NULL pointer dereference in function xdr_string [mvfs]

Solution Unverified - Updated -

Issue

Kernel panic with error "BUG: unable to handle kernel NULL pointer dereference at (null)"
Bug at IP [] xdr_string+0x31/0x9e [mvfs]" (in function xdr_string of mvfs kernel module)

Call trace:

BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffffa06649d7>] xdr_string+0x31/0x9e [mvfs]
PGD 1a01ef067 PUD 860af8067 PMD 0 
Oops: 0000 [#1] SMP 
last sysfs file: /sys/devices/system/cpu/online
CPU 5 
Modules linked in: ib_ipoib ib_cm mlx4_en mlx4_ib ib_sa ib_mad ib_core mlx4_core mpt2sas scsi_transport_sas raid_class mptctl mptbase ipmi_devintf mvfs(U) iptable_filter ip_tables autofs4 nfs lockd fscache auth_rpcgss nfs_acl sunrpc bnx2fc cnic uio fcoe libfcoe libfc cpufreq_ondemand acpi_cpufreq freq_table mperf bonding 8021q garp stp llc ipv6 emcpvlumd(P)(U) emcpxcrypt(P)(U) emcpdm(P)(U) emcpgpx(P)(U) emcpmpx(P)(U) emcp(P)(U) cdc_ether usbnet mii microcode i2c_i801 i2c_core iTCO_wdt iTCO_vendor_support shpchp ioatdma sg igb dca ptp pps_core ext4 mbcache jbd2 sr_mod cdrom sd_mod crc_t10dif ahci wmi megaraid_sas qla2xxx scsi_transport_fc scsi_tgt dm_mirror dm_region_hash dm_log dm_mod [last unloaded: mvfs]

Pid: 2324, comm: python3 Tainted: P           ---------------    2.6.32-358.6.2.el6.x86_64 #1 IBM System x3650 M4 : -[7915E3G]-/00Y8362
RIP: 0010:[<ffffffffa06649d7>]  [<ffffffffa06649d7>] xdr_string+0x31/0x9e [mvfs]
RSP: 0018:ffff88010740f4d8  EFLAGS: 00010286
RAX: 0000000000000000 RBX: ffff88010740f548 RCX: ffffffffffffffff
RDX: 00000000000003ff RSI: ffff8801c1f4c6c8 RDI: 0000000000000000
RBP: ffff88010740f508 R08: ffff8801c1f4c690 R09: ffff880101e00047
R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000
R13: 00000000000003ff R14: ffffffffa0663761 R15: ffff8812bcbdb080
FS:  00007ffe764f1700(0000) GS:ffff8800282a0000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000000 CR3: 000000012267b000 CR4: 00000000000407e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process python3 (pid: 2324, threadinfo ffff88010740e000, task ffff8801082b2ae0)
Stack:
 ffff88186b0b4080 ffff8801082b2ae0 ffff88010740f518 ffff88010740f548
<d> ffff8801c1f4c690 ffff880c5a8c3200 ffff88010740f518 ffffffffa066307b
<d> ffff88010740f538 ffffffffa066332e ffff880c5a8c3200 ffff880101e00070
Call Trace:
 [<ffffffffa066307b>] xdr_ks_canon_pname_p_t+0x13/0x15 [mvfs]
 [<ffffffffa066332e>] xdr_albd_find_server_req_t+0x4a/0x5b [mvfs]
 [<ffffffffa066379c>] mvfs_linux_xdr_encode_albd_find_server+0x3b/0x59 [mvfs]
 [<ffffffffa0533bd8>] ? xdr_encode_opaque+0x18/0x20 [sunrpc]
 [<ffffffffa0529e44>] rpcauth_wrap_req+0x84/0xb0 [sunrpc]
 [<ffffffffa051e150>] ? call_transmit+0x0/0x2c0 [sunrpc]
 [<ffffffffa051e2f5>] call_transmit+0x1a5/0x2c0 [sunrpc]
 [<ffffffffa0528997>] __rpc_execute+0x77/0x350 [sunrpc]
 [<ffffffff811c2dc2>] ? fsnotify_clear_marks_by_inode+0x32/0xf0
 [<ffffffff81096b67>] ? bit_waitqueue+0x17/0xd0
 [<ffffffffa0528cd1>] rpc_execute+0x61/0xa0 [sunrpc]
 [<ffffffffa051f3a5>] rpc_run_task+0x75/0x90 [sunrpc]
 [<ffffffffa051f4c2>] rpc_call_sync+0x42/0x70 [sunrpc]
 [<ffffffffa066d0e9>] mdki_linux_clnt_call+0x70/0x123 [mvfs]
 [<ffffffffa0656b47>] mfscall_int+0x3cd/0x10ac [mvfs]
 [<ffffffffa0665938>] ? mvfs_linux_vfsp_to_fsid+0x2a/0x30 [mvfs]
 [<ffffffffa0658534>] mfscall+0x98/0xbb [mvfs]
 [<ffffffffa066320e>] ? xdr_albd_find_server_reply_t+0x0/0x7c [mvfs]
 [<ffffffffa06632e4>] ? xdr_albd_find_server_req_t+0x0/0x5b [mvfs]
 [<ffffffffa0658799>] mvfs_bindsvr_port+0x242/0x419 [mvfs]
 [<ffffffffa066320e>] ? xdr_albd_find_server_reply_t+0x0/0x7c [mvfs]
 [<ffffffffa0658a3a>] mfs_vwcall+0xca/0x72e [mvfs]
 [<ffffffffa062ee83>] ? mfs_getattr+0xb12/0xc17 [mvfs]
 [<ffffffffa0662993>] ? xdr_view_lookup_reply_t+0x0/0x9c [mvfs]
 [<ffffffffa0662a2f>] ? xdr_view_lookup_req_t+0x0/0x71 [mvfs]
 [<ffffffffa0654791>] mfs_clnt_lookup+0x395/0xeb6 [mvfs]
 [<ffffffffa062fa75>] mvfs_lookup_ctx+0x84a/0xba8 [mvfs]
 [<ffffffffa062cc0a>] ? mfs_ac_timedout+0x2a5/0x903 [mvfs]
 [<ffffffffa06297fc>] ? mvfs_devadjust+0x72/0x7e [mvfs]
 [<ffffffffa0665751>] mvfs_linux_lookup_wrapper+0x108/0x119 [mvfs]
 [<ffffffffa0664616>] ? mvfs_get_thread_ptr+0x19/0x1b [mvfs]
 [<ffffffffa0669c2a>] vnode_iop_lookup+0x82/0x460 [mvfs]
 [<ffffffff811904e5>] do_lookup+0x1a5/0x230
 [<ffffffff8119077d>] __link_path_walk+0x20d/0x1030
 [<ffffffff8104baa7>] ? pte_alloc_one+0x37/0x50
 [<ffffffff810aa3ee>] ? futex_wake+0x10e/0x120
 [<ffffffff8119182a>] path_walk+0x6a/0xe0
 [<ffffffff811919fb>] do_path_lookup+0x5b/0xa0
 [<ffffffff81192687>] user_path_at+0x57/0xa0
 [<ffffffff8121bdf6>] ? security_prepare_creds+0x16/0x20
 [<ffffffff8117ee10>] sys_faccessat+0xd0/0x1d0
 [<ffffffff8117ef28>] sys_access+0x18/0x20
 [<ffffffff8100b072>] system_call_fastpath+0x16/0x1b
Code: 41 54 53 48 83 ec 18 0f 1f 44 00 00 8b 07 4c 8b 26 48 89 fb 41 89 d5 85 c0 74 07 83 f8 02 75 36 eb 16 31 c0 48 83 c9 ff 4c 89 e7 <f2> ae 48 f7 d1 48 ff c9 89 4d dc eb 1e 31 c0 48 c7 c2 08 33 67 
RIP  [<ffffffffa06649d7>] xdr_string+0x31/0x9e [mvfs]
 RSP <ffff88010740f4d8>
CR2: 0000000000000000

Environment

Red Hat Enterprise Linux 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content