[Kernel-packages] [Bug 1691741] [NEW] Execute NX-protected page - 4.4.0-78-generic - kernel panic

Jordi de Wal Thu, 18 May 2017 05:06:02 -0700

Public bug reported:

After upgrading from 4.4.0-77 to 4.4.0-78 I started getting kernel
panics.


The crashes do not happen immediately, but have happened generally after
a couple of minutes, sometimes more.

After enabling linux-crashdump stuff, I managed to extract this dmesg.

[  995.103846] kernel tried to execute NX-protected page - exploit attempt? 
(uid: 0)
[  995.104141] BUG: unable to handle kernel paging request at ffff88042a284000
[  995.104407] IP: [<ffff88042a284000>] 0xffff88042a284000
[  995.104594] PGD 43f20b067 PUD 43f20e067 PMD 42a3da063 PTE 800000042a284163
[  995.104946] Oops: 0011 [#1] SMP 
[  995.105143] Modules linked in: zfs(PO) zunicode(PO) zcommon(PO) znvpair(PO) 
spl(O) zavl(PO) ppdev input_leds shpchp serio_raw i2c_piix4 mac_hid parport_pc 
parport 8250_fintek autofs4 ttm drm_kms_helper syscopyarea sysfillrect 
sysimgblt fb_sys_fops drm psmouse floppy pata_acpi
[  995.107081] CPU: 1 PID: 0 Comm: swapper/1 Tainted: P           O    
4.4.0-78-generic #99-Ubuntu
[  995.107299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 
rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org 04/01/2014
[  995.107573] task: ffff88042a278000 ti: ffff88042a280000 task.ti: 
ffff88042a280000
[  995.108070] RIP: 0010:[<ffff88042a284000>]  [<ffff88042a284000>] 
0xffff88042a284000
[  995.108637] RSP: 0018:ffff88042a283ed0  EFLAGS: 00010082
[  995.109116] RAX: 0000000000000001 RBX: 000000e797438af0 RCX: 0000000000000000
[  995.109638] RDX: 0000000000000001 RSI: 0000000000000083 RDI: 0000000000000083
[  995.110143] RBP: ffffffff81f38d40 R08: 000000000000000a R09: 0000000000000000
[  995.110665] R10: 000000010002a665 R11: 0000000000004c00 R12: ffff88042a283ed0
[  995.111182] R13: ffffffff810ff75e R14: 0000000000000000 R15: ffff88042a280000
[  995.111733] FS:  0000000000000000(0000) GS:ffff88043fc80000(0000) 
knlGS:0000000000000000
[  995.112486] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  995.112978] CR2: ffff88042a284000 CR3: 000000043d246000 CR4: 00000000000006e0
[  995.113497] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  995.114085] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  995.114612] Stack:
[  995.114965]  ffff88042a283f28 ffffffff810c4736 ffff88042a280000 
ffff88042a284000
[  995.116204]  ee041b0196f77cc4 a1abbcd2b8b123ce 0000000000000000 
0000000000000000
[  995.117389]  0000000000000000 0000000000000000 0000000000000000 
ffff88042a283f48
[  995.118425] Call Trace:
[  995.118811]  [<ffffffff810c4736>] ? cpu_startup_entry+0x176/0x350
[  995.119293]  [<ffffffff810517c4>] ? start_secondary+0x154/0x190
[  995.119775] Code: ff ff ff 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 
02 02 00 00 00 00 00 00 58 3f 28 2a 04 88 ff ff 18 00 00 00 00 00 00 00 <c0> 8c 
27 2a 04 88 ff ff 00 00 00 00 00 00 00 00 02 00 00 00 00 
[  995.125554] RIP  [<ffff88042a284000>] 0xffff88042a284000
[  995.126088]  RSP <ffff88042a283ed0>
[  995.126453] CR2: ffff88042a284000

I've upgraded other machines as well, and only this particular VM shows
this behaviour.

I have a crash dump, but I haven't looked into the contents yet. Getting
the dmesg was already a pain in the behind.

The VM this happens on is:
- a KVM guest
- x86_64, 4 cores
- 16gb ram

lsb_release:
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.2 LTS
Release:        16.04
Codename:       xenial

lspci says:
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] 
(rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 VGA compatible controller: VMware SVGA II Adapter
00:03.0 Unclassified device [00ff]: Red Hat, Inc Virtio memory balloon
00:0a.0 SCSI storage controller: Red Hat, Inc Virtio block device
00:0b.0 SCSI storage controller: Red Hat, Inc Virtio block device
00:12.0 Ethernet controller: Red Hat, Inc Virtio network device
00:1e.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge
00:1f.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge

Let me know if there are other helpful details I can provide. If I find
out more, I'll update this ticket.

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1691741

Title:
  Execute NX-protected page - 4.4.0-78-generic - kernel panic

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  After upgrading from 4.4.0-77 to 4.4.0-78 I started getting kernel
  panics.

  The crashes do not happen immediately, but have happened generally
  after a couple of minutes, sometimes more.

  After enabling linux-crashdump stuff, I managed to extract this dmesg.

  [  995.103846] kernel tried to execute NX-protected page - exploit attempt? 
(uid: 0)
  [  995.104141] BUG: unable to handle kernel paging request at ffff88042a284000
  [  995.104407] IP: [<ffff88042a284000>] 0xffff88042a284000
  [  995.104594] PGD 43f20b067 PUD 43f20e067 PMD 42a3da063 PTE 800000042a284163
  [  995.104946] Oops: 0011 [#1] SMP 
  [  995.105143] Modules linked in: zfs(PO) zunicode(PO) zcommon(PO) 
znvpair(PO) spl(O) zavl(PO) ppdev input_leds shpchp serio_raw i2c_piix4 mac_hid 
parport_pc parport 8250_fintek autofs4 ttm drm_kms_helper syscopyarea 
sysfillrect sysimgblt fb_sys_fops drm psmouse floppy pata_acpi
  [  995.107081] CPU: 1 PID: 0 Comm: swapper/1 Tainted: P           O    
4.4.0-78-generic #99-Ubuntu
  [  995.107299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 
rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org 04/01/2014
  [  995.107573] task: ffff88042a278000 ti: ffff88042a280000 task.ti: 
ffff88042a280000
  [  995.108070] RIP: 0010:[<ffff88042a284000>]  [<ffff88042a284000>] 
0xffff88042a284000
  [  995.108637] RSP: 0018:ffff88042a283ed0  EFLAGS: 00010082
  [  995.109116] RAX: 0000000000000001 RBX: 000000e797438af0 RCX: 
0000000000000000
  [  995.109638] RDX: 0000000000000001 RSI: 0000000000000083 RDI: 
0000000000000083
  [  995.110143] RBP: ffffffff81f38d40 R08: 000000000000000a R09: 
0000000000000000
  [  995.110665] R10: 000000010002a665 R11: 0000000000004c00 R12: 
ffff88042a283ed0
  [  995.111182] R13: ffffffff810ff75e R14: 0000000000000000 R15: 
ffff88042a280000
  [  995.111733] FS:  0000000000000000(0000) GS:ffff88043fc80000(0000) 
knlGS:0000000000000000
  [  995.112486] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
  [  995.112978] CR2: ffff88042a284000 CR3: 000000043d246000 CR4: 
00000000000006e0
  [  995.113497] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 
0000000000000000
  [  995.114085] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 
0000000000000400
  [  995.114612] Stack:
  [  995.114965]  ffff88042a283f28 ffffffff810c4736 ffff88042a280000 
ffff88042a284000
  [  995.116204]  ee041b0196f77cc4 a1abbcd2b8b123ce 0000000000000000 
0000000000000000
  [  995.117389]  0000000000000000 0000000000000000 0000000000000000 
ffff88042a283f48
  [  995.118425] Call Trace:
  [  995.118811]  [<ffffffff810c4736>] ? cpu_startup_entry+0x176/0x350
  [  995.119293]  [<ffffffff810517c4>] ? start_secondary+0x154/0x190
  [  995.119775] Code: ff ff ff 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 
02 02 00 00 00 00 00 00 58 3f 28 2a 04 88 ff ff 18 00 00 00 00 00 00 00 <c0> 8c 
27 2a 04 88 ff ff 00 00 00 00 00 00 00 00 02 00 00 00 00 
  [  995.125554] RIP  [<ffff88042a284000>] 0xffff88042a284000
  [  995.126088]  RSP <ffff88042a283ed0>
  [  995.126453] CR2: ffff88042a284000

  I've upgraded other machines as well, and only this particular VM
  shows this behaviour.

  I have a crash dump, but I haven't looked into the contents yet.
  Getting the dmesg was already a pain in the behind.

  The VM this happens on is:
  - a KVM guest
  - x86_64, 4 cores
  - 16gb ram

  lsb_release:
  Distributor ID: Ubuntu
  Description:    Ubuntu 16.04.2 LTS
  Release:        16.04
  Codename:       xenial

  lspci says:
  00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
  00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
  00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
  00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton 
II] (rev 01)
  00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
  00:02.0 VGA compatible controller: VMware SVGA II Adapter
  00:03.0 Unclassified device [00ff]: Red Hat, Inc Virtio memory balloon
  00:0a.0 SCSI storage controller: Red Hat, Inc Virtio block device
  00:0b.0 SCSI storage controller: Red Hat, Inc Virtio block device
  00:12.0 Ethernet controller: Red Hat, Inc Virtio network device
  00:1e.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge
  00:1f.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge

  Let me know if there are other helpful details I can provide. If I
  find out more, I'll update this ticket.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1691741/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1691741] [NEW] Execute NX-protected page - 4.4.0-78-generic - kernel panic

Reply via email to