This bug is missing log files that will aid in diagnosing the problem.
>From a terminal window please run:
apport-collect 1592547
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1592547
Title:
vmalloc failure leads to null ptr dereference in aa_dfa_next
Status in AppArmor:
New
Status in linux package in Ubuntu:
Incomplete
Bug description:
running stress-ng apparmor stressor with a vmalloc NULL return trips a
null ptr dereference in aa_dfa_next:
$ uname -a
Linux ubuntu 4.4.0-24-generic #43
[ 46.271517] BUG: unable to handle kernel NULL pointer dereference at
0000000000000020
[ 46.271641] IP: [<ffffffff8137a8a6>] aa_dfa_next+0x6/0x70
[ 46.271743] PGD 39ebd067 PUD 39ebe067 PMD 0
[ 46.271833] Oops: 0000 [#1] SMP
[ 46.271926] Modules linked in: jitterentropy_rng algif_rng salsa20_generic
salsa20_x86_64 camellia_generic camellia_aesni_avx_x86_64 camellia_x86_64
cast6_avx_x86_64 cast6_generic cast_common serpent_avx_x86_64
serpent_sse2_x86_64 serpent_generic twofish_generic twofish_avx_x86_64
twofish_x86_64_3way twofish_x86_64 twofish_common xts algif_skcipher tgr192
wp512 rmd320 rmd256 rmd160 rmd128 md4 algif_hash af_alg ppdev
snd_hda_codec_generic snd_hda_intel snd_hda_codec snd_hda_core snd_hwdep
snd_pcm input_leds joydev snd_timer serio_raw snd soundcore i2c_piix4 mac_hid
8250_fintek parport_pc parport ib_iser rdma_cm iw_cm ib_cm ib_sa ib_mad ib_core
ib_addr iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi autofs4 btrfs
raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor
raid6_pq
[ 46.273290] libcrc32c raid1 raid0 multipath linear 8139too
crct10dif_pclmul crc32_pclmul qxl aesni_intel aes_x86_64 lrw gf128mul ttm
drm_kms_helper glue_helper ablk_helper cryptd syscopyarea sysfillrect sysimgblt
fb_sys_fops psmouse drm floppy 8139cp mii pata_acpi
[ 46.274250] CPU: 0 PID: 1349 Comm: stress-ng-appar Not tainted
4.4.0-24-generic #43
[ 46.274436] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 46.274632] task: ffff8800374be040 ti: ffff88003746c000 task.ti:
ffff88003746c000
[ 46.274854] RIP: 0010:[<ffffffff8137a8a6>] [<ffffffff8137a8a6>]
aa_dfa_next+0x6/0x70
[ 46.275072] RSP: 0018:ffff88003746fca8 EFLAGS: 00010282
[ 46.275450] RAX: 0000000000000000 RBX: 0000000000000003 RCX:
0000000000004a46
[ 46.275934] RDX: 0000000000000002 RSI: 0000000000000001 RDI:
0000000000000000
[ 46.276348] RBP: ffff88003746fd28 R08: ffff88003fc19f40 R09:
ffff88003e001d00
[ 46.276757] R10: ffff88003da8e600 R11: ffff88003e001500 R12:
ffff88003746fd48
[ 46.276979] R13: ffff88003acc4800 R14: ffff88003acc4894 R15:
0000000000000029
[ 46.277202] FS: 00007f7198a0f700(0000) GS:ffff88003fc00000(0000)
knlGS:0000000000000000
[ 46.277500] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 46.278006] CR2: 0000000000000020 CR3: 0000000039ebc000 CR4:
00000000001406f0
[ 46.278592] Stack:
[ 46.278846] ffff88003746fd28 ffffffff81383585 0000000000000000
0000000000000000
[ 46.279271] 000000003746fd00 0000000000000000 ffffc9000268e400
0000000000000000
[ 46.279860] ffff88003746fd40 0000000000000000 000000005833b243
ffff88003746fe28
[ 46.280311] Call Trace:
[ 46.280606] [<ffffffff81383585>] ? unpack_profile+0x5c5/0x970
[ 46.280854] [<ffffffff81383ad9>] aa_unpack+0xe9/0x450
[ 46.281091] [<ffffffff81381e97>] aa_replace_profiles+0x77/0xb70
[ 46.281341] [<ffffffff811cf81b>] ? vmalloc+0x6b/0x70
[ 46.281610] [<ffffffff813770df>] policy_update+0x9f/0x1f0
[ 46.281887] [<ffffffff81377243>] profile_replace+0x13/0x20
[ 46.282169] [<ffffffff8120c528>] __vfs_write+0x18/0x40
[ 46.282444] [<ffffffff8120ceb9>] vfs_write+0xa9/0x1a0
[ 46.282728] [<ffffffff8120be4f>] ? do_sys_open+0x1bf/0x2a0
[ 46.283418] [<ffffffff8120db75>] SyS_write+0x55/0xc0
[ 46.284188] [<ffffffff81825cb2>] entry_SYSCALL_64_fastpath+0x16/0x71
[ 46.284753] Code: 0c 42 39 ce 74 d9 0f b6 02 41 0f b7 34 7b 84 c0 75 d9 eb
c3 41 0f b7 34 44 eb 89 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 <48> 8b
47 20 4c 8b 5f 28 4c 8b 57 40 48 89 e5 4c 8b 4f 18 48 8d
[ 46.285401] RIP [<ffffffff8137a8a6>] aa_dfa_next+0x6/0x70
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1592547/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
