Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754201AbaLAQuD (ORCPT ); Mon, 1 Dec 2014 11:50:03 -0500 Received: from mail-wg0-f48.google.com ([74.125.82.48]:58483 "EHLO mail-wg0-f48.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754158AbaLAQt6 convert rfc822-to-8bit (ORCPT ); Mon, 1 Dec 2014 11:49:58 -0500 MIME-Version: 1.0 Date: Mon, 1 Dec 2014 17:49:55 +0100 Message-ID: Subject: panic in skb_push via sctp From: =?UTF-8?B?Um9iZXJ0IMWad2nEmWNraQ==?= To: linux-sctp@vger.kernel.org Cc: linux-kernel@vger.kernel.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org I don't have much more, cause my kernel is kASLRNized and gdb cannot handle that, but pasting output from kdb. Maybe somebody will be able to see something obvious. <0>[93699.703244] skbuff: skb_under_panic: text:ffffffff83cff03e len:104 put:56 head:ffff8803bd804ec0 data:ffff8803bd804ebc tail:0x64 end:0xc0 dev: [9]kdb> bt Stack traceback for pid 14150 0xffff88039c81ebf0 14150 15338 1 9 R 0xffff88039c81f0f0 *trinity-c9 ffff8805318ab4b8 0000000000000018 ffffffff83abddc4 ffff8803bd804ebc 0000000000000064 00000000000000c0 ffffffff84bc674d ffff8805318ab508 ffff8805318ab518 00000000ffffffff 0000000000000000 ffff8805318ab558 Call Trace: [] ? skb_panic+0x154/0x220 [] ? ip_queue_xmit+0x12e/0x16d0 [] ? skb_push+0xc1/0x100 [] ? ip_queue_xmit+0x12e/0x16d0 [] ? __skb_checksum+0x110/0x730 [] ? kmem_cache_free+0x1d2/0x210 [] ? sctp_v4_xmit+0x101/0x1a0 [] ? sctp_packet_transmit+0xf32/0x2050 [] ? sctp_chunkify+0x4c/0x2a0 [] ? kasan_poison_shadow+0x34/0x40 [] ? sctp_csum_combine+0x20/0x20 [] ? sctp_packet_release_owner+0x50/0x50 [] ? sctp_outq_flush+0x6ee/0x2fa0 [] ? preempt_count_add+0x16f/0x1b0 [] ? sctp_outq_uncork+0x6d/0x90 [] ? sctp_do_sm+0x2c25/0x4a40 [] ? __ip_route_output_key+0xa50/0x2830 [] ? xfrm_lookup_route+0x21/0x100 [] ? ip_route_output_flow+0x69/0x90 [] ? extract_entropy+0xa2/0x230 [] ? sctp_v4_get_dst+0x65f/0x1040 [] ? sctp_primitive_ASSOCIATE+0x84/0xd0 [] ? sctp_sendmsg+0x15b6/0x29b0 [] ? toggle_bp_slot.constprop.11+0x1d0/0x530 [] ? generic_perform_write+0x266/0x450 [] ? inet_sendmsg+0x231/0x360 [] ? sock_sendmsg+0xc4/0x150 [] ? __fdget+0x13/0x20 [] ? sockfd_lookup_light+0x21/0x230 [] ? SYSC_sendto+0x166/0x240 [] ? syscall_trace_enter_phase2+0x2f2/0x640 [] ? SyS_sendto+0xe/0x10 [] ? tracesys_phase2+0xd8/0xdd [9]kdb> rd ax: 0000000000000087 bx: ffff8803c086ed00 cx: 0000000000000000 dx: 1ffffffff0a51c6b si: 1ffffffff0a51c6b di: ffffffff81391731 bp: ffff8805318ab528 sp: ffff8805318ab4b8 r8: ffffffff8528e415 r9: 0000000000000000 r10: ffffe8fff0a51c80 r11: 0000000000000007 r12: ffffffff849a5420 r13: 00000000000000c0 r14: 0000000000000064 r15: ffff8803bd804ebc ip: ffffffff83abddc4 flags: 00010296 cs: 00000010 ss: 00000018 ds: 00000018 es: 00000018 fs: 00000018 gs: 00000018 ONFIG_KASAN_INLINE enabled 0GPF could be caused by NULL-ptr deref or user memory access 2KGDB: re-enter exception: ALL breakpoints killed 0CONFIG_KASAN_INLINE enabled 0GPF could be caused by NULL-ptr deref or user memory access dCPU: 9 PID: 14150 Comm: trinity-c9 Tainted: G B W I 3.18.0-rc1+ #8 dHardware name: Dell Inc. Precision WorkStation T3500 /09KPNV, BIOS A08 09/16/2010 ffff8805318aacb8 00000000ea01fa3d 0000000000000000 00000000000003e8 ffff8805318aaa68 ffffffff845b35bb 1ffffffff0a512a4 ffffffff852ddd00 ffff8805318aab08 ffffffff81459b3d ffff880500000000 ffffffff811394e5 Call Trace: [] dump_stack+0x4f/0x7c [] kgdb_handle_exception+0x34d/0x360 [] ? show_stack_log_lvl+0x1f5/0x480 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_general_protection+0x225/0x3c0 [] general_protection+0x28/0x30 [] ? show_stack_log_lvl+0x1f5/0x480 [] ? show_stack_log_lvl+0x35/0x480 [] ? kdbgetaddrarg+0x559/0x850 [] show_stack+0x3d/0x100 [] kdb_show_stack+0xb2/0x1c0 [] kdb_bt+0x56e/0x8b0 [] ? kdb_printf+0x50/0x70 [] kdb_parse+0x67b/0xf80 [] kdb_main_loop+0x69c/0x9f0 [] kdb_stub+0x6b0/0x1230 [] kgdb_cpu_enter+0x569/0xce0 [] kgdb_handle_exception+0x2c9/0x360 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_error_trap+0x5f/0x1b0 [] ? preempt_schedule+0x62/0xa0 [] ? ___preempt_schedule+0x35/0x37 [] ? trace_hardirqs_off_thunk+0x3a/0x3f [] do_invalid_op+0x20/0x30 [] invalid_op+0x1e/0x30 [] ? printk+0xa8/0xc3 [] ? vprintk_emit+0x341/0x720 [] ? skb_panic+0x154/0x220 [] ? skb_panic+0x154/0x220 [] ? ip_queue_xmit+0x12e/0x16d0 [] skb_push+0xc1/0x100 [] ip_queue_xmit+0x12e/0x16d0 [] ? __skb_checksum+0x110/0x730 [] ? kmem_cache_free+0x1d2/0x210 [] sctp_v4_xmit+0x101/0x1a0 [] sctp_packet_transmit+0xf32/0x2050 [] ? sctp_chunkify+0x4c/0x2a0 [] ? kasan_poison_shadow+0x34/0x40 [] ? sctp_csum_combine+0x20/0x20 [] ? sctp_packet_release_owner+0x50/0x50 [] sctp_outq_flush+0x6ee/0x2fa0 [] ? preempt_count_add+0x16f/0x1b0 [] sctp_outq_uncork+0x6d/0x90 [] sctp_do_sm+0x2c25/0x4a40 [] ? __ip_route_output_key+0xa50/0x2830 [] ? xfrm_lookup_route+0x21/0x100 [] ? ip_route_output_flow+0x69/0x90 [] ? extract_entropy+0xa2/0x230 [] ? sctp_v4_get_dst+0x65f/0x1040 [] sctp_primitive_ASSOCIATE+0x84/0xd0 [] sctp_sendmsg+0x15b6/0x29b0 [] ? toggle_bp_slot.constprop.11+0x1d0/0x530 [] ? generic_perform_write+0x266/0x450 [] inet_sendmsg+0x231/0x360 [] sock_sendmsg+0xc4/0x150 [] ? __fdget+0x13/0x20 [] ? sockfd_lookup_light+0x21/0x230 [] SYSC_sendto+0x166/0x240 [] ? syscall_trace_enter_phase2+0x2f2/0x640 [] SyS_sendto+0xe/0x10 [] tracesys_phase2+0xd8/0xdd 0Kernel panic - not syncing: Recursive entry to debugger dCPU: 9 PID: 14150 Comm: trinity-c9 Tainted: G B W I 3.18.0-rc1+ #8 dHardware name: Dell Inc. Precision WorkStation T3500 /09KPNV, BIOS A08 09/16/2010 ffff8805318aacb8 00000000ea01fa3d 0000000000000000 00000000000003e8 ffff8805318aa9e8 ffffffff845b35bb 1ffffffff0a51c00 ffffffff84b62959 ffff8805318aaa68 ffffffff845ae6ed ffff880300000008 ffff8805318aaa78 Call Trace: [] dump_stack+0x4f/0x7c [] panic+0x168/0x2c3 [] kgdb_handle_exception+0x360/0x360 [] ? show_stack_log_lvl+0x1f5/0x480 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_general_protection+0x225/0x3c0 [] general_protection+0x28/0x30 [] ? show_stack_log_lvl+0x1f5/0x480 [] ? show_stack_log_lvl+0x35/0x480 [] ? kdbgetaddrarg+0x559/0x850 [] show_stack+0x3d/0x100 [] kdb_show_stack+0xb2/0x1c0 [] kdb_bt+0x56e/0x8b0 [] ? kdb_printf+0x50/0x70 [] kdb_parse+0x67b/0xf80 [] kdb_main_loop+0x69c/0x9f0 [] kdb_stub+0x6b0/0x1230 [] kgdb_cpu_enter+0x569/0xce0 [] kgdb_handle_exception+0x2c9/0x360 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_error_trap+0x5f/0x1b0 [] ? preempt_schedule+0x62/0xa0 [] ? ___preempt_schedule+0x35/0x37 [] ? trace_hardirqs_off_thunk+0x3a/0x3f [] do_invalid_op+0x20/0x30 [] invalid_op+0x1e/0x30 [] ? printk+0xa8/0xc3 [] ? vprintk_emit+0x341/0x720 [] ? skb_panic+0x154/0x220 [] ? skb_panic+0x154/0x220 [] ? ip_queue_xmit+0x12e/0x16d0 [] skb_push+0xc1/0x100 [] ip_queue_xmit+0x12e/0x16d0 [] ? __skb_checksum+0x110/0x730 [] ? kmem_cache_free+0x1d2/0x210 [] sctp_v4_xmit+0x101/0x1a0 [] sctp_packet_transmit+0xf32/0x2050 [] ? sctp_chunkify+0x4c/0x2a0 [] ? kasan_poison_shadow+0x34/0x40 [] ? sctp_csum_combine+0x20/0x20 [] ? sctp_packet_release_owner+0x50/0x50 [] sctp_outq_flush+0x6ee/0x2fa0 [] ? preempt_count_add+0x16f/0x1b0 [] sctp_outq_uncork+0x6d/0x90 [] sctp_do_sm+0x2c25/0x4a40 [] ? __ip_route_output_key+0xa50/0x2830 [] ? xfrm_lookup_route+0x21/0x100 [] ? ip_route_output_flow+0x69/0x90 [] ? extract_entropy+0xa2/0x230 [] ? sctp_v4_get_dst+0x65f/0x1040 [] sctp_primitive_ASSOCIATE+0x84/0xd0 [] sctp_sendmsg+0x15b6/0x29b0 [] ? toggle_bp_slot.constprop.11+0x1d0/0x530 [] ? generic_perform_write+0x266/0x450 [] inet_sendmsg+0x231/0x360 [] sock_sendmsg+0xc4/0x150 [] ? __fdget+0x13/0x20 [] ? sockfd_lookup_light+0x21/0x230 [] SYSC_sendto+0x166/0x240 [] ? syscall_trace_enter_phase2+0x2f2/0x640 [] SyS_sendto+0xe/0x10 [] tracesys_phase2+0xd8/0xdd 0Shutting down cpus with NMI PANIC: Recursive entry to debugger dCPU: 9 PID: 14150 Comm: trinity-c9 Tainted: G B W I 3.18.0-rc1+ #8 dHardware name: Dell Inc. Precision WorkStation T3500 /09KPNV, BIOS A08 09/16/2010 ffff88053f528f58 00000000ea01fa3d 0000000000000000 00000000000003e8 ffff88053f528de8 ffffffff845b35bb 1ffff100a7ea51fb ffffffff852ddd00 ffff88053f528e88 ffffffff81459b3d ffff88053f528e68 ffffffff81459f83 Call Trace: <#DB> [] dump_stack+0x4f/0x7c [] kgdb_handle_exception+0x34d/0x360 [] ? kgdb_breakpoint+0x13/0x20 [] __kgdb_notify+0x10e/0x3c0 [] ? notify_die+0x3d/0x60 [] kgdb_ll_trap+0x76/0xa0 [] do_int3+0x93/0x210 [] int3+0x3a/0x50 [] ? kgdb_breakpoint+0x14/0x20 <> [] kgdb_panic_event+0x29/0x30 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] panic+0x1b8/0x2c3 [] kgdb_handle_exception+0x360/0x360 [] ? show_stack_log_lvl+0x1f5/0x480 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_general_protection+0x225/0x3c0 [] general_protection+0x28/0x30 [] ? show_stack_log_lvl+0x1f5/0x480 [] ? show_stack_log_lvl+0x35/0x480 [] ? kdbgetaddrarg+0x559/0x850 [] show_stack+0x3d/0x100 [] kdb_show_stack+0xb2/0x1c0 [] kdb_bt+0x56e/0x8b0 [] ? kdb_printf+0x50/0x70 [] kdb_parse+0x67b/0xf80 [] kdb_main_loop+0x69c/0x9f0 [] kdb_stub+0x6b0/0x1230 [] kgdb_cpu_enter+0x569/0xce0 [] kgdb_handle_exception+0x2c9/0x360 [] __kgdb_notify+0x10e/0x3c0 [] kgdb_notify+0x39/0x80 [] notifier_call_chain+0xc2/0x130 [] atomic_notifier_call_chain+0x37/0x50 [] notify_die+0x3d/0x60 [] do_error_trap+0x5f/0x1b0 [] ? preempt_schedule+0x62/0xa0 [] ? ___preempt_schedule+0x35/0x37 [] ? trace_hardirqs_off_thunk+0x3a/0x3f [] do_invalid_op+0x20/0x30 [] invalid_op+0x1e/0x30 [] ? printk+0xa8/0xc3 [] ? vprintk_emit+0x341/0x720 [] ? skb_panic+0x154/0x220 [] ? skb_panic+0x154/0x220 [] ? ip_queue_xmit+0x12e/0x16d0 [] skb_push+0xc1/0x100 [] ip_queue_xmit+0x12e/0x16d0 [] ? __skb_checksum+0x110/0x730 [] ? kmem_cache_free+0x1d2/0x210 [] sctp_v4_xmit+0x101/0x1a0 [] sctp_packet_transmit+0xf32/0x2050 [] ? sctp_chunkify+0x4c/0x2a0 [] ? kasan_poison_shadow+0x34/0x40 [] ? sctp_csum_combine+0x20/0x20 [] ? sctp_packet_release_owner+0x50/0x50 [] sctp_outq_flush+0x6ee/0x2fa0 [] ? preempt_count_add+0x16f/0x1b0 [] sctp_outq_uncork+0x6d/0x90 [] sctp_do_sm+0x2c25/0x4a40 [] ? __ip_route_output_key+0xa50/0x2830 [] ? xfrm_lookup_route+0x21/0x100 [] ? ip_route_output_flow+0x69/0x90 [] ? extract_entropy+0xa2/0x230 [] ? sctp_v4_get_dst+0x65f/0x1040 [] sctp_primitive_ASSOCIATE+0x84/0xd0 [] sctp_sendmsg+0x15b6/0x29b0 [] ? toggle_bp_slot.constprop.11+0x1d0/0x530 [] ? generic_perform_write+0x266/0x450 [] inet_sendmsg+0x231/0x360 [] sock_sendmsg+0xc4/0x150 [] ? __fdget+0x13/0x20 [] ? sockfd_lookup_light+0x21/0x230 [] SYSC_sendto+0x166/0x240 [] ? syscall_trace_enter_phase2+0x2f2/0x640 [] SyS_sendto+0xe/0x10 [] tracesys_phase2+0xd8/0xdd -- Robert Święcki -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/