The kernel crashes due to a corruption on a freelist pointer due to a possible kmalloc-64 slab use-after-free. Veritas vxfs/vxio modules are installed and loaded.
Issue
- The kernel crashes due to a corruption on a freelist pointer due to a possible kmalloc-64 slab use-after-free/corruption. Veritas vxfs/vxio modules are installed and loaded.
[221204.168656] BUG: unable to handle kernel paging request at 0000000100000189
[221204.674820] IP: [<ffffffff87228684>] __kmalloc+0x94/0x230
[221205.068260] PGD 17d2eb49067 PUD 0
[221205.319123] Oops: 0000 [#1] SMP
[221205.557549] Modules linked in: tcp_diag udp_diag inet_diag unix_diag af_packet_diag netlink_diag ipt_REJECT nf_reject_ipv4 nf_conntrack_ipv4 nf_defrag_ipv4 nf_log_ipv4 nf_log_common xt_LOG xt_conntrack iptable_filter xt_CT nf_conntrack iptable_raw dmpjbod(POE) dmpap(POE) dmpaa(POE) nfsv3 nfs fscache vxspec(POE) vxio(POE) vxdmp(POE) openafs(POE) vxcafs(POE) vxportal(POE) fdd(POE) vxfs(POE) rpcrdma ib_isert iscsi_target_mod ib_iser libiscsi scsi_transport_iscsi veki(POE) ib_srpt target_core_mod ib_srp scsi_transport_srp scsi_tgt ib_ipoib rdma_ucm ib_umad rdma_cm ib_cm iw_cm mlx5_ib ib_uverbs ib_core dm_mirror dm_region_hash dm_log dm_mod dell_smbios iTCO_wdt iTCO_vendor_support dell_wmi_descriptor dcdbas intel_powerclamp coretemp intel_rapl iosf_mbi kvm_intel kvm irqbypass crc32_pclmul ghash_clmulni_intel
[221210.694599] mgag200 i2c_algo_bit aesni_intel ttm lrw gf128mul glue_helper drm_kms_helper ablk_helper cryptd syscopyarea sysfillrect sysimgblt fb_sys_fops pcspkr drm sg mei_me drm_panel_orientation_quirks i2c_i801 mei lpc_ich wmi ipmi_si ipmi_devintf ipmi_msghandler tpm_crb acpi_power_meter acpi_pad binfmt_misc nfsd nfs_acl lockd grace auth_rpcgss sunrpc ip_tables xfs libcrc32c sd_mod crc_t10dif crct10dif_generic mlx5_core ahci mlxfw crct10dif_pclmul crct10dif_common libahci nvme crc32c_intel ptp libata megaraid_sas nvme_core pps_core devlink nfit libnvdimm
[221214.173869] CPU: 7 PID: 4045 Comm: vxiod Kdump: loaded Tainted: P OE ------------ 3.10.0-1160.31.1.el7.x86_64 #1
[221214.990020] Hardware name: Dell Inc. PowerEdge R640/0HG0J8, BIOS 2.10.2 02/24/2021
[221215.538455] task: ffff9e8419304200 ti: ffff9e84194a8000 task.ti: ffff9e84194a8000
[221216.080668] RIP: 0010:[<ffffffff87228684>] [<ffffffff87228684>] __kmalloc+0x94/0x230
[221216.648398] RSP: 0018:ffff9e84194abc80 EFLAGS: 00010282
[221217.034989] RAX: 0000000000000000 RBX: 0000000000000040 RCX: 0000000000fc4c35
[221217.552309] RDX: 0000000000fc4c34 RSI: 0000000000000000 RDI: 0000000000000007
[221218.069624] RBP: ffff9e84194abcb0 R08: 000000000001f0a0 R09: ffffffffc13ae6bb
[221218.586939] R10: ffff9d097fc07b00 R11: 0000000000003000 R12: 0000000000000010
[221219.104255] R13: 0000000100000189 R14: 0000000000000040 R15: ffff9d097fc07b00
[221219.621570] FS: 0000000000000000(0000) GS:ffff9e843d0c0000(0000) knlGS:0000000000000000
[221220.207365] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[221220.625070] CR2: 0000000100000189 CR3: 0000017d2d124000 CR4: 00000000007607e0
[221221.142390] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[221221.659704] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[221222.177021] PKRU: 00000000
[221222.377670] Call Trace:
[221222.560059] [<ffffffffc13ae6bb>] ? vol_alloc+0x1ab/0x370 [vxio]
[221222.997650] [<ffffffffc13ae6bb>] vol_alloc+0x1ab/0x370 [vxio]
[221223.422208] [<ffffffffc13ae8d4>] vol_zalloc+0x14/0x40 [vxio]
[221223.840517] [<ffffffffc12e1def>] vxvm_get_bio_vec_from_memlist+0x8f/0x160 [vxio]
[221224.383345] [<ffffffffc12e2212>] voldiskiostart+0x352/0x460 [vxio]
[221224.839039] [<ffffffffc134fd4a>] vol_subdisksio_start+0x9a/0x1b0 [vxio]
[221225.325856] [<ffffffffc130ac4f>] voliod_iohandle+0x16f/0x3b0 [vxio]
[221225.787771] [<ffffffffc130af6c>] voliod_loop+0xdc/0x390 [vxio]
[221226.218543] [<ffffffffc130ae90>] ? voliod_iohandle+0x3b0/0x3b0 [vxio]
[221226.692862] [<ffffffff870c5e31>] kthread+0xd1/0xe0
[221227.048928] [<ffffffff870c5d60>] ? insert_kthread_work+0x40/0x40
[221227.492160] [<ffffffff87795ddd>] ret_from_fork_nospec_begin+0x7/0x21
[221227.960279] [<ffffffff870c5d60>] ? insert_kthread_work+0x40/0x40
[221228.403517] Code: 8b de 78 49 8b 50 08 4d 8b 28 49 8b 40 10 4d 85 ed 0f 84 29 01 00 00 48 85 c0 0f 84 20 01 00 00 49 63 42 20 48 8d 4a 01 4d 8b 02 <49> 8b 5c 05 00 4c 89 e8 65 49 0f c7 08 0f 94 c0 84 c0 74 b9 49
[221229.802955] RIP [<ffffffff87228684>] __kmalloc+0x94/0x230
[221230.203248] RSP <ffff9e84194abc80>
[221230.459726] CR2: 0000000100000189
Environment
- Red Hat Enterprise Linux 7.8 (kernel-3.10.0-1127.18.2.el7)
- Red Hat Enterprise Linux 7.9 (kernel-3.10.0-1160.31.1.el7)
- Veritas VxIO/VxFS modules installed and loaded.
- openafs module is installed and loaded.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.