RHEL 7.4 panics with nfsd while removing locks on file close

Solution Verified - Updated -

Issue

  • RHEL 7.4 panics with nfsd while removing locks on file close.

  • A vmcore of the panic event shows following traces :

[6463351.398890] Workqueue: nfsd4 laundromat_main [nfsd]
[6463351.398908] task: ffff8844f9f09fa0 ti: ffff885dcb6c4000 task.ti: ffff885dcb6c4000
[6463351.398931] RIP: 0010:[<ffffffffc03d76b8>]  [<ffffffffc03d76b8>] nfsd4_lm_notify+0x28/0xb0 [nfsd]
[6463351.398965] RSP: 0018:ffff885dcb6c7a88  EFLAGS: 00010202
[6463351.398982] RAX: 0000000000000004 RBX: ffff8869bf14b628 RCX: dead000000000200
[6463351.399004] RDX: 0101010101010101 RSI: 0000000000000046 RDI: ffff8869bf14b628
[6463351.399025] RBP: ffff885dcb6c7aa0 R08: ffff8869bf14b640 R09: ffff8840a7612f70
[6463351.399056] R10: 0000000000000000 R11: 0000000000000400 R12: ffff8869bf14b628
[6463351.399077] R13: ffff880323fa43c0 R14: ffff880323fa43d8 R15: 0000000000000001
[6463351.399099] FS:  0000000000000000(0000) GS:ffff887f7f040000(0000) knlGS:0000000000000000
[6463351.399122] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[6463351.399139] CR2: 00007f896fd5906a CR3: 0000003f78e6c000 CR4: 00000000001407e0
[6463351.399161] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[6463351.399182] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[6463351.399203] Stack:
[6463351.399212]  ffff8869bf14b640 ffff8869bf14b628 ffff880323fa43c0 ffff885dcb6c7ad0
[6463351.399237]  ffffffff81256f68 ffff880323fa43c0 ffff8848bad89cd8 0000000000000001
[6463351.399261]  ffff880323fa43c0 ffff885dcb6c7af0 ffffffff8125703c ffff885dcb6c7b40
[6463351.399286] Call Trace:
[6463351.399301]  [<ffffffff81256f68>] locks_wake_up_blocks+0x58/0xa0
[6463351.399320]  [<ffffffff8125703c>] locks_unlink_lock+0x8c/0xa0
[6463351.399339]  [<ffffffff812578d7>] locks_delete_lock+0x17/0x50
[6463351.399358]  [<ffffffff81258217>] __posix_lock_file+0x3a7/0x510
[6463351.399377]  [<ffffffff8125871b>] vfs_lock_file+0x4b/0x50
[6463351.399394]  [<ffffffff812587a9>] locks_remove_posix.part.27+0x89/0xc0
[6463351.399417]  [<ffffffff811de591>] ? __slab_free+0x81/0x2f0
[6463351.399435]  [<ffffffff811de591>] ? __slab_free+0x81/0x2f0
[6463351.399454]  [<ffffffff81202ed8>] ? fput+0xa8/0xb0
[6463351.399470]  [<ffffffff81258800>] locks_remove_posix+0x20/0x30
[6463351.399490]  [<ffffffff811fe343>] filp_close+0x53/0x80
[6463351.400207]  [<ffffffffc03d894c>] nfs4_free_lock_stateid+0x2c/0x40 [nfsd]
[6463351.400882]  [<ffffffffc03d87d6>] free_ol_stateid_reaplist+0x36/0x60 [nfsd]
[6463351.401645]  [<ffffffffc03d8bfb>] release_openowner+0xbb/0x110 [nfsd]
[6463351.402372]  [<ffffffffc03d8d9b>] __destroy_client+0x12b/0x1a0 [nfsd]
[6463351.403085]  [<ffffffffc03d8e32>] expire_client+0x22/0x30 [nfsd]
[6463351.403763]  [<ffffffffc03dcfc7>] laundromat_main+0x167/0x510 [nfsd]
[6463351.404445]  [<ffffffff810a881a>] process_one_work+0x17a/0x440
[6463351.405133]  [<ffffffff810a94e6>] worker_thread+0x126/0x3c0
[6463351.405817]  [<ffffffff810a93c0>] ? manage_workers.isra.24+0x2a0/0x2a0
[6463351.406491]  [<ffffffff810b098f>] kthread+0xcf/0xe0
[6463351.407144]  [<ffffffff810b08c0>] ? insert_kthread_work+0x40/0x40
[6463351.407786]  [<ffffffff816b4f58>] ret_from_fork+0x58/0x90
[6463351.408407]  [<ffffffff810b08c0>] ? insert_kthread_work+0x40/0x40
[6463351.409008] Code: 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 55 41 54 53 48 8b 47 28 48 89 fb 48 8b 40 20 48 8b 90 a8 04 00 00 8b 05 ca 17 02 00 85 c0 <48> 8b 92 e8 0c 00 00 74 78 3b 02 77 74 83 e8 01 48 98 4c 8b 6c 
[6463351.410264] RIP  [<ffffffffc03d76b8>] nfsd4_lm_notify+0x28/0xb0 [nfsd]
[6463351.410865]  RSP <ffff885dcb6c7a88>

Environment

  • RHEL 7.4

  • Observed on kernel versions :

    • 3.10.0-693.1.1.el7.x86_64
    • 3.10.0-693.2.1.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In