Ubuntu
linux package

BUG: unable to handle kernel NULL pointer dereference at 0000000000000030

Bug #1728771 reported by TJ
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
Linux
Unknown
Unknown
linux (Ubuntu)
Confirmed
Medium
Tyler Hicks

Bug Description

Trying to 'cat' a file in an overlayfs. The file is in the lowerdir which is ecryptfs. I use the attached script to create directories and randomly distributed files. $HOME is ecryptfs. /tmp/ is tmpfs.

$ pwd
$HOME/Hacking/overlayfs/

$ ./build.sh

$ sudo mount -t overlay overlay -o lowerdir=lower/1,upperdir=/tmp/upper/1,workdir=/tmp/workdir/1 overlay/1

$ grep /tmp /proc/mounts
tmpfs /tmp tmpfs rw,nosuid,nodev,relatime 0 0
overlay /home/tj/Hacking/overlayfs/overlay/1 overlay rw,relatime,lowerdir=lower/1,upperdir=/tmp/upper/1,workdir=/tmp/workdir/1 0 0

$ ls lower/1/
1b 1c 1d 1e 1f 1g 1k 1l 1o 1p 1q 1t 1u 1v 1w 1x 1y 1z

$ ls /tmp/upper/1/
1e 1i 1l 1n 1u

$ ls overlay/1/
1b 1c 1d 1e 1f 1g 1i 1k 1l 1n 1o 1p 1q 1t 1u 1v 1w 1x 1y 1z

$ cat overlay/1/1b
Killed

$ uname -r
4.13.0-16-lowlatency

$ lsb_release -a
LSB Version: core-9.20160110ubuntu0.2-amd64:core-9.20160110ubuntu0.2-noarch:security-9.20160110ubuntu0.2-amd64:security-9.20160110ubuntu0.2-noarch
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial

$ apt list linux-lowlatency-hwe-16.04-edge
Listing... Done
linux-lowlatency-hwe-16.04-edge/xenial-proposed,now 4.13.0.16.23 amd64 [installed]

$ tail /var/log/kern.log

Oct 31 03:11:09 hephaestion kernel: [ 1057.380604] BUG: unable to handle kernel NULL pointer dereference at 0000000000000030
Oct 31 03:11:09 hephaestion kernel: [ 1057.380668] IP: ecryptfs_privileged_open+0x51/0x180
Oct 31 03:11:09 hephaestion kernel: [ 1057.380686] PGD 20ee07067
Oct 31 03:11:09 hephaestion kernel: [ 1057.380688] P4D 20ee07067
Oct 31 03:11:09 hephaestion kernel: [ 1057.380700] PUD 20c455067
Oct 31 03:11:09 hephaestion kernel: [ 1057.380711] PMD 0
Oct 31 03:11:09 hephaestion kernel: [ 1057.380721]
Oct 31 03:11:09 hephaestion kernel: [ 1057.380741] Oops: 0000 [#1] PREEMPT SMP
Oct 31 03:11:09 hephaestion kernel: [ 1057.380755] Modules linked in: overlay hidp scsi_transport_iscsi veth ip6t_MASQUERADE nf_nat_masquerade_ipv6 ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 xt_comment xt_CHECKSUM iptable_mangle ipt_MASQUERADE nf_nat_masquerade_ipv4 iptable_nat nf_nat_ipv4 nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 ccm xt_conntrack nf_conntrack ipt_REJECT nf_reject_ipv4 xt_tcpudp bridge ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter ip_tables x_tables 8021q garp mrp stp llc rfcomm bnep binfmt_misc dm_thin_pool dm_persistent_data dm_bio_prison dm_bufio cdc_mbim cdc_wdm cdc_ncm usbnet cdc_acm mii gpio_ich dell_laptop coretemp btusb btrtl btbcm btintel joydev dell_wmi bluetooth dell_smbios dcdbas wmi_bmof sparse_keymap serio_raw ecdh_generic arc4 snd_hda_codec_idt snd_hda_codec_generic snd_hda_intel
Oct 31 03:11:09 hephaestion kernel: [ 1057.381004] snd_hda_codec snd_hda_core input_leds snd_hwdep snd_pcm snd_seq_midi uvcvideo snd_seq_midi_event videobuf2_vmalloc videobuf2_memops snd_rawmidi videobuf2_v4l2 iwl4965 videobuf2_core iwlegacy videodev media mac80211 snd_seq r852 sm_common nand nand_ecc nand_bch bch mtd r592 memstick lpc_ich cfg80211 snd_seq_device snd_timer snd soundcore shpchp mac_hid kvm_intel kvm irqbypass parport_pc ppdev nfsd lp auth_rpcgss nfs_acl lockd grace parport sunrpc autofs4 crypto_simd glue_helper cryptd aes_x86_64 algif_skcipher af_alg dm_crypt raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear dm_mirror dm_region_hash dm_log hid_generic usbhid hid psmouse sky2 ahci nouveau libahci pata_acpi firewire_ohci sdhci_pci sdhci firewire_core
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] crc_itu_t mxm_wmi i2c_algo_bit video ttm drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops drm wmi
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] CPU: 0 PID: 10087 Comm: cat Tainted: P OE 4.13.0-16-lowlatency #19~16.04.3-Ubuntu
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] Hardware name: Dell Inc. XPS M1530 / , BIOS A12 11/19/2008
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] task: ffff8a1167050000 task.stack: ffffa10c010a8000
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RIP: 0010:ecryptfs_privileged_open+0x51/0x180
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RSP: 0018:ffffa10c010abb60 EFLAGS: 00010246
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RAX: ffffa10c010abb88 RBX: ffff8a1167459540 RCX: ffff8a11677ced80
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RDX: ffffffffbeefbe60 RSI: ffffffffbe6999fb RDI: ffffa10c010abb80
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RBP: ffffa10c010abbd0 R08: ffffffffbdd68aa1 R09: ffff8a118a183800
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] R10: ffff8a113175d010 R11: ffff8a113175e278 R12: 0000000000000000
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] R13: ffff8a11677ced80 R14: 0000000000000000 R15: ffff8a11cd431710
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] FS: 00007f80f7700700(0000) GS:ffff8a11dfc00000(0000) knlGS:0000000000000000
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] CR2: 0000000000000030 CR3: 000000020d763000 CR4: 00000000000006f0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] Call Trace:
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ecryptfs_get_lower_file+0x7d/0xc0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ecryptfs_open+0x71/0x200
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] do_dentry_open+0x1f8/0x320
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? ecryptfs_release+0x30/0x30
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] vfs_open+0x4e/0x80
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] path_openat+0x2a8/0x13c0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? unlock_page_memcg+0x12/0x20
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? page_add_file_rmap+0x58/0x170
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] do_filp_open+0x99/0x110
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? cp_new_stat+0x156/0x190
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? __check_object_size+0xfc/0x1a0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? __alloc_fd+0xae/0x170
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] do_sys_open+0x12d/0x2a0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] ? do_sys_open+0x12d/0x2a0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] SyS_open+0x1e/0x20
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] entry_SYSCALL_64_fastpath+0x1e/0xa9
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RIP: 0033:0x7f80f7245010
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RSP: 002b:00007fff0583f8d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RAX: ffffffffffffffda RBX: 00007fff0583fb38 RCX: 00007f80f7245010
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RDX: 0000000000020000 RSI: 0000000000000000 RDI: 00007fff05840237
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RBP: 0000000000001000 R08: 0000000000000000 R09: 0000000000000000
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] R10: 000000000000069d R11: 0000000000000246 R12: 00000000004025b0
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] R13: 00007fff0583fb30 R14: 0000000000000000 R15: 0000000000000000
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] Code: c2 60 be ef be 49 89 cd 65 48 8b 04 25 28 00 00 00 48 89 45 d8 31 c0 48 8d 45 90 c7 45 a8 00 00 00 00 48 8d 78 20 e8 1f 91 d5 ff <49> 8b 44 24 30 48 89 5d 90 4c 89 65 a0 4c 89 75 98 48 8b 40 28
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] RIP: ecryptfs_privileged_open+0x51/0x180 RSP: ffffa10c010abb60
Oct 31 03:11:09 hephaestion kernel: [ 1057.381012] CR2: 0000000000000030
Oct 31 03:11:09 hephaestion kernel: [ 1057.391461] ---[ end trace 1d38ad38c6419426 ]---

See original description
Tags: xenial
Revision history for this message
TJ (tj) wrote :
TJ (tj)
description: updated
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote : Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1728771

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status: New → Incomplete
tags: added: xenial
Revision history for this message
TJ (tj) wrote :

I've reproduced this on a different machine using an Ubuntu mainline build of the v4.13 kernel too.

Revision history for this message
TJ (tj) wrote :

Also reproduced with kernel 4.4.0-98-lowlatency

Changed in linux (Ubuntu):
status: Incomplete → Confirmed
TJ (tj)
description: updated
Tyler Hicks (tyhicks)
Changed in linux (Ubuntu):
importance: Undecided → Medium
assignee: nobody → Tyler Hicks (tyhicks)
Revision history for this message
remram44 (remirampin) wrote :

This affects me when I try to run a Singularity (sandbox) container from my (encrypted) home folder. Linux 4.15.0-22-generic x86_64 on Ubuntu 18.04.

Revision history for this message
remram44 (remirampin) wrote :
Download full text (4.3 KiB)

[ 2273.365506] BUG: unable to handle kernel NULL pointer dereference at 0000000000000030
[ 2273.365512] IP: ecryptfs_privileged_open+0x51/0x180
[ 2273.365513] PGD 0 P4D 0
[ 2273.365515] Oops: 0000 [#1] SMP PTI
[ 2273.365516] Modules linked in: ccm ipt_MASQUERADE nf_nat_masquerade_ipv4 nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 xt_addrtype iptable_filter xt_conntrack nf_nat nf_conntrack br_netfilter bridge stp llc overlay pci_stub vboxpci(OE) vboxnetadp(OE) vboxnetflt(OE) vboxdrv(OE) bnep dm_crypt binfmt_misc nls_iso8859_1 arc4 intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel snd_hda_codec_hdmi kvm irqbypass uvcvideo crct10dif_pclmul videobuf2_vmalloc snd_hda_codec_realtek crc32_pclmul videobuf2_memops ghash_clmulni_intel snd_hda_codec_generic videobuf2_v4l2 videobuf2_core pcbc videodev media btusb btrtl snd_seq_midi btbcm btintel iwlmvm aesni_intel bluetooth snd_hda_intel snd_seq_midi_event mac80211 aes_x86_64 ecdh_generic
[ 2273.365541] crypto_simd glue_helper snd_hda_codec snd_rawmidi cryptd snd_hda_core intel_cstate intel_rapl_perf snd_hwdep iwlwifi snd_pcm cfg80211 snd_seq rtsx_pci_ms idma64 joydev memstick virt_dma input_leds wmi_bmof thinkpad_acpi intel_wmi_thunderbolt serio_raw mei_me intel_lpss_pci snd_seq_device mei intel_pch_thermal intel_lpss nvram shpchp snd_timer snd soundcore mac_hid acpi_pad tpm_crb sch_fq_codel parport_pc ppdev sunrpc lp parport ip_tables x_tables autofs4 btrfs zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear nouveau i915 mxm_wmi ttm i2c_algo_bit drm_kms_helper e1000e syscopyarea sysfillrect sysimgblt rtsx_pci_sdmmc psmouse ptp fb_sys_fops pps_core nvme drm rtsx_pci nvme_core wmi i2c_hid video hid
[ 2273.365571] pinctrl_sunrisepoint
[ 2273.365573] CPU: 6 PID: 29901 Comm: action-suid Tainted: G OE 4.15.0-22-generic #24-Ubuntu
[ 2273.365574] Hardware name: LENOVO 20HH000AUS/20HH000AUS, BIOS N1UET46W (1.20 ) 02/26/2018
[ 2273.365576] RIP: 0010:ecryptfs_privileged_open+0x51/0x180
[ 2273.365577] RSP: 0018:ffffb33145e2bb48 EFLAGS: 00010246
[ 2273.365578] RAX: ffffb33145e2bb70 RBX: ffff948a0f48fe88 RCX: ffff948bf02eb780
[ 2273.365579] RDX: ffffffff926e4b40 RSI: ffffffff91cc2d53 RDI: ffffb33145e2bb68
[ 2273.365580] RBP: ffffb33145e2bbb8 R08: ffff948c405a7060 R09: ffff948aa2ca1ab0
[ 2273.365581] R10: 0000007374736f68 R11: 0000000000000005 R12: 0000000000000000
[ 2273.365582] R13: ffff948bf02eb780 R14: 0000000000000000 R15: ffff948b67ff7200
[ 2273.365583] FS: 00007f13be06d580(0000) GS:ffff948c40580000(0000) knlGS:0000000000000000
[ 2273.365584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2273.365585] CR2: 0000000000000030 CR3: 000000026c512001 CR4: 00000000003606e0
[ 2273.365586] Call Trace:
[ 2273.365589] ecryptfs_get_lower_file+0x7d/0xc0
[ 2273.365591] ecryptfs_open+0x71/0x200
[ 2273.365593] do_dentry_open+0x1c2/0x310
[ 2273.365594] ? ecryptfs_flush+0x50/0x50
[ 2273.365596] vfs_open+0x4f/0x80
[ 2273.365598] path_openat+0x66e/0x1770
[ 2273.365599] ? filename_lookup+0xf2/0x190
[ 2273.365602] do_filp_open+0x9b/0x110
...

Read more...

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.