Nfs4 NULL pointer dereference in nfs4 do setlk

From Linux NFS

Jump to: navigation, search



  • Kernel version: 2.6.30-rc4
  • bug 13330
  • Reported by: Rich Ercolani (May 17, 2009)
  • Fixed by: Trond Myklebust (June 4, 2009)


  • NFS activity hangs and machine needs a reboot
  • The following shows up in dmesg
BUG: unable to handle kernel NULL pointer dereference at 0000000000000010
IP: [<ffffffffa02cbff2>] _nfs4_do_setlk+0xe3/0x289 [nfs]
PGD 12e003067 PUD 0 
Oops: 0000 [#1] SMP 
last sysfs file: /sys/devices/virtual/misc/fuse/dev
CPU 1 
Modules linked in: fuse autofs4 coretemp hwmon nfs lockd nfs_acl auth_rpcgss sunrpc cachefiles fscache ipv6 cpufreq_ondemand acpi_cpufreq freq_table kvm_intel kvm snd_hda_codec_idt snd_hda_intel snd_hda_codec snd_hwdep snd_seq_dummy snd_seq_oss snd_seq_midi_event snd_seq snd_seq_device snd_pcm_oss snd_mixer_oss snd_pcm snd_timer snd cpia_usb cpia usb_storage ppdev videodev firewire_ohci parport_pc serio_raw firewire_core e1000e i2c_i801 v4l1_compat pcspkr soundcore parport i82975x_edac v4l2_compat_ioctl32 edac_core snd_page_alloc crc_itu_t i2c_core iTCO_wdt iTCO_vendor_support raid1 [last unloaded: scsi_wait_scan]
Pid: 23601, comm: Tainted: G        W  2.6.30-rc4 #1         
RIP: 0010:[<ffffffffa02cbff2>]  [<ffffffffa02cbff2>] _nfs4_do_setlk+0xe3/0x289 [nfs]
RSP: 0018:ffff88006eae9d30  EFLAGS: 00010246
RAX: ffff88005e86ca20 RBX: ffff880054015558 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 00000000000000d0 RDI: 0000000000000138
RBP: ffff88006eae9de0 R08: ffff88012dcaf680 R09: ffff88003799af00
R10: ffffffffa02ced1c R11: ffff88005627a400 R12: 00000000fffffff4
R13: 0000000000000000 R14: ffff8800b5790b80 R15: ffff8800b5790b80
FS:  0000000000000000(0000) GS:ffff88002803e000(0000) knlGS:0000000000000000
CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
CR2: 0000000000000010 CR3: 000000010e3ca000 CR4: 00000000000026e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process (pid: 23601, threadinfo ffff88006eae8000, task ffff880001589700)
 ffff88006eae9d40 0000000600000001 ffff88005e86ca20 ffffffffa02cec5c
 0000000000000000 ffff88003d19f600 ffff88006eae9d90 ffffffffa02de960
 0000000000000000 ffff880128ccc700 0000000000000001 ffffffffa02bb8aa
Call Trace:
 [<ffffffffa02cec5c>] ? nfs4_open_recover_helper+0x82/0x97 [nfs]
 [<ffffffffa02bb8aa>] ? __put_nfs_open_context+0x31/0x98 [nfs]
 [<ffffffffa02cc646>] nfs4_lock_reclaim+0x60/0x8d [nfs]
 [<ffffffffa02d87a3>] nfs4_do_reclaim+0x13d/0x322 [nfs]
 [<ffffffffa02d8b21>] nfs4_run_state_manager+0x199/0x27f [nfs]
 [<ffffffffa02d8988>] ? nfs4_run_state_manager+0x0/0x27f [nfs]
 [<ffffffffa02d8988>] ? nfs4_run_state_manager+0x0/0x27f [nfs]
 [<ffffffff8105e7bf>] kthread+0x5b/0x88
 [<ffffffff81011dba>] child_rip+0xa/0x20
 [<ffffffff8101177d>] ? restore_args+0x0/0x30
 [<ffffffff8105e764>] ? kthread+0x0/0x88
 [<ffffffff81011db0>] ? child_rip+0x0/0x20


  • NFS v4 did not ignore the 'nolock' option
    • This option should only apply to v2 and v3


commit 01c3f05228ce7fc19baa103e4e4bf6c1b5062a53
Author: Trond Myklebust <>
Date:   Wed Jun 17 13:22:58 2009 -0700

    NFSv4: Fix the 'nolock' option regression
    NFSv4 should just ignore the 'nolock' option. It is an NFSv2/v3 thing...
    This fixes the Oops in
    Signed-off-by: Trond Myklebust <>
Personal tools