Public bug reported:
When I tried to mount a 9p share using v9fs, I received this in dmesg.
[130583.180162] Installing 9P2000 support
[130583.257129] Installing v9fs 9p2000 file system support
[130584.467791] BUG: unable to handle kernel NULL pointer dereference at
0000000e
[130584.467812] IP: [<c0256724>] match_number+0x44/0xa0
[130584.467835] *pde = 00000000
[130584.467856] Oops: 0000 [#1] SMP
[130584.467873] Modules linked in: 9p 9pnet arc4 ecb ieee80211_crypt_wep isofs
nls_iso8859_1 nls_cp437 vfat fat udf crc_itu_t ipv6 usb_storage libusual
af_packet radeon drm bridge stp bnep rfcomm l2cap kqemu uinput ppdev autofs4
speedstep_centrino cpufreq_userspace cpufreq_conservative cpufreq_ondemand
cpufreq_powersave cpufreq_stats freq_table wmi pci_slot container sbs sbshc
iptable_filter ip_tables x_tables lp loop joydev pcmcia snd_intel8x0
snd_ac97_codec btusb ac97_bus bluetooth snd_pcm_oss snd_mixer_oss snd_pcm
battery ac psmouse snd_seq_dummy ipw2200 serio_raw ieee80211 ieee80211_crypt
yenta_socket rsrc_nonstatic pcmcia_core video output parport_pc nsc_ircc
snd_seq_oss parport snd_seq_midi snd_rawmidi irda crc_ccitt snd_seq_midi_event
snd_seq snd_timer snd_seq_device snd soundcore snd_page_alloc button iTCO_wdt
iTCO_vendor_support intel_agp shpchp pci_hotplug agpgart thinkpad_acpi rfkill
led_class nvram evdev ext3 jbd mbcache sha256_generic aes_i586 aes_generic cbc
usbhid hid sg sr_mod cdrom sd_mod crc_t10dif ata_piix pata_acpi ata_generic
libata e1000 scsi_mod ehci_hcd uhci_hcd usbcore dock dm_crypt crypto_blkcipher
dm_mirror dm_log dm_snapshot dm_mod thermal processor fan fbcon tileblit font
bitblit softcursor uvesafb cn fuse
[130584.468012]
[130584.468012] Pid: 30463, comm: mount Not tainted (2.6.27-4-generic #1)
[130584.468012] EIP: 0060:[<c0256724>] EFLAGS: 00210212 CPU: 0
[130584.468012] EIP is at match_number+0x44/0xa0
[130584.468012] EAX: 00200278 EBX: e8b31d9c ECX: 0008009e EDX: 00000400
[130584.468012] ESI: 0000000e EDI: c3800000 EBP: e8b31d8c ESP: e8b31d70
[130584.468012] DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[130584.468012] Process mount (pid: 30463, ti=e8b30000 task=f6766480
task.ti=e8b30000)
[130584.468012] Stack: 00000000 e8b31db8 c3800000 ddb74c80 e8b31e14 00000003
e8b31db4 e8b31d94
[130584.468012] c02567aa e8b31dc8 f8f6939f 0000000e 00200286 c059bd38
00200282 f8f70500
[130584.468012] f8f70500 ddb74c8f e8b31e30 f8f70500 f8f70500 e8a42ac0
e8b31e30 f8f6a6ab
[130584.468012] Call Trace:
[130584.468012] [<c02567aa>] ? match_int+0xa/0x10
[130584.468012] [<f8f6939f>] ? parse_opts+0x8f/0xe0 [9pnet]
[130584.468012] [<f8f6a6ab>] ? p9_trans_create_tcp+0x2b/0x1e0 [9pnet]
[130584.468012] [<f8f672d8>] ? parse_opts+0xb8/0x100 [9pnet]
[130584.468012] [<f8f6741d>] ? p9_client_create+0xfd/0x210 [9pnet]
[130584.468012] [<f8f60c32>] ? v9fs_session_init+0xb2/0x180 [9p]
[130584.468012] [<f8f5f0a8>] ? v9fs_get_sb+0x58/0x1c0 [9p]
[130584.468012] [<c01cd28d>] ? alloc_vfsmnt+0x8d/0x120
[130584.468012] [<c01b5a4e>] ? vfs_kern_mount+0x5e/0x130
[130584.468012] [<c01b5b7e>] ? do_kern_mount+0x3e/0xe0
[130584.468012] [<c01cdfff>] ? do_new_mount+0x6f/0x90
[130584.468012] [<c01ce542>] ? do_mount+0x1d2/0x1f0
[130584.468012] [<c01cbc8d>] ? exact_copy_from_user+0x4d/0xa0
[130584.468012] [<c01cc29e>] ? copy_mount_options+0x6e/0xd0
[130584.468012] [<c01ce5f1>] ? sys_mount+0x91/0xc0
[130584.468012] [<c0103f6b>] ? sysenter_do_call+0x12/0x2f
[130584.468012] =======================
[130584.468012] Code: 00 00 89 7d fc 89 4d e4 8b 40 04 83 c0 01 2b 03 e8 a2 85
f5 ff 85 c0 89 45 ec 74 53 8b 33 8b 43 04 8b 7d ec 29 f0 89 c1 c1 e9 02 <f3> a5
89 c1 83 e1 03 74 02 f3 a4 8b 43 04 8b 55 ec 2b 03 c6 04
[130584.468012] EIP: [<c0256724>] match_number+0x44/0xa0 SS:ESP 0068:e8b31d70
[130584.468925] ---[ end trace fd4717f61e1d6430 ]---
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
--
v9fs dereferences NULL on mounting unauthed server
https://bugs.launchpad.net/bugs/282427
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
