Ubuntu
linux package

kernel crash apparently involving telepathy

Bug #1498602 reported by Fred Zimmerman
16
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Confirmed
High
Unassigned

Bug Description

http://askubuntu.com/questions/677032/what-caused-this-crash-shown-in-syslog

Sep 21 12:38:02 pratchett org.freedesktop.Telepathy.AccountManager[2233]: (process:2488): GLib-GIO-WARNING **: netlink message was truncated; shouldn't happen...
Sep 21 12:38:02 pratchett kernel: [45277.692643] BUG: unable to handle kernel NULL pointer dereference at (null)
Sep 21 12:38:02 pratchett kernel: [45277.692685] IP: [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
Sep 21 12:38:02 pratchett kernel: [45277.692714] PGD 877fe067 PUD 0
Sep 21 12:38:02 pratchett kernel: [45277.692731] Oops: 0002 [#1] SMP
Sep 21 12:38:02 pratchett kernel: [45277.692748] Modules linked in: xt_conntrack ipt_REJECT nf_reject_ipv4 ebtable_filter ebtables ip6table_filter ip6_tables pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) ctr ccm xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc iptable_filter ip_tables x_tables binfmt_misc rfcomm bnep dell_wmi sparse_keymap dell_laptop dcdbas snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_codec_generic dm_multipath scsi_dh intel_rapl iosf_mbi snd_hda_intel x86_pkg_temp_thermal intel_powerclamp snd_hda_controller coretemp snd_hda_codec arc4 kvm_intel snd_hwdep kvm crct10dif_pclmul ath9k crc32_pclmul snd_pcm ath9k_common uvcvideo ghash_clmulni_intel videobuf2_vmalloc videobuf2_memops ath9k_hw videobuf2_core v4l2_common videodev aesni_intel ath media aes_x86_64 lrw gf128mul snd_seq_midi glue_helper snd_seq_midi_event ablk_helper cryptd mac80211 ath3k btusb snd_rawmidi joydev bluetooth serio_raw snd_seq cfg80211 snd_seq_device snd_timer lpc_ich snd soundcore shpchp mei_me mei mac_hid parport_pc ppdev lp parport autofs4 btrfs xor raid6_pq hid_generic usbhid hid i915 i2c_algo_bit drm_kms_helper psmouse drm ahci libahci wmi video
Sep 21 12:38:02 pratchett kernel: [45277.693306] CPU: 2 PID: 9668 Comm: Chrome_ChildIOT Tainted: G OE 3.19.0-29-generic #31-Ubuntu
Sep 21 12:38:02 pratchett kernel: [45277.693345] Hardware name: Dell Inc. Dell System XPS L322X/0PJHXN, BIOS A09 05/15/2013
Sep 21 12:38:02 pratchett kernel: [45277.693383] task: ffff8801bf7489d0 ti: ffff8801f8c4c000 task.ti: ffff8801f8c4c000
Sep 21 12:38:02 pratchett kernel: [45277.693426] RIP: 0010:[<ffffffff816ad857>] [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
Sep 21 12:38:02 pratchett kernel: [45277.693462] RSP: 0018:ffff8801f8c4fb38 EFLAGS: 00010046
Sep 21 12:38:02 pratchett kernel: [45277.693493] RAX: 0000000000000292 RBX: ffff8801c1ddb510 RCX: 0000000000000000
Sep 21 12:38:02 pratchett kernel: [45277.693533] RDX: 0000000000000000 RSI: 0000000000000292 RDI: ffff8801c1ddb524
Sep 21 12:38:02 pratchett kernel: [45277.693574] RBP: ffff8801f8c4fb58 R08: 0000000000000300 R09: ffff880236c03600
Sep 21 12:38:02 pratchett kernel: [45277.693605] R10: 0000000000000292 R11: ffff8801f8c4ffd8 R12: ffff8801c1ddb510
Sep 21 12:38:02 pratchett kernel: [45277.693635] R13: ffff8801c1ddb524 R14: ffff8801c1ddb480 R15: ffff8801c1ddaa00
Sep 21 12:38:02 pratchett kernel: [45277.693666] FS: 00007fb4c2de3700(0000) GS:ffff88023f280000(0000) knlGS:0000000000000000
Sep 21 12:38:02 pratchett kernel: [45277.693700] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Sep 21 12:38:02 pratchett kernel: [45277.693724] CR2: 0000000000000000 CR3: 00000001724bf000 CR4: 00000000001407e0
Sep 21 12:38:02 pratchett kernel: [45277.693754] Stack:
Sep 21 12:38:02 pratchett kernel: [45277.693763] 0000000000000000 000000000000001c 0000000000000000 ffff8801c1ddb510
Sep 21 12:38:02 pratchett kernel: [45277.693796] ffff8801f8c4fc18 ffffffff81762ce4 ffff880200000000 ffff8801c1ddb510
Sep 21 12:38:02 pratchett kernel: [45277.693837] ffff8801f8c4ff08 ffff8801f8c4fc88 0000001c0000001c 000000000000001c
Sep 21 12:38:02 pratchett kernel: [45277.693870] Call Trace:
Sep 21 12:38:02 pratchett kernel: [45277.693889] [<ffffffff81762ce4>] unix_stream_sendmsg+0x1e4/0x450
Sep 21 12:38:02 pratchett kernel: [45277.693917] [<ffffffff816a584c>] do_sock_sendmsg+0x8c/0x100
Sep 21 12:38:02 pratchett kernel: [45277.693942] [<ffffffff816a51ec>] ? copy_msghdr_from_user+0x15c/0x210
Sep 21 12:38:02 pratchett kernel: [45277.693971] [<ffffffff816a5ea8>] ___sys_sendmsg+0x348/0x360
Sep 21 12:38:02 pratchett kernel: [45277.693997] [<ffffffff811fdcb0>] ? pipe_read+0x300/0x340
Sep 21 12:38:02 pratchett kernel: [45277.694022] [<ffffffff811f46de>] ? new_sync_read+0x7e/0xb0
Sep 21 12:38:02 pratchett kernel: [45277.694047] [<ffffffff8112c792>] ? seccomp_phase1+0x92/0x270
Sep 21 12:38:02 pratchett kernel: [45277.694073] [<ffffffff816a65c2>] __sys_sendmsg+0x42/0x80
Sep 21 12:38:02 pratchett kernel: [45277.694097] [<ffffffff816a6612>] SyS_sendmsg+0x12/0x20
Sep 21 12:38:02 pratchett kernel: [45277.694121] [<ffffffff817cbe4d>] system_call_fastpath+0x16/0x1b
Sep 21 12:38:02 pratchett kernel: [45277.694147] Code: 8d 6f 14 41 54 53 48 89 fb 4c 89 ef 49 89 f4 48 83 ec 08 e8 9c de 11 00 48 8b 53 08 49 89 1c 24 4c 89 ef 48 89 c6 49 89 54 24 08 <4c> 89 22 83 43 10 01 4c 89 63 08 e8 59 dd 11 00 48 83 c4 08 5b
Sep 21 12:38:02 pratchett kernel: [45277.694274] RIP [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
Sep 21 12:38:02 pratchett kernel: [45277.694308] RSP <ffff8801f8c4fb38>

That is a kernel bug -- no action any program can take should ever lead to a kernel panic.

Judging from the stack trace:

Telepathy sends a message, using the sendmsg system call, on a socket of type PF_UNIX.
The process doing that is inside a seccomp compartment, i.e. does not have direct system access, so the system call is handled by marshalling the arguments to a data structure, and sending them to another process (so that process can look at whether the access is allowed, implementing more complex policies than what the kernel allows).
The message is appended to the socket that will transport it to the program handling this.
During this append operation, an invalid pointer is found. This can happen if a data structure is uninitialized, but this is certainly a kernel bug if there is a code path that can leave an uninitialized structure somewhere where it would be expected to be valid.

The second error is a repeat of the first -- the data structure didn't get any better in the meantime.

I'd report this as a bug against the kernel package that you are using, in this case linux-image-3.19.0-29-generic. If the problem can be reproduced, please include instructions to do so.

This appears to be a weird interaction between Chrome and Telepathy that might itself warrant investigation, but the primary issue is that there is a way to reach an invalid state, and that should never happen.

ProblemType: Bug
DistroRelease: Ubuntu 15.04
Package: linux-image-3.19.0-29-generic 3.19.0-29.31
ProcVersionSignature: Ubuntu 3.19.0-29.31-generic 3.19.8-ckt6
Uname: Linux 3.19.0-29-generic x86_64
ApportVersion: 2.17.2-0ubuntu1.4
Architecture: amd64
AudioDevicesInUse:
 USER PID ACCESS COMMAND
 /dev/snd/controlC0: fred 2638 F.... pulseaudio
CurrentDesktop: Unity
Date: Tue Sep 22 13:39:21 2015
DistributionChannelDescriptor:
 # This is a distribution channel descriptor
 # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
 canonical-oem-somerville-precise-amd64-20120703-2
HibernationDevice: RESUME=UUID=7d5dc495-ada4-4ace-9665-639b9152a33d
InstallationDate: Installed on 2013-08-21 (762 days ago)
InstallationMedia: Ubuntu 12.04 "Precise" - Build amd64 LIVE Binary 20120703-15:08
MachineType: Dell Inc. Dell System XPS L322X
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.19.0-29-generic root=UUID=0a96aa74-804d-4bdc-a152-9de72390e1e3 ro quiet splash vt.handoff=7
RelatedPackageVersions:
 linux-restricted-modules-3.19.0-29-generic N/A
 linux-backports-modules-3.19.0-29-generic N/A
 linux-firmware 1.143.3
SourcePackage: linux
UpgradeStatus: Upgraded to vivid on 2015-04-24 (150 days ago)
dmi.bios.date: 05/15/2013
dmi.bios.vendor: Dell Inc.
dmi.bios.version: A09
dmi.board.name: 0PJHXN
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 8
dmi.chassis.vendor: Dell Inc.
dmi.chassis.version: 0.1
dmi.modalias: dmi:bvnDellInc.:bvrA09:bd05/15/2013:svnDellInc.:pnDellSystemXPSL322X:pvr:rvnDellInc.:rn0PJHXN:rvrA00:cvnDellInc.:ct8:cvr0.1:
dmi.product.name: Dell System XPS L322X
dmi.sys.vendor: Dell Inc.

Revision history for this message
Fred Zimmerman (wfz) wrote :
Revision history for this message
Brad Figg (brad-figg) wrote : Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status: New → Confirmed
Joseph Salisbury (jsalisbury)
Changed in linux (Ubuntu):
importance: Undecided → High
Revision history for this message
Joseph Salisbury (jsalisbury) wrote :

Did this issue start happening after an update/upgrade? Was there a kernel version where you were not having this particular problem? This will help determine if the problem you are seeing is the result of a regression, and when this regression was introduced. If this is a regression, we can perform a kernel bisect to identify the commit that introduced the problem.

tags: added: kernel-da-key
Revision history for this message
Fred Zimmerman (wfz) wrote : Re: [Bug 1498602] Re: kernel crash apparently involving telepathy
Download full text (9.7 KiB)

It seems to have started shortly after a recent kernel upgrade (within the
last two weeks). I keep all updates fresh.

On Tue, Sep 22, 2015 at 2:53 PM, Joseph Salisbury <
<email address hidden>> wrote:

> Did this issue start happening after an update/upgrade? Was there a
> kernel version where you were not having this particular problem? This
> will help determine if the problem you are seeing is the result of a
> regression, and when this regression was introduced. If this is a
> regression, we can perform a kernel bisect to identify the commit that
> introduced the problem.
>
>
> ** Tags added: kernel-da-key
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1498602
>
> Title:
> kernel crash apparently involving telepathy
>
> Status in linux package in Ubuntu:
> Confirmed
>
> Bug description:
> http://askubuntu.com/questions/677032/what-caused-this-crash-shown-in-
> syslog
>
> Sep 21 12:38:02 pratchett
> org.freedesktop.Telepathy.AccountManager[2233]: (process:2488):
> GLib-GIO-WARNING **: netlink message was truncated; shouldn't happen...
> Sep 21 12:38:02 pratchett kernel: [45277.692643] BUG: unable to handle
> kernel NULL pointer dereference at (null)
> Sep 21 12:38:02 pratchett kernel: [45277.692685] IP:
> [<ffffffff816ad857>] skb_queue_tail+0x37/0x60
> Sep 21 12:38:02 pratchett kernel: [45277.692714] PGD 877fe067 PUD 0
> Sep 21 12:38:02 pratchett kernel: [45277.692731] Oops: 0002 [#1] SMP
> Sep 21 12:38:02 pratchett kernel: [45277.692748] Modules linked in:
> xt_conntrack ipt_REJECT nf_reject_ipv4 ebtable_filter ebtables
> ip6table_filter ip6_tables pci_stub vboxpci(OE) vboxnetadp(OE)
> vboxnetflt(OE) vboxdrv(OE) ctr ccm xt_CHECKSUM iptable_mangle
> ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_conntrack_ipv4
> nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack xt_tcpudp bridge stp llc
> iptable_filter ip_tables x_tables binfmt_misc rfcomm bnep dell_wmi
> sparse_keymap dell_laptop dcdbas snd_hda_codec_hdmi snd_hda_codec_realtek
> snd_hda_codec_generic dm_multipath scsi_dh intel_rapl iosf_mbi
> snd_hda_intel x86_pkg_temp_thermal intel_powerclamp snd_hda_controller
> coretemp snd_hda_codec arc4 kvm_intel snd_hwdep kvm crct10dif_pclmul ath9k
> crc32_pclmul snd_pcm ath9k_common uvcvideo ghash_clmulni_intel
> videobuf2_vmalloc videobuf2_memops ath9k_hw videobuf2_core v4l2_common
> videodev aesni_intel ath media aes_x86_64 lrw gf128mul snd_seq_midi
> glue_helper snd_seq_midi_event ablk_helper cryptd mac80211 ath3k btusb
> snd_rawmidi joydev bluetooth serio_raw snd_seq cfg80211 snd_seq_device
> snd_timer lpc_ich snd soundcore shpchp mei_me mei mac_hid parport_pc ppdev
> lp parport autofs4 btrfs xor raid6_pq hid_generic usbhid hid i915
> i2c_algo_bit drm_kms_helper psmouse drm ahci libahci wmi video
> Sep 21 12:38:02 pratchett kernel: [45277.693306] CPU: 2 PID: 9668 Comm:
> Chrome_ChildIOT Tainted: G OE 3.19.0-29-generic #31-Ubuntu
> Sep 21 12:38:02 pratchett kernel: [45277.693345] Hardware name: Dell
> Inc. Dell System XPS L322X/0PJHXN, BIOS A09 05/15/2013
> Sep 21 12:38:02 pratchett kernel: [45277....

Read more...

penalvch (penalvch)
tags: added: bios-outdated-a10
tags: added: regression-update
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.