lunatik icon indicating copy to clipboard operation
lunatik copied to clipboard

Published 20 hours ago verified publisher icon luainkernel

Kernel panic on msghandler using lua_pcall

Open MatheusNtg opened this issue 4 years ago • 1 comments

When some error occurs inside the message handler used by the lua_pcall function I get a kernel panic with the following stack trace:

[  609.204493] general protection fault: 0000 [#1] SMP PTI
[  609.204777] CPU: 0 PID: 6213 Comm: lua Tainted: P           OE     5.4.0-52-generic #57-Ubuntu
[  609.205149] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[  609.205510] RIP: 0010:__kmalloc_track_caller+0x9a/0x270
[  609.205872] Code: 82 01 00 00 4d 8b 01 65 49 8b 50 08 65 4c 03 05 74 54 96 4d 4d 8b 20 4d 85 e4 0f 84 97 01 00 00 41 8b 41 20 49 8b 39 4c 01 e0 <48> 8b 18 48 89 c1 49 33 99 70 01 00 00 4c 89 e0 48 0f c9 48 31 cb
[  609.206773] RSP: 0018:ffff9eb301b87350 EFLAGS: 00010206
[  609.207126] RAX: 72b61e5ef6fd49c6 RBX: 0000000000000000 RCX: 000000000000004b
[  609.207516] RDX: 000000000000ecdf RSI: 0000000000000a20 RDI: 000000000002f0c0
[  609.207937] RBP: ffff9eb301b87388 R08: ffff89767ea2f0c0 R09: ffff89767e401540
[  609.208326] R10: 0000000000000032 R11: 0000000000000001 R12: 72b61e5ef6fd49c6
[  609.208672] R13: 0000000000000a20 R14: 000000000000004b R15: ffff89767e401540
[  609.209018] FS:  00007fb79b9ef2c0(0000) GS:ffff89767ea00000(0000) knlGS:0000000000000000
[  609.209396] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  609.209759] CR2: 000055fd1b82f5d8 CR3: 000000002b94a002 CR4: 00000000000606f0
[  609.210124] Call Trace:
[  609.210518]  ? lua_alloc+0x4e/0xa0 [lunatik]
[  609.210875]  krealloc+0x88/0xc0
[  609.211329]  lua_alloc+0x4e/0xa0 [lunatik]
[  609.211758]  luaM_realloc_+0x41/0xb0 [lunatik]
[  609.212134]  luaC_newobj+0x21/0x50 [lunatik]
[  609.212487]  luaS_createlngstrobj+0x25/0x40 [lunatik]
[  609.212911]  luaV_concat+0x293/0x2f0 [lunatik]
[  609.213325]  ? luaS_newlstr+0x6b/0x80 [lunatik]
[  609.213703]  luaO_pushvfstring+0x29b/0x3a0 [lunatik]
[  609.214118]  ? lastlevel+0x84/0xc0 [lunatik]
[  609.214488]  ? luaD_call+0x38/0x90 [lunatik]
[  609.214929]  lua_pushfstring+0x5b/0xa0 [lunatik]
[  609.215336]  luaL_traceback+0x7c/0x280 [lunatik]
[  609.215694]  ? lua_alloc+0x97/0xa0 [lunatik]
[  609.216058]  ? luaD_pcall+0x46/0xb0 [lunatik]
[  609.216593]  ? luaopen_package+0x1e0/0x1e0 [lunatik]
[  609.216951]  msghandler+0x32/0xa0 [lunatik]
[  609.217351]  luaD_precall+0x2af/0x3f0 [lunatik]
[  609.217729]  luaD_call+0x38/0x90 [lunatik]
[  609.218096]  luaD_callnoyield+0x1a/0x30 [lunatik]
[  609.218482]  luaG_errormsg+0x75/0x80 [lunatik]
[  609.218899]  lua_error+0xe/0x20 [lunatik]
[  609.219326]  luaL_error+0x82/0xb0 [lunatik]
[  609.219665]  ? auxgetstr+0x59/0xb0 [lunatik]
[  609.219983]  handle_data+0x74/0xe0 [lunatik]
[  609.220320]  ? lunatikN_list+0x400/0x400 [lunatik]
[  609.220636]  luaD_precall+0x2af/0x3f0 [lunatik]
[  609.221029]  luaD_call+0x38/0x90 [lunatik]
[  609.221349]  luaD_callnoyield+0x1a/0x30 [lunatik]
[  609.221649]  f_call+0x14/0x20 [lunatik]
[  609.221996]  luaD_rawrunprotected+0x86/0xc0 [lunatik]
[  609.222292]  ? auxsetstr+0xe0/0xe0 [lunatik]
[  609.222667]  ? luaD_rawrunprotected+0x68/0xc0 [lunatik]
[  609.223056]  ? sk_filter_trim_cap+0x48/0x220
[  609.223405]  luaD_pcall+0x46/0xb0 [lunatik]
[  609.223694]  lua_pcallk+0x7e/0x140 [lunatik]
[  609.223976]  luaU_pcall+0x5d/0x8c [lunatik]
[  609.224252]  lunatikN_data+0xf6/0x1b0 [lunatik]
[  609.224526]  genl_family_rcv_msg+0x1b9/0x470
[  609.224798]  ? __netlink_sendskb+0x42/0x50
[  609.225071]  genl_rcv_msg+0x4c/0xa0
[  609.225357]  ? _cond_resched+0x19/0x30
[  609.225680]  ? genl_family_rcv_msg+0x470/0x470
[  609.225949]  netlink_rcv_skb+0x50/0x120
[  609.226215]  genl_rcv+0x29/0x40
[  609.226495]  netlink_unicast+0x187/0x220
[  609.226765]  netlink_sendmsg+0x222/0x3e0
[  609.227049]  sock_sendmsg+0x65/0x70
[  609.227322]  ____sys_sendmsg+0x212/0x280
[  609.227611]  ___sys_sendmsg+0x88/0xd0
[  609.227892]  ? ___sys_recvmsg+0x88/0xc0
[  609.228168]  __sys_sendmsg+0x5c/0xa0
[  609.228434]  __x64_sys_sendmsg+0x1f/0x30
[  609.228702]  do_syscall_64+0x57/0x190
[  609.228956]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  609.229216] RIP: 0033:0x7fb79bb43747
[  609.229478] Code: 64 89 02 48 c7 c0 ff ff ff ff eb bb 0f 1f 80 00 00 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 89 54 24 1c 48 89 74 24 10
[  609.230277] RSP: 002b:00007ffe81399e88 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  609.230604] RAX: ffffffffffffffda RBX: 000055fd1b826740 RCX: 00007fb79bb43747
[  609.230957] RDX: 0000000000000000 RSI: 00007ffe81399ec0 RDI: 0000000000000007
[  609.231294] RBP: 000055fd1b82a1b0 R08: 0000000000000014 R09: 000055fd1b828df0
[  609.231621] R10: 000055fd1b817010 R11: 0000000000000246 R12: 000055fd1b828c30
[  609.231953] R13: 00007ffe81399ec0 R14: 00007fb79b9e9380 R15: 000055fd1b8172a8
[  609.232274] Modules linked in: lunatik(OE) sch_fq_codel dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua intel_rapl_msr intel_rapl_common intel_powerclamp rapl snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm input_leds snd_timer serio_raw joydev snd soundcore vboxguest(O) mac_hid netconsole ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_generic usbhid hid crct10dif_pclmul crc32_pclmul ghash_clmulni_intel vmwgfx ttm aesni_intel crypto_simd drm_kms_helper cryptd syscopyarea glue_helper sysfillrect sysimgblt fb_sys_fops psmouse ahci libahci i2c_piix4 e1000 drm pata_acpi video [last unloaded: lunatik]
[  609.235286] ---[ end trace 5a01b1a281529884 ]---
[  609.235720] RIP: 0010:__kmalloc_track_caller+0x9a/0x270
[  609.236133] Code: 82 01 00 00 4d 8b 01 65 49 8b 50 08 65 4c 03 05 74 54 96 4d 4d 8b 20 4d 85 e4 0f 84 97 01 00 00 41 8b 41 20 49 8b 39 4c 01 e0 <48> 8b 18 48 89 c1 49 33 99 70 01 00 00 4c 89 e0 48 0f c9 48 31 cb
[  609.237380] RSP: 0018:ffff9eb301b87350 EFLAGS: 00010206
[  609.237824] RAX: 72b61e5ef6fd49c6 RBX: 0000000000000000 RCX: 000000000000004b
[  609.238261] RDX: 000000000000ecdf RSI: 0000000000000a20 RDI: 000000000002f0c0
[  609.238696] RBP: ffff9eb301b87388 R08: ffff89767ea2f0c0 R09: ffff89767e401540
[  609.239127] R10: 0000000000000032 R11: 0000000000000001 R12: 72b61e5ef6fd49c6
[  609.239589] R13: 0000000000000a20 R14: 000000000000004b R15: ffff89767e401540
[  609.240040] FS:  00007fb79b9ef2c0(0000) GS:ffff89767ea00000(0000) knlGS:0000000000000000
[  609.240507] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  609.240964] CR2: 000055fd1b82f5d8 CR3: 000000002b94a002 CR4: 00000000000606f0
[  609.241472] Kernel panic - not syncing: Fatal exception in interrupt
[  609.241997] Kernel Offset: 0x31400000 from 0xffffffff81000000 (relocation range: 0xffffffff80000000-0xffffffffbfffffff)
[  609.243100] ---[ end Kernel panic - not syncing: Fatal exception in interrupt ]---

MatheusNtg avatar Nov 04 '20 23:11 MatheusNtg

@MatheusNtg, sorry for the delay.. do you have the steps to reproduce this?

lneto avatar Jan 05 '23 22:01 lneto