RHEL6: pNFS / NFS4.1 client kernel crash in memcpy called from xdr_inline_decode filelayout_decode_layout filelayout_alloc_lseg

Solution Unverified - Updated -

Issue

  • NFS4.1 / pNFS client kernel crash inside memcpy called from xdr_inline_decode filelayout_decode_layout filelayout_alloc_lseg
<1>BUG: unable to handle kernel paging request at 0000000000008050
<1>IP: [<ffffffff81282dab>] memcpy+0xb/0x120
<4>PGD 66a3e9067 PUD 66909d067 PMD 0
<4>Oops: 0000 [#1] SMP
<4>last sysfs file: /sys/module/nfs/initstate
<4>CPU 3
<4>Modules linked in: nfs_layout_nfsv41_files nfs lockd fscache auth_rpcgss nfs_acl sunrpc cpufreq_ondemand acpi_cpufreq freq
_table mperf ipv6 shpchp microcode i2c_i801 sg iTCO_wdt iTCO_vendor_support snd_hda_codec_realtek snd_hda_intel snd_hda_codec
 snd_hwdep snd_seq snd_seq_device snd_pcm snd_timer snd soundcore snd_page_alloc ioatdma i7core_edac edac_core igb dca ptp pp
s_core ext4 mbcache jbd2 sr_mod cdrom sd_mod crc_t10dif firewire_ohci firewire_core crc_itu_t pata_acpi ata_generic ata_piix 
nouveau ttm drm_kms_helper drm i2c_algo_bit i2c_core mxm_wmi video output wmi dm_mirror dm_region_hash dm_log dm_mod [last un
loaded: scsi_wait_scan]
<4>
<4>Pid: 12815, comm: cat Not tainted 2.6.32-355.el6.x86_64 #1 Intel Corporation S5520SC/S5520SC
<4>RIP: 0010:[<ffffffff81282dab>]  [<ffffffff81282dab>] memcpy+0xb/0x120
<4>RSP: 0018:ffff880667691790  EFLAGS: 00010246
<4>RAX: ffff880669332000 RBX: ffff880667691818 RCX: 000000000df81006
<4>RDX: 0000000000000000 RSI: 0000000000008050 RDI: ffff880669332000
<4>RBP: ffff8806676917b8 R08: 0000000000000000 R09: 0000000000000000
<4>R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000024
<4>R13: ffff880669332000 R14: ffff88036fc08030 R15: ffff8806676918a8
<4>FS:  00007f000172f700(0000) GS:ffff88037ac20000(0000) knlGS:0000000000000000
<4>CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
<4>CR2: 0000000000008050 CR3: 00000005e62fe000 CR4: 00000000000007e0
<4>DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
<4>DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
<4>Process cat (pid: 12815, threadinfo ffff880667690000, task ffff88058195caa0)
<4>Stack:   
<4> ffffffffa0435991 ffff8806696239c0 ffff880667691818 ffff8806676918a8
<4><d> ffff8806676917d8 ffff880667691888 ffffffffa054941b ffffea00167032f0
<4><d> 000000508116705e 0000000000000000 0000000000000000 0000000000000000
<4>Call Trace:
<4> [<ffffffffa0435991>] ? xdr_inline_decode+0xb1/0x120 [sunrpc]
<4> [<ffffffffa054941b>] filelayout_decode_layout+0xeb/0x350 [nfs_layout_nfsv41_files]
<4> [<ffffffffa054970c>] filelayout_alloc_lseg+0x8c/0x3c0 [nfs_layout_nfsv41_files]
<4> [<ffffffff8150e3be>] ? __wait_on_bit+0x7e/0x90

Environment

  • Red Hat Enterprise Linux 6 (NFS client)
    • all kernels prior to 2.6.32-431.el6 may be affected
    • seen on 2.6.32-355.el6
  • NFS4.1 / pNFS

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content