RHEL6: kernel panic in nfs_async_inode_return_delegation due to delegation->inode == NULL

Solution Unverified - Updated -

Issue

  • We have two Linux servers with MQ managers which collect information from a shared resource with NFS4 and the servers restart unexpectedly, the only error we observe is
NFSv4 callback reply buffer overflowed!
  • kernel panic with log showing "NFSv4 callback reply buffer overflowed" messages, followed by a panic in nfs_async_inode_return_delegation
NFSv4 callback reply buffer overflowed!
NFSv4 callback reply buffer overflowed!
NFSv4 callback reply buffer overflowed!
BUG: unable to handle kernel NULL pointer dereference at 0000000000000000
IP: [<ffffffffa02be11e>] nfs_async_inode_return_delegation+0x3e/0x80 [nfs]
...
Pid: 2182, comm: nfsv4.0-svc Not tainted 2.6.32-358.el6.x86_64 #1 VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform
RIP: 0010:[<ffffffffa02be11e>]  [<ffffffffa02be11e>] nfs_async_inode_return_delegation+0x3e/0x80 [nfs]
...
RAX: 0000000000000000 RBX: ffff8804992a5540 RCX: 0000000000000000
...
Process nfsv4.0-svc (pid: 2182, threadinfo ffff8806a70ba000, task ffff8806b1cc3500)
Stack:
 0000000000000000 ffff8806b322c800 ffff8806a70bbd00 ffffffffa02c2a1f
<d> ffff8806a70bbd00 ffffffffa02c1024 ffff8806a70bbd00 0000000000000000
<d> 0000000000000000 0000000000000000 ffff8806a70bbe10 ffffffffa02c1542
Call Trace:
 [<ffffffffa02c2a1f>] nfs4_callback_recall+0x5f/0xf0 [nfs]
 [<ffffffffa02c1024>] ? decode_recall_args+0x64/0xb0 [nfs]
 [<ffffffffa02c1542>] nfs4_callback_compound+0x392/0x5c0 [nfs]
 [<ffffffffa01f874d>] svc_process_common+0x56d/0x640 [sunrpc]
 [<ffffffff81063310>] ? default_wake_function+0x0/0x20
 [<ffffffffa01f8b60>] svc_process+0x110/0x160 [sunrpc]
 [<ffffffffa02c038b>] nfs4_callback_svc+0x5b/0xb0 [nfs]
 [<ffffffffa02c0330>] ? nfs4_callback_svc+0x0/0xb0 [nfs]
 [<ffffffff81096916>] kthread+0x96/0xa0
 [<ffffffff8100c0ca>] child_rip+0xa/0x20
 [<ffffffff81096880>] ? kthread+0x0/0xa0
 [<ffffffff8100c0c0>] ? child_rip+0x0/0x20
Code: 48 8b 5f c0 48 8b 00 00 00 00 00 00 00 df 4c 8b 20 49 8b 84 24 b8 02 00 00 ff 50 10 89 c2 b8 fe ff ff ff 85 d2 74 2f 48 8b 43 18 <48> 8b 80 08 01 00 00 48 8b 80 90 02 00 00 48 8b 00 f0 80 4b 48
RIP  [<ffffffffa02be11e>] nfs_async_inode_return_delegation+0x3e/0x80 [nfs]
 RSP <ffff8806a70bbcb0>
CR2: 0000000000000000

Environment

  • Red Hat Enterprise Linux 6 (NFS client)
    • seen on kernel 2.6.32-358.el6 and 2.6.32-504.3.3.el6
  • NFS Server with delegations enabled
  • NFS4 (NFS3 is not affected)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content