← Back to team overview

kernel-packages team mailing list archive

[Bug 1508510] Re: Something in the Kernel crashes when I try to mount via NFS

 

This bug was fixed in the package linux - 3.2.0-93.133

---------------
linux (3.2.0-93.133) precise; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1509350

  [ Upstream Kernel Changes ]

  * Revert "net: Fix skb csum races when peeking"
    - LP: #1508510

linux (3.2.0-93.132) precise; urgency=low

  [ Brad Figg ]

  * Release Tracking Bug
    - LP: #1508939

  [ Upstream Kernel Changes ]

  * Revert "sctp: Fix race between OOTB responce and route removal"
    - LP: #1507665
  * USB: whiteheat: fix potential null-deref at probe
    - LP: #1478826
    - CVE-2015-5257
  * dcache: Handle escaped paths in prepend_path
    - LP: #1441108
    - CVE-2015-2925
  * vfs: Test for and handle paths that are unreachable from their mnt_root
    - LP: #1441108
    - CVE-2015-2925
  * ipv6: Fix build failure when CONFIG_INET disabled
    - LP: #1507665
  * pktgen: Require CONFIG_INET due to use of IPv4 checksum function
    - LP: #1507665
  * xen/gntdev: convert priv->lock to a mutex
    - LP: #1507665
  * xen/gntdevt: Fix race condition in gntdev_release()
    - LP: #1507665
  * crypto: ixp4xx - Remove bogus BUG_ON on scattered dst buffer
    - LP: #1507665
  * USB: sierra: add 1199:68AB device ID
    - LP: #1507665
  * target/iscsi: Fix double free of a TUR followed by a solicited NOPOUT
    - LP: #1507665
  * md/raid1: extend spinlock to protect raid1_end_read_request against
    inconsistencies
    - LP: #1507665
  * target: REPORT LUNS should return LUN 0 even for dynamic ACLs
    - LP: #1507665
  * MIPS: Fix sched_getaffinity with MT FPAFF enabled
    - LP: #1507665
  * xhci: fix off by one error in TRB DMA address boundary check
    - LP: #1507665
  * rds: fix an integer overflow test in rds_info_getsockopt()
    - LP: #1507665
  * perf: Fix fasync handling on inherited events
    - LP: #1507665
  * MIPS: Make set_pte() SMP safe.
    - LP: #1507665
  * ocfs2: fix BUG in ocfs2_downconvert_thread_do_work()
    - LP: #1507665
  * net: Clone skb before setting peeked flag
    - LP: #1507665
  * net: Fix skb_set_peeked use-after-free bug
    - LP: #1507665
  * x86/ldt: Make modify_ldt synchronous
    - LP: #1507665
  * x86/ldt: Correct LDT access in single stepping logic
    - LP: #1507665
  * x86/ldt: Correct FPU emulation access to LDT
    - LP: #1507665
  * localmodconfig: Use Kbuild files too
    - LP: #1507665
  * dm btree: add ref counting ops for the leaves of top level btrees
    - LP: #1507665
  * libiscsi: Fix host busy blocking during connection teardown
    - LP: #1507665
  * libfc: Fix fc_fcp_cleanup_each_cmd()
    - LP: #1507665
  * ipc,sem: fix use after free on IPC_RMID after a task using same
    semaphore set exits
    - LP: #1507665
  * x86/ldt: Further fix FPU emulation
    - LP: #1507665
  * net: Fix RCU splat in af_key
    - LP: #1507665
  * sctp: donot reset the overall_error_count in SHUTDOWN_RECEIVE state
    - LP: #1507665
  * sparc64: Fix userspace FPU register corruptions.
    - LP: #1507665
  * rc-core: fix remove uevent generation
    - LP: #1507665
  * PCI: Fix TI816X class code quirk
    - LP: #1507665
  * mac80211: enable assoc check for mesh interfaces
    - LP: #1507665
  * PCI: Add dev_flags bit to access VPD through function 0
    - LP: #1507665
  * PCI: Add VPD function 0 quirk for Intel Ethernet devices
    - LP: #1507665
  * usb: gadget: m66592-udc: forever loop in set_feature()
    - LP: #1507665
  * KVM: MMU: fix validation of mmio page fault
    - LP: #1507665
  * auxdisplay: ks0108: fix refcount
    - LP: #1507665
  * devres: fix devres_get()
    - LP: #1507665
  * windfarm: decrement client count when unregistering
    - LP: #1507665
  * NFSv4: don't set SETATTR for O_RDONLY|O_EXCL
    - LP: #1507665
  * drivers: usb: fsl: Workaround for USB erratum-A005275
    - LP: #1507665
  * serial: 8250: bind to ALi Fast Infrared Controller (ALI5123)
    - LP: #1507665
  * usb: host: ehci-sys: delete useless bus_to_hcd conversion
    - LP: #1507665
  * USB: ftdi_sio: Added custom PID for CustomWare products
    - LP: #1507665
  * eCryptfs: Invalidate dcache entries when lower i_nlink is zero
    - LP: #1507665
  * xfs: Fix xfs_attr_leafblock definition
    - LP: #1507665
  * DRM - radeon: Don't link train DisplayPort on HPD until we get the dpcd
    - LP: #1507665
  * rtlwifi: rtl8192cu: Add new device ID
    - LP: #1507665
  * rtlwifi: rtl8192cu: Add new device ID
    - LP: #1507665
  * of/address: Don't loop forever in of_find_matching_node_by_address().
    - LP: #1507665
  * drivercore: Fix unregistration path of platform devices
    - LP: #1507665
  * xfs: return errors from partial I/O failures to files
    - LP: #1507665
  * IB/qib: Change lkey table allocation to support more MRs
    - LP: #1507665
  * SUNRPC: xs_reset_transport must mark the connection as disconnected
    - LP: #1507665
  * IB/mlx4: Use correct SL on AH query under RoCE
    - LP: #1507665
  * IB/uverbs: Fix race between ib_uverbs_open and remove_one
    - LP: #1507665
  * spi: spi-pxa2xx: Check status register to determine if SSSR_TINT is
    disabled
    - LP: #1507665
  * drm/i915: Always mark the object as dirty when used by the GPU
    - LP: #1507665
  * Add radeon suspend/resume quirk for HP Compaq dc5750.
    - LP: #1507665
  * IB/uverbs: reject invalid or unknown opcodes
    - LP: #1507665
  * Input: evdev - do not report errors form flush()
    - LP: #1507665
  * crypto: ghash-clmulni: specify context size for ghash async algorithm
    - LP: #1507665
  * fs: create and use seq_show_option for escaping
    - LP: #1507665
  * ARM: 8429/1: disable GCC SRA optimization
    - LP: #1507665
  * pagemap: hide physical addresses from non-privileged users
    - LP: #1507665
  * powerpc/MSI: Fix race condition in tearing down MSI interrupts
    - LP: #1507665
  * hfs,hfsplus: cache pages correctly between bnode_create and bnode_free
    - LP: #1507665
  * hfs: fix B-tree corruption after insertion at position 0
    - LP: #1507665
  * perf header: Fixup reading of HEADER_NRCPUS feature
    - LP: #1507665
  * USB: option: add ZTE PIDs
    - LP: #1507665
  * Btrfs: fix read corruption of compressed and shared extents
    - LP: #1507665
  * btrfs: skip waiting on ordered range for special files
    - LP: #1507665
  * ARM: 7880/1: Clear the IT state independent of the Thumb-2 mode
    - LP: #1507665
  * ARM: fix Thumb2 signal handling when ARMv6 is enabled
    - LP: #1507665
  * x86/platform: Fix Geode LX timekeeping in the generic x86 build
    - LP: #1507665
  * ASoC: fix broken pxa SoC support
    - LP: #1507665
  * s390/compat: correct uc_sigmask of the compat signal frame
    - LP: #1507665
  * KVM: x86: trap AMD MSRs for the TSeg base and mask
    - LP: #1507665
  * usb: Use the USB_SS_MULT() macro to get the burst multiplier.
    - LP: #1507665
  * xhci: give command abortion one more chance before killing xhci
    - LP: #1507665
  * usb: xhci: Clear XHCI_STATE_DYING on start
    - LP: #1507665
  * xhci: change xhci 1.0 only restrictions to support xhci 1.1
    - LP: #1507665
  * cifs: use server timestamp for ntlmv2 authentication
    - LP: #1507665
  * x86/paravirt: Replace the paravirt nop with a bona fide empty function
    - LP: #1507665
  * ocfs2/dlm: fix deadlock when dispatch assert master
    - LP: #1507665
  * ipv6: addrconf: validate new MTU before applying it
    - LP: #1507665
  * ipc/sem.c: fully initialize sem_array before making it visible
    - LP: #1507665
  * Initialize msg/shm IPC objects before doing ipc_addid()
    - LP: #1507665
  * net/tipc: initialize security state for new connection socket
    - LP: #1507665
  * net: pktgen: fix race between pktgen_thread_worker() and kthread_stop()
    - LP: #1507665
  * net: Fix skb csum races when peeking
    - LP: #1507665
  * ipv6: lock socket in ip6_datagram_connect()
    - LP: #1507665
  * bonding: correct the MAC address for "follow" fail_over_mac policy
    - LP: #1507665
  * net/ipv6: Correct PIM6 mrt_lock handling
    - LP: #1507665
  * fib_rules: fix fib rule dumps across multiple skbs
    - LP: #1507665
  * perf tools: Fix build with perl 5.18
    - LP: #1507665
  * ipv6: prevent fib6_run_gc() contention
    - LP: #1507665
  * ipv6: update ip6_rt_last_gc every time GC is run
    - LP: #1507665
  * parisc: Filter out spurious interrupts in PA-RISC irq handler
    - LP: #1507665
  * jbd2: avoid infinite loop when destroying aborted journal
    - LP: #1507665
  * Linux 3.2.72
    - LP: #1507665

 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>  Fri, 23 Oct 2015
12:17:43 +0100

** Changed in: linux (Ubuntu Precise)
       Status: Fix Committed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-2925

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-5257

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-lts-utopic in Ubuntu.
https://bugs.launchpad.net/bugs/1508510

Title:
  Something in the Kernel crashes when I try to mount via NFS

Status in linux package in Ubuntu:
  Invalid
Status in linux-lts-utopic package in Ubuntu:
  Invalid
Status in linux source package in Precise:
  Fix Released
Status in linux-lts-utopic source package in Precise:
  Invalid
Status in linux source package in Trusty:
  Fix Released
Status in linux-lts-utopic source package in Trusty:
  Fix Released

Bug description:
  I have a vagrant virtual machine that mounts a directory on my
  computer via NFS, this does not work and the reason seems to be this.
  My System is using SMP, reverting to the kernel before solves the
  problem.

  Broken: Linux paul-ThinkPad-T430s 3.13.0-66-generic
  Working: Broken: Linux paul-ThinkPad-T430s 3.13.0-65-generic
   
  BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
  [   84.360198] IP: [<ffffffff8161d84d>] skb_copy_and_csum_datagram_iovec+0x2d/0x110
  [   84.360224] PGD 0 
  [   84.360232] Oops: 0000 [#1] SMP 
  [   84.360246] Modules linked in: ctr ccm pci_stub vboxpci(OX) vboxnetadp(OX) vboxnetflt(OX) vboxdrv(OX) vmw_vsock_vmci_transport vsock vmw_vmci rfcomm bnep arc4 iwldvm mac80211 hid_generic usbhid hid snd_hda_codec_hdmi snd_hda_codec_realtek iwlwifi cfg80211 binfmt_misc nfsd auth_rpcgss nfs_acl nfs lockd sunrpc fscache nls_iso8859_1 uvcvideo videobuf2_vmalloc videobuf2_memops videobuf2_core videodev cdc_mbim cdc_ncm usbnet mii cdc_wdm cdc_acm btusb bluetooth intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel aes_x86_64 lrw gf128mul glue_helper ablk_helper cryptd joydev serio_raw snd_hda_intel snd_hda_codec snd_hwdep thinkpad_acpi nvram snd_pcm snd_seq_midi lpc_ich snd_seq_midi_event snd_rawmidi shpchp snd_page_alloc mei_me mei i915 snd_seq drm_kms_helper drm i2c_algo_bit parport_pc wmi snd_seq_device snd_timer ppdev snd soundcore lp mac_hid parport video mmc_block psmouse e1000e ahci sdhci_pci libahci ptp sdhci pps_core
  [   84.360613] CPU: 2 PID: 1507 Comm: nfsd Tainted: G           OX 3.13.0-66-generic #108-Ubuntu
  [   84.360643] Hardware name: LENOVO 2355CTO/2355CTO, BIOS G7ET95WW (2.55 ) 07/10/2013
  [   84.360673] task: ffff880036929800 ti: ffff880036b7a000 task.ti: ffff880036b7a000
  [   84.360696] RIP: 0010:[<ffffffff8161d84d>]  [<ffffffff8161d84d>] skb_copy_and_csum_datagram_iovec+0x2d/0x110
  [   84.360728] RSP: 0018:ffff880036b7bbc0  EFLAGS: 00010216
  [   84.360743] RAX: 0000000000000000 RBX: ffff880035910700 RCX: 0000000000000000
  [   84.360762] RDX: 0000000000000000 RSI: 0000000000000030 RDI: ffff88038e23ab00
  [   84.360781] RBP: ffff880036b7bbf8 R08: 0000000000000000 R09: 0000000062e59d1a
  [   84.360800] R10: 0000000000000000 R11: 0000000000000004 R12: 0000000000000008
  [   84.360819] R13: ffff88038e23ab00 R14: 0000000000000028 R15: ffff88038e23ab00
  [   84.360838] FS:  0000000000000000(0000) GS:ffff88043e280000(0000) knlGS:0000000000000000
  [   84.360859] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  [   84.360874] CR2: 0000000000000008 CR3: 0000000425ea0000 CR4: 00000000001427e0
  [   84.360893] Stack:
  [   84.360900]  ffffffff81616f66 ffffffff81616fb0 ffff880035910700 ffff880036b7bdf8
  [   84.360924]  0000000000000000 0000000000000028 ffff88038e23ab00 ffff880036b7bc60
  [   84.360948]  ffffffff8168b2ec ffff880426f8c028 ffff880035910770 0000000200000000
  [   84.360972] Call Trace:
  [   84.360984]  [<ffffffff81616f66>] ? skb_checksum+0x26/0x30
  [   84.361005]  [<ffffffff81616fb0>] ? skb_push+0x40/0x40
  [   84.361025]  [<ffffffff8168b2ec>] udp_recvmsg+0x1dc/0x380
  [   84.361046]  [<ffffffff8169650c>] inet_recvmsg+0x6c/0x80
  [   84.361065]  [<ffffffff8160f0aa>] sock_recvmsg+0x9a/0xd0
  [   84.361087]  [<ffffffff8107576a>] ? del_timer_sync+0x4a/0x60
  [   84.361106]  [<ffffffff8172762d>] ? schedule_timeout+0x17d/0x2d0
  [   84.361126]  [<ffffffff8160f11a>] kernel_recvmsg+0x3a/0x50
  [   84.361164]  [<ffffffffa05b5d29>] svc_udp_recvfrom+0x89/0x440 [sunrpc]
  [   84.361185]  [<ffffffff8172c01b>] ? _raw_spin_unlock_bh+0x1b/0x40
  [   84.361211]  [<ffffffffa05c2cc8>] ? svc_get_next_xprt+0xd8/0x310 [sunrpc]
  [   84.361237]  [<ffffffffa05c3450>] svc_recv+0x4a0/0x5c0 [sunrpc]
  [   84.361255]  [<ffffffff810777ab>] ? recalc_sigpending+0x1b/0x50
  [   84.361276]  [<ffffffffa063e70d>] nfsd+0xad/0x130 [nfsd]
  [   84.361295]  [<ffffffffa063e660>] ? nfsd_destroy+0x80/0x80 [nfsd]
  [   84.361313]  [<ffffffff8108b7d2>] kthread+0xd2/0xf0
  [   84.361328]  [<ffffffff8108b700>] ? kthread_create_on_node+0x1c0/0x1c0
  [   84.361346]  [<ffffffff81734ba8>] ret_from_fork+0x58/0x90
  [   84.361362]  [<ffffffff8108b700>] ? kthread_create_on_node+0x1c0/0x1c0
  [   84.361383] Code: 44 00 00 55 31 c0 48 89 e5 41 57 41 56 41 55 49 89 fd 41 54 41 89 f4 53 48 83 ec 10 8b 77 68 41 89 f6 45 29 e6 0f 84 89 00 00 00 <48> 8b 42 08 48 89 d3 48 85 c0 75 14 0f 1f 80 00 00 00 00 48 83 
  [   84.361514] RIP  [<ffffffff8161d84d>] skb_copy_and_csum_datagram_iovec+0x2d/0x110
  [   84.361546]  RSP <ffff880036b7bbc0>
  [   84.361557] CR2: 0000000000000008
  [   84.366322] ---[ end trace f8aceef52c8aecd1 ]---

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: linux-image-3.13.0-66-generic 3.13.0-66.108
  ProcVersionSignature: Ubuntu 3.13.0-66.108-generic 3.13.11-ckt27
  Uname: Linux 3.13.0-66-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.16
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  paul       2717 F.... pulseaudio
  CurrentDesktop: GNOME
  Date: Wed Oct 21 17:05:35 2015
  HibernationDevice: RESUME=UUID=d00bf67f-487f-437c-9069-db3ff456958f
  InstallationDate: Installed on 2013-10-05 (745 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
  MachineType: LENOVO 2355CTO
  ProcFB: 0 inteldrmfb
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-66-generic.efi.signed root=UUID=67ae3efa-eae6-4b17-92a5-88c203446404 ro quiet splash vt.handoff=7
  RelatedPackageVersions:
   linux-restricted-modules-3.13.0-66-generic N/A
   linux-backports-modules-3.13.0-66-generic  N/A
   linux-firmware                             1.127.15
  SourcePackage: linux
  UpgradeStatus: Upgraded to trusty on 2014-04-24 (544 days ago)
  dmi.bios.date: 07/10/2013
  dmi.bios.vendor: LENOVO
  dmi.bios.version: G7ET95WW (2.55 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 2355CTO
  dmi.board.vendor: LENOVO
  dmi.board.version: 0B98401 Pro
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: Not Available
  dmi.modalias: dmi:bvnLENOVO:bvrG7ET95WW(2.55):bd07/10/2013:svnLENOVO:pn2355CTO:pvrThinkPadT430s:rvnLENOVO:rn2355CTO:rvr0B98401Pro:cvnLENOVO:ct10:cvrNotAvailable:
  dmi.product.name: 2355CTO
  dmi.product.version: ThinkPad T430s
  dmi.sys.vendor: LENOVO

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1508510/+subscriptions


References