Description of problem: The following oops occurs when exporting a krb5p export: kernel BUG at mm/slab.c:594! invalid opcode: 0000 [#1] SMP last sysfs file: /block/ram0/range Modules linked in: nfsd exportfs lockd nfs_acl autofs4 i2c_dev i2c_core hidp rfcomm l2cap bluetooth rpcsec_gss_krb5 auth_rpcgss des sunrpc xennet ipv6 dm_mirror dm_mod parport_pc lp parport pcspkr xenblk ext3 jbd ehci_hcd ohci_hcd uhci_hcd CPU: 0 EIP: 0061:[<c0461e92>] Not tainted VLI EFLAGS: 00010046 (2.6.18-30.el5xen #1) EIP is at kfree+0x32/0x77 eax: 00000400 ebx: d28d3940 ecx: 00000000 edx: c1025180 esi: c128c380 edi: 00000000 ebp: d5d77c40 esp: d4b6af70 ds: 007b es: 007b ss: 0069 Process nfsd (pid: 2154, ti=d4b6a000 task=d37f4550 task.ti=d4b6a000) Stack: d28d3940 d28d394c d35eec00 e0c2d3b2 d28d394c e0c2d380 c04d864d d28d3940 00000001 e0b75e6f e0c4da20 d4b6a000 e0b75ea9 e0b75ed3 d5d77c40 e0c2e827 e0b710a5 00000009 e0c27746 00100100 00200200 d37f4550 fffffeff ffffffff Call Trace: [<e0c2d3b2>] svc_export_put+0x32/0x43 [nfsd] [<e0c2d380>] svc_export_put+0x0/0x43 [nfsd] [<c04d864d>] kref_put+0x5a/0x64 [<e0b75e6f>] cache_clean+0x16a/0x198 [sunrpc] [<e0b75ea9>] cache_flush+0xc/0x1f [sunrpc] [<e0b75ed3>] cache_purge+0x17/0x20 [sunrpc] [<e0c2e827>] nfsd_export_flush+0x1e/0x2b [nfsd] [<e0b710a5>] svc_destroy+0x66/0x95 [sunrpc] [<e0c27746>] nfsd+0x282/0x294 [nfsd] [<e0c274c4>] nfsd+0x0/0x294 [nfsd] [<c0402771>] kernel_thread_helper+0x5/0xb ======================= Code: 74 6a e8 f2 2b fb ff 8d 96 00 00 00 40 c1 ea 0c c1 e2 05 03 15 90 ed 87 c0 89 c7 8b 02 f6 c4 40 74 03 8b 52 0c 8b 02 84 c0 78 08 <0f> 0b 52 02 0f a5 61 c0 89 e0 8b 4a 18 25 00 f0 ff ff 8b 40 10 EIP: [<c0461e92>] kfree+0x32/0x77 SS:ESP 0069:d4b6af70 <0>Kernel panic - not syncing: Fatal exception Version-Release number of selected component (if applicable): Kernel 2.6.18-30.el5xen on an i686 How reproducible: All the time on a xen guest. Steps to Reproduce: 1. Use the attached exports file. 2. Start NFS during boot time (i.e. chkconfig nfs yes) 3. reboot machine (Note: the "gss/krb5:/home: Cannot allocate memory" failure when machine is coming up) 4. log in and bring the NFS server down (i.e. service nfs stop) Actual results: oops Expected results: The NFS server comes down peacefully Additional info:
Created attachment 158597 [details] export file that caused the oops
Created attachment 158599 [details] UPstream patch that stops the problem commit f988443a84528bd30c2f474efa5e2c511959f19b Author: NeilBrown <neilb> Date: Wed Dec 13 00:35:45 2006 -0800 [PATCH] knfsd: Fix up some bit-rot in exp_export The nfsservctl system call isn't used but recent nfs-utils releases for exporting filesystems, and consequently the code that is uses - exp_export - has suffered some bitrot. Particular: - some newly added fields in 'struct svc_export' are being initialised properly. - the return value is now always -ENOMEM ... This patch fixes both these problems. Signed-off-by: Neil Brown <neilb> Signed-off-by: Andrew Morton <akpm> Signed-off-by: Linus Torvalds <torvalds>
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Posted to rhkernel-list on Thu, 05 Jul 2007. Received three ACKs on that list.
in 2.6.18-33.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
I wasn't able to reproduce the crash, but I can verify the patch is in the -36 kernel.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2007-0959.html