Details
-
Bug
-
Resolution: Fixed
-
Major
-
None
-
None
-
VMs + 2.14.55_28_g0daeebc
-
3
-
9223372036854775807
Description
Reproducer
lctl set_param mds.MDS.mdt.nrs_policies=tbf
lctl set_param mds.MDS.mdt.nrs_tbf_rule="start tbf_name gid{500} rate=100"
The command above causes the following Kernel Oops:
[30628.715305] BUG: unable to handle kernel NULL pointer dereference at (null)
[30628.715865] IP: [<ffffffffc0ed04db>] nrs_tbf_conds_parse+0x21b/0x6c0 [ptlrpc]
[30628.716369] PGD 8000000020363067 PUD 6b604067 PMD 0
[30628.716883] Oops: 0000 [#3] SMP
[30628.717299] Modules linked in: dm_flakey osp(OE) lod(OE) mgs(OE) mgc(OE) osd_ldiskfs(OE) lustre(OE) lmv(OE) mdc(OE) lov(OE) osc(OE) ldiskfs(OE) mbcache jbd2 mdd(OE) mdt(OE) lquota(OE) lfsck(OE) fid(OE) fld(OE) ksocklnd(OE) ptlrpc(OE) obdclass(OE) lnet(OE) libcfs(OE) rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache sunrpc ppdev iosf_mbi crc32_pclmul ghash_clmulni_intel aesni_intel snd_intel8x0 lrw gf128mul glue_helper ablk_helper cryptd snd_ac97_codec ac97_bus snd_seq snd_seq_device pcspkr sg i2c_piix4 snd_pcm parport_pc parport video vboxguest(OE) snd_timer snd soundcore ip_tables xfs libcrc32c sr_mod cdrom sd_mod crc_t10dif crct10dif_generic ata_generic pata_acpi vmwgfx drm_kms_helper crct10dif_pclmul syscopyarea crct10dif_common sysfillrect ahci sysimgblt fb_sys_fops crc32c_intel
[30628.721062] libahci ttm ata_piix serio_raw drm libata e1000 drm_panel_orientation_quirks dm_mirror dm_region_hash dm_log dm_mod [last unloaded: dm_flakey]
[30628.722025] CPU: 3 PID: 487 Comm: lctl Kdump: loaded Tainted: G D W OE ------------ 3.10.0-1160.25.1.el7_lustreajmes.x86_64.debug #1
[30628.723005] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[30628.723488] task: ffffa03e1148c000 ti: ffffa03e0439c000 task.ti: ffffa03e0439c000
[30628.724028] RIP: 0010:[<ffffffffc0ed04db>] [<ffffffffc0ed04db>] nrs_tbf_conds_parse+0x21b/0x6c0 [ptlrpc]
[30628.725196] RSP: 0018:ffffa03e0439fd78 EFLAGS: 00010206
[30628.725737] RAX: 0000000000000008 RBX: ffffa03db3990000 RCX: 000000000000007d
[30628.726224] RDX: 0000000000000000 RSI: ffffa03e15a5a3e0 RDI: ffffa03e15a5a3e8
[30628.726773] RBP: ffffa03e0439fde0 R08: 00000000001e00a0 R09: ffffa03e15a5a3e0
[30628.727254] R10: ffffa03e0439ffd8 R11: 000000000030bc07 R12: ffffa03deed64f20
[30628.727793] R13: ffffa03deed64f30 R14: ffffa03e15c574e8 R15: 0000000000000000
[30628.728273] FS: 00007fd0f05fe740(0000) GS:ffffa03e5b400000(0000) knlGS:0000000000000000
[30628.728824] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[30628.729314] CR2: 0000000000000000 CR3: 00000000cfafa000 CR4: 00000000000606e0
[30628.729887] Call Trace:
[30628.730413] [<ffffffffc0ed0cbd>] nrs_tbf_id_parse+0x33d/0x760 [ptlrpc]
[30628.730985] [<ffffffffc0b07c79>] ? lprocfs_counter_add+0xf9/0x160 [obdclass]
[30628.731541] [<ffffffffc0ed1449>] nrs_tbf_parse_cmd.isra.33+0x369/0x9f0 [ptlrpc]
[30628.732056] [<ffffffffc0ed266d>] ptlrpc_lprocfs_nrs_tbf_rule_seq_write+0x41d/0x890 [ptlrpc]
[30628.732577] [<ffffffffb3eaf87c>] vfs_write+0xdc/0x240
[30628.733098] [<ffffffffb3ed5d00>] ? fget_light+0x2b0/0x550
[30628.733676] [<ffffffffb3eb071a>] SyS_write+0x8a/0x100
[30628.734147] [<ffffffffb4498b12>] system_call_fastpath+0x25/0x2a
[30628.734966] [<ffffffffb4498a55>] ? system_call_after_swapgs+0xa2/0x13a
[30628.735805] Code: 48 85 db 0f 84 ff 01 00 00 48 8d 55 c8 48 8d 7d b8 be 3d 00 00 00 e8 75 74 b0 ff 85 c0 74 19 8b 45 c0 83 f8 02 7e 11 48 8b 55 b8 <80> 3a 7b 0f 84 2c 01 00 00 0f 1f 40 00 f6 05 2d 01 b2 ff 01 74
[30628.737861] RIP [<ffffffffc0ed04db>] nrs_tbf_conds_parse+0x21b/0x6c0 [ptlrpc]
[30628.738393] RSP <ffffa03e0439fd78>
[30628.738912] CR2: 0000000000000000
[30628.740251] ---[ end trace 62458dbd47702fcb ]---