RHEL7: rpc.idmapd crashes in the kernel with stack-protector: Kernel stack is corrupted in: ffffffffa05b8a8c
Issue
Suddenly all machines seem to be panicing with rpc.idmapd with a stack corruption in idmap_pipe_downcall
[11558053.616565] Kernel panic - not syncing: stack-protector: Kernel stack is corrupted in: ffffffffa05b8a8c
[11558053.639063] CPU: 6 PID: 9423 Comm: rpc.idmapd Tainted: G W ------------ T 3.10.0-514.el7.x86_64 #1
[11558053.641990] Hardware name: Red Hat OpenStack Compute, BIOS 1.10.2-3.el7_4.1 04/01/2014
[11558053.644462] ffffffff818c7bc0 00000000b1f3aec1 ffff880de0f9bd48 ffffffff81685eac
[11558053.646430] ffff880de0f9bdc8 ffffffff8167f2b3 ffffffff00000010 ffff880de0f9bdd8
[11558053.648313] ffff880de0f9bd78 00000000b1f3aec1 ffffffff811dcb03 ffffffffa05b8a8c
[11558053.650107] Call Trace:
[11558053.651347] [<ffffffff81685eac>] dump_stack+0x19/0x1b
[11558053.653013] [<ffffffff8167f2b3>] panic+0xe3/0x1f2
[11558053.666240] [<ffffffff811dcb03>] ? kfree+0x103/0x140
[11558053.682589] [<ffffffffa05b8a8c>] ? idmap_pipe_downcall+0x1cc/0x1e0 [nfsv4]
[11558053.689710] [<ffffffff810855db>] __stack_chk_fail+0x1b/0x30
[11558053.691619] [<ffffffffa05b8a8c>] idmap_pipe_downcall+0x1cc/0x1e0 [nfsv4]
[11558053.693867] [<ffffffffa00209d6>] rpc_pipe_write+0x56/0x70 [sunrpc]
[11558053.695763] [<ffffffff811fe12d>] vfs_write+0xbd/0x1e0
[11558053.702236] [<ffffffff810acccc>] ? task_work_run+0xac/0xe0
[11558053.704215] [<ffffffff811fec4f>] SyS_write+0x7f/0xe0
[11558053.709674] [<ffffffff816964c9>] system_call_fastpath+0x16/0x1b
Environment
- Red Hat Enterprise Linux 7 (NFS client)
- seen on kernel-3.10.0-514.el7
- all kernels until at least 3.10.0-862.el7 believed affected
- NFS4 with idmapping
- One or more groupid (gid) or userid (uid) values are > 2147483647 = 0x7fffffff
- idmapping is enabled (i.e. /sys/module/nfs/parameters/nfs4_disable_idmapping is set to 'N' on the NFS client and /sys/module/nfsd/parameters/nfs4_disable_idmapping is set to 'N' on the NFS server)
- NOTE: This is a non-default setting. For more information, see https://access.redhat.com/solutions/1749883 and https://access.redhat.com/articles/2252881
- rpc.idmapd is enabled
- NOTE: This is a non-default setting on an NFS client
- nfsidmap does not do the idmapping, but a fallback to rpc.idmapd occurs. This could happen due to either:
- nfsidmap fails due to some issue such as https://access.redhat.com/solutions/2898061 and as a result, rpc.idmapd is used to translate the name to an id.
- nfsidmap is disabled. For example, the nfsidmap line is commented out in /etc/request-key.d/id_resolver.conf
#create id_resolver * * /usr/sbin/nfsidmap %k %d
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
