Question 296 of 511
Linux Kernel and System StartuphardMultiple ChoiceObjective-mapped

Quick Answer

The answer is to check the kernel configuration changes between versions 5.10 and 5.15 that affect the bonding driver. This is correct because a kernel oops null pointer dereference after update network driver that persists even after recompiling the third-party module points squarely to an internal kernel API or data structure change—specifically in the in-tree bonding driver, not the out-of-tree NIC module. The oops trace itself confirms the fault lies within the bonding code, meaning the kernel’s own networking stack has changed in a way that breaks compatibility with the old driver’s assumptions. On the LPIC-2 exam, this scenario tests your understanding that kernel updates can alter internal interfaces (like `struct net_device` or locking primitives) even when external modules are recompiled, and that the bonding driver is part of the kernel tree. A common trap is to keep blaming the third-party module, but the real culprit is often a subtle kernel configuration shift. Memory tip: “If the oops points to the kernel’s own code, don’t patch the module—patch your config.”

LPIC-2 Linux Kernel and System Startup Practice Question

This LPIC-2 practice question tests your understanding of linux kernel and system startup. The scenario asks you to isolate a root cause — eliminate options that address a different problem before choosing. After answering, compare your reasoning against the explanation and wrong-answer breakdown below. Once you have made your selection, read the full explanation to reinforce the concept and understand why each distractor is designed to mislead on exam day.

A company runs a critical web server on a custom-built Linux distribution. The server has been stable for months, but after a recent kernel update from version 5.10 to 5.15, the server experiences intermittent crashes. The crashes occur under heavy load and are accompanied by kernel oops messages mentioning a NULL pointer dereference in a network driver. The network driver is a third-party module that was compiled against the old kernel. The system administrator has recompiled the module against the new kernel, but the crashes persist. The server has 64 GB of RAM and uses a bonded network interface with two 10 GbE NICs. The kernel oops trace points to a function in the bonding driver. Which of the following is the most likely cause of the crashes?

Clue words in this question

Noticing these words before you look at the options changes how you read each choice.

  • Clue: "most likely"

    Why it matters: Probability qualifier — the question wants the most probable cause or outcome, not a guaranteed one. Eliminate low-probability options.

Question 1hardmultiple choice
Full question →

Answer choices

Why each option matters

Answer the question above first, then reveal the full breakdown to understand why each option is right or wrong.

Correct answer & explanation

Check the kernel configuration changes between versions 5.10 and 5.15 that affect the bonding driver.

Option C is correct because the crashes persist after recompiling the third-party network driver, and the oops trace points to the bonding driver. This indicates that the issue is likely due to changes in the kernel's internal APIs or data structures between versions 5.10 and 5.15 that affect the bonding driver, not the third-party module. The bonding driver is part of the kernel itself, so it must be compatible with the new kernel version; checking kernel configuration changes (e.g., modifications to `struct net_device`, bonding sysfs interfaces, or locking mechanisms) is the appropriate next step.

Key principle: Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Answer analysis

Option-by-option breakdown

For each option: why learners choose it and why it is or isn't the right answer here.

  • Increase the system memory to reduce memory pressure.

    Why it's wrong here

    Memory pressure is not the issue; the problem is a NULL pointer dereference.

  • Update the firmware on the network interface cards.

    Why it's wrong here

    Firmware update is unlikely to fix a kernel API incompatibility.

  • Check the kernel configuration changes between versions 5.10 and 5.15 that affect the bonding driver.

    Why this is correct

    Kernel API changes in the bonding driver could cause the third-party module to dereference a NULL pointer.

    Clue confirmation

    The clue word "most likely" in the question point toward this answer.

    Related concept

    Read the scenario before looking for a memorised answer.

  • Recompile the network driver module with debugging enabled.

    Why it's wrong here

    Recompiling with debugging may provide more info but does not fix the underlying issue.

Common exam traps

Common exam trap: answer the scenario, not the keyword

The trap here is that candidates assume recompiling the third-party module against the new kernel is sufficient, overlooking that the crash originates in the in-tree bonding driver, which must also be compatible with the kernel version and may require kernel configuration adjustments or backported patches.

Detailed technical explanation

How to think about this question

The bonding driver in Linux relies on kernel-internal structures like `struct bonding` and `struct slave`, which can change between kernel versions (e.g., addition of new fields or reordering). A NULL pointer dereference often occurs when a driver accesses a member of a structure that no longer exists or has been moved, or when a function pointer table (e.g., `net_device_ops`) has been altered. In real-world scenarios, such crashes can be triggered by changes to the `ndo_start_xmit` callback or locking primitives (e.g., RCU vs. spinlock) in the bonding driver, which may not be immediately visible in the third-party module's compilation.

KKey Concepts to Remember

  • Read the scenario before looking for a memorised answer.
  • Find the constraint that changes the correct option.
  • Eliminate answers that are true in general but not in this case.

TExam Day Tips

  • Watch for words such as best, first, most likely and least administrative effort.
  • Review why wrong options are wrong, not only why the correct option is correct.

Key takeaway

Answer the scenario, not the keyword: identify the specific constraint before choosing the most familiar-sounding option.

Real-world example

How this comes up in practice

A small business has 20 workstations on the 192.168.1.0/24 network and one public IP from its ISP. The router uses PAT (NAT overload) so all 20 devices share one public address using different source ports. NAT questions test whether you understand the four address terms and which direction each translation applies.

What to study next

Got this wrong? Here's your next step.

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Related practice questions

Related LPIC-2 practice-question pages

Use these pages to review the topic behind this question. This is how one missed question becomes focused revision.

Practice this exam

Start a free LPIC-2 practice session

Short sessions build daily habit. Longer sessions build exam-day stamina. Try a timed session to simulate real conditions.

FAQ

Questions learners often ask

What does this LPIC-2 question test?

Linux Kernel and System Startup — This question tests Linux Kernel and System Startup — Read the scenario before looking for a memorised answer..

What is the correct answer to this question?

The correct answer is: Check the kernel configuration changes between versions 5.10 and 5.15 that affect the bonding driver. — Option C is correct because the crashes persist after recompiling the third-party network driver, and the oops trace points to the bonding driver. This indicates that the issue is likely due to changes in the kernel's internal APIs or data structures between versions 5.10 and 5.15 that affect the bonding driver, not the third-party module. The bonding driver is part of the kernel itself, so it must be compatible with the new kernel version; checking kernel configuration changes (e.g., modifications to `struct net_device`, bonding sysfs interfaces, or locking mechanisms) is the appropriate next step.

What should I do if I get this LPIC-2 question wrong?

Identify which exam domain this question belongs to, review the core concept, then practise similar questions from the same domain.

Are there clue words in this question I should notice?

Yes — watch for: "most likely". Probability qualifier — the question wants the most probable cause or outcome, not a guaranteed one. Eliminate low-probability options.

What is the key concept behind this question?

Read the scenario before looking for a memorised answer.

About these practice questions

Courseiva creates original exam-style practice questions with explanations and wrong-answer analysis. It does not publish real exam questions, exam dumps, or protected exam content. Learn why practice questions differ from exam dumps →

How Courseiva writes practice questions · Editorial policy

Same concept, more angles

1 more ways this is tested on LPIC-2

These questions test the same concept from different angles. Work through them to make sure you can recognise it however the exam phrases it.

Variation 1. A developer has compiled a custom kernel with a new feature. The kernel modules are installed in /lib/modules/$(uname -r)/. However, when the system boots, the kernel fails to load some modules with 'Exec format error'. What is the most likely cause?

hard
  • A.The kernel configuration has disabled module loading.
  • B.The modules were compiled against a different kernel version.
  • C.The modules have incorrect file permissions.
  • D.The modules are not properly ordered in the dependency file.

Why B: The 'Exec format error' indicates that the kernel module binary is incompatible with the running kernel. This most commonly occurs when modules are compiled against a different kernel version (e.g., different kernel source tree or configuration), as the module's vermagic string must exactly match the kernel's vermagic. The kernel's module loader checks this version magic before loading; a mismatch causes the exec format error.

Last reviewed: Jun 11, 2026

Question Discussion

Share a tip, memory trick, or ask about the reasoning behind this question. Do not post real exam questions, leaked content, braindumps, or copyrighted exam material. Comments are moderated and may be removed without notice.

Loading comments…

Sign in to join the discussion.

This LPIC-2 practice question is part of Courseiva's free LPI certification practice question bank. Courseiva provides original exam-style practice questions with explanations, topic-based practice, mock exams, readiness tracking, and study analytics to help learners prepare for the LPIC-2 exam.