Something in the Kernel crashes when I try to mount via NFS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| linux (Ubuntu) |
High
|
Unassigned | ||
| Precise |
Undecided
|
Luis Henriques | ||
| Trusty |
Undecided
|
Luis Henriques | ||
| linux-lts-utopic (Ubuntu) |
Undecided
|
Unassigned | ||
| Precise |
Undecided
|
Unassigned | ||
| Trusty |
Undecided
|
Luis Henriques |
Bug Description
I have a vagrant virtual machine that mounts a directory on my computer via NFS, this does not work and the reason seems to be this. My System is using SMP, reverting to the kernel before solves the problem.
Broken: Linux paul-ThinkPad-T430s 3.13.0-66-generic
Working: Broken: Linux paul-ThinkPad-T430s 3.13.0-65-generic
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
[ 84.360198] IP: [<ffffffff8161d
[ 84.360224] PGD 0
[ 84.360232] Oops: 0000 [#1] SMP
[ 84.360246] Modules linked in: ctr ccm pci_stub vboxpci(OX) vboxnetadp(OX) vboxnetflt(OX) vboxdrv(OX) vmw_vsock_
[ 84.360613] CPU: 2 PID: 1507 Comm: nfsd Tainted: G OX 3.13.0-66-generic #108-Ubuntu
[ 84.360643] Hardware name: LENOVO 2355CTO/2355CTO, BIOS G7ET95WW (2.55 ) 07/10/2013
[ 84.360673] task: ffff880036929800 ti: ffff880036b7a000 task.ti: ffff880036b7a000
[ 84.360696] RIP: 0010:[<
[ 84.360728] RSP: 0018:ffff880036
[ 84.360743] RAX: 0000000000000000 RBX: ffff880035910700 RCX: 0000000000000000
[ 84.360762] RDX: 0000000000000000 RSI: 0000000000000030 RDI: ffff88038e23ab00
[ 84.360781] RBP: ffff880036b7bbf8 R08: 0000000000000000 R09: 0000000062e59d1a
[ 84.360800] R10: 0000000000000000 R11: 0000000000000004 R12: 0000000000000008
[ 84.360819] R13: ffff88038e23ab00 R14: 0000000000000028 R15: ffff88038e23ab00
[ 84.360838] FS: 000000000000000
[ 84.360859] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 84.360874] CR2: 0000000000000008 CR3: 0000000425ea0000 CR4: 00000000001427e0
[ 84.360893] Stack:
[ 84.360900] ffffffff81616f66 ffffffff81616fb0 ffff880035910700 ffff880036b7bdf8
[ 84.360924] 0000000000000000 0000000000000028 ffff88038e23ab00 ffff880036b7bc60
[ 84.360948] ffffffff8168b2ec ffff880426f8c028 ffff880035910770 0000000200000000
[ 84.360972] Call Trace:
[ 84.360984] [<ffffffff81616
[ 84.361005] [<ffffffff81616
[ 84.361025] [<ffffffff8168b
[ 84.361046] [<ffffffff81696
[ 84.361065] [<ffffffff8160f
[ 84.361087] [<ffffffff81075
[ 84.361106] [<ffffffff81727
[ 84.361126] [<ffffffff8160f
[ 84.361164] [<ffffffffa05b5
[ 84.361185] [<ffffffff8172c
[ 84.361211] [<ffffffffa05c2
[ 84.361237] [<ffffffffa05c3
[ 84.361255] [<ffffffff81077
[ 84.361276] [<ffffffffa063e
[ 84.361295] [<ffffffffa063e
[ 84.361313] [<ffffffff8108b
[ 84.361328] [<ffffffff8108b
[ 84.361346] [<ffffffff81734
[ 84.361362] [<ffffffff8108b
[ 84.361383] Code: 44 00 00 55 31 c0 48 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 f4 53 48 83 ec 10 8b 77 68 41 89 f6 45 29 e6 0f 84 89 00 00 00 <48> 8b 42 08 48 89 d3 48 85 c0 75 14 0f 1f 80 00 00 00 00 48 83
[ 84.361514] RIP [<ffffffff8161d
[ 84.361546] RSP <ffff880036b7bbc0>
[ 84.361557] CR2: 0000000000000008
[ 84.366322] ---[ end trace f8aceef52c8aecd1 ]---
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: linux-image-
ProcVersionSign
Uname: Linux 3.13.0-66-generic x86_64
ApportVersion: 2.14.1-0ubuntu3.16
Architecture: amd64
AudioDevicesInUse:
USER PID ACCESS COMMAND
/dev/snd/
CurrentDesktop: GNOME
Date: Wed Oct 21 17:05:35 2015
HibernationDevice: RESUME=
InstallationDate: Installed on 2013-10-05 (745 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MachineType: LENOVO 2355CTO
ProcFB: 0 inteldrmfb
ProcKernelCmdLine: BOOT_IMAGE=
RelatedPackageV
linux-
linux-
linux-firmware 1.127.15
SourcePackage: linux
UpgradeStatus: Upgraded to trusty on 2014-04-24 (544 days ago)
dmi.bios.date: 07/10/2013
dmi.bios.vendor: LENOVO
dmi.bios.version: G7ET95WW (2.55 )
dmi.board.
dmi.board.name: 2355CTO
dmi.board.vendor: LENOVO
dmi.board.version: 0B98401 Pro
dmi.chassis.
dmi.chassis.type: 10
dmi.chassis.vendor: LENOVO
dmi.chassis.
dmi.modalias: dmi:bvnLENOVO:
dmi.product.name: 2355CTO
dmi.product.
dmi.sys.vendor: LENOVO
Paul Weber (p4ul-weber+ubuntuone) wrote : | #1 |
Changed in linux (Ubuntu): | |
status: | New → Confirmed |
Joseph Salisbury (jsalisbury) wrote : | #3 |
Would it be possible for you to test the latest upstream stable kernel? Refer to https:/
If this bug is fixed in the mainline kernel, please add the following tag 'kernel-
If the mainline kernel does not fix this bug, please add the tag: 'kernel-
If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-
Once testing of the upstream kernel is complete, please mark this bug as "Confirmed".
Thanks in advance.
[0] http://
Changed in linux (Ubuntu): | |
importance: | Undecided → High |
tags: | added: kernel-da-key regression-update |
Changed in linux (Ubuntu): | |
status: | Confirmed → Incomplete |
Paul Weber (p4ul-weber+ubuntuone) wrote : | #4 |
Will try.
Paul Weber (p4ul-weber+ubuntuone) wrote : | #5 |
Nope ... did not work
uname -a
Linux paul-ThinkPad-T430s 3.13.11-
[ 133.141688] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
[ 133.141734] IP: [<ffffffff8160f
[ 133.141773] PGD 0
[ 133.141785] Oops: 0000 [#1] SMP
[ 133.141804] Modules linked in: ctr ccm pci_stub vboxpci(OF) vboxnetadp(OF) vboxnetflt(OF) vboxdrv(OF) vmw_vsock_
[ 133.142227] CPU: 3 PID: 1503 Comm: nfsd Tainted: GF O 3.13.11-
[ 133.142251] Hardware name: LENOVO 2355CTO/2355CTO, BIOS G7ET95WW (2.55 ) 07/10/2013
[ 133.142271] task: ffff8803f588c800 ti: ffff8803f4c4a000 task.ti: ffff8803f4c4a000
[ 133.142291] RIP: 0010:[<
[ 133.142318] RSP: 0018:ffff8803f4
[ 133.142332] RAX: 0000000000000000 RBX: ffff880425cf0380 RCX: 0000000000000000
[ 133.142350] RDX: 0000000000000000 RSI: 0000000000000030 RDI: ffff8803756e7100
[ 133.142369] RBP: ffff8803f4c4bbf8 R08: 0000000000000000 R09: 000000005fe5a01a
[ 133.142388] R10: 0000000000000000 R11: 0000000000000005 R12: 0000000000000008
[ 133.142406] R13: ffff8803756e7100 R14: 0000000000000028 R15: ffff8803756e7100
[ 133.142425] FS: 000000000000000
[ 133.142445] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 133.142460] CR2: 0000000000000008 CR3: 0000000002c0e000 CR4: 00000000001427e0
[ 133.142479] Stack:
[ 133.142486] ffffffff81608836 ffffffff81608880 ffff880425cf0380 ffff8803f4c4bdf8
[ 133.142509] 0000000000000000 0000000000000028 ffff8803756e7100 ffff8803f4c4bc60
[ 133.142532] ffffffff8167c6dc ffff880426ff8028 ffff880425cf03f0 0000000200000000
[ 133.142555] Call Trace:
[ 133.142564] [<ffffffff81608
[ 133.142580] [<ffffffff81608
[ 133.142596] [<ffffffff8167c
[ 133.142612] [<ffffffff81687
[ 133.142628] [<ffffffff81600
[ 133.142644] [<ffffffff81074
[ 133.142661] [<fffffff...
tags: | added: kernel-bug-exists-upstream |
Changed in linux (Ubuntu): | |
status: | Incomplete → Confirmed |
Andreas Bouché (a-bouche) wrote : | #6 |
I can confirm this. The same behaviour occurs with the latest utopic-kernel (3.16.0-51). Going back to 3.16.0-50 solves the problem.
This happens only when using nfs v3 over UDP like so:
mount -o 'vers=3,udp' 192.168.
Using NFS v4 and/or TCP works without problem. For vagrant, you can use nfs_udp: false as a workaround, as I described here:
https:/
Luis Henriques (henrix) wrote : | #8 |
We do suspect of a backport of upstream commit 89c22d8c3b27 ("net: Fix skb csum races when peeking") (which is 2dde51aa5339 in the trusty git tree). I've built a test kernel with this commit reverted on top of 3.13.0-66.108 and uploaded it here:
http://
Could you please verify if this solves the issue? Thanks.
Andreas Bouché (a-bouche) wrote : | #9 |
Yes, this patch solves the issue for me. Mount command works as expected and kernel-log stays quiet.
Luis Henriques (henrix) wrote : Re: [Bug 1508510] Re: Something in the Kernel crashes when I try to mount via NFS | #10 |
Thanks a lot for testing, Andreas. Regarding the utopic kernel
(3.16.0-51) issue you also refer, are you absolutely sure it's the
same problem? Can you please share the kernel log?
I'm assuming you're running trusty lts-utopic for this, so in the
morning I will try to reproduce it (I was able to reproduce it with
the 3.13).
marius888 (madawi) wrote : | #11 |
I have kernel 3.16.0-51 and the issue is the same. Going back to 3.16.0-50 solves the problem.
Andreas Bouché (a-bouche) wrote : | #12 |
Thanks @marius888.
Yes, behaviour and the log-messages were exactly the same under 3.16.0-51, as you can see in marius' stacktrace.
We were both facing this using vagrant-built virtualbox-machines with NFS-shares on Lenovo Thinkpads W520/30.
I will try to reproduce it also on lts-vivid shortly.
Luis Henriques (henrix) wrote : | #13 |
Thank you. Andreas, I believe vivid is not impacted by this bug. Looks like the issue has been reported to the stable mailing-list:
http://
Thank you all for reporting and testing.
Changed in linux (Ubuntu Trusty): | |
status: | New → Triaged |
Changed in linux (Ubuntu Precise): | |
status: | New → Triaged |
assignee: | nobody → Luis Henriques (henrix) |
Changed in linux (Ubuntu Trusty): | |
assignee: | nobody → Luis Henriques (henrix) |
Changed in linux-lts-utopic (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | New → Triaged |
assignee: | nobody → Luis Henriques (henrix) |
Changed in linux-lts-utopic (Ubuntu): | |
status: | New → Invalid |
Changed in linux (Ubuntu): | |
status: | Confirmed → Invalid |
Andreas Bouché (a-bouche) wrote : | #14 |
You are right, no problems, neither with 3.19.0-31 nor with 3.19.0-30.
Changed in linux (Ubuntu Trusty): | |
status: | Triaged → Fix Committed |
Changed in linux (Ubuntu Precise): | |
status: | Triaged → Fix Committed |
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | Triaged → Fix Committed |
Brad Figg (brad-figg) wrote : | #15 |
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/
tags: | added: verification-needed-precise |
tags: | added: verification-needed-trusty |
Brad Figg (brad-figg) wrote : | #16 |
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-
If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.
See https:/
Nick Sillito (nick-sillitos) wrote : | #17 |
Based on the duplicate bug that I raised, 1509666, I can confirm that with kernel 3.13.0-67-generic loaded, the bug I saw (relating to mounting in OSX) is solved.
I have added the verification-
tags: |
added: verification-done-trusty removed: verification-needed-trusty |
Andreas Bouché (a-bouche) wrote : | #18 |
I can confirm that, too. No issue with kernel 3.13.0-67 from trusty-proposed.
Luis Henriques (henrix) wrote : | #19 |
I can also confirm that all the kernels have this bug fixed (precise 3.2.0-93.133, trusty 3.13.0-67.110 and lts-utopic 3.16.0-
tags: |
added: verification-done-precise verification-done-utopic removed: verification-needed-precise |
Launchpad Janitor (janitor) wrote : | #20 |
This bug was fixed in the package linux - 3.2.0-93.133
---------------
linux (3.2.0-93.133) precise; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1509350
[ Upstream Kernel Changes ]
* Revert "net: Fix skb csum races when peeking"
- LP: #1508510
linux (3.2.0-93.132) precise; urgency=low
[ Brad Figg ]
* Release Tracking Bug
- LP: #1508939
[ Upstream Kernel Changes ]
* Revert "sctp: Fix race between OOTB responce and route removal"
- LP: #1507665
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- LP: #1441108
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- LP: #1441108
- CVE-2015-2925
* ipv6: Fix build failure when CONFIG_INET disabled
- LP: #1507665
* pktgen: Require CONFIG_INET due to use of IPv4 checksum function
- LP: #1507665
* xen/gntdev: convert priv->lock to a mutex
- LP: #1507665
* xen/gntdevt: Fix race condition in gntdev_release()
- LP: #1507665
* crypto: ixp4xx - Remove bogus BUG_ON on scattered dst buffer
- LP: #1507665
* USB: sierra: add 1199:68AB device ID
- LP: #1507665
* target/iscsi: Fix double free of a TUR followed by a solicited NOPOUT
- LP: #1507665
* md/raid1: extend spinlock to protect raid1_end_
inconsistencies
- LP: #1507665
* target: REPORT LUNS should return LUN 0 even for dynamic ACLs
- LP: #1507665
* MIPS: Fix sched_getaffinity with MT FPAFF enabled
- LP: #1507665
* xhci: fix off by one error in TRB DMA address boundary check
- LP: #1507665
* rds: fix an integer overflow test in rds_info_
- LP: #1507665
* perf: Fix fasync handling on inherited events
- LP: #1507665
* MIPS: Make set_pte() SMP safe.
- LP: #1507665
* ocfs2: fix BUG in ocfs2_downconve
- LP: #1507665
* net: Clone skb before setting peeked flag
- LP: #1507665
* net: Fix skb_set_peeked use-after-free bug
- LP: #1507665
* x86/ldt: Make modify_ldt synchronous
- LP: #1507665
* x86/ldt: Correct LDT access in single stepping logic
- LP: #1507665
* x86/ldt: Correct FPU emulation access to LDT
- LP: #1507665
* localmodconfig: Use Kbuild files too
- LP: #1507665
* dm btree: add ref counting ops for the leaves of top level btrees
- LP: #1507665
* libiscsi: Fix host busy blocking during connection teardown
- LP: #1507665
* libfc: Fix fc_fcp_
- LP: #1507665
* ipc,sem: fix use after free on IPC_RMID after a task using same
semaphore set exits
- LP: #1507665
* x86/ldt: Further fix FPU emulation
- LP: #1507665
* net: Fix RCU splat in af_key
- LP: #1507665
* sctp: donot reset the overall_error_count in SHUTDOWN_RECEIVE state
- LP: #1507665
* sparc64: Fix userspace FPU register corruptions.
- LP: #1507665
* rc-core: fix remove uevent generation
- LP: #1507665
* PCI: Fix TI816X class code quirk
- LP: #1507665
* mac80211: enable assoc check for mesh interfaces
- LP: #1507665
* PCI: Add dev_flags bit...
Changed in linux (Ubuntu Precise): | |
status: | Fix Committed → Fix Released |
Launchpad Janitor (janitor) wrote : | #21 |
This bug was fixed in the package linux - 3.13.0-67.110
---------------
linux (3.13.0-67.110) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1509341
[ Upstream Kernel Changes ]
* Revert "net: Fix skb csum races when peeking"
- LP: #1508510
linux (3.13.0-67.109) trusty; urgency=low
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1507963
[ Tim Gardner ]
* [Config] Add MMC modules sufficient for net booting
- LP: #1502772
[ Upstream Kernel Changes ]
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- LP: #1441108
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- LP: #1441108
- CVE-2015-2925
-- Luis Henriques <email address hidden> Fri, 23 Oct 2015 11:53:53 +0100
Changed in linux (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
Launchpad Janitor (janitor) wrote : | #22 |
This bug was fixed in the package linux-lts-utopic - 3.16.0-
---------------
linux-lts-utopic (3.16.0-
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1509362
[ Upstream Kernel Changes ]
* Revert "net: Fix skb csum races when peeking"
- LP: #1508510
linux-lts-utopic (3.16.0-
[ Luis Henriques ]
* Release Tracking Bug
- LP: #1508145
* [Config] updateconfigs after 3.16.7-ckt18 stable update
[ Tim Gardner ]
* [Config] Add MMC modules sufficient for net booting
- LP: #1502772
[ Upstream Kernel Changes ]
* USB: whiteheat: fix potential null-deref at probe
- LP: #1478826
- CVE-2015-5257
* dcache: Handle escaped paths in prepend_path
- LP: #1441108
- CVE-2015-2925
* vfs: Test for and handle paths that are unreachable from their mnt_root
- LP: #1441108
- CVE-2015-2925
* hyperv: Add processing of MTU reduced by the host
- LP: #1494431
* hv_netvsc: Add support to set MTU reservation from guest side
- LP: #1494431
* hv_netvsc: Add close of RNDIS filter into change mtu call
- LP: #1494431
* ipv6: addrconf: validate new MTU before applying it
- LP: #1508133
* v4l: omap3isp: Fix sub-device power management code
- LP: #1508133
* rc-core: fix remove uevent generation
- LP: #1508133
* HID: cp2112: fix I2C_SMBUS_BYTE write
- LP: #1508133
* HID: cp2112: fix byte order in SMBUS operations
- LP: #1508133
* xtensa: fix threadptr reload on return to userspace
- LP: #1508133
* ARM: OMAP2+: DRA7: clockdomain: change l4per2_7xx_clkdm to SW_WKUP
- LP: #1508133
* mac80211: enable assoc check for mesh interfaces
- LP: #1508133
* PCI: Add dev_flags bit to access VPD through function 0
- LP: #1508133
* PCI: Add VPD function 0 quirk for Intel Ethernet devices
- LP: #1508133
* staging: comedi: usbduxsigma: don't clobber ai_timer in command test
- LP: #1508133
* staging: comedi: usbduxsigma: don't clobber ao_timer in command test
- LP: #1508133
* clk: exynos4: Fix wrong clock for Exynos4x12 ADC
- LP: #1508133
* usb: dwc3: ep0: Fix mem corruption on OUT transfers of more than 512
bytes
- LP: #1508133
* Doc: ABI: testing: configfs-
- LP: #1508133
* Doc: ABI: testing: configfs-
- LP: #1508133
* serial: 8250_pci: Add support for Pericom PI7C9X795[1248]
- LP: #1508133
* KVM: MMU: fix validation of mmio page fault
- LP: #1508133
* auxdisplay: ks0108: fix refcount
- LP: #1508133
* devres: fix devres_get()
- LP: #1508133
* iio: adis16400: Fix adis16448 gyroscope scale
- LP: #1508133
* iio: Add inverse unit conversion macros
- LP: #1508133
* iio: adis16480: Fix scale factors
- LP: #1508133
* ideapad-laptop: Add Lenovo Yoga 3 14 to no_hw_rfkill dmi list
- LP: #1508133
* ASoC: rt5640: fix line out no sound issue
- LP: #1508133
* iio: industrialio-
- LP: #1508133
* iio: event: Remove negative error code from iio_event_poll
- LP: #1508133
* NFSv4: don't set SETATTR for O_...
Changed in linux-lts-utopic (Ubuntu Trusty): | |
status: | Fix Committed → Fix Released |
This change was made by a bot.