Ubuntu
linux-meta-lts-utopic package

  1. Bug #1456279
  2. Comment #3

Comment 3 for bug 1456279

Revision history for this message
Qishuai Liu (lqs) wrote :

I have encountered this bug too. It seems that this bug is triggered by sending a "tcp fast open" request with sendto().

[ 382.110408] ------------[ cut here ]------------
[ 382.112844] kernel BUG at /build/buildd/linux-lts-utopic-3.16.0/net/ipv4/tcp_output.c:878!
[ 382.114282] invalid opcode: 0000 [#3] SMP
[ 382.114282] Modules linked in: joydev hid_generic ppdev kvm_intel kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd usbhid hid serio_raw pvpanic i2c_piix4 parport_pc mac_hid lp parport nls_utf8 isofs floppy psmouse pata_acpi
[ 382.114282] CPU: 1 PID: 2091 Comm: ss-server Tainted: G D 3.16.0-37-generic #51~14.04.1-Ubuntu
[ 382.114282] Hardware name: Fedora Project OpenStack Nova, BIOS 0.5.1 01/01/2011
[ 382.114282] task: ffff88003af38000 ti: ffff88003d73c000 task.ti: ffff88003d73c000
[ 382.114282] RIP: 0010:[<ffffffff816b845f>] [<ffffffff816b845f>] tcp_transmit_skb+0x72f/0x900
[ 382.114282] RSP: 0018:ffff88003d73fae8 EFLAGS: 00010246
[ 382.114282] RAX: 00000000000002c0 RBX: ffff88003c5dc600 RCX: 00000000000000d0
[ 382.114282] RDX: 0000000000000001 RSI: ffff880036418800 RDI: ffff880036b61000
[ 382.114282] RBP: ffff88003d73fb40 R08: 00000000000002c0 R09: 0000000000000500
[ 382.114282] R10: ffff88003e001500 R11: ffff88003c5dcbe4 R12: ffff880036418800
[ 382.114282] R13: ffff88003c1b8740 R14: 0000000000000000 R15: ffff880036418800
[ 382.114282] FS: 00007fe77c448740(0000) GS:ffff88003fd00000(0000) knlGS:0000000000000000
[ 382.114282] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 382.114282] CR2: 00000000025a37c8 CR3: 000000003b00c000 CR4: 00000000001407e0
[ 382.114282] Stack:
[ 382.114282] 00ff88003c1b8740 ffff88003c5dc600 0000000000000000 ffff88003c5dc600
[ 382.114282] 0000000000000000 ffff88003c5dc600 ffff88003c5dc600 ffff880036418400
[ 382.114282] ffff88003c1b8740 0000000000000000 ffff880036418800 ffff88003d73fb98
[ 382.114282] Call Trace:
[ 382.114282] [<ffffffff816b9a9e>] tcp_connect+0x47e/0x7a0
[ 382.114282] [<ffffffff816be537>] tcp_v4_connect+0x317/0x470
[ 382.114282] [<ffffffff816d3fd5>] __inet_stream_connect+0xa5/0x320
[ 382.114282] [<ffffffff811b79c6>] ? kmem_cache_alloc_trace+0x1c6/0x1f0
[ 382.114282] [<ffffffff816aad23>] ? tcp_sendmsg+0x4e3/0xce0
[ 382.114282] [<ffffffff816aad60>] tcp_sendmsg+0x520/0xce0
[ 382.114282] [<ffffffff8116b6fa>] ? __alloc_pages_nodemask+0x15a/0x2a0
[ 382.114282] [<ffffffff8133457d>] ? aa_sk_perm.isra.4+0x6d/0x150
[ 382.114282] [<ffffffff816d52d4>] inet_sendmsg+0x64/0xb0
[ 382.114282] [<ffffffff81329c31>] ? apparmor_socket_sendmsg+0x21/0x30
[ 382.114282] [<ffffffff81648bbb>] sock_sendmsg+0x8b/0xc0
[ 382.114282] [<ffffffff8105af5c>] ? __do_page_fault+0x20c/0x560
[ 382.114282] [<ffffffff811f1243>] ? __fdget+0x13/0x20
[ 382.114282] [<ffffffff81648d61>] SYSC_sendto+0x121/0x1c0
[ 382.114282] [<ffffffff8105b361>] ? trace_do_page_fault+0x41/0x100
[ 382.114282] [<ffffffff812ebbe6>] ? security_file_fcntl+0x16/0x20
[ 382.114282] [<ffffffff8164983e>] SyS_sendto+0xe/0x10
[ 382.114282] [<ffffffff8176d20d>] system_call_fastpath+0x1a/0x1f
[ 382.114282] Code: 58 ab f9 ff 49 89 c4 e9 7a f9 ff ff 8b 8b c4 05 00 00 89 ca d1 e9 c1 ea 02 01 d1 8b 93 c0 05 00 00 39 d1 0f 43 d1 e9 39 ff ff ff <0f> 0b 41 8b 54 24 40 39 c2 0f 89 9d fb ff ff 8d 88 00 00 ff ff
[ 382.114282] RIP [<ffffffff816b845f>] tcp_transmit_skb+0x72f/0x900
[ 382.114282] RSP <ffff88003d73fae8>
[ 382.180848] ---[ end trace f4c399819b7ce2a9 ]---