kernel Oops in unionfs with l-u-m version 2.6.22-12.32 using Edubuntu amd64 daily 200709025

Bug #144945 reported by Brian Murray on 2007-09-25
Affects Status Importance Assigned to Milestone
linux-ubuntu-modules-2.6.22 (Ubuntu)
Ben Collins

Bug Description

I am running the Edubuntu amd64 daily CD from 20070925 and have received kernel oops reports multiple times. This daily build includes linux-ubuntu-modules version 2.6.22-12.32. I have created them by trying to play a mpeg2 video file with Totem which then launches libgimmie to search for the appropriate codec. I believe I have also created one by disconnecting and reconnecting to the wireless network with nm-applet. I also think just running apt-get update would trigger it and will test shortly.

Relevant portion of dmesg:

[ 305.507924] ------------[ cut here ]------------
[ 305.507935] kernel BUG at /build/buildd/linux-ubuntu-modules-2.6.22-2.6.22/debian/build/build-generic/fs/unionfs/inode.c:1057!
[ 305.507943] invalid opcode: 0000 [1] SMP
[ 305.507949] CPU 1
[ 305.507954] Modules linked in: michael_mic arc4 ecb blkcipher ieee80211_crypt_tkip ipv6 i915 drm af_packet rfcomm l2cap bluetooth ppdev parport_pc lp parport acpi_cpufreq cpufreq_userspace cpufreq_stats cpufreq_powersave cpufreq_ondemand freq_table cpufreq_conservative video sbs container button dock battery ac snd_hda_intel snd_pcm_oss snd_mixer_oss snd_pcm snd_seq_dummy joydev snd_seq_oss snd_seq_midi uvcvideo snd_rawmidi compat_ioctl32 sdhci ipw3945 videodev v4l1_compat snd_seq_midi_event iTCO_wdt snd_seq v4l2_common mmc_core psmouse ieee80211 iTCO_vendor_support ieee80211_crypt snd_timer snd_seq_device serio_raw snd soundcore snd_page_alloc shpchp pci_hotplug intel_agp evdev squashfs loop unionfs nls_cp437 isofs ext3 jbd mbcache sr_mod cdrom sg sd_mod ata_piix ahci ata_generic libata scsi_mod e100 mii ohci1394 ieee1394 ehci_hcd uhci_hcd usbcore thermal processor fan fuse apparmor commoncap
[ 305.508078] Pid: 20338, comm: gnome-codec-ins Not tainted 2.6.22-12-generic #1
[ 305.508084] RIP: 0010:[<ffffffff88185394>] [<ffffffff88185394>] :unionfs:unionfs_setattr+0x4a4/0x4b0
[ 305.508106] RSP: 0018:ffff81002b6b3cc8 EFLAGS: 00010246
[ 305.508112] RAX: ffff81003f115640 RBX: ffff81002ab22a48 RCX: 0000000000000000
[ 305.508118] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 305.508124] RBP: 0000000000000068 R08: ffff8100357ecd20 R09: 0000000000000001
[ 305.508130] R10: ffff81002ab22a48 R11: ffff81002ab22ad8 R12: 0000000000000000
[ 305.508137] R13: ffff81002a1ee4e0 R14: ffff810037caac30 R15: ffff81002b6b3d98
[ 305.508145] FS: 00002ae7f6b4b6e0(0000) GS:ffff810001465280(0000) knlGS:0000000000000000
[ 305.508151] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[ 305.508157] CR2: 00002ae805820230 CR3: 000000002932c000 CR4: 00000000000006e0
[ 305.508165] Process gnome-codec-ins (pid: 20338, threadinfo ffff81002b6b2000, task ffff8100161f06e0)
[ 305.508170] Stack: 00000000000001b6 000000000000000f ffff81002b6b3d98 ffffff8c80433d42
[ 305.508183] ffff810014985600 ffff81002b6b3d98 0000000000000068 0000000000000000
[ 305.508193] ffff81002ab22a48 ffff810037caac30 0000000000000008 ffffffff802b0660
[ 305.508203] Call Trace:
[ 305.508232] [<ffffffff802b0660>] notify_change+0x300/0x3d0
[ 305.508260] [<ffffffff802980c1>] do_truncate+0x71/0xa0
[ 305.508288] [<ffffffff802a2f4c>] may_open+0x1fc/0x2a0
[ 305.508302] [<ffffffff802a5919>] open_namei+0x99/0x6d0
[ 305.508311] [<ffffffff8029cc97>] cp_new_stat+0xe7/0x100
[ 305.508336] [<ffffffff8029777c>] do_filp_open+0x1c/0x50
[ 305.508376] [<ffffffff8029780a>] do_sys_open+0x5a/0x100
[ 305.508391] [<ffffffff80209e8e>] system_call+0x7e/0x83
[ 305.508417]
[ 305.508420]
[ 305.508422] Code: 0f 0b eb fe 0f 0b eb fe 0f 1f 40 00 48 83 ec 28 48 89 1c 24
[ 305.508444] RIP [<ffffffff88185394>] :unionfs:unionfs_setattr+0x4a4/0x4b0
[ 305.508461] RSP <ffff81002b6b3cc8>

Brian Murray (brian-murray) wrote :

Just running apt-get update I was able to reproduce the bug. I received error messages in the update, "Could not open file" and "13 Permission denied", and then a "Segmentation faultsts... 0%" error message. The call trace looked exactly the same.

Martin Pitt (pitti) wrote :

I heared several reports about unionfs oopses, marking for beta

Changed in linux-ubuntu-modules-2.6.22:
importance: Undecided → High
Steve Dodd (anarchetic) wrote :

I'm getting this running the Ubuntu i386 Gutsy Beta Live CD. Loading firefox, going Tools -> Add-ons, and selecting "Ubuntu add-ons" seems to trigger it for me.

Changed in linux-ubuntu-modules-2.6.22:
status: New → Triaged
Brian Murray (brian-murray) wrote :

There is a daily iso available at that should not have this issue anymore. The md5sum for the iso is 70b5577d8a5c6ea820844ea704f9f5ee. Please report back if you still have problems with that iso. Thanks in advance.

Fixed for me. Thanks.

Steve Dodd (anarchetic) wrote :


Looks solid here, couldn't crash it...

Ben Collins (ben-collins) wrote :

Reverted to patched unionfs-1.4. This seems to fix things for testers. Uploaded to lum today.

Changed in linux-ubuntu-modules-2.6.22:
assignee: nobody → ben-collins
status: Triaged → Fix Committed
Steve Dodd (anarchetic) wrote :

Incidentally, does the reversion to unionfs 1.x mean that bug #84591 (live CD/USB persistence broken) is back (if it ever went away)?

Ben Collins (ben-collins) wrote :

linux-ubuntu-modules-2.6.22 (2.6.22-13.34) gutsy; urgency=low

  * unionfs: Revert unionfs-2.1 to 1.4 with fixes for AppArmor VFS changes
    - LP: #144945

 -- Ben Collins <email address hidden> Mon, 08 Oct 2007 10:59:51 -0400

Changed in linux-ubuntu-modules-2.6.22:
status: Fix Committed → Fix Released
Cláudio Silva (gphoenixpower) wrote :

I had that problem when i tried to install gutsy. It reached 87% (every single time), while downloading the language packs. So, after 3 of these, tried to delete the partitions that i made previosly with OpenSuse (tried the 10.3, didn't like it) and voilá! No more errors.

Jonas Bonn (jonas.bonn) wrote :

There was a bugfix from Unionfs 2.0 backported to 1.2 as per bug #85145.

Bug #150788 is reporting a problem that looks like the problem reported in bug #85145... has that backport been missed in the UnionFS 1.4 that is in Gutsy now?

hogliux (f-renn) wrote :

Neither the current 7.10 official release nor the iso image that brian murray posted above have resolved my compaq evo N600c from crashing in the module unionfs, when I try to boot from the install CD. The crash comes after the first Ubuntu boot progress bar when the screen turns to black. Here is the crash dump:

[ 217.644000] EIP is at unionfs_rename+0x4df/0x9f0 [unionfs]
[ 217.644000] eax: 00008000 ebx: 00000002 ecx: 00000000 edx: c47aa550
[ 217.644000] esi: 00000000 edi: ffffffff ebp: 00000001 esp: c2029e24
[ 217.644000] ds: 007b es: 007b fs: 00d8 gs: 0033 ss: 0068
[ 217.644000] Process debconf-set-sel (pid: 5148, ti=c2028000 task=c64f4f90 task.ti=c2028000)
[ 217.644000] Stack: 00000000 00000000 00761492 00000000 c04c0930 c47aa550 c04c0930 ffffffe4
[ 217.644000] 00000001 c7d878c0 00000001 00000000 00000002 c06b3990 00000000 00000000
[ 217.644000] 00000000 00000001 00000000 00000000 00000001 00000000 c89412e0 c47aa550
[ 217.644000] Call Trace:
[ 217.644000] [<c0188d1e>] vfs_rename+0x3de/0x480
[ 217.644000] [<c018ac36>] sys_renameat+0x1e6/0x220
[ 217.644000] [<c0183cfe>] sys_stat64+0x1e/0x30
[ 217.644000] [<c018ac97>] sys_rename+0x27/0x30
[ 217.644000] [<c01041d2>] sysenter_past_esp+0x6b/0xa9
[ 217.644000] =======================
[ 217.644000] Code: 40 00 00 0f 84 f4 02 00 00 8b ...
[ 217.644000] EIP: [<c893739f>] unionfs_rename+0x4df/0x940 [unionfs] SS:ESP 0068:c2029e24

Please someone help!

Hi hogliux,

Comparing the crash report of the original bug and what you are seeing, it appears to me that you are experiencing a different bug (although still pertaining to unionfs). Care to open a new bug report with the issue you are noticing? Please be sure to include the crash dump you are seeing as well as the steps to reproduce. For more information regarding the Kernel Team bug policies please refer to: . Please feel free to assign the bug to me "leannogasawara" so that I make sure to triage it appropriately. Thanks!

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers