Bug 135157

Summary: Ooops in nfsd_access->svcauth_unix_accept->fh_verify->exp_find_key
Product: [Fedora] Fedora Reporter: Pawel Salek <pawsa>
Component: kernelAssignee: Steve Dickson <steved>
Status: CLOSED NEXTRELEASE QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 2CC: wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-04-16 04:44:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pawel Salek 2004-10-09 12:56:07 UTC
Description of problem:
Unable to handle kernel NULL pointer dereference at virtual address
0000037c
printing eip:
32ad6d07
*pde = 00003001
Oops: 0000 [#1]
SMP
Modules linked in: nfsd exportfs lockd md5 ipv6 parport_pc lp parport
sunrpc 3c59x tg3 ipt_REJECT ipt_state ip_conntrack iptable_filter
ip_tables floppy sg microcode ohci_hcd button battery asus_acpi ac
ext3 jbd raid5 xor dm_mod mptscsih mptbase sd_mod scsi_mod
CPU:    0
EIP:    0060:[<32ad6d07>]    Not tainted
EFLAGS: 00010202   (2.6.8-1.521smp)
EIP is at svc_expkey_lookup+0x12d/0x36f [nfsd]
eax: 20202020   ebx: 00000364   ecx: 2c52ce8c   edx: 00000000
esi: 32af2d10   edi: 000000cb   ebp: 00000000   esp: 2c52ce60
ds: 007b   es: 007b   ss: 0068
Process nfsd (pid: 2093, threadinfo=2c52c000 task=2ca55370)
Stack: 2c52ce8c 00000008 00000008 32af2d10 20202020 00000000 00000004
2b955814
       2c52ceb0 11270000 32ad76e5 00000000 2b956068 00000f98 0360cec8
00000074
       30d0c1e0 00000000 0100fd00 00000002 0360bd60 00000246 00000000
037fa750
Call Trace:
 [<32ad76e5>] exp_find_key+0x5f/0x84 [nfsd]
 [<32ad2e55>] fh_verify+0x16f/0x4b3 [nfsd]
 [<32a3a3f9>] svcauth_unix_accept+0x1fd/0x26d [sunrpc]
 [<32ad4315>] nfsd_access+0x1f/0xdb [nfsd]
 [<02128cd6>] process_timeout+0x0/0x5
 [<32ada715>] nfsd3_proc_access+0x8e/0x99 [nfsd]
 [<32adbe91>] nfs3svc_decode_accessargs+0x0/0x74 [nfsd]
 [<32ad177d>] nfsd_dispatch+0xbf/0x162 [nfsd]
 [<32a3694e>] svc_process+0x323/0x55f [sunrpc]
 [<32ad14dd>] nfsd+0x275/0x456 [nfsd]
 [<32ad1268>] nfsd+0x0/0x456 [nfsd]
 [<32ad1268>] nfsd+0x0/0x456 [nfsd]
 [<021041f1>] kernel_thread_helper+0x5/0xb
Code: 3b 53 18 0f 85 52 01 00 00 8b 43 14 39 41 14 0f 85 46 01 00

This oops was followed by few more (I have them in a log file if needed).

Version-Release number of selected component (if applicable):
kernel-2.6.8-1.521

How reproducible:
Nothing unusual.

Additional info:
The symptoms were following: the nfs stopped serving the requests. And
attempt to restart the nfs service half an hour later rendered the
server completely dead.

Comment 1 Steve Dickson 2004-11-02 21:06:42 UTC
I believe this has been fixed in the 2.6.9 kernel
which will be in the FC2 update release. 

Comment 2 Dave Jones 2005-04-16 04:44:18 UTC
Fedora Core 2 has now reached end of life, and no further updates will be
provided by Red Hat.  The Fedora legacy project will be producing further kernel
updates for security problems only.

If this bug has not been fixed in the latest Fedora Core 2 update kernel, please
try to reproduce it under Fedora Core 3, and reopen if necessary, changing the
product version accordingly.

Thank you.