[nfsv4] NULL pointer dereference bug in 2.6.18-rc6-CITI_NFS4_ALL-1

Bryce Harrington bryce at osdl.org
Wed Sep 27 23:01:56 EDT 2006 

On Tue, Sep 26, 2006 at 05:53:45PM -0400, J. Bruce Fields wrote:
> On Thu, Sep 14, 2006 at 03:55:40PM -0700, Bryce Harrington wrote:
> > Jason noticed that in the latest CITI patch the kernel hits a bug during
> > the LTP run with a krb5p mount.  There's also some interesting looking
> > console output during the LTP runs with the other security flavors as
> > well.
> > 
> > BUG: unable to handle kernel NULL pointer dereference at virtual address
> > 00000000
> > 
> > Is this a known issue?  I haven't narrowed to which testcase in LTP is
> > causing the failure but would guess it's likely to be either fsx or
> > fsstress.  We can work on isolating these, if it might be useful?
> 
> Does this help?

Hi Bruce,

The NULL pointer dereference bug still occurs:

http://crucible.osdl.org/runs/2216/sysinfo/nfs03.console

BUG: unable to handle kernel NULL pointer dereference at virtual address
00000000
printing eip:
c044ba71
*pde = 00000000
Oops: 0000 [#1]
PREEMPT SMP 
Modules linked in:
CPU:    0
EIP:    0060:[<c044ba71>]    Not tainted VLI
EFLAGS: 00010206   (2.6.18-rc6-CITI_NFS4_ALL-1 #1) 
EIP is at svc_process+0x40/0x5c5
eax: 00000000   ebx: f4ebc070   ecx: f7036aa0   edx: f5e9b9dc
esi: 00000000   edi: f4ebc000   ebp: f40c5fb0   esp: f40c5f7c
ds: 007b   es: 007b   ss: 0068
Process nfsd (pid: 13761, ti=f40c5000 task=f7036aa0 task.ti=f40c5000)
Stack: 00000000 00000213 f40c5f98 c045abe0 00000002 00000002 f5e9b9dc
f4ebc04c 
c045af31 f40c5fb4 0008d6a5 00000000 0008d6a4 f40c5fe4 c02023f3 f4ebc000 
00000002 f40c5fc8 00000000 fffffeff ffffffff fffffef8 ffffffff c020227a 
Call Trace:
[<c01037d6>] show_stack_log_lvl+0x8a/0x92
[<c0103937>] show_registers+0x11d/0x186
[<c0103b23>] die+0x10c/0x1c2
[<c0113f1d>] do_page_fault+0x3e0/0x4bc
[<c01034a9>] error_code+0x39/0x40
[<c02023f3>] nfsd+0x179/0x283
[<c0100f15>] kernel_thread_helper+0x5/0xb
Code: 83 c3 70 89 45 e8 8b 52 28 89 55 e4 8b 40 04 83 f8 17 0f 86 ed 03
00 00 8b 7d 08 c7 87 a0 04 00 00 01 00 00 00 8b 87 9c 00 00 <8b> 10 2b
15 3c 11 64 c0 c7 47 78 00 00 00 00 c7 43 04 00 00 00 
EIP: [<c044ba71>] svc_process+0x40/0x5c5 SS:ESP 0068:f40c5f7c
<5>nfs4_cb: server /192.168.254.3 AUTH_GSS 0ZZZZZZ

Bryce

More information about the NFSv4 mailing list