| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Jul 2013 10:56:14 -0400
From: Nick Bowler <nbowler@...iptictech.com>
To: linux-kernel@...r.kernel.org, linux-nfs@...r.kernel.org
Subject: PROBLEM: NFS crash in Linux 3.10.2
Hi folks,
I tried booting 3.10.2 today, and hit the following NFS crash a few
seconds after logging in. On a subsequent boot, I was not able to
crash the kernel again after several minutes of usage. This machine
has user home directories NFS-mounted.
I did not have any crashes with 3.9, so this may be a regression. But
since I was not able to reliably reproduce the issue, it would be hard
to bisect.
Full log attached (gzipped).
[ 64.217241] BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
[ 64.217330] IP: [<ffffffffa02ddd48>] nlmclnt_setlockargs+0x50/0xca [lockd]
[ 64.217403] PGD 0
[ 64.217416] Oops: 0000 [#1] PREEMPT SMP
[ 64.217454] Modules linked in: nfsv3 nfs_acl nfs bridge stp llc it87 hwmon_vid coretemp hwmon autofs4 nfsd exportfs lockd sunrpc ipv6 iptable_filter iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack ip_tables x_tables snd_hda_codec_hdmi snd_hda_codec_realtek snd_hda_intel snd_hda_codec snd_hwdep snd_pcm snd_page_alloc snd_timer snd soundcore usb_storage sr_mod cdrom loop tun acpi_cpufreq mperf arc4 rt2800pci eeprom_93cx6 rt2x00pci rt2800lib crc_ccitt rt2x00mmio rt2x00lib mac80211 cfg80211 e1000e ptp pps_core
[ 64.218124] CPU: 0 PID: 2803 Comm: zsh Not tainted 3.10.2 #318
[ 64.218124] Hardware name: Acer Aspire X3810/WG43M, BIOS P01-A0 04/03/2009
[ 64.218124] task: ffff880133b8ad40 ti: ffff88012f4bc000 task.ti: ffff88012f4bc000
[ 64.218124] RIP: 0010:[<ffffffffa02ddd48>] [<ffffffffa02ddd48>] nlmclnt_setlockargs+0x50/0xca [lockd]
[ 64.218124] RSP: 0018:ffff88012f4bdc48 EFLAGS: 00010286
[ 64.218124] RAX: ffff880133b8ad40 RBX: ffff88012f695800 RCX: 0000000000000000
[ 64.218124] RDX: 0000000000000000 RSI: 000000000000004a RDI: ffff88012f695b54
[ 64.218124] RBP: ffff88012f4bdc58 R08: ffff88012f695800 R09: 7fffffffffffffff
[ 64.218124] R10: ffff88013a903b10 R11: ffff88013a903b00 R12: ffff88012f4bdd58
[ 64.218124] R13: ffff8801302df9c8 R14: ffff8801302df800 R15: 0000000000000007
[ 64.218124] FS: 0000000000000000(0000) GS:ffff88013fc00000(0000) knlGS:0000000000000000
[ 64.218124] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 64.218124] CR2: 0000000000000008 CR3: 000000000160b000 CR4: 00000000000407f0
[ 64.218124] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 64.218124] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 64.218124] Stack:
[ 64.218124] ffff88012f4bdd58 ffff88012f695800 ffff88012f4bdcd8 ffffffffa02de094
[ 64.218124] ffff88012f4bdc88 0000000000000000 ffff88012f4cb400 ffffffff810b9e04
[ 64.218124] ffff88013fc14460 00000000000368a8 ffff8801302df9b8 ffff88013a903b00
[ 64.218124] Call Trace:
[ 64.218124] [<ffffffffa02de094>] nlmclnt_proc+0x1e6/0x5f5 [lockd]
[ 64.218124] [<ffffffff810b9e04>] ? kfree+0x8d/0xf0
[ 64.218124] [<ffffffffa039411a>] nfs3_proc_lock+0x1c/0x1e [nfsv3]
[ 64.218124] [<ffffffffa036365a>] do_unlk+0x88/0xa4 [nfs]
[ 64.218124] [<ffffffffa03637c3>] nfs_flock+0x61/0x6a [nfs]
[ 64.218124] [<ffffffff810f339f>] locks_remove_flock+0x99/0x10e
[ 64.218124] [<ffffffff810be209>] __fput+0xb4/0x1d4
[ 64.218124] [<ffffffff810be332>] ____fput+0x9/0xb
[ 64.218124] [<ffffffff81043cda>] task_work_run+0x7e/0x94
[ 64.218124] [<ffffffff81030d06>] do_exit+0x38b/0x8a2
[ 64.218124] [<ffffffff810386d2>] ? __set_task_blocked+0x61/0x68
[ 64.218124] [<ffffffff810be73b>] ? fput+0x13/0xbf
[ 64.218124] [<ffffffff8103139f>] do_group_exit+0x71/0x99
[ 64.218124] [<ffffffff810313d9>] SyS_exit_group+0x12/0x12
[ 64.218124] [<ffffffff81385352>] system_call_fastpath+0x16/0x1b
[ 64.218124] Code: 00 00 65 48 8b 04 25 40 b8 00 00 48 8b 72 20 48 81 ee 70 01 00 00 f3 a4 48 8d bb 54 03 00 00 be 4a 00 00 00 48 8b 90 50 05 00 00 <48> 8b 52 08 48 89 bb d0 00 00 00 48 83 c2 45 48 89 53 38 48 8b
[ 64.218124] RIP [<ffffffffa02ddd48>] nlmclnt_setlockargs+0x50/0xca [lockd]
[ 64.218124] RSP <ffff88012f4bdc48>
[ 64.218124] CR2: 0000000000000008
[ 64.236645] ---[ end trace 2fe8ddfc44039798 ]---
Thanks,
--
Nick Bowler, Elliptic Technologies (http://www.elliptictech.com/)
Download attachment "crash.log.gz" of type "application/octet-stream" (13377 bytes)
Powered by blists - more mailing lists