RHEL6: NFS4 client kernel panic in nfs4_callback_compound, NULL pointer dereference at 0000000000000010
Issue
- Prior to the crash we see a lot of "NFS: NFSv4 callback reply buffer overflowed" messages.
- NFS4 client is crashing in nfs4_callback_compound with the following
BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
RIP: [<ffffffffa02a60a2>] nfs4_callback_compound+0xa2/0x5e0 [nfs]
...
Pid: 4672, comm: nfsv4.0-svc Not tainted 2.6.32-504.16.2.el6.x86_64 #1 VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform
RIP: 0010:[<ffffffffa02a60a2>] [<ffffffffa02a60a2>] nfs4_callback_compound+0xa2/0x5e0 [nfs]
...
Call Trace:
[<ffffffff8100b9ce>] ? common_interrupt+0xe/0x13
[<ffffffffa01df900>] ? svcauth_unix_accept+0x240/0x260 [sunrpc]
[<ffffffffa01dbead>] svc_process_common+0x56d/0x640 [sunrpc]
[<ffffffff81064bc0>] ? default_wake_function+0x0/0x20
[<ffffffffa01dc2c0>] svc_process+0x110/0x160 [sunrpc]
[<ffffffffa02a523b>] nfs4_callback_svc+0x5b/0xb0 [nfs]
[<ffffffffa02a51e0>] ? nfs4_callback_svc+0x0/0xb0 [nfs]
[<ffffffff8109e71e>] kthread+0x9e/0xc0
[<ffffffff8100c20a>] child_rip+0xa/0x20
[<ffffffff8109e680>] ? kthread+0x0/0xc0
[<ffffffff8100c200>] ? child_rip+0x0/0x20
Code: b5 48 01 00 00 48 8d bd 30 ff ff ff e8 98 cd f3 ff 48 8d bd 70 ff ff ff be 04 00 00 00 e8 67 f6 ff ff 48 85 c0 0f 84 64 03 00 00 <8b> 18 45 31 e4 0f cb 85 db 0f 85 c7 03 00 00 48 8d bd 70 ff ff
RIP [<ffffffffa02a60a2>] nfs4_callback_compound+0xa2/0x5e0 [nfs]
RSP <ffff8806b2b37d00>
CR2: 0000000000000010
Environment
- Red Hat Enterprise Linux 6 (NFS client)
- kernel prior to 2.6.32-642.el6
- seen on kernel-2.6.32-504.16.2.el6
- NFS4
- NFS server
- seen with NetApp FAS3220 OS 8.1.2P3 7-Mode
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.