Ubuntu
linux package

Comment 0 for bug 1038075

Revision history for this message

Reinhard Tartler (siretart) wrote on 2012-08-17: [Overlayfs] kernel OOPS with NFS

Scenario: booting from a read-only nfsroot share by using a tmpfs overlay

This is used e.g. by the fai package, which uses the live-boot package to create such an initramfs.

Test Case:

modprobe overlayfs
mkdir /tmp/live /tmp/root
mount -t nfs -o ro 192.168.42.40:/srv/fai/nfsroot.quantal64 /mnt
mount -t overlayfs -o noatime,lowerdir=/mnt,upperdir=/tmp/live overlayfs /tmp/root
# the mount command succeeds! - However using the mount point breaks:
# find /tmp/root
/tmp/root
Killed

Dmesg shows this kernel trace:
Aug 17 14:58:04 faui49i kernel: [ 1071.305101] BUG: unable to handle kernel NULL pointer dereference at 0000000000000038
Aug 17 14:58:04 faui49i kernel: [ 1071.306733] IP: [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.308449] PGD c5697067 PUD c570c067 PMD 0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Oops: 0000 [#1] SMP
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CPU 1
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Modules linked in: overlayfs autofs4 bnep rfcomm bluetooth lp snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec i915 snd_hwdep snd_pcm drm_kms_helper snd_seq_midi drm coretemp snd_rawmidi snd_seq_midi_event snd_seq snd_timer kvm_intel snd_seq_device i2c_algo_bit kvm snd hid_generic tpm_infineon soundcore snd_page_alloc mei lpc_ich video microcode tpm_tis mac_hid ppdev parport_pc parport serio_raw nfsd nfs lockd fscache auth_rpcgss nfs_acl binfmt_misc sunrpc psmouse usbhid hid usbkbd raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov usb_storage e1000e floppy raid6_pq async_tx raid1 raid0 multipath linear
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Pid: 3543, comm: find Not tainted 3.5.0-10-generic #10-Ubuntu FUJITSU ESPRIMO P7935 /D2812-A2
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RIP: 0010:[<ffffffffa01a2a71>] [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RSP: 0018:ffff8800c5773b48 EFLAGS: 00010286
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RAX: ffffffffa01cf580 RBX: ffff8800c5dc4b40 RCX: 0000000000000020
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RDX: ffff8800c5dc4038 RSI: 0000000000000000 RDI: ffff8800c5dc4b40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RBP: ffff8800c5773b88 R08: 656c6f006576696c R09: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] R10: ffff8800c5dc4b40 R11: ffffffffa01b5aa0 R12: ffff8800cb6cc600
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] R13: ffff8800c5773bd8 R14: 0000000000000000 R15: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] FS: 00007f42c1f2d700(0000) GS:ffff88010dc80000(0000) knlGS:0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CR2: 0000000000000038 CR3: 00000000cb26b000 CR4: 00000000000407e0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Process find (pid: 3543, threadinfo ffff8800c5772000, task ffff8800cb340000)
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Stack:
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] 0000000000000000 0000000000000000 ffff8800c5773b88 ffff8800c5dc4b40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] ffff8800cb6cc600 ffff8800c5773bd8 0000000000000000 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] ffff8800c5773bc8 ffffffff8118c79c 0000000000000000 ffff8800c5dc403c
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Call Trace:
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8118c79c>] __lookup_hash+0xac/0x120
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8118d606>] lookup_one_len+0xd6/0x110
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffffa0498b17>] ovl_lookup+0x187/0x3d0 [overlayfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff816808ee>] ? _raw_spin_lock+0xe/0x20
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8118c751>] __lookup_hash+0x61/0x120
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8118eaf9>] ? lookup_fast+0x219/0x310
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8167678e>] lookup_slow+0x47/0xab
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81190d48>] path_lookupat+0x6f8/0x720
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffffa01a2692>] ? nfs_readdir+0x322/0x510 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8116dd81>] ? kmem_cache_alloc+0x31/0x130
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81190da1>] do_path_lookup+0x31/0xc0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8118c9a3>] ? getname_flags+0x53/0xf0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8119190d>] user_path_at_empty+0x5d/0xa0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff811a035f>] ? mntput_no_expire+0x10f/0x160
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff811a03d4>] ? mntput+0x24/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8116e04c>] ? kfree+0x2c/0x110
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81191961>] user_path_at+0x11/0x20
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81186a75>] vfs_fstatat+0x35/0x70
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff811a03d4>] ? mntput+0x24/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff811832f2>] ? fput+0x1a2/0x260
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81186d9a>] sys_newfstatat+0x1a/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8117f856>] ? filp_close+0x66/0xa0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff8117fcfe>] ? sys_close+0x9e/0x100
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] [<ffffffff81688b69>] system_call_fastpath+0x16/0x1b
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Code: ff ff 0f 1f 84 00 00 00 00 00 55 48 89 e5 48 83 ec 40 48 89 5d d8 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0 4c 89 7d f8 66 66 66 66 90 <f6> 46 38 40 b8 f6 ff ff ff 49 89 fd 49 89 f7 0f 85 c4 00 00 00
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RIP [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RSP <ffff8800c5773b48>
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CR2: 0000000000000038
Aug 17 14:58:04 faui49i kernel: [ 1071.524837] ---[ end trace ec832cdfc17d33d8 ]---

Scenario: booting from a read-only nfsroot share by using a tmpfs overlay

This is used e.g. by the fai package, which uses the live-boot package to create such an initramfs.

Test Case:

Dmesg shows this kernel trace:
Aug 17 14:58:04 faui49i kernel: [ 1071.305101] BUG: unable to handle kernel NULL pointer dereference at 0000000000000038
Aug 17 14:58:04 faui49i kernel: [ 1071.306733] IP: [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.308449] PGD c5697067 PUD c570c067 PMD 0 
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Oops: 0000 [#1] SMP 
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CPU 1 
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Modules linked in: overlayfs autofs4 bnep rfcomm bluetooth lp snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec i915 snd_hwdep snd_pcm drm_kms_helper snd_seq_midi drm coretemp snd_rawmidi snd_seq_midi_event snd_seq snd_timer kvm_intel snd_seq_device i2c_algo_bit kvm snd hid_generic tpm_infineon soundcore snd_page_alloc mei lpc_ich video microcode tpm_tis mac_hid ppdev parport_pc parport serio_raw nfsd nfs lockd fscache auth_rpcgss nfs_acl binfmt_misc sunrpc psmouse usbhid hid usbkbd raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov usb_storage e1000e floppy raid6_pq async_tx raid1 raid0 multipath linear
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] 
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Pid: 3543, comm: find Not tainted 3.5.0-10-generic #10-Ubuntu FUJITSU                          ESPRIMO P7935                 /D2812-A2
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RIP: 0010:[<ffffffffa01a2a71>]  [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RSP: 0018:ffff8800c5773b48  EFLAGS: 00010286
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RAX: ffffffffa01cf580 RBX: ffff8800c5dc4b40 RCX: 0000000000000020
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RDX: ffff8800c5dc4038 RSI: 0000000000000000 RDI: ffff8800c5dc4b40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RBP: ffff8800c5773b88 R08: 656c6f006576696c R09: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] R10: ffff8800c5dc4b40 R11: ffffffffa01b5aa0 R12: ffff8800cb6cc600
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] R13: ffff8800c5773bd8 R14: 0000000000000000 R15: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] FS:  00007f42c1f2d700(0000) GS:ffff88010dc80000(0000) knlGS:0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CR2: 0000000000000038 CR3: 00000000cb26b000 CR4: 00000000000407e0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Process find (pid: 3543, threadinfo ffff8800c5772000, task ffff8800cb340000)
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Stack:
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  0000000000000000 0000000000000000 ffff8800c5773b88 ffff8800c5dc4b40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  ffff8800cb6cc600 ffff8800c5773bd8 0000000000000000 0000000000000000
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  ffff8800c5773bc8 ffffffff8118c79c 0000000000000000 ffff8800c5dc403c
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Call Trace:
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8118c79c>] __lookup_hash+0xac/0x120
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8118d606>] lookup_one_len+0xd6/0x110
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffffa0498b17>] ovl_lookup+0x187/0x3d0 [overlayfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff816808ee>] ? _raw_spin_lock+0xe/0x20
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8118c751>] __lookup_hash+0x61/0x120
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8118eaf9>] ? lookup_fast+0x219/0x310
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8167678e>] lookup_slow+0x47/0xab
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81190d48>] path_lookupat+0x6f8/0x720
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffffa01a2692>] ? nfs_readdir+0x322/0x510 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8116dd81>] ? kmem_cache_alloc+0x31/0x130
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81190da1>] do_path_lookup+0x31/0xc0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8118c9a3>] ? getname_flags+0x53/0xf0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8119190d>] user_path_at_empty+0x5d/0xa0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff811a035f>] ? mntput_no_expire+0x10f/0x160
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff811a03d4>] ? mntput+0x24/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8116e04c>] ? kfree+0x2c/0x110
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81191961>] user_path_at+0x11/0x20
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81186a75>] vfs_fstatat+0x35/0x70
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff811a03d4>] ? mntput+0x24/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff811832f2>] ? fput+0x1a2/0x260
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81186d9a>] sys_newfstatat+0x1a/0x40
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8117f856>] ? filp_close+0x66/0xa0
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff8117fcfe>] ? sys_close+0x9e/0x100
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  [<ffffffff81688b69>] system_call_fastpath+0x16/0x1b
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] Code: ff ff 0f 1f 84 00 00 00 00 00 55 48 89 e5 48 83 ec 40 48 89 5d d8 4c 89 65 e0 4c 89 6d e8 4c 89 75 f0 4c 89 7d f8 66 66 66 66 90 <f6> 46 38 40 b8 f6 ff ff ff 49 89 fd 49 89 f7 0f 85 c4 00 00 00 
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] RIP  [<ffffffffa01a2a71>] nfs_lookup_revalidate+0x21/0x3a0 [nfs]
Aug 17 14:58:04 faui49i kernel: [ 1071.309061]  RSP <ffff8800c5773b48>
Aug 17 14:58:04 faui49i kernel: [ 1071.309061] CR2: 0000000000000038
Aug 17 14:58:04 faui49i kernel: [ 1071.524837] ---[ end trace ec832cdfc17d33d8 ]---

Ubuntulinux package

Comment 0 for bug 1038075

Ubuntu
linux package