crash starting at kernel v3.13.0-72 in timer code
Affects | Status | Importance | Assigned to | Milestone | ||
---|---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
High
|
Unassigned | |||
Trusty |
Fix Released
|
High
|
Eric Desrochers | |||
Vivid |
Fix Released
|
High
|
Kamal Mostafa | |||
linux-lts-utopic (Ubuntu) | ||||||
Trusty |
Fix Released
|
High
|
Eric Desrochers |
Bug Description
Register %RAX is LIST_POISON2.
[239837.578526] general protection fault: 0000 [#1] SMP
...
[239837.664031] CPU: 4 PID: 0 Comm: swapper/4 Not tainted 3.13.0-74-generic #118-Ubuntu
[239837.672997] Hardware name: XXXXXXXXXXXXXXXXXX
[239837.685506] task: ffff881028dc6000 ti: ffff881028dce000 task.ti: ffff881028dce000
[239837.694280] RIP: 0010:[<
[239837.704179] RSP: 0018:ffff88103f
[239837.710425] RAX: dead000000200200 RBX: ffffffffa01be040 RCX: 000000000000303e
[239837.718778] RDX: ffff8810288906b8 RSI: ffff881028f60000 RDI: ffffffffa01be040
[239837.727137] RBP: ffff88103fa03d30 R08: 0000000000000086 R09: ffff881028f88000
[239837.735505] R10: 0000000000000002 R11: 0000000000000005 R12: ffffffffa01be040
[239837.760360] R13: ffff881028f60000 R14: 0000000000000001 R15: 0000000000000001
[239837.785862] FS: 000000000000000
[239837.812540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[239837.827508] CR2: 00000000033d4048 CR3: 0000000001c0e000 CR4: 00000000001407e0
[239837.852880] Stack:
[239837.863639] ffffffffa01be040 0000000000000000 ffff881028f60000 ffff882025639a00
[239837.889101] ffff88103fa03d60 ffffffff81075766 0000000000000086 ffffffffa01be020
[239837.914247] ffff88103fa03d98 0000000000000100 ffff88103fa03d88 ffffffff81082369
[239837.939532] Call Trace:
[239837.950648] <IRQ>
[239837.952982]
[239837.963021] [<ffffffff81075
[239837.974969] [<ffffffff81082
[239837.989674] [<ffffffff81082
[239838.003709] [<ffffffffa01bb
[239838.018469] [<ffffffffa01bb
[239838.033727] [<ffffffff81731
[239838.047561] [<ffffffff81634
[239838.062010] [<ffffffff81731
[239838.076485] [<ffffffff81631
[239838.090371] [<ffffffff81634
[239838.104354] [<ffffffff81074
[239838.117021] [<ffffffff81634
[239838.131002] [<ffffffff81075
[239838.143985] [<ffffffff8106c
[239838.156386] [<ffffffff8106d
[239838.168325] [<ffffffff81737
[239838.181501] [<ffffffff81736
[239838.193978] <EOI>
[239838.196317]
[239838.203483] [<ffffffff815d6
[239838.214553] [<ffffffff815d6
[239838.226799] [<ffffffff8101d
[239838.238745] [<ffffffff810bf
[239838.250792] [<ffffffff81041
[239838.263165] Code: 89 e5 41 56 41 89 d6 41 55 41 54 49 89 fc 53 48 8b 17 48 85 d2 74 55 49 89 f5 0f 1f 44 00 00 49 8b 44 24 08 45 84 f6 48 89 42 08 <48> 89 10 74 08 49 c7 04 24 00 00 00 00 41 f6 44 24 18 01 48 b8
[239838.301935] RIP [<ffffffff81075
[239838.314036] RSP <ffff88103fa03d10>
Related branches
CVE References
Changed in linux (Ubuntu Trusty): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
status: | New → In Progress |
Changed in linux (Ubuntu Vivid): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
status: | New → In Progress |
Changed in linux (Ubuntu Wily): | |
assignee: | nobody → Kamal Mostafa (kamalmostafa) |
status: | New → In Progress |
Changed in linux (Ubuntu Trusty): | |
importance: | Undecided → High |
tags: | added: cpec |
Changed in linux (Ubuntu Trusty): | |
assignee: | Kamal Mostafa (kamalmostafa) → Eric Desrochers (slashd) |
Changed in linux (Ubuntu): | |
status: | Confirmed → Triaged |
no longer affects: | linux (Ubuntu Wily) |
Changed in linux (Ubuntu Trusty): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Vivid): | |
status: | In Progress → Fix Committed |
no longer affects: | linux-lts-utopic (Ubuntu Vivid) |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | New → Fix Committed |
Changed in linux-lts-utopic (Ubuntu): | |
status: | New → Invalid |
tags: |
added: verification-done-trusty removed: verification-needed-trusty |
tags: |
added: verification-done-vivid removed: verification-needed-vivid |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
assignee: | nobody → Eric Desrochers (slashd) |
no longer affects: | linux-lts-utopic (Ubuntu) |
Changed in linux (Ubuntu): | |
status: | Triaged → Fix Released |
Changed in linux (Ubuntu Vivid): | |
importance: | Undecided → High |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
importance: | Undecided → High |
It seems to a problem in add_timer_on moving from a timer_base to a new timer_base
It does look like 470ed44 exposed the problem by switching to add_timer_on from mod_timer; this is a fix to add_timer_on
Reference: /lkml.org/ lkml/2016/ 2/3/295 /lkml.org/ lkml/2016/ 2/4/247
---
https:/
https:/
Patch: /lkml.org/ lkml/diff/ 2016/2/ 4/247/1
https:/
---
Eric