Bug 820087
| Summary: | [abrt] kernel: [103717.471705] general protection fault: 0000 [#1] SMP | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | jan p. springer <jsd> | ||||
| Component: | kernel | Assignee: | Stanislaw Gruszka <sgruszka> | ||||
| Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 16 | CC: | gansalmon, itamar, jonathan, kernel-maint, madhu.chinakonda, sgruszka | ||||
| Target Milestone: | --- | Keywords: | Reopened | ||||
| Target Release: | --- | ||||||
| Hardware: | x86_64 | ||||||
| OS: | Unspecified | ||||||
| Whiteboard: | abrt_hash:8138a9a64db908cdbd424201a3b78d3a8bfef72c | ||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2013-01-17 15:27:09 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
jan p. springer
2012-05-09 06:33:57 UTC
Created attachment 583153 [details]
File: backtrace
Looks like some kind of debugfs removal issue in the mac08211 layer. > [103717.472278] RIP: 0010:[<ffffffff812548e9>] [<ffffffff812548e9>] debugfs_remove_recursive+0x29/0x190
> [103717.472324] RSP: 0018:ffff8801fa27b628 EFLAGS: 00010206
> [103717.472348] RAX: 5a700000000002b2 RBX: ffff8801aad37400 RCX: ffff88020f749d60
> [103717.472379] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880100000002
> [103717.472410] RBP: ffff8801fa27b648 R08: ffffea0006d81f20 R09: ffff88021e1eaee0
> [103717.472441] R10: 0000000000000075 R11: 0000000000000000 R12: ffff88020f7487a8
> [103717.472472] R13: ffff88020f749130 R14: ffff880100000002 R15: 0000000000000001
> [103717.472503] FS: 00007f2d228c47c0(0000) GS:ffff88021e200000(0000) knlGS:0000000000000000
> [103717.472538] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [103717.472563] CR2: 0000000002628251 CR3: 00000001fa5ae000 CR4: 00000000000406f0
> [103717.472594] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [103717.472625] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> [103717.472656] Process wpa_supplicant (pid: 1075, threadinfo ffff8801fa27a000, task ffff880210e25cc0)
> [103717.472694] Stack:
> [103717.472704] ffff8801aad37400 ffff88020f7487a8 ffff88020f749130 0000000000000000
> [103717.472742] ffff8801fa27b668 ffffffffa026af22 0000000000000000 ffff8801aad37400
> [103717.472780] ffff8801fa27b688 ffffffffa025075b 0000000000000000 ffff8801aad37400
> [103717.472819] Call Trace:
> [103717.472850] [<ffffffffa026af22>] ieee80211_debugfs_key_remove+0x22/0x40 [mac80211]
> [103717.472894] [<ffffffffa025075b>] __ieee80211_key_destroy+0x4b/0xa0 [mac80211]
> [103717.472935] [<ffffffffa0250c82>] __ieee80211_key_free+0x42/0x50 [mac80211]
> [103717.472974] [<ffffffffa0244ada>] ieee80211_del_key+0x8a/0xe0 [mac80211]
> [103717.473012] [<ffffffffa01e0357>] __cfg80211_disconnected+0x1c7/0x270 [cfg80211]
> [103717.473050] [<ffffffffa01dc810>] __cfg80211_send_deauth+0x1e0/0x270 [cfg80211]
> [103717.473101] [<ffffffff8116b23c>] ? ksize+0x1c/0xc0
> [103717.473133] [<ffffffffa02379fc>] ieee80211_send_deauth_disassoc+0x16c/0x190 [mac80211]
> [103717.473182] [<ffffffffa023c944>] ieee80211_mgd_deauth+0x504/0x520 [mac80211]
> [103717.473227] [<ffffffff8126c7d6>] ? cred_has_capability+0x126/0x140
> [103717.473273] [<ffffffffa0243a8e>] ieee80211_deauth+0x1e/0x20 [mac80211]
> [103717.473308] [<ffffffffa01dd20e>] __cfg80211_mlme_deauth+0x11e/0x140 [cfg80211]
> [103717.473345] [<ffffffffa01dd2a3>] cfg80211_mlme_deauth+0x73/0xa0 [cfg80211]
> [103717.473381] [<ffffffffa01cd63e>] nl80211_deauthenticate+0xbe/0xf0 [cfg80211]
> [103717.473417] [<ffffffff81510285>] genl_rcv_msg+0x1d5/0x250
> [103717.473443] [<ffffffff815100b0>] ? genl_rcv+0x40/0x40
> [103717.474658] [<ffffffff8150fb19>] netlink_rcv_skb+0xa9/0xd0
> [103717.475868] [<ffffffff81510095>] genl_rcv+0x25/0x40
> [103717.477077] [<ffffffff8150f4de>] netlink_unicast+0x1ae/0x1f0
> [103717.478291] [<ffffffff8150f7de>] netlink_sendmsg+0x2be/0x320
> [103717.479495] [<ffffffff814ce777>] sock_sendmsg+0x117/0x130
> [103717.480699] [<ffffffff81088d5e>] ? try_to_wake_up+0x1be/0x2b0
> [103717.481462] [<ffffffff814d113a>] ? move_addr_to_kernel+0x5a/0xa0
> [103717.482574] [<ffffffff814dce66>] ? verify_iovec+0x56/0xd0
> [103717.483658] [<ffffffff814cfd56>] __sys_sendmsg+0x396/0x3b0
> [103717.484696] [<ffffffff8106cadf>] ? set_current_blocked+0x3f/0x60
> [103717.485703] [<ffffffff8106cbd6>] ? block_sigmask+0x46/0x50
> [103717.486663] [<ffffffff81014328>] ? do_signal+0x198/0x760
> [103717.487620] [<ffffffff8101dcd2>] ? fpu_finit+0x22/0x40
> [103717.488558] [<ffffffff8101eb9b>] ? check_for_xstate+0x3b/0xc0
> [103717.489489] [<ffffffff810d3a16>] ? __audit_syscall_exit+0x3d6/0x410
> [103717.490397] [<ffffffff814d2109>] sys_sendmsg+0x49/0x90
> [103717.491297] [<ffffffff815fbee9>] system_call_fastpath+0x16/0x1b
> [103717.492189] Code: 00 00 55 48 89 e5 41 56 41 55 41 54 53 66 66 66 66 90 48 85 ff 49 89 fe 0f 84 53 01 00 00 48 8b 47 18 48 85 c0 0f 84 46 01 00 00 <48> 83 78 30 00 0f 84 3b 01 00 00 48 8b 7f 30 4c 89 f3 4d 8d ae
> [103717.494272] RIP [<ffffffff812548e9>] debugfs_remove_recursive+0x29/0x190
> [103717.495280] RSP <ffff8801fa27b628>
Reading symbols from /usr/lib/debug/lib/modules/3.3.4-3.fc16.x86_64/vmlinux...done.
(gdb) l *(debugfs_remove_recursive+0x29)
0xffffffff812548e9 is in debugfs_remove_recursive (fs/debugfs/inode.c:390).
385
386 if (!dentry)
387 return;
388
389 parent = dentry->d_parent;
390 if (!parent || !parent->d_inode)
391 return;
392
393 parent = dentry;
394 mutex_lock(&parent->d_inode->i_mutex);
(gdb) l *(ieee80211_debugfs_key_remove+0x22)
0x40f22 is in ieee80211_debugfs_key_remove (net/mac80211/debugfs_key.c:273).
268 {
269 if (!key)
270 return;
271
272 debugfs_remove_recursive(key->debugfs.dir);
273 key->debugfs.dir = NULL;
274 }
275
276 void ieee80211_debugfs_key_update_default(struct ieee80211_sub_if_data *sdata)
277 {
We have invalid pointer (but not NULL, equal to 0x5a700000000002b), which is dereferenced. It does not looks like valid pointer, so seems we have memory corruption. Jan, please install kernel-debug and use if for some time, it should generate some more informative backtrace (ABRT will catch it). When it will happen, dump dmesg output and attach here. Thanks. mmh, this problem never occured again. but, there were a lot of kernel updates since then. i'm going to do a system upgrade on the machine where this happened later this week; so i think you can close the bug. cheers. I remember strange bugs rapports from you before, I think you are hitting some seldom reproducible nasty problem. It could be fixed, maybe. And even if it's not fixed, we could not fix it since do not have sufficient data. Anyway, please use kernel-debug for some time, if there are some bugs reproducible in your environment, they should be cough by various debug facilities which are enabled in kernel-debug variant. *** Bug 816705 has been marked as a duplicate of this bug. *** *** Bug 865827 has been marked as a duplicate of this bug. *** So it happens against on 3.5. Jan, could you please run kernel-debug instead of normal kernel package starting from now? Kernel-debug should help to identify problem on your system. stanislaw, this is my mobile office. what i'm doing is keep it up-to-date and if sth. pops up in abrt i'll just report it. would it be safe for me to run 'kernel-debug'? if so, how do i do that? regards, j. Using kernel-debug is not dangerous :-) yum install kernel-debug and assure in grub options that -debug kernel is booted (should be default). mmh, there's only the latest kernel (3.6.3-1.fc17) available as debug which is a problem in my case, see bug 865998 (dunno if this gets linked automagically). Every fedora kernel is built with -debug version, yum install latest by default (actually that depend on which repositories are enabled). You can download older kernel manually from koji and install it by "rpm -ivh kernel-debug.rpm" http://koji.fedoraproject.org/koji/packageinfo?packageID=8 i've installed kernel-debug (though it seems ridiculously hard to find the download link; it should be added to the actual .rpm info page). what do i do next? just wait for sth. to happen? Yes, abrt should report some warnings. Also you can see if there is something suspicious in dmesg by yourself. This message is a reminder that Fedora 16 is nearing its end of life. Approximately 4 (four) weeks from now Fedora will stop maintaining and issuing updates for Fedora 16. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '16'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 16's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 16 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora, you are encouraged to click on "Clone This Bug" and open it against that version of Fedora. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping I do not see chance to fix this bug. However it is maybe fixed on updated kernel i.e. 3.6 or 3.7 . |