Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Frank: I think it's better to file a new bug about this. Do include the actual log message. I'm looking at the source code for 3.13.0-66.108 and the fix is still in place, so it can't be *exactly* the same problem as before. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in linux package in Ubuntu: Invalid Status in linux source package in Lucid: Invalid Status in linux source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Invalid Status in linux package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., "rpcinfo -u localhost nfs 3" hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl->a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call ->set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[] [] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] []
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Issue seems to be reintroduced. Mounts in 3.13.0-66-generic fail again with the same error messages as reported in this issue. In 3.13.0-62-generic everything seems well. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in linux package in Ubuntu: Invalid Status in linux source package in Lucid: Invalid Status in linux source package in Precise: Fix Released Status in linux source package in Trusty: Fix Released Status in linux source package in Utopic: Invalid Status in linux package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., "rpcinfo -u localhost nfs 3" hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl->a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call ->set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[] [] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel:
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug was fixed in the package linux - 3.2.0-70.105 --- linux (3.2.0-70.105) precise; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - re-used previous tracking bug [ Upstream Kernel Changes ] * udf: Avoid infinite loop when processing indirect ICBs - LP: #1370042 - CVE-2014-6410 linux (3.2.0-70.104) precise; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1372522 [ Tim Gardner ] * SAUCE: Fix nfs oops stable regression - LP: #1348670 * [Config] updateconfigs - LP: #1369711 [ Upstream Kernel Changes ] * Revert x86-64, modify_ldt: Make support for 16-bit segments a runtime option - LP: #1369711 * KVM: x86: Inter-privilege level ret emulation is not implemeneted - LP: #1369711 * ASoC: samsung: Correct I2S DAI suspend/resume ops - LP: #1369711 * block: don't assume last put of shared tags is for the host - LP: #1369711 * stable_kernel_rules: Add pointer to netdev-FAQ for network patches - LP: #1369711 * debugfs: Fix corrupted loop in debugfs_remove_recursive - LP: #1369711 * serial: core: Preserve termios c_cflag for console resume - LP: #1369711 * tda10071: force modulation to QPSK on DVB-S - LP: #1369711 * gspca_pac7302: Add new usb-id for Genius i-Look 317 - LP: #1369711 * mtd/ftl: fix the double free of the buffers allocated in build_maps() - LP: #1369711 * x86: don't exclude low BIOS area when allocating address space for non-PCI cards - LP: #1369711 * Bluetooth: never linger on process exit - LP: #1369711 * scsi: handle flush errors properly - LP: #1369711 * USB: OHCI: don't lose track of EDs when a controller dies - LP: #1369711 * ahci: add support for the Promise FastTrak TX8660 SATA HBA (ahci mode) - LP: #1369711 * usbcore: don't log on consecutive debounce failures of the same port - LP: #1369711 * USB: Fix persist resume of some SS USB devices - LP: #1369711 * drm/radeon: fix irq ring buffer overflow handling - LP: #1369711 * hwmon: (smsc47m192) Fix temperature limit and vrm write operations - LP: #1369711 * staging: vt6655: Fix Warning on boot handle_irq_event_percpu. - LP: #1369711 * staging: vt6655: Fix disassociated messages every 10 seconds - LP: #1369711 * bfa: Fix undefined bit shift on big-endian architectures with 32-bit DMA address - LP: #1369711 * hpsa: fix bad -ENOMEM return value in hpsa_big_passthru_ioctl - LP: #1369711 * Drivers: scsi: storvsc: Implement a eh_timed_out handler - LP: #1369711 * Fix gcc-4.9.0 miscompilation of load_balance() in scheduler - LP: #1369711 * iommu/vt-d: Exclude devices using RMRRs from IOMMU API domains - LP: #1369711 * net: sendmsg: fix NULL pointer dereference - LP: #1369711 * tpm: Provide a generic means to override the chip returned timeouts - LP: #1369711 * hwmon: (ads1015) Fix off-by-one for valid channel index checking - LP: #1369711 * MIPS: tlbex: Fix a missing statement for HUGETLB - LP: #1369711 * MIPS: Prevent user from setting FCSR cause bits - LP: #1369711 * mm, thp: do not allow thp faults to avoid cpuset restrictions - LP: #1369711 * md/raid1,raid10: always abort recover on write error. - LP: #1369711 * ext4: cleanup in ext4_discard_allocated_blocks() - LP: #1369711 * ext4: fix ext4_discard_allocated_blocks() if we can't allocate the pa struct - LP: #1369711 * hwmon: (lm85) Fix various errors on attribute writes - LP: #1369711 * hwmon: (lm78) Fix overflow problems seen when writing large temperature limits - LP: #1369711 * hwmon: (amc6821) Fix return value - LP: #1369711 * hwmon: (amc6821) Fix possible race condition bug - LP: #1369711 * MIPS: GIC: Prevent array overrun - LP: #1369711 * crypto: af_alg - properly label AF_ALG socket - LP: #1369711 * mnt: Change the default remount atime from relatime to the existing value - LP: #1369711 * ARM: OMAP3: Fix choice of omap3_restore_es function in OMAP34XX rev3.1.2 case. - LP: #1369711 * netlabel: use GFP flags from caller instead of GFP_ATOMIC - LP: #1369711 * netlabel: fix a problem when setting bits below the previously lowest bit - LP: #1369711 * USB: serial: ftdi_sio: Annotate the current Xsens PID assignments - LP: #1369711 * USB: serial: ftdi_sio: Add support for new Xsens devices - LP: #1369711 * ALSA: virtuoso: Xonar DSX support - LP: #1369711 * ALSA: virtuoso: add Xonar Essence STX II support - LP: #1369711 * hwmon: (gpio-fan) Prevent overflow problem when writing large limits - LP: #1369711 * hwmon: (sis5595) Prevent overflow problem when writing large limits - LP: #1369711 * drm/ttm: Fix possible stack overflow by recursive shrinker calls. - LP: #1369711 * powerpc/mm/numa: Fix break placement - LP: #1369711 * drm/radeon: load the lm63 driver for an
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug was fixed in the package linux - 3.13.0-37.64 --- linux (3.13.0-37.64) trusty; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1372576 [ dann frazier ] * [Config] CONFIG_HW_RANDOM_XGENE=m on arm64 [ Edward Lin ] * SAUCE: Add use_native_backlight quirk for Dell Inspiron 5721/3521 - LP: #1354253, #1354313 [ Tim Gardner ] * SAUCE: Fix nfs oops stable regression - LP: #1348670 * [Config] Add mpt3sas to d-i - LP: #1368907 * [Config] CONFIG_X86_16BIT=y - LP: #1371601 [ Timo Aaltonen ] * SAUCE: i915_bdw: Rebase to v3.15.8 - LP: #1359213 [ Upstream Kernel Changes ] * Revert x86-64, modify_ldt: Make support for 16-bit segments a runtime option - LP: #1371601 * mmc: rtsx: add R1-no-CRC mmc command type handle - LP: #1365378 * rpc_pipe: remove the clntXX dir if creating the pipe fails - LP: #1365869 * sunrpc: add an info file for the dummy gssd pipe - LP: #1365869 * rpc_pipe: fix cleanup of dummy gssd directory when notification fails - LP: #1365869 * hwrng: xgene - add support for APM X-Gene SoC RNG support - LP: #1365593 * Documentation: rng: Add X-Gene SoC RNG driver documentation - LP: #1365593 * arm64: dts: add random number generator dts node to APM X-Gene platform. - LP: #1365593 * xen/balloon: cancel ballooning if adding new memory failed - LP: #1304001 * x86/xen: resume timer irqs early - LP: #1368724 * xen/manage: Always freeze/thaw processes when suspend/resuming - LP: #1368724 * scsi_transport_sas: move bsg destructor into sas_rphy_remove - LP: #1368991 * drm/i915: Enable 5.4Ghz (HBR2) link rate for Displayport 1.2-capable devices - LP: #1369633 * bnx2x: Fix link for KR with swapped polarity lane - LP: #1370716 * drm: add DRM_CAPs for cursor size - LP: #1359213 * drm/dp: Add AUX channel infrastructure - LP: #1359213 * drm/dp: Add drm_dp_dpcd_read_link_status() - LP: #1359213 * drm/dp: Add DisplayPort link helpers - LP: #1359213 * drm/dp: Allow registering AUX channels as I2C busses - LP: #1359213 * drm/dp: let drivers specify the name of the I2C-over-AUX adapter - LP: #1359213 * drm/dp: make aux retries less chatty - LP: #1359213 * Bluetooth: Enable Atheros 0cf3:311e for firmware upload - LP: #1371477 * bnx2x: fix crash during TSO tunneling - LP: #1371601 * inetpeer: get rid of ip_id_count - LP: #1371601 * ip: make IP identifiers less predictable - LP: #1371601 * tcp: Fix integer-overflows in TCP veno - LP: #1371601 * tcp: Fix integer-overflow in TCP vegas - LP: #1371601 * macvlan: Initialize vlan_features to turn on offload support. - LP: #1371601 * net: Correctly set segment mac_len in skb_segment(). - LP: #1371601 * iovec: make sure the caller actually wants anything in memcpy_fromiovecend - LP: #1371601 * batman-adv: Fix out-of-order fragmentation support - LP: #1371601 * sctp: fix possible seqlock seadlock in sctp_packet_transmit() - LP: #1371601 * sparc64: Fix argument sign extension for compat_sys_futex(). - LP: #1371601 * sparc64: Make itc_sync_lock raw - LP: #1371601 * sparc64: Fix executable bit testing in set_pmd_at() paths. - LP: #1371601 * sparc64: Fix huge PMD invalidation. - LP: #1371601 * sparc64: Fix bugs in get_user_pages_fast() wrt. THP. - LP: #1371601 * sparc64: Fix hex values in comment above pte_modify(). - LP: #1371601 * sparc64: Don't use _PAGE_PRESENT in pte_modify() mask. - LP: #1371601 * sparc64: Handle 32-bit tasks properly in compute_effective_address(). - LP: #1371601 * sparc64: Fix top-level fault handling bugs. - LP: #1371601 * sparc64: Fix range check in kern_addr_valid(). - LP: #1371601 * sparc64: Use 'ILOG2_4MB' instead of constant '22'. - LP: #1371601 * sparc64: Add basic validations to {pud,pmd}_bad(). - LP: #1371601 * sparc64: Give more detailed information in {pgd,pmd}_ERROR() and kill pte_ERROR(). - LP: #1371601 * sparc64: Don't bark so loudly about 32-bit tasks generating 64-bit fault addresses. - LP: #1371601 * sparc64: Fix huge TSB mapping on pre-UltraSPARC-III cpus. - LP: #1371601 * sparc64: Add membar to Niagara2 memcpy code. - LP: #1371601 * sparc64: Do not insert non-valid PTEs into the TSB hash table. - LP: #1371601 * sparc64: Guard against flushing openfirmware mappings. - LP: #1371601 * bbc-i2c: Fix BBC I2C envctrl on SunBlade 2000 - LP: #1371601 * sunsab: Fix detection of BREAK on sunsab serial console - LP: #1371601 * sparc64: ldc_connect() should not return EINVAL when handshake is in progress. - LP: #1371601 * arch/sparc/math-emu/math_32.c: drop stray break operator - LP: #1371601 * x86-64, espfix: Don't leak bits 31:16 of %esp returning to 16-bit stack - LP: #1371601 * x86, espfix: Move espfix
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug was fixed in the package linux - 3.2.0-70.105 --- linux (3.2.0-70.105) precise; urgency=low [ Kamal Mostafa ] * Release Tracking Bug - re-used previous tracking bug [ Upstream Kernel Changes ] * udf: Avoid infinite loop when processing indirect ICBs - LP: #1370042 - CVE-2014-6410 linux (3.2.0-70.104) precise; urgency=low [ Joseph Salisbury ] * Release Tracking Bug - LP: #1372522 [ Tim Gardner ] * SAUCE: Fix nfs oops stable regression - LP: #1348670 * [Config] updateconfigs - LP: #1369711 [ Upstream Kernel Changes ] * Revert x86-64, modify_ldt: Make support for 16-bit segments a runtime option - LP: #1369711 * KVM: x86: Inter-privilege level ret emulation is not implemeneted - LP: #1369711 * ASoC: samsung: Correct I2S DAI suspend/resume ops - LP: #1369711 * block: don't assume last put of shared tags is for the host - LP: #1369711 * stable_kernel_rules: Add pointer to netdev-FAQ for network patches - LP: #1369711 * debugfs: Fix corrupted loop in debugfs_remove_recursive - LP: #1369711 * serial: core: Preserve termios c_cflag for console resume - LP: #1369711 * tda10071: force modulation to QPSK on DVB-S - LP: #1369711 * gspca_pac7302: Add new usb-id for Genius i-Look 317 - LP: #1369711 * mtd/ftl: fix the double free of the buffers allocated in build_maps() - LP: #1369711 * x86: don't exclude low BIOS area when allocating address space for non-PCI cards - LP: #1369711 * Bluetooth: never linger on process exit - LP: #1369711 * scsi: handle flush errors properly - LP: #1369711 * USB: OHCI: don't lose track of EDs when a controller dies - LP: #1369711 * ahci: add support for the Promise FastTrak TX8660 SATA HBA (ahci mode) - LP: #1369711 * usbcore: don't log on consecutive debounce failures of the same port - LP: #1369711 * USB: Fix persist resume of some SS USB devices - LP: #1369711 * drm/radeon: fix irq ring buffer overflow handling - LP: #1369711 * hwmon: (smsc47m192) Fix temperature limit and vrm write operations - LP: #1369711 * staging: vt6655: Fix Warning on boot handle_irq_event_percpu. - LP: #1369711 * staging: vt6655: Fix disassociated messages every 10 seconds - LP: #1369711 * bfa: Fix undefined bit shift on big-endian architectures with 32-bit DMA address - LP: #1369711 * hpsa: fix bad -ENOMEM return value in hpsa_big_passthru_ioctl - LP: #1369711 * Drivers: scsi: storvsc: Implement a eh_timed_out handler - LP: #1369711 * Fix gcc-4.9.0 miscompilation of load_balance() in scheduler - LP: #1369711 * iommu/vt-d: Exclude devices using RMRRs from IOMMU API domains - LP: #1369711 * net: sendmsg: fix NULL pointer dereference - LP: #1369711 * tpm: Provide a generic means to override the chip returned timeouts - LP: #1369711 * hwmon: (ads1015) Fix off-by-one for valid channel index checking - LP: #1369711 * MIPS: tlbex: Fix a missing statement for HUGETLB - LP: #1369711 * MIPS: Prevent user from setting FCSR cause bits - LP: #1369711 * mm, thp: do not allow thp faults to avoid cpuset restrictions - LP: #1369711 * md/raid1,raid10: always abort recover on write error. - LP: #1369711 * ext4: cleanup in ext4_discard_allocated_blocks() - LP: #1369711 * ext4: fix ext4_discard_allocated_blocks() if we can't allocate the pa struct - LP: #1369711 * hwmon: (lm85) Fix various errors on attribute writes - LP: #1369711 * hwmon: (lm78) Fix overflow problems seen when writing large temperature limits - LP: #1369711 * hwmon: (amc6821) Fix return value - LP: #1369711 * hwmon: (amc6821) Fix possible race condition bug - LP: #1369711 * MIPS: GIC: Prevent array overrun - LP: #1369711 * crypto: af_alg - properly label AF_ALG socket - LP: #1369711 * mnt: Change the default remount atime from relatime to the existing value - LP: #1369711 * ARM: OMAP3: Fix choice of omap3_restore_es function in OMAP34XX rev3.1.2 case. - LP: #1369711 * netlabel: use GFP flags from caller instead of GFP_ATOMIC - LP: #1369711 * netlabel: fix a problem when setting bits below the previously lowest bit - LP: #1369711 * USB: serial: ftdi_sio: Annotate the current Xsens PID assignments - LP: #1369711 * USB: serial: ftdi_sio: Add support for new Xsens devices - LP: #1369711 * ALSA: virtuoso: Xonar DSX support - LP: #1369711 * ALSA: virtuoso: add Xonar Essence STX II support - LP: #1369711 * hwmon: (gpio-fan) Prevent overflow problem when writing large limits - LP: #1369711 * hwmon: (sis5595) Prevent overflow problem when writing large limits - LP: #1369711 * drm/ttm: Fix possible stack overflow by recursive shrinker calls. - LP: #1369711 * powerpc/mm/numa: Fix break placement - LP: #1369711 * drm/radeon: load the lm63 driver for an
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Tags removed: verification-needed-precise ** Tags added: verification-done-precise -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Same error with new kernel. It was fine and working without a hick up and today the same issue reverted. 16:01:16 up 6 days Using 3.2.0-69-generic #103-Ubuntu SMP Tue Sep 2 05:02:14 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux ii linux-image-3.2.0-69-generic3.2.0-69.103 Linux kernel image for version 3.2.0 on 64 bit x86 SMP ii linux-image-server 3.2.0.69.82 Linux kernel image on Server Equipment. Oct 2 15:54:29 barbarela kernel: [528230.139053] BUG: unable to handle kernel NULL pointer dereference at 0010 Oct 2 15:54:29 barbarela kernel: [528230.139091] IP: [a03fb451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.139129] PGD 415158067 PUD 415159067 PMD 0 Oct 2 15:54:29 barbarela kernel: [528230.139157] Oops: [#19] SMP Oct 2 15:54:29 barbarela kernel: [528230.139176] CPU 1 Oct 2 15:54:29 barbarela kernel: [528230.139185] Modules linked in: it87(O) vboxpci(O) vboxnetadp(O) vboxnetflt(O) vboxdrv(O) pci_stub nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc dm_crypt snd_hda_codec_hdmi snd_hda_intel snd_hda_codec psmouse edac_core lp edac_mce_amd parport sp5100_tco i2c_piix4 mac_hid k10temp serio_raw snd_hwdep snd_pcm snd_timer snd soundcore snd_page_alloc bonding hwmon_vid fam15h_power raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear raid10 nouveau ttm drm_kms_helper drm i2c_algo_bit mxm_wmi pata_atiixp r8169 video wmi [last unloaded: vboxdrv] Oct 2 15:54:29 barbarela kernel: [528230.139546] Oct 2 15:54:29 barbarela kernel: [528230.139557] Pid: 4409, comm: nfsd Tainted: G DO 3.2.0-69-generic #103-Ubuntu Gigabyte Technology Co., Ltd. GA-970A-DS3/GA-970A-DS3 Oct 2 15:54:29 barbarela kernel: [528230.139596] RIP: 0010:[a03fb451] [a03fb451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.139629] RSP: 0018:8801bdc29ce0 EFLAGS: 00010282 Oct 2 15:54:29 barbarela kernel: [528230.139644] RAX: 4000 RBX: 88000381f480 RCX: 02ae378f Oct 2 15:54:29 barbarela kernel: [528230.139661] RDX: a0422374 RSI: RDI: 88000381f480 Oct 2 15:54:29 barbarela kernel: [528230.139678] RBP: 8801bdc29d10 R08: ea000a1463c0 R09: a03fb4af Oct 2 15:54:29 barbarela kernel: [528230.139695] R10: 88028518f500 R11: 4004 R12: Oct 2 15:54:29 barbarela kernel: [528230.139711] R13: 88001555bb20 R14: R15: 8800a86b2180 Oct 2 15:54:29 barbarela kernel: [528230.139730] FS: 7fc55e013700() GS:88043ec4() knlGS: Oct 2 15:54:29 barbarela kernel: [528230.140874] CS: 0010 DS: ES: CR0: 8005003b Oct 2 15:54:29 barbarela kernel: [528230.142016] CR2: 0010 CR3: 00038bac3000 CR4: 000406e0 Oct 2 15:54:29 barbarela kernel: [528230.142956] DR0: DR1: DR2: Oct 2 15:54:29 barbarela kernel: [528230.142956] DR3: DR6: 0ff0 DR7: 0400 Oct 2 15:54:29 barbarela kernel: [528230.142956] Process nfsd (pid: 4409, threadinfo 8801bdc28000, task 88007aa2ae00) Oct 2 15:54:29 barbarela kernel: [528230.142956] Stack: Oct 2 15:54:29 barbarela kernel: [528230.142956] 8800a86b2040 88000381f480 88001555bb20 Oct 2 15:54:29 barbarela kernel: [528230.142956] 8800a86b2180 8801bdc29d50 a03fc5e3 Oct 2 15:54:29 barbarela kernel: [528230.142956] 88028518f300 88001d0aa000 8800a86b2040 Oct 2 15:54:29 barbarela kernel: [528230.142956] Call Trace: Oct 2 15:54:29 barbarela kernel: [528230.142956] [a03fc5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a0409b74] nfsd4_setattr+0xd4/0x130 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a0408be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a03f7a4b] nfsd_dispatch+0xeb/0x230 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a02ef475] svc_process_common+0x345/0x690 [sunrpc] Oct 2 15:54:29 barbarela kernel: [528230.142956] [81060ad0] ? try_to_wake_up+0x200/0x200 Oct 2 15:54:29 barbarela kernel: [528230.142956] [a02efb12] svc_process+0x102/0x150 [sunrpc] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a03f71ad] nfsd+0xbd/0x160 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [a03f70f0] ? nfsd_startup+0xf0/0xf0 [nfsd] Oct 2 15:54:29 barbarela kernel: [528230.142956] [8108b96c] kthread+0x8c/0xa0 Oct 2 15:54:29 barbarela kernel: [528230.142956] [8166e3b4] kernel_thread_helper+0x4/0x10 Oct 2 15:54:29 barbarela
Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
* ScHRiLL [2014-10-02 14:01:59 +]: Same error with new kernel. It was fine and working without a hick up and today the same issue reverted. 16:01:16 up 6 days Please check changelog.Debian.gz before jumping to conclusions. The fix is not in #103 because it was committed too late in the cycle. Enable precise-proposed, install 70.105 and try again. Using 3.2.0-69-generic #103-Ubuntu SMP Tue Sep 2 05:02:14 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
I'm sorry, I've read that it didn't got into 68 and concluded it would be in 69. Will check now, tnx a bunch... -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- precise' to 'verification-done-precise'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-precise -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Branch linked: lp:ubuntu/trusty-proposed/linux-keystone -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Changed in: linux (Debian) Status: New = Fix Released -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: Fix Released Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed- trusty' to 'verification-done-trusty'. If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you! ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Branch linked: lp:ubuntu/precise-proposed/linux-lts-trusty -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74]
Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
* Joseph Salisbury [2014-09-03 19:46:04 +]: Also, has the patch in comment #12 been sent upstream for inclusion in the mainline/stable kernel? The affected code was refactored out of existence in kernel 3.14. As such, my patch is inapplicable to 3.14 and later. The replacement set_acl methods in the various filesystem drivers generally are coded to cope with a NULL argument; I didn't conduct an exhaustive search but I looked at a few and didn't notice anything problematic. Given the above, I see no need to actually test kernel 3.17. Will tag. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
I'm a bit confused by Tim's changes in #16. The bug affects kernels up to and including 3.13 (trusty). I'll take his word that it also affects lucid, but what does a status of Invalid mean? ** Tags removed: regression-update ** Tags added: regression-updatekernel-fixed-upstream ** Tags removed: regression-updatekernel-fixed-upstream ** Tags added: kernel-fixed-upstream regression-update -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel:
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Invalid for the development release is appropriate as this code was removed in v3.14 (you indicate). This looks applicable to P and T indeed. ** Also affects: linux (Ubuntu Precise) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Precise) Assignee: (unassigned) = Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Precise) Status: New = In Progress ** Also affects: linux (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Utopic) Importance: Medium Status: Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” source package in Precise: In Progress Status in “linux” source package in Trusty: New Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Changed in: linux (Ubuntu Precise) Status: In Progress = Fix Committed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: New Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Changed in: linux (Ubuntu Trusty) Status: New = Fix Committed ** Changed in: linux (Ubuntu Trusty) Assignee: (unassigned) = Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu Lucid) Status: In Progress = Invalid ** Changed in: linux (Ubuntu Lucid) Assignee: Tim Gardner (timg-tpi) = (unassigned) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: Invalid Status in “linux” source package in Precise: Fix Committed Status in “linux” source package in Trusty: Fix Committed Status in “linux” source package in Utopic: Invalid Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Would it be possible for you to test the latest upstream kernel? Refer to https://wiki.ubuntu.com/KernelMainlineBuilds . Please test the latest v3.17 kernel[0]. If this bug is fixed in the mainline kernel, please add the following tag 'kernel-fixed-upstream'. If the mainline kernel does not fix this bug, please add the tag: 'kernel-bug-exists-upstream'. If you are unable to test the mainline kernel, for example it will not boot, please add the tag: 'kernel-unable-to-test-upstream'. Once testing of the upstream kernel is complete, please mark this bug as Confirmed. Thanks in advance. [0] http://kernel.ubuntu.com/~kernel-ppa/mainline/v3.17-rc3-utopic/ -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Also, has the patch in comment #12 been sent upstream for inclusion in the mainline/stable kernel? ** Tags added: kernel-da-key -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel:
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
https://lists.ubuntu.com/archives/kernel-team/2014-September/048156.html ** Also affects: linux (Ubuntu Lucid) Importance: Undecided Status: New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Patch submitted to the k-team list ** Changed in: linux (Ubuntu Lucid) Status: New = In Progress ** Changed in: linux (Ubuntu Lucid) Assignee: (unassigned) = Tim Gardner (timg-tpi) ** Changed in: linux (Ubuntu) Status: Confirmed = Invalid -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Invalid Status in “linux” source package in Lucid: In Progress Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131]
Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
* Sergio Gelato [2014-08-22 07:29:32 -]: I'm now testing my one-line patch from comment #5 on top of 3.2.0-67.101 (amd64, generic kernel flavour). So far it doesn't seem to make things worse, but since I don't have a sure-fire way of triggering the bug it may take a while to get experimental confirmation that it cures the issue. I've now got 9 days of uptime on two NFS servers with that patch (both servers had been previously affected by the bug) without any trouble; not a single nfsd thread has been lost. Unfortunately the fix didn't make it into 3.2.0-68.102 so I'm having to build my own kernels once more. What are the chances of this fix (or an equivalent/better one, of course) being included in 3.2.63? I'm attaching the patch again in diff form for clarity and convenience. ** Patch added: nfsd-fix-acl-null-pointer-deref.patch https://bugs.launchpad.net/bugs/1348670/+attachment/4192076/+files/nfsd-fix-acl-null-pointer-deref.patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Tags added: patch -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0558a4b] nfsd_dispatch+0xeb/0x230 [nfsd] Jul 24 10:12:53 server kernel:
Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
I'm now testing my one-line patch from comment #5 on top of 3.2.0-67.101 (amd64, generic kernel flavour). So far it doesn't seem to make things worse, but since I don't have a sure-fire way of triggering the bug it may take a while to get experimental confirmation that it cures the issue. (I'm reasonably confident about it based on my reading of the source code, however. The various set_acl methods in 3.14 seem to be doing the same thing as that patch.) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Had the same problem and at the moment I worked around it by downgrading to linux-image-3.2.0-60-generic. Of course this is not a permanent solution, especially since I probably can not do the long expected upgrade from 12.04 to 14.04 until this is fixed. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24
Re: [Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
* Michiel [2014-08-07 10:58:29 -]: Any hints at a workaround in the meantime? It's especially nasty since a dead NFS server locks up the clients completely. I'd say either test my suggested patch (I'm on holiday and haven't gotten around to testing, but since it only modifies the code path that triggers the bug you should be pretty safe from side effects) or try nfsd.ko from an older kernel. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Any hints at a workaround in the meantime? It's especially nasty since a dead NFS server locks up the clients completely. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel:
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
I can confirm this bug as well. The cp -a consistently kills nfsd threads on Ubuntu Server 14.04LTS running 3.13.0-32-generic. This is a very critical bug: Improtance: Medium is an understatement. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
It would be nice if this bug could be given some priority, it is making it hard to run precise as an nfs server. I've just spent some hours chasing down this on our systems, and can confirm that it also affects kernels 3.8.0-44 and 3.13.0-32. It is quite easy to trigger, a 'cp -a ...' on any nfs client will kill one nfsd thread on the server. Once all threads are gone, the server is dead and must be rebooted. Restarting the nfs-kernel-server service has no effect. -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Changed in: linux (Ubuntu) Importance: Undecided = Medium -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0558a4b] nfsd_dispatch+0xeb/0x230 [nfsd]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Tags added: regression-update -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0558a4b] nfsd_dispatch+0xeb/0x230 [nfsd] Jul 24 10:12:53 server
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Bug watch added: Debian Bug tracker #754420 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754420 ** Also affects: linux (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=754420 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: Unknown Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Changed in: linux (Debian) Status: Unknown = New -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Status in “linux” package in Debian: New Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0558a4b] nfsd_dispatch+0xeb/0x230 [nfsd] Jul
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
** Attachment added: lspci-vnvn.log https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1348670/+attachment/4162784/+files/lspci-vnvn.log -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Incomplete Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131]
[Kernel-packages] [Bug 1348670] Re: BUG: unable to handle kernel NULL pointer dereference at 0000000000000010, set_nfsv4_acl_one+0x21/0xb0 [nfsd]
Can't run apport-collect on this server. ** Changed in: linux (Ubuntu) Status: Incomplete = Confirmed -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1348670 Title: BUG: unable to handle kernel NULL pointer dereference at 0010, set_nfsv4_acl_one+0x21/0xb0 [nfsd] Status in “linux” package in Ubuntu: Confirmed Bug description: I've seen this happen twice in the last 8 days on an NFS server running Ubuntu precise and kernels 3.2.0-65.98-generic (on the first occasion) and 3.2.0-67.101-generic (the second time), amd64. This never happened before in several months of operation; until 2014-07-01 this server was running an older 3.2.0 kernel. When this error appears in the logs, the system stops answering NFS RPCs (e.g., rpcinfo -u localhost nfs 3 hangs) and a reboot is necessary to restore NFS service. A more detailed stack trace follows. Looking at the source code (fs/nfsd/vfs.c:set_nfsv4_acl_one()) I see that the call posix_acl_xattr_size(pacl-a_count) is not preceded by a check that pacl != NULL. Could this be related to the following entry in the changelog for 3.2.0-65.98? * NFSD: Call -set_acl with a NULL ACL structure if no entries - LP: #1328154 Jul 24 10:12:53 server kernel: [575939.742131] IP: [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] PGD c243bb067 PUD c2400a067 PMD 0 Jul 24 10:12:53 server kernel: [575939.742131] Oops: [#1] SMP Jul 24 10:12:53 server kernel: [575939.742131] CPU 3 Jul 24 10:12:53 server kernel: [575939.742131] Modules linked in: usblp btrfs zlib_deflate libcrc32c ufs qnx4 hfsplus hfs minix ntfs vfat msdos fat jfs reiserfs ext2 cts openafs(P) xt_tcpudp ipmi_si ipmi_devintf ipmi_msghandler iptable_filter ip_tables x_tables autofs4 bnep parport_pc rfcomm bluetooth ppdev binfmt_misc rpcsec_gss_krb5 nfsd nfs lockd fscache auth_rpcgss nfs_acl sunrpc xfs dm_crypt bridge stp psmouse hpilo sp5100_tco i2c_piix4 amd64_edac_mod hpwdt edac_core k10temp edac_mce_amd joydev serio_raw acpi_power_meter mac_hid lp parport raid10 raid456 async_pq async_xor xor async_memcpy async_raid6_recov raid6_pq async_tx raid1 raid0 multipath linear radeon ttm drm_kms_helper drm osst usbhid hid st ch i2c_algo_bit pata_atiixp hpsa bnx2 Jul 24 10:12:53 server kernel: [575939.742131] Jul 24 10:12:53 server kernel: [575939.742131] Pid: 2523, comm: nfsd Tainted: P O 3.2.0-67-generic #101-Ubuntu HP ProLiant DL385 G7 Jul 24 10:12:53 server kernel: [575939.742131] RIP: 0010:[a055c451] [a055c451] set_nfsv4_acl_one+0x21/0xb0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] RSP: 0018:880422085ce0 EFLAGS: 00010282 Jul 24 10:12:53 server kernel: [575939.742131] RAX: 4000 RBX: 880e29b16cc0 RCX: 013cc2cc Jul 24 10:12:53 server kernel: [575939.742131] RDX: a0583374 RSI: RDI: 880e29b16cc0 Jul 24 10:12:53 server kernel: [575939.742131] RBP: 880422085d10 R08: ea002cdf3b80 R09: a055c4af Jul 24 10:12:53 server kernel: [575939.742131] R10: 880b37ceed00 R11: 4004 R12: Jul 24 10:12:53 server kernel: [575939.742131] R13: 8807f56418c0 R14: R15: 880c2268d180 Jul 24 10:12:53 server kernel: [575939.742131] FS: 7fafd700() GS:88103fc8() knlGS: Jul 24 10:12:53 server kernel: [575939.742131] CS: 0010 DS: ES: CR0: 8005003b Jul 24 10:12:53 server kernel: [575939.742131] CR2: 0010 CR3: 000c22d6c000 CR4: 06e0 Jul 24 10:12:53 server kernel: [575939.742131] DR0: DR1: DR2: Jul 24 10:12:53 server kernel: [575939.742131] DR3: DR6: 0ff0 DR7: 0400 Jul 24 10:12:53 server kernel: [575939.742131] Process nfsd (pid: 2523, threadinfo 880422084000, task 880425964500) Jul 24 10:12:53 server kernel: [575939.742131] Stack: Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d040 880e29b16cc0 8807f56418c0 Jul 24 10:12:53 server kernel: [575939.742131] 880c2268d180 880422085d50 a055d5e3 Jul 24 10:12:53 server kernel: [575939.742131] 880b37cee840 880c22684000 880c2268d040 Jul 24 10:12:53 server kernel: [575939.742131] Call Trace: Jul 24 10:12:53 server kernel: [575939.742131] [a055d5e3] nfsd4_set_nfs4_acl+0x143/0x150 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a056ab74] nfsd4_setattr+0xd4/0x130 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0569be8] nfsd4_proc_compound+0x518/0x6e0 [nfsd] Jul 24 10:12:53 server kernel: [575939.742131] [a0558a4b] nfsd_dispatch+0xeb/0x230