RHEL6: Kernel panic in up_write / down_write due to NULL pointer dereference at 00000000000003d0

Solution Verified - Updated -

Issue

  • The system kernel panic in up_write()/down_write() due to NULL pointer dereference at 00000000000003d0
BUG: unable to handle kernel NULL pointer dereference at 00000000000003d0
IP: [<ffffffff810a42a1>] up_write+0x11/0x20
PGD c88d10067 PUD c88d3f067 PMD 0 
Oops: 0002 [#1] SMP 
last sysfs file: /sys/devices/pci0000:00/0000:00:01.1/host1/target1:0:0/1:0:0:0/vendor
CPU 1 
Modules linked in: autofs4 ipt_REJECT iptable_filter iptable_nat nf_nat nf_conntrack_ipv4 nf_defrag_ipv4 ip_tables ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack ip6table_filter ip6_tables ipv6 cls_u32 sch_htb microcode virtio_console virtio_balloon virtio_net sg i2c_piix4 i2c_core ext4 jbd2 mbcache sr_mod cdrom virtio_blk virtio_pci virtio_ring virtio pata_acpi ata_generic ata_piix dm_mirror dm_region_hash dm_log dm_mod [last unloaded: speedstep_lib]

Pid: 1766, comm: cgrulesengd Not tainted 2.6.32-504.23.4.el6.x86_64 #1 Red Hat RHEV Hypervisor
RIP: 0010:[<ffffffff810a42a1>]  [<ffffffff810a42a1>] up_write+0x11/0x20
RSP: 0018:ffff880c89e4fdd8  EFLAGS: 00010202
RAX: 00000000000003d0 RBX: ffff880c88954200 RCX: 0000000000000034
RDX: 00000000ffffffff RSI: ffff880c8a269520 RDI: 00000000000003d0
RBP: ffff880c89e4fdd8 R08: c000000000000000 R09: 6630000000000000
R10: 3180000000000000 R11: f000000000000000 R12: ffff880c8a269520
R13: 00000000000008e6 R14: 0000000000000000 R15: ffff880c87020080
FS:  00007fe94997fb20(0000) GS:ffff880028220000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000003d0 CR3: 0000000c88d39000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process cgrulesengd (pid: 1766, threadinfo ffff880c89e4e000, task ffff880c871bd520)
Stack:
 ffff880c89e4fe28 ffffffff810d28d2 ffff880c89e4fe68 00007fe9fffffffd
 ffff880c89e4fe38 ffffffff81aaa9e0 ffff880c88954200 00007fe949993000
 ffff880c89e4fe68 0000000000001000 ffff880c89e4fe38 ffffffff810d29e3
Call Trace:
 [<ffffffff810d28d2>] attach_task_by_pid+0xa2/0x160
 [<ffffffff810d29e3>] cgroup_tasks_write+0x13/0x20
 [<ffffffff810ce7fa>] cgroup_file_write+0x2ba/0x320
 [<ffffffff8123aa9b>] ? selinux_file_permission+0xfb/0x150
 [<ffffffff8118e1c8>] vfs_write+0xb8/0x1a0
 [<ffffffff8118eb91>] sys_write+0x51/0x90
 [<ffffffff8100b0f2>] system_call_fastpath+0x16/0x1b
Code: c1 10 79 05 e8 41 4c 1f 00 c9 c3 66 66 66 66 66 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 0f 1f 44 00 00 ba ff ff ff ff 48 89 f8 <f0> 48 0f c1 10 74 05 e8 13 4c 1f 00 c9 c3 90 55 48 89 e5 0f 1f 
RIP  [<ffffffff810a42a1>] up_write+0x11/0x20
 RSP <ffff880c89e4fdd8>
CR2: 00000000000003d0
(END) 

BUG: unable to handle kernel NULL pointer dereference at 00000000000003d0
IP: [<ffffffff8152c273>] down_write+0x23/0x40
PGD 23fa6bf2067 PUD 23fa6bf3067 PMD 0 
Oops: 0002 [#1] SMP 
last sysfs file: /sys/devices/system/cpu/online
CPU 30 
Modules linked in: mptctl mptbase nfs lockd fscache auth_rpcgss nfs_acl autofs4 sunrpc bonding ipv6 dm_multipath ipmi_devintf power_meter acpi_ipmi ipmi_si ipmi_msghandler microcode be2net iTCO_wdt iTCO_vendor_support e1000e ptp pps_core netxen_nic serio_raw lpc_ich mfd_core hpilo hpwdt sg i7core_edac edac_core shpchp ext4 jbd2 mbcache sr_mod cdrom sd_mod crc_t10dif pata_acpi ata_generic ata_piix hpsa dm_mirror dm_region_hash dm_log dm_mod [last unloaded: scsi_wait_scan]

Pid: 5221, comm: cgrulesengd Not tainted 2.6.32-504.30.3.el6.x86_64 #1 HP ProLiant DL980 G7
RIP: 0010:[<ffffffff8152c273>]  [<ffffffff8152c273>] down_write+0x23/0x40
RSP: 0018:ffff8a3fa6bffdc8  EFLAGS: 00010246
RAX: 00000000000003d0 RBX: 00000000000003d0 RCX: 0000000000000034
RDX: ffffffff00000001 RSI: ffffffff81aa63e0 RDI: 00000000000003d0
RBP: ffff8a3fa6bffdd8 R08: 8000000000000000 R09: 78e0000000000000
R10: c700000000000000 R11: f000000000000000 R12: ffff893fa646aab0
R13: 0000000000012b3c R14: 0000000000000000 R15: ffff8a3fa6e83740
FS:  00007f98cebfdb20(0000) GS:ffff8980e1200000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00000000000003d0 CR3: 0000023fa6bf1000 CR4: 00000000000007e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process cgrulesengd (pid: 5221, threadinfo ffff8a3fa6bfe000, task ffff8a3fa64aa040)
Stack:
 0000000000000202 ffff893fa69d6e00 ffff8a3fa6bffe28 ffffffff810d28ab
 ffff8a3fa6bffe68 00007f98cec0e000 ffff8a3fa6bffe38 ffffffff81aaa9e0
 ffff893fa69d6e00 00007f98cec0e000 ffff8a3fa6bffe68 0000000000001000
Call Trace:
 [<ffffffff810d28ab>] attach_task_by_pid+0x7b/0x160
 [<ffffffff810d29e3>] cgroup_tasks_write+0x13/0x20
 [<ffffffff810ce7fa>] cgroup_file_write+0x2ba/0x320
 [<ffffffff8123ac8b>] ? selinux_file_permission+0xfb/0x150
 [<ffffffff8118e3a8>] vfs_write+0xb8/0x1a0
 [<ffffffff8118ed71>] sys_write+0x51/0x90
 [<ffffffff8100b0d2>] system_call_fastpath+0x16/0x1b
Code: c3 e8 f2 8c b4 ff 00 00 55 48 89 e5 53 48 83 ec 08 0f 1f 44 00 00 48 89 fb e8 ba e2 ff ff 48 ba 01 00 00 00 ff ff ff ff 48 89 d8 <f0> 48 0f c1 10 48 85 d2 74 05 e8 ae cc d6 ff 48 83 c4 08 5b c9 
RIP  [<ffffffff8152c273>] down_write+0x23/0x40
 RSP <ffff8a3fa6bffdc8>
CR2: 00000000000003d0
(END)

Environment

  • Red Hat Enterprise Linux 6.6+
  • kernel-2.6.32-504.el6.x86_64 and later (seen on -504, -504.8.1, -504.23.4, -504.30.3 kernels)
  • Use of CGroups

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content