Due to the nature of the data on the machine and the fact that I don't
know what apport will send, I'm unable to execute the apport-collect.
# Some data from /usr/bin/crash:
KERNEL: /usr/lib/debug/boot/vmlinux-4.4.0-78-generic
DUMPFILE: dump.201705181342 [PARTIAL DUMP]
CPUS: 4
DATE: Thu May 18 13:42:12 2017
UPTIME: 00:16:34
LOAD AVERAGE: 0.21, 0.05, 0.01
TASKS: 547
NODENAME: <my_server>
RELEASE: 4.4.0-78-generic
VERSION: #99-Ubuntu SMP Thu Apr 27 15:29:09 UTC 2017
MACHINE: x86_64 (2199 Mhz)
MEMORY: 16 GB
PANIC: "BUG: unable to handle kernel paging request at ffff88042a284000"
PID: 0
COMMAND: "swapper/1"
TASK: ffff88042a278000 (1 of 4) [THREAD_INFO: ffff88042a280000]
CPU: 1
STATE: TASK_RUNNING (PANIC)
# crash> bt
PID: 0 TASK: ffff88042a278000 CPU: 1 COMMAND: "swapper/1"
#0 [ffff88042a283b78] machine_kexec at ffffffff8105c0db
#1 [ffff88042a283bd8] crash_kexec at ffffffff8110e572
#2 [ffff88042a283ca8] oops_end at ffffffff81031c49
#3 [ffff88042a283cd0] no_context at ffffffff8106ad35
#4 [ffff88042a283d30] __bad_area_nosemaphore at ffffffff8106b000
#5 [ffff88042a283d78] bad_area_nosemaphore at ffffffff8106b183
#6 [ffff88042a283d88] __do_page_fault at ffffffff8106b447
#7 [ffff88042a283de0] trace_do_page_fault at ffffffff8106b7f7
#8 [ffff88042a283e10] do_async_page_fault at ffffffff81063ef9
#9 [ffff88042a283e20] async_page_fault at ffffffff81842be8
#10 [ffff88042a283e38] tick_nohz_idle_exit at ffffffff810ff75e
#11 [ffff88042a283ed8] cpu_startup_entry at ffffffff810c4736
#12 [ffff88042a283f30] start_secondary at ffffffff810517c4
# crash> bt -f
# #9 [ffff88042a283e20] async_page_fault at ffffffff81842be8
ffff88042a283e28: ffff88042a280000 0000000000000000
ffff88042a283e38: ffffffff810ff75e
#10 [ffff88042a283e38] tick_nohz_idle_exit at ffffffff810ff75e
ffff88042a283e40: ffff88042a283ed0 ffffffff81f38d40
ffff88042a283e50: 000000e797438af0 0000000000004c00
ffff88042a283e60: 000000010002a665 0000000000000000
ffff88042a283e70: 000000000000000a 0000000000000001
ffff88042a283e80: 0000000000000000 0000000000000001
ffff88042a283e90: 0000000000000083 0000000000000083
ffff88042a283ea0: ffffffffffffffff ffff88042a284000
ffff88042a283eb0: 0000000000000010 0000000000010082
ffff88042a283ec0: ffff88042a283ed0 0000000000000018
ffff88042a283ed0: ffff88042a283f28 ffffffff810c4736
#11 [ffff88042a283ed8] cpu_startup_entry at ffffffff810c4736
ffff88042a283ee0: ffff88042a280000 ffff88042a284000
ffff88042a283ef0: ee041b0196f77cc4 a1abbcd2b8b123ce
ffff88042a283f00: 0000000000000000 0000000000000000
ffff88042a283f10: 0000000000000000 0000000000000000
ffff88042a283f20: 0000000000000000 ffff88042a283f48
ffff88042a283f30: ffffffff810517c4
#12 [ffff88042a283f30] start_secondary at ffffffff810517c4
# crash> dis tick_nohz_idle_exit
0xffffffff810ff74f <tick_nohz_idle_exit+127>: mov %r12,0xa8(%rbx)
0xffffffff810ff756 <tick_nohz_idle_exit+134>: mov %r12,%rsi
0xffffffff810ff759 <tick_nohz_idle_exit+137>: callq 0xffffffff810ff170
<tick_nohz_restart>
0xffffffff810ff75e <tick_nohz_idle_exit+142>: mov 0xd0989b(%rip),%rdi
# 0xffffffff81e09000 <jiffies>
0xffffffff810ff765 <tick_nohz_idle_exit+149>: sub 0x78(%rbx),%rdi
# lsmod info's
Module Size Used by
zfs 2813952 5
zunicode 331776 1 zfs
zcommon 57344 1 zfs
znvpair 90112 2 zfs,zcommon
spl 102400 3 zfs,zcommon,znvpair
zavl 16384 1 zfs
ppdev 20480 0
input_leds 16384 0
shpchp 36864 0
serio_raw 16384 0
i2c_piix4 24576 0
8250_fintek 16384 0
parport_pc 32768 0
parport 49152 2 ppdev,parport_pc
mac_hid 16384 0
autofs4 40960 2
ttm 94208 0
drm_kms_helper 155648 0
syscopyarea 16384 1 drm_kms_helper
sysfillrect 16384 1 drm_kms_helper
sysimgblt 16384 1 drm_kms_helper
fb_sys_fops 16384 1 drm_kms_helper
psmouse 131072 0
drm 364544 2 ttm,drm_kms_helper
pata_acpi 16384 0
floppy 73728 0
No idea if this is useful though.
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1691741
Title:
Execute NX-protected page - 4.4.0-78-generic - kernel panic
Status in linux package in Ubuntu:
Confirmed
Bug description:
After upgrading from 4.4.0-77 to 4.4.0-78 I started getting kernel
panics.
The crashes do not happen immediately, but have happened generally
after a couple of minutes, sometimes more.
After enabling linux-crashdump stuff, I managed to extract this dmesg.
[ 995.103846] kernel tried to execute NX-protected page - exploit attempt?
(uid: 0)
[ 995.104141] BUG: unable to handle kernel paging request at ffff88042a284000
[ 995.104407] IP: [<ffff88042a284000>] 0xffff88042a284000
[ 995.104594] PGD 43f20b067 PUD 43f20e067 PMD 42a3da063 PTE 800000042a284163
[ 995.104946] Oops: 0011 [#1] SMP
[ 995.105143] Modules linked in: zfs(PO) zunicode(PO) zcommon(PO)
znvpair(PO) spl(O) zavl(PO) ppdev input_leds shpchp serio_raw i2c_piix4 mac_hid
parport_pc parport 8250_fintek autofs4 ttm drm_kms_helper syscopyarea
sysfillrect sysimgblt fb_sys_fops drm psmouse floppy pata_acpi
[ 995.107081] CPU: 1 PID: 0 Comm: swapper/1 Tainted: P O
4.4.0-78-generic #99-Ubuntu
[ 995.107299] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
rel-1.9.3-0-ge2fc41e-prebuilt.qemu-project.org 04/01/2014
[ 995.107573] task: ffff88042a278000 ti: ffff88042a280000 task.ti:
ffff88042a280000
[ 995.108070] RIP: 0010:[<ffff88042a284000>] [<ffff88042a284000>]
0xffff88042a284000
[ 995.108637] RSP: 0018:ffff88042a283ed0 EFLAGS: 00010082
[ 995.109116] RAX: 0000000000000001 RBX: 000000e797438af0 RCX:
0000000000000000
[ 995.109638] RDX: 0000000000000001 RSI: 0000000000000083 RDI:
0000000000000083
[ 995.110143] RBP: ffffffff81f38d40 R08: 000000000000000a R09:
0000000000000000
[ 995.110665] R10: 000000010002a665 R11: 0000000000004c00 R12:
ffff88042a283ed0
[ 995.111182] R13: ffffffff810ff75e R14: 0000000000000000 R15:
ffff88042a280000
[ 995.111733] FS: 0000000000000000(0000) GS:ffff88043fc80000(0000)
knlGS:0000000000000000
[ 995.112486] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 995.112978] CR2: ffff88042a284000 CR3: 000000043d246000 CR4:
00000000000006e0
[ 995.113497] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 995.114085] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 995.114612] Stack:
[ 995.114965] ffff88042a283f28 ffffffff810c4736 ffff88042a280000
ffff88042a284000
[ 995.116204] ee041b0196f77cc4 a1abbcd2b8b123ce 0000000000000000
0000000000000000
[ 995.117389] 0000000000000000 0000000000000000 0000000000000000
ffff88042a283f48
[ 995.118425] Call Trace:
[ 995.118811] [<ffffffff810c4736>] ? cpu_startup_entry+0x176/0x350
[ 995.119293] [<ffffffff810517c4>] ? start_secondary+0x154/0x190
[ 995.119775] Code: ff ff ff 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00
02 02 00 00 00 00 00 00 58 3f 28 2a 04 88 ff ff 18 00 00 00 00 00 00 00 <c0> 8c
27 2a 04 88 ff ff 00 00 00 00 00 00 00 00 02 00 00 00 00
[ 995.125554] RIP [<ffff88042a284000>] 0xffff88042a284000
[ 995.126088] RSP <ffff88042a283ed0>
[ 995.126453] CR2: ffff88042a284000
I've upgraded other machines as well, and only this particular VM
shows this behaviour.
I have a crash dump, but I haven't looked into the contents yet.
Getting the dmesg was already a pain in the behind.
The VM this happens on is:
- a KVM guest
- x86_64, 4 cores
- 16gb ram
lsb_release:
Distributor ID: Ubuntu
Description: Ubuntu 16.04.2 LTS
Release: 16.04
Codename: xenial
lspci says:
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II]
00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton
II] (rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 VGA compatible controller: VMware SVGA II Adapter
00:03.0 Unclassified device [00ff]: Red Hat, Inc Virtio memory balloon
00:0a.0 SCSI storage controller: Red Hat, Inc Virtio block device
00:0b.0 SCSI storage controller: Red Hat, Inc Virtio block device
00:12.0 Ethernet controller: Red Hat, Inc Virtio network device
00:1e.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge
00:1f.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge
Let me know if there are other helpful details I can provide. If I
find out more, I'll update this ticket.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1691741/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
