Ubuntu
linux package

Bug #459265
Activity log

Activity log for bug #459265

Date	Who	What changed	Old value	New value	Message
2009-10-23 17:33:26	Brian J. Murrell	bug			added bug
2009-10-23 17:39:55	Brian J. Murrell	bug watch added		http://bugzilla.kernel.org/show_bug.cgi?id=14249
2009-10-23 17:39:55	Brian J. Murrell	bug task added		linux
2009-10-23 19:54:51	Bug Watch Updater	linux: status	Unknown	Confirmed
2009-10-24 19:27:59	Bug Watch Updater	linux: status	Confirmed	In Progress
2009-11-11 08:00:37	Leann Ogasawara	linux (Ubuntu): importance	Undecided	Medium
2009-11-11 08:00:37	Leann Ogasawara	linux (Ubuntu): status	New	Triaged
2009-11-11 08:00:59	Leann Ogasawara	tags		2.6.31.6
2009-11-12 06:48:46	Bug Watch Updater	linux: status	In Progress	Fix Released
2009-11-12 15:18:42	Stefan Bader	nominated for series		Ubuntu Karmic
2009-11-12 15:30:51	Tim Gardner	bug task added		linux (Ubuntu Karmic)
2009-11-12 16:10:46	Stefan Bader	linux (Ubuntu): status	Triaged	Fix Released
2009-11-12 16:15:42	Stefan Bader	linux (Ubuntu Karmic): importance	Undecided	Medium
2009-11-12 16:15:42	Stefan Bader	linux (Ubuntu Karmic): status	New	Fix Committed
2009-11-12 16:18:11	Stefan Bader	description	As reported upstream, there is a regression in the 2.6.31 kernel with regard to GSS authenticated NFS mounts. I have run into this on the Karmic 2.6.31-14-generic #48-Ubuntu kernel. I can't see why this cannot and should not block the release of Karmic. For the benefit of this bug, the oops looks like: [253207.745918] BUG: unable to handle kernel NULL pointer dereference at 00000010 [253207.749013] IP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] [253207.753994] pde = 94fb8067 [253207.753994] Oops: 0000 [#1] SMP [253207.753994] last sysfs file: /sys/devices/pci0000:00/0000:00:0b.1/usb1/1-3/1-3:1.0/host6/target6:0:0/6:0:0:0/block/sde/sde1/stat [253207.753994] Modules linked in: xt_multiport binfmt_misc bridge stp bnep vboxnetflt vboxdrv tun des_generic cbc autofs4 video output rpcsec_gss_krb5 nfsd exportfs nfs lockd nfs_acl auth_rpcgss sunrpc nf_conntrack_ipv6 xt_hl ipt_LOG xt_limit ipt_REJECT xt_tcpudp x [253207.842462] [253207.842462] Pid: 4036, comm: rpciod/1 Tainted: P (2.6.31-14-generic #48-Ubuntu) System Product Name [253207.842462] EIP: 0060:[<fb27d24b>] EFLAGS: 00010296 CPU: 1 [253207.842462] EIP is at gss_validate+0x7b/0x1d0 [auth_rpcgss] [253207.842462] EAX: 00000004 EBX: 00000000 ECX: f6abde80 EDX: f28128e4 [253207.842462] ESI: 00000025 EDI: ec7b6fc4 EBP: f6abdea4 ESP: f6abde40 [253207.842462] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [253207.842462] Process rpciod/1 (pid: 4036, ti=f6abc000 task=f6a33ed0 task.ti=f6abc000) [253207.842462] Stack: [253207.842462] f6abde58 c049ca59 00000001 00000001 f28128e4 e43210c0 f6abde94 00000004 [253207.842462] <0> 00000000 00000000 f6abde8c c0121270 00000000 02020202 00000004 00000004 [253207.842462] <0> 00000025 f28128e4 f6abde94 00000004 00000100 85030000 ec7b6fc4 e43210c0 [253207.842462] Call Trace: [253207.842462] [<c049ca59>] ? net_tx_action+0x59/0x130 [253207.842462] [<c0121270>] ? ack_apic_level+0x60/0x230 [253207.842462] [<fb242bf2>] ? rpcauth_checkverf+0x22/0x60 [sunrpc] [253207.842462] [<c014b60f>] ? irq_exit+0x2f/0x70 [253207.842462] [<c0104f10>] ? do_IRQ+0x50/0xc0 [253207.842462] [<fb23b2df>] ? rpc_verify_header+0x1af/0x5c0 [sunrpc] [253207.842462] [<c01039b0>] ? common_interrupt+0x30/0x40 [253207.842462] [<fb23b807>] ? call_decode+0x117/0x220 [sunrpc] [253207.842462] [<fb33dfd0>] ? nfs4_xdr_dec_read+0x0/0x60 [nfs] [253207.842462] [<fb242022>] ? __rpc_execute+0x92/0x1f0 [sunrpc] [253207.842462] [<fb2421ab>] ? rpc_async_schedule+0xb/0x10 [sunrpc] [253207.842462] [<c0157a7e>] ? run_workqueue+0x6e/0x140 [253207.842462] [<fb2421a0>] ? rpc_async_schedule+0x0/0x10 [sunrpc] [253207.842462] [<c0157bd8>] ? worker_thread+0x88/0xe0 [253207.842462] [<c015c280>] ? autoremove_wake_function+0x0/0x40 [253207.842462] [<c0157b50>] ? worker_thread+0x0/0xe0 [253207.842462] [<c015bf8c>] ? kthread+0x7c/0x90 [253207.842462] [<c015bf10>] ? kthread+0x0/0x90 [253207.842462] [<c0104007>] ? kernel_thread_helper+0x7/0x10 [253207.842462] Code: 55 b4 8b 40 64 0f c8 89 45 f0 8d 45 f0 89 45 e4 8d 45 e4 c7 45 e8 04 00 00 00 e8 31 cf fc ff 8b 55 ac 8d 4d dc 89 75 dc 89 55 e0 <8b> 43 10 8d 55 b4 e8 2a 11 00 00 3d 00 00 0c 00 74 6b 85 c0 75 [253207.842462] EIP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] SS:ESP 0068:f6abde40 [253207.842462] CR2: 0000000000000010 [253207.845072] ---[ end trace ad285e035a384c5f ]--- [253208.107509] BUG: unable to handle kernel NULL pointer dereference at 00000010 [253208.107518] IP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] [253208.107534] pde = aee17067 [253208.107537] Oops: 0000 [#2] SMP [253208.107540] last sysfs file: /sys/devices/pci0000:00/0000:00:0b.1/usb1/1-3/1-3:1.0/host6/target6:0:0/6:0:0:0/block/sde/sde1/stat [253208.107544] Modules linked in: xt_multiport binfmt_misc bridge stp bnep vboxnetflt vboxdrv tun des_generic cbc autofs4 video output rpcsec_gss_krb5 nfsd exportfs nfs lockd nfs_acl auth_rpcgss sunrpc nf_conntrack_ipv6 xt_hl ipt_LOG xt_limit ipt_REJECT xt_tcpudp x [253208.107607] [253208.107611] Pid: 4033, comm: rpciod/0 Tainted: P D (2.6.31-14-generic #48-Ubuntu) System Product Name [253208.107614] EIP: 0060:[<fb27d24b>] EFLAGS: 00010296 CPU: 0 [253208.107620] EIP is at gss_validate+0x7b/0x1d0 [auth_rpcgss] [253208.107622] EAX: 00000004 EBX: 00000000 ECX: f64f7e80 EDX: d80a68e4 [253208.107625] ESI: 00000025 EDI: eb716c44 EBP: f64f7ea4 ESP: f64f7e40 [253208.107627] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [253208.107630] Process rpciod/0 (pid: 4033, ti=f64f6000 task=f6a34b60 task.ti=f64f6000) [253208.107632] Stack: [253208.107633] c0127c38 f64f7e58 c05707da f7070000 d80a68e4 e43210c0 f64f7e94 00000004 [253208.107637] <0> 00000000 00000000 00000292 ecb2d204 00000000 c0150c2b 00000004 00000004 [253208.107641] <0> 00000025 d80a68e4 f64f7e94 00000004 2942dfc4 88030000 eb716c44 e43210c0 [253208.107646] Call Trace: [253208.107655] [<c0127c38>] ? default_spin_lock_flags+0x8/0x10 [253208.107660] [<c05707da>] ? _spin_lock_irqsave+0x2a/0x40 [253208.107664] [<c0150c2b>] ? mod_timer+0xcb/0x140 [253208.107695] [<fb242bf2>] ? rpcauth_checkverf+0x22/0x60 [sunrpc] [253208.107709] [<fb23b2df>] ? rpc_verify_header+0x1af/0x5c0 [sunrpc] [253208.107723] [<fb23b807>] ? call_decode+0x117/0x220 [sunrpc] [253208.107756] [<fb33dfd0>] ? nfs4_xdr_dec_read+0x0/0x60 [nfs] [253208.107772] [<fb242022>] ? __rpc_execute+0x92/0x1f0 [sunrpc] [253208.107806] [<fb2421ab>] ? rpc_async_schedule+0xb/0x10 [sunrpc] [253208.107811] [<c0157a7e>] ? run_workqueue+0x6e/0x140 [253208.107836] [<fb2421a0>] ? rpc_async_schedule+0x0/0x10 [sunrpc] [253208.107849] [<c0157bd8>] ? worker_thread+0x88/0xe0 [253208.107858] [<c015c280>] ? autoremove_wake_function+0x0/0x40 [253208.107867] [<c0157b50>] ? worker_thread+0x0/0xe0 [253208.107870] [<c015bf8c>] ? kthread+0x7c/0x90 [253208.107873] [<c015bf10>] ? kthread+0x0/0x90 [253208.107877] [<c0104007>] ? kernel_thread_helper+0x7/0x10 [253208.107878] Code: 55 b4 8b 40 64 0f c8 89 45 f0 8d 45 f0 89 45 e4 8d 45 e4 c7 45 e8 04 00 00 00 e8 31 cf fc ff 8b 55 ac 8d 4d dc 89 75 dc 89 55 e0 <8b> 43 10 8d 55 b4 e8 2a 11 00 00 3d 00 00 0c 00 74 6b 85 c0 75 [253208.107898] EIP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] SS:ESP 0068:f64f7e40 [253208.107906] CR2: 0000000000000010 [253208.107909] ---[ end trace ad285e035a384c60 ]---	SRU Justification: Impact: Unbalanced references caused use after free which result in an oops. Fix: Patch coming in with 2.6.31.2 --- As reported upstream, there is a regression in the 2.6.31 kernel with regard to GSS authenticated NFS mounts. I have run into this on the Karmic 2.6.31-14-generic #48-Ubuntu kernel. I can't see why this cannot and should not block the release of Karmic. For the benefit of this bug, the oops looks like: [253207.745918] BUG: unable to handle kernel NULL pointer dereference at 00000010 [253207.749013] IP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] [253207.753994] pde = 94fb8067 [253207.753994] Oops: 0000 [#1] SMP [253207.753994] last sysfs file: /sys/devices/pci0000:00/0000:00:0b.1/usb1/1-3/1-3:1.0/host6/target6:0:0/6:0:0:0/block/sde/sde1/stat [253207.753994] Modules linked in: xt_multiport binfmt_misc bridge stp bnep vboxnetflt vboxdrv tun des_generic cbc autofs4 video output rpcsec_gss_krb5 nfsd exportfs nfs lockd nfs_acl auth_rpcgss sunrpc nf_conntrack_ipv6 xt_hl ipt_LOG xt_limit ipt_REJECT xt_tcpudp x [253207.842462] [253207.842462] Pid: 4036, comm: rpciod/1 Tainted: P (2.6.31-14-generic #48-Ubuntu) System Product Name [253207.842462] EIP: 0060:[<fb27d24b>] EFLAGS: 00010296 CPU: 1 [253207.842462] EIP is at gss_validate+0x7b/0x1d0 [auth_rpcgss] [253207.842462] EAX: 00000004 EBX: 00000000 ECX: f6abde80 EDX: f28128e4 [253207.842462] ESI: 00000025 EDI: ec7b6fc4 EBP: f6abdea4 ESP: f6abde40 [253207.842462] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [253207.842462] Process rpciod/1 (pid: 4036, ti=f6abc000 task=f6a33ed0 task.ti=f6abc000) [253207.842462] Stack: [253207.842462] f6abde58 c049ca59 00000001 00000001 f28128e4 e43210c0 f6abde94 00000004 [253207.842462] <0> 00000000 00000000 f6abde8c c0121270 00000000 02020202 00000004 00000004 [253207.842462] <0> 00000025 f28128e4 f6abde94 00000004 00000100 85030000 ec7b6fc4 e43210c0 [253207.842462] Call Trace: [253207.842462] [<c049ca59>] ? net_tx_action+0x59/0x130 [253207.842462] [<c0121270>] ? ack_apic_level+0x60/0x230 [253207.842462] [<fb242bf2>] ? rpcauth_checkverf+0x22/0x60 [sunrpc] [253207.842462] [<c014b60f>] ? irq_exit+0x2f/0x70 [253207.842462] [<c0104f10>] ? do_IRQ+0x50/0xc0 [253207.842462] [<fb23b2df>] ? rpc_verify_header+0x1af/0x5c0 [sunrpc] [253207.842462] [<c01039b0>] ? common_interrupt+0x30/0x40 [253207.842462] [<fb23b807>] ? call_decode+0x117/0x220 [sunrpc] [253207.842462] [<fb33dfd0>] ? nfs4_xdr_dec_read+0x0/0x60 [nfs] [253207.842462] [<fb242022>] ? __rpc_execute+0x92/0x1f0 [sunrpc] [253207.842462] [<fb2421ab>] ? rpc_async_schedule+0xb/0x10 [sunrpc] [253207.842462] [<c0157a7e>] ? run_workqueue+0x6e/0x140 [253207.842462] [<fb2421a0>] ? rpc_async_schedule+0x0/0x10 [sunrpc] [253207.842462] [<c0157bd8>] ? worker_thread+0x88/0xe0 [253207.842462] [<c015c280>] ? autoremove_wake_function+0x0/0x40 [253207.842462] [<c0157b50>] ? worker_thread+0x0/0xe0 [253207.842462] [<c015bf8c>] ? kthread+0x7c/0x90 [253207.842462] [<c015bf10>] ? kthread+0x0/0x90 [253207.842462] [<c0104007>] ? kernel_thread_helper+0x7/0x10 [253207.842462] Code: 55 b4 8b 40 64 0f c8 89 45 f0 8d 45 f0 89 45 e4 8d 45 e4 c7 45 e8 04 00 00 00 e8 31 cf fc ff 8b 55 ac 8d 4d dc 89 75 dc 89 55 e0 <8b> 43 10 8d 55 b4 e8 2a 11 00 00 3d 00 00 0c 00 74 6b 85 c0 75 [253207.842462] EIP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] SS:ESP 0068:f6abde40 [253207.842462] CR2: 0000000000000010 [253207.845072] ---[ end trace ad285e035a384c5f ]--- [253208.107509] BUG: unable to handle kernel NULL pointer dereference at 00000010 [253208.107518] IP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] [253208.107534] pde = aee17067 [253208.107537] Oops: 0000 [#2] SMP [253208.107540] last sysfs file: /sys/devices/pci0000:00/0000:00:0b.1/usb1/1-3/1-3:1.0/host6/target6:0:0/6:0:0:0/block/sde/sde1/stat [253208.107544] Modules linked in: xt_multiport binfmt_misc bridge stp bnep vboxnetflt vboxdrv tun des_generic cbc autofs4 video output rpcsec_gss_krb5 nfsd exportfs nfs lockd nfs_acl auth_rpcgss sunrpc nf_conntrack_ipv6 xt_hl ipt_LOG xt_limit ipt_REJECT xt_tcpudp x [253208.107607] [253208.107611] Pid: 4033, comm: rpciod/0 Tainted: P D (2.6.31-14-generic #48-Ubuntu) System Product Name [253208.107614] EIP: 0060:[<fb27d24b>] EFLAGS: 00010296 CPU: 0 [253208.107620] EIP is at gss_validate+0x7b/0x1d0 [auth_rpcgss] [253208.107622] EAX: 00000004 EBX: 00000000 ECX: f64f7e80 EDX: d80a68e4 [253208.107625] ESI: 00000025 EDI: eb716c44 EBP: f64f7ea4 ESP: f64f7e40 [253208.107627] DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 [253208.107630] Process rpciod/0 (pid: 4033, ti=f64f6000 task=f6a34b60 task.ti=f64f6000) [253208.107632] Stack: [253208.107633] c0127c38 f64f7e58 c05707da f7070000 d80a68e4 e43210c0 f64f7e94 00000004 [253208.107637] <0> 00000000 00000000 00000292 ecb2d204 00000000 c0150c2b 00000004 00000004 [253208.107641] <0> 00000025 d80a68e4 f64f7e94 00000004 2942dfc4 88030000 eb716c44 e43210c0 [253208.107646] Call Trace: [253208.107655] [<c0127c38>] ? default_spin_lock_flags+0x8/0x10 [253208.107660] [<c05707da>] ? _spin_lock_irqsave+0x2a/0x40 [253208.107664] [<c0150c2b>] ? mod_timer+0xcb/0x140 [253208.107695] [<fb242bf2>] ? rpcauth_checkverf+0x22/0x60 [sunrpc] [253208.107709] [<fb23b2df>] ? rpc_verify_header+0x1af/0x5c0 [sunrpc] [253208.107723] [<fb23b807>] ? call_decode+0x117/0x220 [sunrpc] [253208.107756] [<fb33dfd0>] ? nfs4_xdr_dec_read+0x0/0x60 [nfs] [253208.107772] [<fb242022>] ? __rpc_execute+0x92/0x1f0 [sunrpc] [253208.107806] [<fb2421ab>] ? rpc_async_schedule+0xb/0x10 [sunrpc] [253208.107811] [<c0157a7e>] ? run_workqueue+0x6e/0x140 [253208.107836] [<fb2421a0>] ? rpc_async_schedule+0x0/0x10 [sunrpc] [253208.107849] [<c0157bd8>] ? worker_thread+0x88/0xe0 [253208.107858] [<c015c280>] ? autoremove_wake_function+0x0/0x40 [253208.107867] [<c0157b50>] ? worker_thread+0x0/0xe0 [253208.107870] [<c015bf8c>] ? kthread+0x7c/0x90 [253208.107873] [<c015bf10>] ? kthread+0x0/0x90 [253208.107877] [<c0104007>] ? kernel_thread_helper+0x7/0x10 [253208.107878] Code: 55 b4 8b 40 64 0f c8 89 45 f0 8d 45 f0 89 45 e4 8d 45 e4 c7 45 e8 04 00 00 00 e8 31 cf fc ff 8b 55 ac 8d 4d dc 89 75 dc 89 55 e0 <8b> 43 10 8d 55 b4 e8 2a 11 00 00 3d 00 00 0c 00 74 6b 85 c0 75 [253208.107898] EIP: [<fb27d24b>] gss_validate+0x7b/0x1d0 [auth_rpcgss] SS:ESP 0068:f64f7e40 [253208.107906] CR2: 0000000000000010 [253208.107909] ---[ end trace ad285e035a384c60 ]---
2009-12-05 01:23:14	Launchpad Janitor	branch linked		lp:ubuntu/linux-mvl-dove
2009-12-05 01:38:14	Launchpad Janitor	branch linked		lp:ubuntu/linux-fsl-imx51
2009-12-10 16:18:29	Martin Pitt	tags	2.6.31.6	2.6.31.6 verification-needed
2009-12-14 07:56:53	Martin Pitt	tags	2.6.31.6 verification-needed	2.6.31.6 verification-done
2010-01-06 15:14:28	Launchpad Janitor	linux (Ubuntu Karmic): status	Fix Committed	Fix Released
2010-01-06 15:14:28	Launchpad Janitor	cve linked		2009-3612
2010-01-06 15:14:28	Launchpad Janitor	cve linked		2009-3621
2011-02-03 12:54:25	Bug Watch Updater	linux: importance	Unknown	Medium
2011-02-03 14:28:51	yaplik	removed subscriber yaplik

Ubuntulinux package

Activity log for bug #459265

Ubuntu
linux package