Bug 860834 - Grub2 crashes fetching the kernel from http on F18
Summary: Grub2 crashes fetching the kernel from http on F18
Alias: None
Product: Fedora
Classification: Fedora
Component: grub2
Version: 18
Hardware: ppc64
OS: All
Target Milestone: ---
Assignee: Peter Jones
QA Contact: Fedora Extras Quality Assurance
Depends On:
Blocks: F18Betappc
TreeView+ depends on / blocked
Reported: 2012-09-26 20:20 UTC by IBM Bug Proxy
Modified: 2012-10-30 20:29 UTC (History)
8 users (show)

Fixed In Version: grub2-2.00-10.fc18
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2012-10-30 20:29:36 UTC
Type: ---

Attachments (Terms of Use)
Fix crash on http (911 bytes, patch)
2012-09-27 18:17 UTC, Gustavo Luiz Duarte
no flags Details | Diff

System ID Private Priority Status Summary Last Updated
IBM Linux Technology Center 85520 0 None None None 2012-09-26 20:20:50 UTC

Description IBM Bug Proxy 2012-09-26 20:20:46 UTC
== Comment: #0 - Gustavo Luiz Duarte <gusld@br.ibm.com> - 2012-09-25 11:05:25 ==
Description of problem:

Grub2 crashes fetching the kernel using http with the following error:

                             GNU GRUB  version 2.00

 | setparams 'Linux Chukar Netboot'                                         | 
 |         insmod http                                                      |
 |         echo   'Loading linux...'                                        |
 |         set root=http,                                        |
 |         linux   /gustavold/vmlinuz  ro repo=http://ppc.koji.fedoraproje\ |
 | ct.org/stage/f18-alpha-rc2/Fedora/ppc64/os vnc                           |
 |         echo   'Loading initial ramdisk...'                              |
 |         initrd  /gustavold/initrd.img                                    |
 |         echo   'Booting...'                                              |
 |                                                                          |
 |                                                                          |
 |                                                                          | 

      Minimum Emacs-like screen editing is supported. TAB lists      
      completions. Press Ctrl-x or F10 to boot, Ctrl-c or F2 for      
      a command-line or ESC to discard edits and return to the GRUB menu.      

                        Booting a command list

Loading linux...
DEFAULT CATCH!, exception-handler=fff00300 
at   %SRR0: 00000000001eec20   %SRR1: 0000000000003002 
Open Firmware exception handler entered from non-OF code

Client's Fix Pt Regs:
 00 00000000001a81dc 0000000001a3fc10 0000000000000000 0000000070633634
 04 0000000000000002 0000000000145fa0 0000000000001972 0000000000001974
 08 0000000000004000 0000000000000000 0000000000000000 0000000001a3fc40
 0c 0000000040002082 0000000000000000 0000000000800050 0000000000190000
 10 00000000001807b0 000000000018ef42 000000000018efb8 000000000018efa0
 14 0000000002000063 00000000ffffffff 00000000001e38d0 0000000000000000
 18 000000000000000a 00000000001d20a0 0000000000000004 00000000001d20d4
 1c 00000000001ab08c 0000000000174b20 000000000015f7b0 0000000070633634
Special Regs:
    %IV: 00000300     %CR: 40002082    %XER: 00000000  %DSISR: 42000000 
  %SRR0: 00000000001eec20   %SRR1: 0000000000003002 
    %LR: 00000000001a81dc    %CTR: 00000000001a81a8 
   %DAR: 000000007063367c 
Virtual PID = 0 
0 > 

Version-Release number of selected component (if applicable):
grub2-2.00-8.fc18.ppc64   (locally built)

Comment 1 IBM Bug Proxy 2012-09-26 20:21:11 UTC
------- Comment From baude@us.ibm.com 2012-09-26 20:14 EDT-------
patch coming, need to mirror first to add bugz # into patch

Comment 2 Gustavo Luiz Duarte 2012-09-27 18:17:52 UTC
Created attachment 618226 [details]
Fix crash on http

This patch fixes the crashes on http.

The crashes are cause by freeing file->data on receiving TCP FIN flag, since file->data is used all over without checking. http_close() will be called later to free that memory anyway and there is no need for action from the http side on receiving the FIN flag.

I've only tested on ppc64, but this issue probably affects all arches, since the code is not arch-specific.

You may not see this issue if your http server keeps the connection alive between several requests.

Patch sent upstream: http://lists.gnu.org/archive/html/grub-devel/2012-09/msg00081.html

Comment 3 Fedora Update System 2012-10-18 18:07:09 UTC
grub2-2.00-10.fc18 has been submitted as an update for Fedora 18.

Comment 4 Fedora Update System 2012-10-19 15:41:13 UTC
Package grub2-2.00-10.fc18:
* should fix your issue,
* was pushed to the Fedora 18 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing grub2-2.00-10.fc18'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).

Comment 5 Fedora Update System 2012-10-22 19:53:34 UTC
grub2-2.00-11.fc18 has been submitted as an update for Fedora 18.

Comment 6 Gustavo Luiz Duarte 2012-10-30 20:29:36 UTC
Tested grub2-2.00-11.fc18 and it works fine.

Note You need to log in before you can comment on or make changes to this bug.