RHEL6: nfsiod crashes in rpc_free_task ... rpc_release_calldata path with RIP nfs_writeback_release_full
Issue
- Kernel panics with nfsiod crashing in
rpc_free_task...rpc_release_calldatapath with RIPnfs_writeback_release_full - kernel log / oops message
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffffa02cf94f>] nfs_writeback_release_full+0x8f/0x1f0 [nfs]
PGD 105a2b3067 PUD fb60f1067 PMD 0
Oops: 0002 [#1] SMP
...
Pid: 2506, comm: nfsiod Not tainted 2.6.32-220.el6.x86_64 #1 IBM System x3650 M4 -[7915Z4M]-/00D2887
RIP: 0010:[<ffffffffa02cf94f>] [<ffffffffa02cf94f>] nfs_writeback_release_full+0x8f/0x1f0 [nfs]
...
Call Trace:
[<ffffffffa021d737>] rpc_release_calldata+0x17/0x20 [sunrpc]
[<ffffffffa021d890>] rpc_free_task+0x50/0x80 [sunrpc]
[<ffffffffa021d9a0>] ? rpc_async_release+0x0/0x20 [sunrpc]
[<ffffffffa021d9b5>] rpc_async_release+0x15/0x20 [sunrpc]
[<ffffffff8108b2b0>] worker_thread+0x170/0x2a0
[<ffffffff81090bf0>] ? autoremove_wake_function+0x0/0x40
[<ffffffff8108b140>] ? worker_thread+0x0/0x2a0
[<ffffffff81090886>] kthread+0x96/0xa0
[<ffffffff8100c14a>] child_rip+0xa/0x20
[<ffffffff810907f0>] ? kthread+0x0/0xa0
[<ffffffff8100c140>] ? child_rip+0x0/0x20
Code: ff 4c 89 ef e8 c3 dc ff ff 49 8b 9c 24 c0 01 00 00 48 39 5d c8 0f 84 e9 00 00 00 48 8b 03 4c 8b 6b 10 48 39 c3 74 12 48 8b 53 08 <48> 89 50 08 48 89 02 48 89 1b 48 89 5b 08 f6 05 b8 11 f7 ff 08
RIP [<ffffffffa02cf94f>] nfs_writeback_release_full+0x8f/0x1f0 [nfs]
RSP <ffff8808e6091da0>
CR2: 0000000000000008
Environment
- Red Hat Enterprise Linux 6
- Seen on kernels 2.6.32-220.el6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
