This service will be undergoing maintenance at 00:00 UTC, 2017-10-23 It is expected to last about 30 minutes

Bug 820087

Summary: [abrt] kernel: [103717.471705] general protection fault: 0000 [#1] SMP
Product: [Fedora] Fedora Reporter: jan p. springer <jsd>
Component: kernelAssignee: Stanislaw Gruszka <sgruszka>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: gansalmon, itamar, jonathan, kernel-maint, madhu.chinakonda, sgruszka
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:8138a9a64db908cdbd424201a3b78d3a8bfef72c
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-01-17 10:27:09 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Attachments:
Description Flags
File: backtrace none

Description jan p. springer 2012-05-09 02:33:57 EDT
libreport version: 2.0.8
abrt_version:   2.0.7
cmdline:        BOOT_IMAGE=/boot/vmlinuz-3.3.4-3.fc16.x86_64 root=UUID=e7495b4a-4b58-4d0d-88c0-89cfe6fc124d ro rd.md=0 rd.lvm=0 rd.dm=0 KEYTABLE=us quiet SYSFONT=latarcyrheb-sun16 rhgb rd.luks=0 LANG=C
kernel:         3.3.4-3.fc16.x86_64
reason:         [103717.471705] general protection fault: 0000 [#1] SMP 
time:           Tue May  8 10:38:01 2012

backtrace:      Text file, 5178 bytes

smolt_data:
:
:
:General
:=================================
:UUID: ec12badf-c750-4868-9967-0a2c56d66828
:OS: Fedora release 16 (Verne)
:Default run level: Unknown
:Language: C
:Platform: x86_64
:BogoMIPS: 5582.22
:CPU Vendor: GenuineIntel
:CPU Model: Intel(R) Core(TM) i7-2640M CPU @ 2.80GHz
:CPU Stepping: 7
:CPU Family: 6
:CPU Model Num: 42
:Number of CPUs: 4
:CPU Speed: 2801
:System Memory: 7870
:System Swap: 8625
:Vendor: LENOVO
:System: 12943QG ThinkPad X1
:Form factor: Notebook
:Kernel: 3.3.4-3.fc16.x86_64
:SELinux Enabled: 1
:SELinux Policy: targeted
:SELinux Enforce: Enforcing
:MythTV Remote: Unknown
:MythTV Role: Unknown
:MythTV Theme: Unknown
:MythTV Plugin: 
:MythTV Tuner: -1
:
:
:Devices
:=================================
:(4147:404:6058:8680) pci, xhci_hcd, USB, uPD720200 USB 3.0 Host Controller
:(32902:7247:6058:8680) pci, None, PCI/ISA, QM67 Express Chipset Family LPC Controller
:(4480:59427:6058:8680) pci, sdhci-pci, BASE, N/A
:(32902:294:6058:8680) pci, i915, VIDEO, 2nd Generation Core Processor Family Integrated Graphics Controller
:(32902:7190:6058:8680) pci, pcieport, PCI/PCI, 6 Series/C200 Series Chipset Family PCI Express Root Port 4
:(32902:7184:6058:8680) pci, pcieport, PCI/PCI, 6 Series/C200 Series Chipset Family PCI Express Root Port 1
:(32902:7186:6058:8680) pci, pcieport, PCI/PCI, 6 Series/C200 Series Chipset Family PCI Express Root Port 2
:(32902:7196:6058:8680) pci, pcieport, PCI/PCI, 6 Series/C200 Series Chipset Family PCI Express Root Port 7
:(32902:7192:6058:8680) pci, pcieport, PCI/PCI, 6 Series/C200 Series Chipset Family PCI Express Root Port 5
:(32902:7200:6058:8680) pci, snd_hda_intel, MULTIMEDIA, 6 Series/C200 Series Chipset Family High Definition Audio Controller
:(32902:5378:6058:8654) pci, e1000e, ETHERNET, 82579LM Gigabit Network Connection
:(32902:7213:6058:8680) pci, ehci_hcd, USB, 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #2
:(32902:7202:6058:8680) pci, i801_smbus, SERIAL, 6 Series/C200 Series Chipset Family SMBus Controller
:(32902:16952:32902:4369) pci, iwlwifi, NETWORK, Centrino Ultimate-N 6300 3x3 AGN
:(32902:7171:6058:8680) pci, ahci, STORAGE, 6 Series/C200 Series Chipset Family 6 port SATA AHCI Controller
:(32902:7229:6058:8680) pci, serial, 16550_SERIAL, 6 Series/C200 Series Chipset Family KT Controller
:(32902:7206:6058:8680) pci, ehci_hcd, USB, 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #1
:(32902:260:6058:8680) pci, agpgart-intel, HOST/PCI, 2nd Generation Core Processor Family DRAM Controller
:(32902:7226:6058:8680) pci, None, SIMPLE, 6 Series/C200 Series Chipset Family MEI Controller #1
:
:
:Filesystem Information
:=================================
:device mtpt type bsize frsize blocks bfree bavail file ffree favail
:-------------------------------------------------------------------
:/dev/sda1 / ext4 4096 4096 36827210 14921682 14553141 9216000 8698148 8698148
:
Comment 1 jan p. springer 2012-05-09 02:34:02 EDT
Created attachment 583153 [details]
File: backtrace
Comment 2 Josh Boyer 2012-05-09 09:20:42 EDT
Looks like some kind of debugfs removal issue in the mac08211 layer.
Comment 3 Stanislaw Gruszka 2012-05-29 09:34:26 EDT
> [103717.472278] RIP: 0010:[<ffffffff812548e9>]  [<ffffffff812548e9>] debugfs_remove_recursive+0x29/0x190
> [103717.472324] RSP: 0018:ffff8801fa27b628  EFLAGS: 00010206
> [103717.472348] RAX: 5a700000000002b2 RBX: ffff8801aad37400 RCX: ffff88020f749d60
> [103717.472379] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880100000002
> [103717.472410] RBP: ffff8801fa27b648 R08: ffffea0006d81f20 R09: ffff88021e1eaee0
> [103717.472441] R10: 0000000000000075 R11: 0000000000000000 R12: ffff88020f7487a8
> [103717.472472] R13: ffff88020f749130 R14: ffff880100000002 R15: 0000000000000001
> [103717.472503] FS:  00007f2d228c47c0(0000) GS:ffff88021e200000(0000) knlGS:0000000000000000
> [103717.472538] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [103717.472563] CR2: 0000000002628251 CR3: 00000001fa5ae000 CR4: 00000000000406f0
> [103717.472594] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
> [103717.472625] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
> [103717.472656] Process wpa_supplicant (pid: 1075, threadinfo ffff8801fa27a000, task ffff880210e25cc0)
> [103717.472694] Stack:
> [103717.472704]  ffff8801aad37400 ffff88020f7487a8 ffff88020f749130 0000000000000000
> [103717.472742]  ffff8801fa27b668 ffffffffa026af22 0000000000000000 ffff8801aad37400
> [103717.472780]  ffff8801fa27b688 ffffffffa025075b 0000000000000000 ffff8801aad37400
> [103717.472819] Call Trace:
> [103717.472850]  [<ffffffffa026af22>] ieee80211_debugfs_key_remove+0x22/0x40 [mac80211]
> [103717.472894]  [<ffffffffa025075b>] __ieee80211_key_destroy+0x4b/0xa0 [mac80211]
> [103717.472935]  [<ffffffffa0250c82>] __ieee80211_key_free+0x42/0x50 [mac80211]
> [103717.472974]  [<ffffffffa0244ada>] ieee80211_del_key+0x8a/0xe0 [mac80211]
> [103717.473012]  [<ffffffffa01e0357>] __cfg80211_disconnected+0x1c7/0x270 [cfg80211]
> [103717.473050]  [<ffffffffa01dc810>] __cfg80211_send_deauth+0x1e0/0x270 [cfg80211]
> [103717.473101]  [<ffffffff8116b23c>] ? ksize+0x1c/0xc0
> [103717.473133]  [<ffffffffa02379fc>] ieee80211_send_deauth_disassoc+0x16c/0x190 [mac80211]
> [103717.473182]  [<ffffffffa023c944>] ieee80211_mgd_deauth+0x504/0x520 [mac80211]
> [103717.473227]  [<ffffffff8126c7d6>] ? cred_has_capability+0x126/0x140
> [103717.473273]  [<ffffffffa0243a8e>] ieee80211_deauth+0x1e/0x20 [mac80211]
> [103717.473308]  [<ffffffffa01dd20e>] __cfg80211_mlme_deauth+0x11e/0x140 [cfg80211]
> [103717.473345]  [<ffffffffa01dd2a3>] cfg80211_mlme_deauth+0x73/0xa0 [cfg80211]
> [103717.473381]  [<ffffffffa01cd63e>] nl80211_deauthenticate+0xbe/0xf0 [cfg80211]
> [103717.473417]  [<ffffffff81510285>] genl_rcv_msg+0x1d5/0x250
> [103717.473443]  [<ffffffff815100b0>] ? genl_rcv+0x40/0x40
> [103717.474658]  [<ffffffff8150fb19>] netlink_rcv_skb+0xa9/0xd0
> [103717.475868]  [<ffffffff81510095>] genl_rcv+0x25/0x40
> [103717.477077]  [<ffffffff8150f4de>] netlink_unicast+0x1ae/0x1f0
> [103717.478291]  [<ffffffff8150f7de>] netlink_sendmsg+0x2be/0x320
> [103717.479495]  [<ffffffff814ce777>] sock_sendmsg+0x117/0x130
> [103717.480699]  [<ffffffff81088d5e>] ? try_to_wake_up+0x1be/0x2b0
> [103717.481462]  [<ffffffff814d113a>] ? move_addr_to_kernel+0x5a/0xa0
> [103717.482574]  [<ffffffff814dce66>] ? verify_iovec+0x56/0xd0
> [103717.483658]  [<ffffffff814cfd56>] __sys_sendmsg+0x396/0x3b0
> [103717.484696]  [<ffffffff8106cadf>] ? set_current_blocked+0x3f/0x60
> [103717.485703]  [<ffffffff8106cbd6>] ? block_sigmask+0x46/0x50
> [103717.486663]  [<ffffffff81014328>] ? do_signal+0x198/0x760
> [103717.487620]  [<ffffffff8101dcd2>] ? fpu_finit+0x22/0x40
> [103717.488558]  [<ffffffff8101eb9b>] ? check_for_xstate+0x3b/0xc0
> [103717.489489]  [<ffffffff810d3a16>] ? __audit_syscall_exit+0x3d6/0x410
> [103717.490397]  [<ffffffff814d2109>] sys_sendmsg+0x49/0x90
> [103717.491297]  [<ffffffff815fbee9>] system_call_fastpath+0x16/0x1b
> [103717.492189] Code: 00 00 55 48 89 e5 41 56 41 55 41 54 53 66 66 66 66 90 48 85 ff 49 89 fe 0f 84 53 01 00 00 48 8b 47 18 48 85 c0 0f 84 46 01 00 00 <48> 83 78 30 00 0f 84 3b 01 00 00 48 8b 7f 30 4c 89 f3 4d 8d ae 
> [103717.494272] RIP  [<ffffffff812548e9>] debugfs_remove_recursive+0x29/0x190
> [103717.495280]  RSP <ffff8801fa27b628>
Comment 4 Stanislaw Gruszka 2012-05-29 09:48:42 EDT
Reading symbols from /usr/lib/debug/lib/modules/3.3.4-3.fc16.x86_64/vmlinux...done.
(gdb) l *(debugfs_remove_recursive+0x29)
0xffffffff812548e9 is in debugfs_remove_recursive (fs/debugfs/inode.c:390).
385	
386		if (!dentry)
387			return;
388	
389		parent = dentry->d_parent;
390		if (!parent || !parent->d_inode)
391			return;
392	
393		parent = dentry;
394		mutex_lock(&parent->d_inode->i_mutex);

(gdb) l *(ieee80211_debugfs_key_remove+0x22)
0x40f22 is in ieee80211_debugfs_key_remove (net/mac80211/debugfs_key.c:273).
268	{
269		if (!key)
270			return;
271	
272		debugfs_remove_recursive(key->debugfs.dir);
273		key->debugfs.dir = NULL;
274	}
275	
276	void ieee80211_debugfs_key_update_default(struct ieee80211_sub_if_data *sdata)
277	{
Comment 5 Stanislaw Gruszka 2012-05-29 09:56:42 EDT
We have invalid pointer (but not NULL, equal to 0x5a700000000002b), which is dereferenced. It does not looks like valid pointer, so seems we have memory corruption.

Jan, please install kernel-debug and use if for some time, it should generate some more informative backtrace (ABRT will catch it). When it will happen, dump dmesg output and attach here. Thanks.
Comment 6 jan p. springer 2012-05-30 06:39:21 EDT
mmh, this problem never occured again. but, there were a lot of kernel updates since then. i'm going to do a system upgrade on the machine where this happened later this week; so i think you can close the bug. cheers.
Comment 7 Stanislaw Gruszka 2012-05-30 08:45:57 EDT
I remember strange bugs rapports from you before, I think you are hitting some seldom reproducible nasty problem. It could be fixed, maybe. And even if it's not fixed, we could not fix it since do not have sufficient data.

Anyway, please use kernel-debug for some time, if there are some bugs reproducible in your environment, they should be cough by various debug facilities which are enabled in kernel-debug variant.
Comment 8 Stanislaw Gruszka 2012-06-04 08:37:22 EDT
*** Bug 816705 has been marked as a duplicate of this bug. ***
Comment 9 Stanislaw Gruszka 2012-11-02 11:45:35 EDT
*** Bug 865827 has been marked as a duplicate of this bug. ***
Comment 10 Stanislaw Gruszka 2012-11-02 11:47:36 EDT
So it happens against on 3.5. Jan, could you please run kernel-debug instead of normal kernel package starting from now? Kernel-debug should help to identify problem on your system.
Comment 11 jan p. springer 2012-11-02 14:06:58 EDT
stanislaw,

this is my mobile office. what i'm doing is keep it up-to-date and if sth. pops up in abrt i'll just report it. would it be safe for me to run 'kernel-debug'? if so, how do i do that?

regards, j.
Comment 12 Stanislaw Gruszka 2012-11-02 14:54:53 EDT
Using kernel-debug is not dangerous :-)

yum install kernel-debug

and assure in grub options that -debug kernel is booted (should be default).
Comment 13 jan p. springer 2012-11-02 17:28:44 EDT
mmh, there's only the latest kernel (3.6.3-1.fc17) available as debug which is a problem in my case, see bug 865998 (dunno if this gets linked automagically).
Comment 14 Stanislaw Gruszka 2012-11-03 05:36:21 EDT
Every fedora kernel is built with -debug version, yum install latest by default (actually that depend on which repositories are enabled). You can download older kernel manually from koji and install it by "rpm -ivh kernel-debug.rpm"
http://koji.fedoraproject.org/koji/packageinfo?packageID=8
Comment 15 jan p. springer 2012-11-03 07:33:40 EDT
i've installed kernel-debug (though it seems ridiculously hard to find the download link; it should be added to the actual .rpm info page).

what do i do next? just wait for sth. to happen?
Comment 16 Stanislaw Gruszka 2012-11-03 07:44:29 EDT
Yes, abrt should report some warnings. Also you can see if there is something suspicious in dmesg by yourself.
Comment 17 Fedora End Of Life 2013-01-16 19:22:48 EST
This message is a reminder that Fedora 16 is nearing its end of life.
Approximately 4 (four) weeks from now Fedora will stop maintaining
and issuing updates for Fedora 16. It is Fedora's policy to close all
bug reports from releases that are no longer maintained. At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '16'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 16's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 16 is end of life. If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora, you are encouraged to click on 
"Clone This Bug" and open it against that version of Fedora.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events. Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 18 Stanislaw Gruszka 2013-01-17 10:27:09 EST
I do not see chance to fix this bug. However it is maybe fixed on updated kernel i.e. 3.6 or 3.7 .