On Wed, 23 Jun 2021, Wang Yugui wrote:
> Hi,
>
> This patch works very well. Thanks a lot.
> - crossmnt of btrfs subvol works as expected.
> - nfs/umount subvol works well.
> - pseudo mount point inode(255) is good.
>
> I test it in 5.10.45 with a few minor rebase.
> ( see 0001-any-idea-about-auto-export-multiple-btrfs-snapshots.patch,
> just fs/nfsd/nfs3xdr.c rebase)
>
> But when I tested it with another btrfs system without subvol but with
> more data, 'find /nfs/test' caused a OOPS . and this OOPS will not
> happen just without this patch.
>
> The data in this filesystem is created/left by xfstest(FSTYP=nfs,
> TEST_DEV).
>
> #nfs4 option: default mount.nfs4, nfs-utils-2.3.3
>
> # access btrfs directly
> $ find /mnt/test | wc -l
> 6612
>
> # access btrfs through nfs
> $ find /nfs/test | wc -l
>
> [ 466.164329] BUG: kernel NULL pointer dereference, address: 0000000000000004
> [ 466.172123] #PF: supervisor read access in kernel mode
> [ 466.177857] #PF: error_code(0x0000) - not-present page
> [ 466.183601] PGD 0 P4D 0
> [ 466.186443] Oops: 0000 [#1] SMP NOPTI
> [ 466.190536] CPU: 27 PID: 1819 Comm: nfsd Not tainted 5.10.45-7.el7.x86_64 #1
> [ 466.198418] Hardware name: Dell Inc. PowerEdge T620/02CD1V, BIOS 2.9.0 12/06/2019
> [ 466.206806] RIP: 0010:fsid_source+0x7/0x50 [nfsd]
in nfsd4_encode_fattr there is code:
if ((bmval0 & (FATTR4_WORD0_FILEHANDLE | FATTR4_WORD0_FSID)) && !fhp) {
tempfh = kmalloc(sizeof(struct svc_fh), GFP_KERNEL);
status = nfserr_jukebox;
if (!tempfh)
goto out;
fh_init(tempfh, NFS4_FHSIZE);
status = fh_compose(tempfh, exp, dentry, NULL);
if (status)
goto out;
fhp = tempfh;
}
Change that to test for (bmval1 & FATTR4_WORD1_MOUNTED_ON_FILEID) as
well.
NeilBrown
