[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#607604: linux-image-2.6.32-5-openvz-amd64: nfsd oops after 'exportfs -ra'

Hi,

This was readily reproducible just now after a reboot, on the same
server and same kernel.

Upon boot, four exports of /var/lib/tftpboot were loaded from /etc/exports.

I then did:

# mount --bind /home/whatever /var/lib/tftpboot
# exportfs -ra

I hadn't actually altered /etc/exports since boot, so I wasn't
adding/removing any exports.

This did not immediately trigger an oops.  The oops occurred as soon as
I tried to mount the nfs export from a remote system:

[  524.907772] BUG: unable to handle kernel NULL pointer dereference at
0000000000000008
[  524.911696] IP: [<ffffffffa0664601>] exportfs_decode_fh+0x40/0x213
[exportfs]
[  524.911696] PGD 7e49d067 PUD 7e5bd067 PMD 0
[  524.911696] Oops: 0000 [#1] SMP
[  524.911696] last sysfs file:
/sys/devices/pci0000:00/0000:00:19.3/temp3_input
[  524.911696] CPU 1
[  524.911696] Modules linked in: vzethdev vznetdev simfs vzrst vzcpt
vzdquota vzmon vzdev ip6t_frag xt_DSCP xt_owner xt_length xt_hl
xt_tcpmss xt_TCPMSS xt_dscp nfsd exportfs nfs lockd fscache nfs_acl
auth_rpcgss sunrpc sit tunnel4 ip6t_LOG ip6t_REJECT ip6table_filter
bridge ip6table_mangle ip6_tables xt_limit ipt_REJECT xt_state
iptable_filter iptable_mangle ipt_LOG ipt_MASQUERADE xt_tcpudp
xt_hashlimit xt_multiport act_police cls_u32 sch_ingress iptable_nat
nf_nat nf_conntrack_ipv4 sch_htb nf_conntrack nf_defrag_ipv4 ip_tables
x_tables aufs(C) 8021q garp stp powernow_k8 ipmi_si ipmi_devintf
ipmi_msghandler loop snd_pcm snd_timer snd soundcore snd_page_alloc
amd64_edac_mod i2c_amd756 i2c_core psmouse container serio_raw evdev
button edac_core pcspkr edac_mce_amd amd_rng shpchp processor k8temp
rng_core pci_hotplug reiserfs sha256_generic aes_x86_64 aes_generic cbc
dm_crypt dm_mod raid456 async_raid6_recov async_pq raid6_pq async_xor
xor async_memcpy async_tx raid1 md_mod sd_mod crc_t10dif usbhid hid sg
sr_mod cdrom ata_generic mptspi mptscsih ohci_hcd tg3 mptbase pata_amd
qla2xxx libata floppy libphy aic7xxx ehci_hcd scsi_transport_spi
scsi_transport_fc scsi_tgt thermal thermal_sys scsi_mod usbcore nls_base
[last unloaded: scsi_wait_scan]
[  524.911696] Pid: 2301, comm: nfsd Tainted: G         C
2.6.32-5-openvz-amd64 #1 dzhanibekov Sun Fire V20z
[  524.911696] RIP: 0010:[<ffffffffa0664601>]  [<ffffffffa0664601>]
exportfs_decode_fh+0x40/0x213 [exportfs]
[  524.911696] RSP: 0018:ffff88007ed91ba0  EFLAGS: 00010246
[  524.911696] RAX: 0000000000000000 RBX: 0000000000000000 RCX:
0000000000000003
[  524.911696] RDX: 0000000000000003 RSI: ffff88007ed10028 RDI:
ffff8800be16f800
[  524.911696] RBP: 0000000000000003 R08: ffffffffa066ce44 R09:
ffff8800beeb9700
[  524.911696] R10: 0000000000000000 R11: 7800000000000000 R12:
ffff88007ed10028
[  524.911696] R13: ffff8800bef20f00 R14: 0000000000000003 R15:
ffff88007ed10028
[  524.911696] FS:  00007f0a4baf1720(0000) GS:ffff880001900000(0000)
knlGS:00000000b732f6c0
[  524.911696] CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
[  524.911696] CR2: 0000000000000008 CR3: 000000007da2b000 CR4:
00000000000006e0
[  524.911696] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[  524.911696] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000400
[  524.911696] Process nfsd (pid: 2301, veid=0, threadinfo
ffff88007ed90000, task ffff88007da79000)
[  524.911696] Stack:
[  524.911696]  ffff8800beeb9700 ffffffffa066ce44 ffff88007ed91c20
000000000000000b
[  524.911696] <0> ffff88007ed91c6c ffffffffa05a72a9 ffff8800a19e4ac0
ffff8800a19e4ac0
[  524.911696] <0> ffff88007ed10010 ffff8800bef20f00 ffff880094854a20
ffff88005b28b018
[  524.911696] Call Trace:
[  524.911696]  [<ffffffffa066ce44>] ? nfsd_acceptable+0x0/0x10c [nfsd]
[  524.911696]  [<ffffffffa05a72a9>] ? cache_check+0x5f/0x2e3 [sunrpc]
[  524.911696]  [<ffffffffa0671c7b>] ? exp_find_key+0x69/0x7e [nfsd]
[  524.911696]  [<ffffffff8103faa1>] ? update_curr+0xa2/0x10e
[  524.911696]  [<ffffffff8103fe23>] ? check_preempt_wakeup+0x1cd/0x268
[  524.911696]  [<ffffffff8109996a>] ? rcu_start_gp+0x197/0x1c0
[  524.911696]  [<ffffffffa066d2e7>] ? fh_verify+0x31b/0x574 [nfsd]
[  524.911696]  [<ffffffff8103a7e6>] ? __wake_up_common+0x44/0x73
[  524.911696]  [<ffffffff8103f716>] ? __wake_up+0x30/0x44
[  524.911696]  [<ffffffffa066db85>] ? nfsd_access+0x29/0xff [nfsd]
[  524.911696]  [<ffffffffa0675b9b>] ? nfsd3_proc_access+0x70/0x7d [nfsd]
[  524.911696]  [<ffffffffa066a329>] ? nfsd_dispatch+0xdd/0x1b9 [nfsd]
[  524.911696]  [<ffffffffa059ebd1>] ? svc_process+0x3f5/0x619 [sunrpc]
[  524.911696]  [<ffffffffa066a772>] ? nfsd+0x0/0x12e [nfsd]
[  524.911696]  [<ffffffffa066a857>] ? nfsd+0xe5/0x12e [nfsd]
[  524.911696]  [<ffffffff8106650e>] ? kthread+0xc0/0xca
[  524.911696]  [<ffffffff81011c6a>] ? child_rip+0xa/0x20
[  524.911696]  [<ffffffff8106644e>] ? kthread+0x0/0xca
[  525.326092]  [<ffffffff81011c60>] ? child_rip+0x0/0x20
[  525.328027] Code: 48 81 ec 28 01 00 00 65 48 8b 04 25 28 00 00 00 48
89 84 24 18 01 00 00 31 c0 4c 89 44 24 08 4c 89 0c 24 48 8b 7f 28 48 8b
5f 50 <ff> 53 08 48 85 c0 49 89 c4 75 0c 49 c7 c4 8c ff ff ff e9 8d 01
[  525.352026] RIP  [<ffffffffa0664601>] exportfs_decode_fh+0x40/0x213
[exportfs]
[  525.352026]  RSP <ffff88007ed91ba0>
[  525.352026] CR2: 0000000000000008
[  525.373343] ---[ end trace 16befdc2c233113f ]---

Regards,
-- 
Steven Chamberlain
steven@pyro.eu.org
Reply to: