From patchwork Wed Feb 24 20:28:29 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jeff Layton X-Patchwork-Id: 8414131 Return-Path: X-Original-To: patchwork-linux-nfs@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 5354A9F2F0 for ; Wed, 24 Feb 2016 20:28:41 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 33F3D20279 for ; Wed, 24 Feb 2016 20:28:40 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id E525920251 for ; Wed, 24 Feb 2016 20:28:38 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757911AbcBXU2h (ORCPT ); Wed, 24 Feb 2016 15:28:37 -0500 Received: from mail-yk0-f181.google.com ([209.85.160.181]:35184 "EHLO mail-yk0-f181.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757288AbcBXU2f (ORCPT ); Wed, 24 Feb 2016 15:28:35 -0500 Received: by mail-yk0-f181.google.com with SMTP id r207so13318253ykd.2 for ; Wed, 24 Feb 2016 12:28:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=poochiereds-net.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=LHASkQLeNoCGL/StNmccgH/EtxeZmxGj9xFZy/YYGBM=; b=tZbAYBzXwYYNgaRkKMWJj7EYkTyFjgiO41B62Hzzg5U1CrvNH/0JjJk16Xf1eJaJgK cjBsEx6bKYjPtnp7tD5cK8K2dtNcrG25JUfQudYkwHWpm6Mrdc/9oQZAdM/Aep1Gm8HR NhNkG+bDwvzuxBM2qFzFeaaaiQxsn20J8zZ1sYNg70MQis2qMrCLhiUbwSLSIPPCSeFN 7TimkNPX21DdKVw1xzjwSST/sP+Qedlx1GXbgfPdXTfs5moPcfowwBfAhymkudeam0Hm VxUmta8HXF1EFO8Q300Tn7MWPDklxaNpKw5xFyQmRxzBtYcOj8QwXhlsbmsp78BUSnKy 9ECw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=LHASkQLeNoCGL/StNmccgH/EtxeZmxGj9xFZy/YYGBM=; b=PccF3vQ6n4AyA+h1+Enr9Kbnxll3jyGpZpY0Uzr0T4/S11ca7SxST48oZmuZsOSZ32 IMRMHFJQodAJA82h7BLIOFk+f88hbMMHqmP0eHqD0vvkFSg6WWdT4pxwpLyqHh9Z1wd/ jacne3SlAPSNsC5ixD3kT3gpOe/bwkwWloAE4j5pGfX67I8JoYbM33fAPiVrItZ6V2OY kG80HKqeMife4wIbP8t5x0hhmUXwKmRT4WwOOzFN/mE/7vzFHE5ZmFkIdM6PA499sHJa ZhYvqV69Rbd15CkhzLSWPKveuNNtOfQLl6kZZ9f8NoKFvtNIXAUXy4+hxGg2NN4Ue7cD 1Tiw== X-Gm-Message-State: AG10YOS24ADIom1875pVnoaPOC9WP1bCnMfezgP2Vbkzcm49+Me5k0vF0xfJ7hvX5biMZg== X-Received: by 10.37.230.129 with SMTP id d123mr6212629ybh.131.1456345714998; Wed, 24 Feb 2016 12:28:34 -0800 (PST) Received: from tlielax.poochiereds.net ([2606:a000:1125:4074:3a60:77ff:fe93:a95d]) by smtp.googlemail.com with ESMTPSA id i142sm3389609ywg.12.2016.02.24.12.28.33 (version=TLSv1/SSLv3 cipher=OTHER); Wed, 24 Feb 2016 12:28:33 -0800 (PST) From: Jeff Layton X-Google-Original-From: Jeff Layton To: trond.myklebust@primarydata.com Cc: linux-nfs@vger.kernel.org Subject: [PATCH] nfs4: nfs4_ff_layout_prepare_ds should return NULL if connection failed Date: Wed, 24 Feb 2016 15:28:29 -0500 Message-Id: <1456345709-17606-1-git-send-email-jeff.layton@primarydata.com> X-Mailer: git-send-email 2.5.0 Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Spam-Status: No, score=-6.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP I hit the following oops out of the blue while testing with flexfiles: BUG: unable to handle kernel NULL pointer dereference at 00000000000000e8 IP: [] nfs4_ff_find_or_create_ds_client+0x48/0x50 [nfs_layout_flexfiles] PGD 44031067 PUD 5062d067 PMD 0 Oops: 0000 [#1] SMP Modules linked in: nfsv3 nfs_layout_flexfiles tun rpcsec_gss_krb5 nfsv4 dns_resolver nfs fscache dcdbas nfsd auth_rpcgss nfs_acl lockd grace sunrpc ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ebtable_nat ebtable_broute bridge stp llc ebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter ip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw bonding ipmi_devintf ipmi_msghandler snd_hda_codec_generic virtio_balloon ppdev snd_hda_intel snd_hda_controller snd_hda_codec iosf_mbi crct10dif_pclmul crc32_pclmul ghash_clmulni_intel snd_hda_core parport_pc snd_hwdep parport snd_seq snd_seq_device snd_pcm snd_timer acpi_cpufreq snd soundcore i2c_piix4 xfs libcrc32c joydev virtio_net virtio_console qxl drm_kms_helper ttm crc32c_intel drm virtio_pci serio_raw ata_generic virtio_ring virtio pata_acpi CPU: 0 PID: 19138 Comm: test5 Not tainted 4.1.9-100.pd.90.el7.x86_64 #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.8.2-20150714_191134- 04/01/2014 task: ffff88007b70cf00 ti: ffff88004cc44000 task.ti: ffff88004cc44000 RIP: 0010:[] [] nfs4_ff_find_or_create_ds_client+0x48/0x50 [nfs_layout_flexfiles] RSP: 0018:ffff88004cc47890 EFLAGS: 00010246 RAX: 0000000000000003 RBX: ffff880050932300 RCX: ffff88006978f488 RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88003e0e8540 RBP: ffff88004cc47908 R08: 0000000000000000 R09: 0000000000000000 R10: ffff88007ff8c758 R11: 0000000000000005 R12: ffff88003e0e8540 R13: 0000000000000000 R14: ffff88006978f488 R15: ffff88004431cc80 FS: 00007fea40c7c740(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000000000e8 CR3: 0000000044318000 CR4: 00000000000406f0 Stack: ffffffffa048c934 ffff880050932310 0000000100000001 ffff88006978f510 ffff88006978f3c8 ffff88003e56cd90 ffff88004cc479d0 00000020a052aff0 000000000004b000 ffff88004cc47908 ffff880050932300 ffff88004cc479d0 Call Trace: [] ? ff_layout_write_pagelist+0x64/0x220 [nfs_layout_flexfiles] [] pnfs_generic_pg_writepages+0xaf/0x1b0 [nfsv4] [] nfs_pageio_doio+0x27/0x60 [nfs] [] nfs_pageio_complete_mirror+0x54/0xa0 [nfs] [] nfs_pageio_complete+0x2d/0x90 [nfs] [] nfs_writepage_locked+0x8d/0xe0 [nfs] [] ? page_referenced_one+0x1a0/0x1a0 [] nfs_wb_single_page+0xf7/0x190 [nfs] [] nfs_launder_page+0x41/0x90 [nfs] [] invalidate_inode_pages2_range+0x340/0x3a0 [] invalidate_inode_pages2+0x17/0x20 [] nfs_release+0x9e/0xb0 [nfs] [] nfs_file_release+0x3d/0x60 [nfs] [] __fput+0xdc/0x1e0 [] ____fput+0xe/0x10 [] task_work_run+0xa7/0xe0 [] get_signal+0x565/0x600 [] ? __filemap_fdatawrite_range+0x65/0x90 [] do_signal+0x37/0x730 [] ? nfs4_file_fsync+0x81/0x150 [nfsv4] [] ? vfs_fsync_range+0x3b/0xb0 [] ? __audit_syscall_exit+0x1e6/0x280 [] do_notify_resume+0x5f/0xa0 [] int_signal+0x12/0x17 Code: 48 8b 40 70 8b 00 83 f8 03 74 20 83 f8 04 75 13 55 48 89 ce 48 89 d7 48 89 e5 e8 14 0f 0e 00 5d c3 66 90 0f 0b 66 0f 1f 44 00 00 <48> 8b 82 e8 00 00 00 c3 66 66 66 66 90 55 48 89 e5 41 57 41 56 RIP [] nfs4_ff_find_or_create_ds_client+0x48/0x50 [nfs_layout_flexfiles] RSP CR2: 00000000000000e8 When the DS connection attempt fails, nfs4_ff_layout_prepare_ds marks it for the error but then just returns the ds as if it were usable. The comments though say: /* Upon return, either ds is connected, or ds is NULL */ Ensure that we set the return pointer to NULL in the event that the connection attempt fails. Signed-off-by: Jeff Layton --- fs/nfs/flexfilelayout/flexfilelayoutdev.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/nfs/flexfilelayout/flexfilelayoutdev.c b/fs/nfs/flexfilelayout/flexfilelayoutdev.c index eb370460ce20..add0e5a70bd6 100644 --- a/fs/nfs/flexfilelayout/flexfilelayoutdev.c +++ b/fs/nfs/flexfilelayout/flexfilelayoutdev.c @@ -418,6 +418,8 @@ nfs4_ff_layout_prepare_ds(struct pnfs_layout_segment *lseg, u32 ds_idx, pnfs_error_mark_layout_for_return(ino, lseg); } else pnfs_error_mark_layout_for_return(ino, lseg); + ds = NULL; + goto out; } out_update_creds: if (ff_layout_update_mirror_cred(mirror, ds))