[stable] Patch needed in 2.6.37-stable

NeilBrown Thu, 14 Jul 2011 19:46:41 -0700

Hi stable team,

 2.6.37.6 contains upstream patch 0997b173609b9229ece28941c118a2a9b278796e
which can cause the NFS server to 'BUG'.


   https://bugzilla.novell.com/show_bug.cgi?id=704788  

This is fixed by upstream commit 23fcf2ec93fb8573a653408316af599939ff9a8e
which was released the day after 2.6.37.6, so I guess it could already be
in your queue...

So if you are still doing 2.6.37.y updates, it would be good to make sure
that commit is included in .7.

Thanks,
NeilBrown


commit 23fcf2ec93fb8573a653408316af599939ff9a8e
Author: J. Bruce Fields <bfie...@redhat.com>
Date:   Mon Mar 28 15:15:09 2011 +0800

    nfsd4: fix oops on lock failure
    
    Lock stateid's can have access_bmap 0 if they were only partially
    initialized (due to a failed lock request); handle that case in
    free_generic_stateid.
    
    ------------[ cut here ]------------
    kernel BUG at fs/nfsd/nfs4state.c:380!
    invalid opcode: 0000 [#1] SMP
    last sysfs file: /sys/kernel/mm/ksm/run
    Modules linked in: nfs fscache md4 nls_utf8 cifs ip6table_filter ip6_tables 
ebtable_nat ebtables ipt_MASQUERADE iptable_nat nf_nat bridge stp llc nfsd 
lockd nfs_acl auth_rpcgss sunrpc ipv6 ppdev parport_pc parport pcnet32 mii 
pcspkr microcode i2c_piix4 BusLogic floppy [last unloaded: mperf]
    
    Pid: 1468, comm: nfsd Not tainted 2.6.38+ #120 VMware, Inc. VMware Virtual 
Platform/440BX Desktop Reference Platform
    EIP: 0060:[<e24f180d>] EFLAGS: 00010297 CPU: 0
    EIP is at nfs4_access_to_omode+0x1c/0x29 [nfsd]
    EAX: ffffffff EBX: dd758120 ECX: 00000000 EDX: 00000004
    ESI: dd758120 EDI: ddfe657c EBP: dd54dde0 ESP: dd54dde0
     DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
    Process nfsd (pid: 1468, ti=dd54c000 task=ddc92580 task.ti=dd54c000)
    Stack:
     dd54ddf0 e24f19ca 00000000 ddfe6560 dd54de08 e24f1a5d dd758130 deee3a20
     ddfe6560 31270000 dd54df1c e24f52fd 0000000f dd758090 e2505dd0 0be304cf
     dbb51d68 0000000e ddfe657c ddcd8020 dd758130 dd758128 dd7580d8 dd54de68
    Call Trace:
     [<e24f19ca>] free_generic_stateid+0x1c/0x3e [nfsd]
     [<e24f1a5d>] release_lockowner+0x71/0x8a [nfsd]
     [<e24f52fd>] nfsd4_lock+0x617/0x66c [nfsd]
     [<e24e57b6>] ? nfsd_setuser+0x199/0x1bb [nfsd]
     [<e24e056c>] ? nfsd_setuser_and_check_port+0x65/0x81 [nfsd]
     [<c07a0052>] ? _cond_resched+0x8/0x1c
     [<c04ca61f>] ? slab_pre_alloc_hook.clone.33+0x23/0x27
     [<c04cac01>] ? kmem_cache_alloc+0x1a/0xd2
     [<c04835a0>] ? __call_rcu+0xd7/0xdd
     [<e24e0dfb>] ? fh_verify+0x401/0x452 [nfsd]
     [<e24f0b61>] ? nfsd4_encode_operation+0x52/0x117 [nfsd]
     [<e24ea0d7>] ? nfsd4_putfh+0x33/0x3b [nfsd]
     [<e24f4ce6>] ? nfsd4_delegreturn+0xd4/0xd4 [nfsd]
     [<e24ea2c9>] nfsd4_proc_compound+0x1ea/0x33e [nfsd]
     [<e24de6ee>] nfsd_dispatch+0xd1/0x1a5 [nfsd]
     [<e1d6e1c7>] svc_process_common+0x282/0x46f [sunrpc]
     [<e1d6e578>] svc_process+0xdc/0xfa [sunrpc]
     [<e24de0fa>] nfsd+0xd6/0x115 [nfsd]
     [<e24de024>] ? nfsd_shutdown+0x24/0x24 [nfsd]
     [<c0454322>] kthread+0x62/0x67
     [<c04542c0>] ? kthread_worker_fn+0x114/0x114
     [<c07a6ebe>] kernel_thread_helper+0x6/0x10
    Code: eb 05 b8 00 00 27 4f 8d 65 f4 5b 5e 5f 5d c3 83 e0 03 55 83 f8 02 89 
e5 74 17 83 f8 03 74 05 48 75 09 eb 09 b8 02 00 00 00 eb 0b <0f> 0b 31 c0 eb 05 
b8 01 00 00 00 5d c3 55 89 e5 57 56 89 d6 8d
    EIP: [<e24f180d>] nfs4_access_to_omode+0x1c/0x29 [nfsd] SS:ESP 0068:dd54dde0
    ---[ end trace 2b0bf6c6557cb284 ]---
    
    The trace route is:
    
     -> nfsd4_lock()
       -> if (lock->lk_is_new) {
         -> alloc_init_lock_stateid()
    
            3739: stp->st_access_bmap = 0;
    
       ->if (status && lock->lk_is_new && lock_sop)
         -> release_lockowner()
          -> free_generic_stateid()
           -> nfs4_access_bmap_to_omode()
              -> nfs4_access_to_omode()
    
            380: BUG();   *****
    
    This problem was introduced by 0997b173609b9229ece28941c118a2a9b278796e.
    
    Reported-by: Mi Jinlong <mijinl...@cn.fujitsu.com>
    Tested-by: Mi Jinlong <mijinl...@cn.fujitsu.com>
    Signed-off-by: J. Bruce Fields <bfie...@redhat.com>

diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
index fbde6f7..8e3c407 100644
--- a/fs/nfsd/nfs4state.c
+++ b/fs/nfsd/nfs4state.c
@@ -397,10 +397,13 @@ static void unhash_generic_stateid(struct nfs4_stateid 
*stp)
 
 static void free_generic_stateid(struct nfs4_stateid *stp)
 {
-       int oflag = nfs4_access_bmap_to_omode(stp);
+       int oflag;
 
-       nfs4_file_put_access(stp->st_file, oflag);
-       put_nfs4_file(stp->st_file);
+       if (stp->st_access_bmap) {
+               oflag = nfs4_access_bmap_to_omode(stp);
+               nfs4_file_put_access(stp->st_file, oflag);
+               put_nfs4_file(stp->st_file);
+       }
        kmem_cache_free(stateid_slab, stp);
 }
 

_______________________________________________
stable mailing list
stable@linux.kernel.org
http://linux.kernel.org/mailman/listinfo/stable

[stable] Patch needed in 2.6.37-stable

Reply via email to