On Fri, 2007-11-16 at 22:13 +0000, Russell King wrote:
> While testing a kernel based upon
> ecd744eec3aa8bbc949ec04ed3fbf7ecb2958a0e
> (with wrong boot arguments), I got the following bad page state entry
> while
> NFS was trying to mount it's rootfs:
>
> IP-Config: Complete:
> device=eth0, addr=192.168.1.101, mask=255.255.255.0,
> gw=255.255.255.255,
> host=192.168.1.101, domain=, nis-domain=(none),
> bootserver=192.168.1.100, rootserver=192.168.1.100, rootpath=
> Looking up port of RPC 100003/2 on 192.168.1.100
> rpcbind: server 192.168.1.100 not responding, timed out
> Root-NFS: Unable to get nfsd port number from server, using default
> Looking up port of RPC 100005/1 on 192.168.1.100
> rpcbind: server 192.168.1.100 not responding, timed out
> Root-NFS: Unable to get mountd port number from server, using default
> mount: server 192.168.1.100 not responding, timed out
> Root-NFS: Server returned error -5 while mounting /nfs/rootfs/
> VFS: Unable to mount root fs via NFS, trying floppy.
> Bad page state in process 'swapper'
> page:c02b1260 flags:0x00000400 mapping:00000000 mapcount:0 count:0
> Trying to fix it up, but a reboot is needed
> Backtrace:
> [<c0023e34>] (dump_stack+0x0/0x14) from [<c0062570>] (bad_page
> +0x70/0xac)
> [<c0062500>] (bad_page+0x0/0xac) from [<c0064914>] (free_hot_cold_page
> +0x80/0x178)
> [<c0064894>] (free_hot_cold_page+0x0/0x178) from [<c0064a74>]
> (free_hot_page+0x14/0x18)
> [<c0064a60>] (free_hot_page+0x0/0x18) from [<c0067078>] (put_page
> +0xf8/0x154)
> [<c0066f80>] (put_page+0x0/0x154) from [<c007dbc8>] (kfree+0xc8/0xd0)
> [<c007db00>] (kfree+0x0/0xd0) from [<c00cbb54>] (nfs_get_sb
> +0x230/0x710)
> [<c00cb924>] (nfs_get_sb+0x0/0x710) from [<c0084334>] (vfs_kern_mount
> +0x58/0xac)[<c00842dc>] (vfs_kern_mount+0x0/0xac) from [<c00843c0>]
> (do_kern_mount+0x38/0xf4)
> [<c0084388>] (do_kern_mount+0x0/0xf4) from [<c0099c7c>] (do_mount
> +0x1e8/0x614)
> ...
>
> This seems to be caused by use of an uninitialised structure due to
> NULL
> options being passed to nfs_validate_mount_data(). Ensure that the
> parsed mount data is always initialised.
>
> Signed-off-by: Russell King <[email protected]>
>
> diff --git a/fs/nfs/super.c b/fs/nfs/super.c
> index fa517ae..0b1080c 100644
> --- a/fs/nfs/super.c
> +++ b/fs/nfs/super.c
> @@ -1054,10 +1054,11 @@ static int nfs_validate_mount_data(void
> *options,
> {
> struct nfs_mount_data *data = (struct nfs_mount_data *)options;
>
> + memset(args, 0, sizeof(*args));
> +
> if (data == NULL)
> goto out_no_data;
>
> - memset(args, 0, sizeof(*args));
> args->flags = (NFS_MOUNT_VER3 | NFS_MOUNT_TCP);
> args->rsize = NFS_MAX_FILE_IO_SIZE;
> args->wsize = NFS_MAX_FILE_IO_SIZE;
Thanks Russell,
It looks as if the same bug exists in nfs4_validate_mount_data(), so I
added the same fix.
Cheers
Trond
--- Begin Message ---
- Subject: NFS: mount failure causes bad page state
- From: Russell King <[email protected]>
- Date: Fri, 16 Nov 2007 22:13:24 +0000
While testing a kernel based upon ecd744eec3aa8bbc949ec04ed3fbf7ecb2958a0e
(with wrong boot arguments), I got the following bad page state entry while
NFS was trying to mount it's rootfs:
IP-Config: Complete:
device=eth0, addr=192.168.1.101, mask=255.255.255.0, gw=255.255.255.255,
host=192.168.1.101, domain=, nis-domain=(none),
bootserver=192.168.1.100, rootserver=192.168.1.100, rootpath=
Looking up port of RPC 100003/2 on 192.168.1.100
rpcbind: server 192.168.1.100 not responding, timed out
Root-NFS: Unable to get nfsd port number from server, using default
Looking up port of RPC 100005/1 on 192.168.1.100
rpcbind: server 192.168.1.100 not responding, timed out
Root-NFS: Unable to get mountd port number from server, using default
mount: server 192.168.1.100 not responding, timed out
Root-NFS: Server returned error -5 while mounting /nfs/rootfs/
VFS: Unable to mount root fs via NFS, trying floppy.
Bad page state in process 'swapper'
page:c02b1260 flags:0x00000400 mapping:00000000 mapcount:0 count:0
Trying to fix it up, but a reboot is needed
Backtrace:
[<c0023e34>] (dump_stack+0x0/0x14) from [<c0062570>] (bad_page+0x70/0xac)
[<c0062500>] (bad_page+0x0/0xac) from [<c0064914>] (free_hot_cold_page+0x80/0x178)
[<c0064894>] (free_hot_cold_page+0x0/0x178) from [<c0064a74>] (free_hot_page+0x14/0x18)
[<c0064a60>] (free_hot_page+0x0/0x18) from [<c0067078>] (put_page+0xf8/0x154)
[<c0066f80>] (put_page+0x0/0x154) from [<c007dbc8>] (kfree+0xc8/0xd0)
[<c007db00>] (kfree+0x0/0xd0) from [<c00cbb54>] (nfs_get_sb+0x230/0x710)
[<c00cb924>] (nfs_get_sb+0x0/0x710) from [<c0084334>] (vfs_kern_mount+0x58/0xac)[<c00842dc>] (vfs_kern_mount+0x0/0xac) from [<c00843c0>] (do_kern_mount+0x38/0xf4)
[<c0084388>] (do_kern_mount+0x0/0xf4) from [<c0099c7c>] (do_mount+0x1e8/0x614)
...
This seems to be caused by use of an uninitialised structure due to NULL
options being passed to nfs_validate_mount_data(). Ensure that the
parsed mount data is always initialised.
Signed-off-by: Russell King <[email protected]>
(Trond: added fix for the same bug in nfs4_validate_mount_data()).
Signed-off-by: Trond Myklebust <[email protected]>
---
fs/nfs/super.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/nfs/super.c b/fs/nfs/super.c
index 046d1ac..8d95d7d 100644
--- a/fs/nfs/super.c
+++ b/fs/nfs/super.c
@@ -1078,10 +1078,11 @@ static int nfs_validate_mount_data(void *options,
{
struct nfs_mount_data *data = (struct nfs_mount_data *)options;
+ memset(args, 0, sizeof(*args));
+
if (data == NULL)
goto out_no_data;
- memset(args, 0, sizeof(*args));
args->flags = (NFS_MOUNT_VER3 | NFS_MOUNT_TCP);
args->rsize = NFS_MAX_FILE_IO_SIZE;
args->wsize = NFS_MAX_FILE_IO_SIZE;
@@ -1560,10 +1561,11 @@ static int nfs4_validate_mount_data(void *options,
struct nfs4_mount_data *data = (struct nfs4_mount_data *)options;
char *c;
+ memset(args, 0, sizeof(*args));
+
if (data == NULL)
goto out_no_data;
- memset(args, 0, sizeof(*args));
args->rsize = NFS_MAX_FILE_IO_SIZE;
args->wsize = NFS_MAX_FILE_IO_SIZE;
args->timeo = 600;
--- End Message ---
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]