[BUG] Null ptr deref during LTP run of server-state-recovery branch
Bryce Harrington
bryce at osdl.org
Fri Oct 20 16:25:45 EDT 2006
Hi Bruce,
There was a new null ptr dereference error in the server-state-recovery
branch during the LTP runs when running with krb5i. It looks like it's
failing during the 'network/tcp_cmds/echo' test case. Doesn't appear to
be occurring in other branches.
[-- MARK -- Thu Oct 12 23:00:00 2006]
kmem_cache_create: duplicate cache nfsd4_stateowners
[<c010377d>] show_trace_log_lvl+0x1b/0x2b
[<c01037a3>] show_trace+0x16/0x18
[<c0103871>] dump_stack+0x19/0x1b
[<c015a2f3>] kmem_cache_create+0x422/0x480
[<c021ab19>] nfsd4_init_slabs+0x1a/0xad
[<c021de0b>] nfs4_state_start+0x11/0x1e
[<c0204bb3>] nfsd_svc+0x52/0xa6
[<c02054d6>] write_threads+0x77/0xa5
[<c0205053>] nfsctl_transaction_write+0x4b/0x7d
[<c015de51>] vfs_write+0x88/0x128
[<c015df8c>] sys_write+0x3a/0x61
[<c0102ab3>] syscall_call+0x7/0xb
=======================
*** Run 2541: Running './testscripts/networktests.sh' ***
device eth0 entered promiscuous mode
device eth0 left promiscuous mode
BUG: unable to handle kernel NULL pointer dereference at virtual address 000000a0
printing eip:
c015a829
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP
Modules linked in: cbc blkcipher cryptomgr
CPU: 0
EIP: 0060:[<c015a829>] Not tainted VLI
EFLAGS: 00010246 (2.6.19-rc1-g4566610-server-state-recovery #1)
EIP is at kmem_flagcheck+0xa/0x2e
eax: 00000000 ebx: 00000000 ecx: f494bd0c edx: 1b270000
esi: 00000000 edi: 000000d0 ebp: f5e4dea0 esp: f5e4dea0
ds: 007b es: 007b ss: 0068
Process nfsd (pid: 7899, ti=f5e4d000 task=c1af2aa0 task.ti=f5e4d000)
Stack: f5e4dec0 c015b292 00000000 000000d0 c021abea 00000000 f5f5b6d0 f5f5b664
f5e4dee4 c021abea 00000000 000000d0 f5f5b6c8 f5f5b6c8 00000000 f5f5b6c8
f5f5b664 f5e4df0c c021b453 00000001 f494bc9c f5f5b664 00000001 f494bc9c
Call Trace:
[<c010377d>] show_trace_log_lvl+0x1b/0x2b
[<c010382f>] show_stack_log_lvl+0x8a/0x92
[<c010399e>] show_registers+0x12b/0x1b5
[<c0103bda>] die+0x10c/0x1c7
[<c011590b>] do_page_fault+0x450/0x52c
[<c0463b49>] error_code+0x39/0x40
[<c015b292>] kmem_cache_alloc+0x1a/0x78
[<c021abea>] alloc_init_open_stateowner+0x1e/0x16f
[<c021b453] nfsd4_proc_compound+0x4ad/0xef5
[<c0204f48>] nfsd_dispatch+0xbe/0x17e
[<c0454835>] svc_process+0x380/0x5c6
[<c0204d80>] nfsd+0x179/0x283
[<c010361f>] kernel_thread_helper+0x7/0x10
=======================
Code: 07 ff ff ff 8b 4d f0 8b 45 0c c7 44 88 18 ff ff ff ff c7 40 14 00 00 00 00 8d 65 f4 5b 5e 5f 5d c3 55 89 e5 8b 45 08 f6 45 0c 01 <8b> 80 a0 00 00 00 74 0e a8 01 750f 0b 3a 0a 24 cb 49 c0 eb
EIP: [<c015a829>] kmem_flagcheck+0xa/0x2e SS:ESP 0068:f5e4dea0
not responding, timed out
nfs: server nfs03 not responding, still trying
[-- MARK -- Thu Oct 12 20:00:00 2006]
[-- MARK -- Thu Oct 12 21:00:00 2006]
[-- MARK -- Thu Oct 12 22:00:00 2006]
[-- MARK -- Thu Oct 12 23:00:00 2006]
kmem_cache_create: duplicate cache nfsd4_stateowners
[<c010377d>] show_trace_log_lvl+0x1b/0x2b
[<c01037a3>] show_trace+0x16/0x18
[<c0103871>] dump_stack+0x19/0x1b
[<c015a2f3>] kmem_cache_create+0x422/0x480
[<c021ab19>] nfsd4_init_slabs+0x1a/0xad
[<c021de0b>] nfs4_state_start+0x11/0x1e
[<c0204bb3>] nfsd_svc+0x52/0xa6
[<c02054d6>] write_threads+0x77/0xa5
[<c0205053>] nfsctl_transaction_write+0x4b/0x7d
[<c015de51>] vfs_write+0x88/0x128
[<c015df8c>] sys_write+0x3a/0x61
[<c0102ab3>] syscall_call+0x7/0xb
=======================
*** Run 2541: Running './testscripts/networktests.sh' ***
The full console log for the client is here:
http://crucible.osdl.org/runs/2541/sysinfo/nfs03.console
Bryce
More information about the NFSv4
mailing list