:
 **** List of PLAYBACK Hardware Devices ****
 card 0: Intel [HDA Intel], device 0: ALC262 Analog [ALC262 Analog]
   Subdevices: 1/1
   Subdevice #0: subdevice #0
ApportVersion: 2.0.1-0ubuntu8
Architecture: i386
ArecordDevices:
 **** List of CAPTURE Hardware Devices ****
 card 0: Intel [HDA Intel], device 0: ALC262 Analog [ALC262 Analog]
   Subdevices: 1/1
   Subdevice #0: subdevice #0
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: rafael 2386 F.... pulseaudio
Card0.Amixer.info:
 Card hw:0 'Intel'/'HDA Intel at 0xf6700000 irq 46'
   Mixer name : 'Realtek ALC262'
   Components : 'HDA:10ec0262,144dc042,00100202'
   Controls : 20
   Simple ctrls : 11
DistroRelease: Ubuntu 12.04
EcryptfsInUse: Yes
HibernationDevice: RESUME=UUID=8ae22233-07e8-4ab6-915a-360e9ab86bac
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Release i386 (20120423)
MachineType: SAMSUNG ELECTRONICS CO., LTD. R509
Package: linux (not installed)
ProcEnviron:
 TERM=xterm
 PATH=(custom, user)
 LANG=en_US.UTF-8
 SHELL=/bin/bash
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.2.0-25-generic-pae root=UUID=cf95050d-0e07-47a7-a2f2-fa62aa8839d7 ro quiet splash acpi_backlight=vendor vt.handoff=7
ProcVersionSignature: Ubuntu 3.2.0-25.40-generic-pae 3.2.18
RelatedPackageVersions:
 linux-restricted-modules-3.2.0-25-generic-pae N/A
 linux-backports-modules-3.2.0-25-generic-pae N/A
 linux-firmware 1.79
SourcePackage: linux
Tags: precise precise
Uname: Linux 3.2.0-25-generic-pae i686
UpgradeStatus: No upgrade log present (probably fresh install)
UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
dmi.bios.date: 04/01/2010
dmi.bios.vendor: Phoenix Technologies Ltd.
dmi.bios.version: 03LP.M008.20100401.KSJ
dmi.board.name: R509
dmi.board.vendor: SAMSUNG ELECTRONICS CO., LTD.
dmi.board.version: Not Applicable
dmi.chassis.asset.tag: No Asset Tag
dmi.chassis.type: 10
dmi.chassis.vendor: SAMSUNG ELECTRONICS CO., LTD.
dmi.chassis.version: N/A
dmi.modalias: dmi:bvnPhoenixTechnologiesLtd.:bvr03LP.M008.20100401.KSJ:bd04/01/2010:svnSAMSUNGELECTRONICSCO.,LTD.:pnR509:pvrNotApplicable:rvnSAMSUNGELECTRONICSCO.,LTD.:rnR509:rvrNotApplicable:cvnSAMSUNGELECTRONICSCO.,LTD.:ct10:cvrN/A:
dmi.product.name: R509
dmi.product.version: Not Applicable
dmi.sys.vendor: SAMSUNG ELECTRONICS CO., LTD.

See original description
Revision history for this message
Brad Figg (brad-figg) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. From a terminal window please run:

apport-collect 1003624

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : Re: Bluetooth mouse crashes Ubuntu

I can't run apport-collect, so I didn't sent that log file.

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :
Revision history for this message
penalvch (penalvch) wrote :

modulewth, thank you for reporting this and helping make Ubuntu better. Please execute the following via the Terminal:
apport-collect 1003624

As well, could you please capture the oops following https://wiki.ubuntu.com/KernelTeam/KernelTeamBugPolicies#Capturing_OOPs ?
In addition, please be sure to confirm this issue exists with the latest development release of Ubuntu. ISO CD images are available from http://cdimage.ubuntu.com/daily/current/ . If the issue remains, please run the following command in the development release from a Terminal (Applications->Accessories->Terminal). It will automatically gather and attach updated debug information to this report.

apport-collect -p linux 1003624

Also, if you could test the latest upstream kernel available that would be great. It will allow additional upstream developers to examine the issue. Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Once you've tested the upstream kernel, please remove the 'needs-upstream-testing' tag. This can be done by clicking on the yellow pencil icon next to the tag located at the bottom of the bug description and deleting the 'needs-upstream-testing' text.

If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'.

If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'.

If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-unable-to-test-upstream'.

Please let us know your results. Thanks in advance.

tags: added: i386 needs-upstream-testing precise
removed: bluetooth crash kernel mouse
Changed in linux (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Christopher, thanks for your answer.

apport-collect gives me "No packages found matching linux."

I'll soon reconnect the mouse and get the other reports.

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Hi again! Sorry about the delay.

I could finally record the kernel oops.
I'm attaching it. Hope it helps.

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Here's other crash log (smaller). This one occurred returning from suspend mode. Log starts when I suspended the session.

[ 2023.092972] wlan0: deauthenticating from ****** by local choice (reason=3)
[ 2023.120181] cfg80211: All devices are disconnected, going to restore regulatory settings
[ 2023.120199] cfg80211: Restoring regulatory settings
[ 2023.120211] cfg80211: Calling CRDA to update world regulatory domain
[ 2023.135573] cfg80211: Ignoring regulatory request Set by core since the driver uses its own custom regulatory domain
[ 2023.135593] cfg80211: World regulatory domain updated:
[ 2023.135603] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp)
[ 2023.135612] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 2023.135621] cfg80211: (2457000 KHz - 2482000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 2023.135630] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (300 mBi, 2000 mBm)
[ 2023.135639] cfg80211: (5170000 KHz - 5250000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 2023.135647] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (300 mBi, 2000 mBm)
[ 2031.561474] sky2 0000:06:00.0: eth0: enabling interface
[ 2031.563111] ADDRCONF(NETDEV_UP): eth0: link is not ready
[ 2032.213806] BUG: unable to handle kernel paging request at 0100016c
[ 2032.217381] IP: [<c11354cb>] __kmalloc_track_caller+0xab/0x1d0
[ 2032.217381] *pdpt = 000000002f959001 *pde = 0000000000000000
[ 2032.217381] Oops: 0000 [#1] SMP
[ 2032.217381] Modules linked in: hid_elecom netconsole hidp pci_stub vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) parport_pc ppdev rfcomm bnep binfmt_misc dm_crypt snd_hda_codec_realtek joydev snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_seq_midi snd_rawmidi snd_seq_midi_event snd_seq arc4 snd_timer snd_seq_device uvcvideo snd btusb videodev bluetooth psmouse serio_raw ath5k ath mac80211 soundcore cfg80211 snd_page_alloc mac_hid configfs lp parport usbhid hid i915 sky2 drm_kms_helper drm i2c_algo_bit video usb_storage
[ 2032.217381]
[ 2032.217381] Pid: 1014, comm: gdbus Tainted: G O 3.2.0-24-generic-pae #39-Ubuntu SAMSUNG ELECTRONICS CO., LTD. R509 /R509
[ 2032.240432] EIP: 0060:[<c11354cb>] EFLAGS: 00010206 CPU: 0
[ 2032.240432] EIP is at __kmalloc_track_caller+0xab/0x1d0
[ 2032.240432] EAX: 00000000 EBX: 0100016c ECX: 0100016c EDX: 00006714

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Hi!
Adding info:
I just tested the latest upstream kernel (3.5.0-999) and the problem persists. I got a kernel panic in less than 5 minutes after boot.
Unfortunately, I couldn't record the messages, but I could read that I got something like "not syncing", "fatal exception in interrupt".

tags: added: kernel-bug-exists-upstream
removed: needs-upstream-testing
Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
penalvch (penalvch) wrote :

modulewth, thank you for attaching the oops and testing the mainline. The next thing we need to know is did this USB bluetooth dongle not crash in an earlier version of Ubuntu? If so, which one(s)?

summary: - Bluetooth mouse crashes Ubuntu
+ kernel BUG at /build/buildd/linux-3.2.0/mm/slub.c:3427!; EIP is at
+ kfree+0x10f/0x120
description: updated
Changed in linux (Ubuntu):
importance: Undecided → Low
status: Confirmed → Incomplete
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Christopher, thanks again for all your attention.

> Did this USB bluetooth dongle not crash in an earlier version of Ubuntu?
Yes, until Ubuntu 11.04 it works flawlessly with no crashes.
Since 11.10 I experience this issue, even with the live CD, fresh install, etc.

As I said, I get the same issue with other distributions, as Fedora 16 and 17.
Debian stable (6.0.5) works fine.

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
Revision history for this message
penalvch (penalvch) wrote :

modulewth, please execute the following at the Terminal:
apport-collect 1003624

If this fails, please explain specifically why. In addition, as having the apport data is critical, please file a new report by executing the following via the Terminal and feel free to subscribe me to it:
ubuntu-bug linux

tags: added: needs-bisect oneiric regression-release
Changed in linux (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : AcpiTables.txt

apport information

tags: added: apport-collected
description: updated
Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : AlsaDevices.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : BootDmesg.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : CRDA.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : Card0.Amixer.values.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : Card0.Codecs.codec.0.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : CurrentDmesg.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : IwConfig.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : Lspci.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : Lsusb.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : PciMultimedia.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : ProcCpuinfo.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : ProcInterrupts.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : ProcModules.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : PulseList.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : RfKill.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : UdevDb.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : UdevLog.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote : WifiSyslog.txt

apport information

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Christopher, running apport-collect gave me again "No packages found matching linux", but I sent the info anyways.
I think it's not necessary to run bug-report, right?

Thanks.

Revision history for this message
penalvch (penalvch) wrote :

moduelwth, the next step is to perform a kernel bisect to identify the offending commit(s). Could you please do so following https://wiki.ubuntu.com/Kernel/KernelBisection ?

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

I've never done a bissection and the guidelines didn't help me much, since they are based in 2 revisions of the same release (Maverick).
In my case, the last good kernel was in Natty, and the first bad I know is in Oneric.

How can I do this?
I've already cloned their repositories.

Thanks.

Revision history for this message
Rafael Cavalcanti (rccavalcanti) wrote :

Can you help me?
My solution was bissecting the kernel directly from Torvalds gits, but it's taking unsanely long.

Revision history for this message
penalvch (penalvch) wrote :

modulewth, if you need more granular, step-by-step support for bisecting, you are welcome to utilize http://www.ubuntu.com/support/community/chat .

Revision history for this message
Paweł Szlubecki (pawel-szlubecki) wrote :

Problem is repeatable.

Revision history for this message
Jurij Munda (jurij-munda) wrote :
Download full text (4.5 KiB)

Similar bug...
System crashes randomly - on reboot, on login...
Ubuntu Server 12.04 64 bit + xen hypervisor 4.1, fresh install, only dom0 running.
System crashes randomly - on reboot, on login, sometimes even with kernel panic.

[74385.616601] ------------[ cut here ]------------
[74385.616699] WARNING: at /build/buildd/linux-3.2.0/mm/slub.c:3371 ksize+0xb5/0xc0()
[74385.616828] Hardware name:
[74385.616885] Modules linked in: xen_gntdev xen_netback xen_blkback xen_evtchn xenfs bridge stp radeon ttm drm_kms_helper drm i2c_algo_bit ipmi_si ipm
i_msghandler mac_hid i3000_edac edac_core lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov e1000 e1000e sata_sil24 flopp
y raid6_pq async_tx raid1 raid0 multipath linear
[74385.617996] Pid: 3375, comm: env Tainted: G D W 3.2.0-23-generic #36-Ubuntu
[74385.618127] Call Trace:
[74385.618180] [<ffffffff8106712f>] warn_slowpath_common+0x7f/0xc0
[74385.618285] [<ffffffff8106718a>] warn_slowpath_null+0x1a/0x20
[74385.618384] [<ffffffff81161b55>] ksize+0xb5/0xc0
[74385.618470] [<ffffffff8113287c>] kzfree+0x1c/0x40
[74385.618560] [<ffffffff812d65fa>] apparmor_file_free_security+0x1a/0x20
[74385.618672] [<ffffffff8129d6e6>] security_file_free+0x16/0x20
[74385.618771] [<ffffffff81179006>] __fput+0xc6/0x210
[74385.618863] [<ffffffff81179175>] fput+0x25/0x30
[74385.618945] [<ffffffff81141905>] remove_vma+0x45/0x90
[74385.619032] [<ffffffff81142ba3>] do_munmap+0x1f3/0x2f0
[74385.619122] [<ffffffff81144333>] sys_munmap+0x53/0x80
[74385.619210] [<ffffffff81664a82>] system_call_fastpath+0x16/0x1b
[74385.619311] ---[ end trace 3e4ce9875a6d43f0 ]---
[74385.619403] ------------[ cut here ]------------
[74385.619483] kernel BUG at /build/buildd/linux-3.2.0/mm/slub.c:3427!
[74385.619594] invalid opcode: 0000 [#2] SMP
[74385.619683] CPU 1
[74385.619726] Modules linked in: xen_gntdev xen_netback xen_blkback xen_evtchn xenfs bridge stp radeon ttm drm_kms_helper drm i2c_algo_bit ipmi_si ipmi_msghandler mac_hid i3000_edac edac_core lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov e1000 e1000e sata_sil24 floppy raid6_pq async_tx raid1 raid0 multipath linear
[74385.620062]
[74385.620062] Pid: 3375, comm: env Tainted: G D W 3.2.0-23-generic #36-Ubuntu /S3000AH
[74385.620062] RIP: e030:[<ffffffff811620f5>] [<ffffffff811620f5>] kfree+0x135/0x140
[74385.620062] RSP: e02b:ffff8801dc1cfe08 EFLAGS: 00010246
[74385.620062] RAX: 0200000000000000 RBX: ffff880100000000 RCX: 0000000000000000
[74385.620062] RDX: ffffffff7fffffff RSI: 0000000000000000 RDI: ffff880100000000
[74385.620062] RBP: ffff8801dc1cfe38 R08: ffffea0004000000 R09: 0000000000000000
[74385.620062] R10: ffff880100000000 R11: 0000000000001000 R12: 0000000000000010
[74385.620062] R13: ffff8801dd21a180 R14: ffffffff81132891 R15: ffff8801e4ccd550
[74385.620062] FS: 00007fa643074700(0000) GS:ffff8801f1cb9000(0000) knlGS:0000000000000000
[74385.620062] CS: e033 DS: 0000 ES: 0000 CR0: 000000008005003b
[74385.656105] CR2: 0000000000401008 CR3: 00000001db98f000 CR4: 0000000000002660
[74385.656105] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[74385.656105] DR3: 000000...

Read more...

Revision history for this message
penalvch (penalvch) wrote :

Paweł Szlubecki / Jurij Munda, please stop making comments in this report. For more on this, please see https://help.ubuntu.com/community/ReportingBugs#A3._Make_sure_the_bug_hasn.27t_already_been_reported . If you are having a problem in Ubuntu, please file a new report by executing the following via the Terminal and feel free to subscribe me to it:
ubuntu-bug linux

Please do not respond in this report. Thanks!

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.