The kernel often crashes due to OOB (out-of-bounds) bug in mmfslinux module

Solution Verified - Updated -

Issue

  • The kernel crashes due to list_del corruption.
[11495.384279] list_del corruption. prev->next should be 001ffbffa2fc7d80, but was 30393400a2fc7d80
[11495.384310] ------------[ cut here ]------------
[11495.384311] kernel BUG at lib/list_debug.c:51!
[11495.384354] monitor event: 0040 ilc:2 [#1] SMP 
[11495.384363] Modules linked in: ...
[11495.384432] CPU: 6 PID: 502457 Comm: haproxy Kdump: loaded Tainted: G           OE     -------  ---  5.14.0-427.57.1.el9_4.s390x #1
[11495.384446] Hardware name: IBM 3931 A01 419 (z/VM 7.3.0)
[11495.384448] Krnl PSW : 0404c00180000000 00000003c36b1a3a (__list_del_entry_valid+0x9a/0xb0)
[11495.384461]            R:0 T:1 IO:0 EX:0 Key:0 M:1 W:0 P:0 AS:3 CC:0 PM:0 RI:0 EA:3
[11495.384463] Krnl GPRS: c0000000ffffbfff 0000001e00000027 0000000000000054 00000003c438fd18
[11495.384466]            001ffbffa2fc7ac0 001ffbffa2fc7ab8 0000000000000000 000000014cc7e290
[11495.384467]            001ffbffa2fc7d58 0000000100000001 001ffbffa2fc7d80 000000014cc7e240
[11495.384469]            0000000e6b1fe900 000003ffd13f839f 00000003c36b1a36 001ffbffa2fc7c78
[11495.384476] Krnl Code: 00000003c36b1a2a: c020003c2eff    larl    %r2,00000003c3e37828
                          00000003c36b1a30: c0e500213d60    brasl    %r14,00000003c3ad94f0
                         #00000003c36b1a36: af000000        mc    0,0
                         >00000003c36b1a3a: b9040032        lgr    %r3,%r2
                          00000003c36b1a3e: c020003c2ed9    larl    %r2,00000003c3e377f0
                          00000003c36b1a44: c0e500213d56    brasl    %r14,00000003c3ad94f0
                          00000003c36b1a4a: af000000        mc    0,0
                          00000003c36b1a4e: 0707        bcr    0,%r7
[11495.384490] Call Trace:
[11495.384492]  [<00000003c36b1a3a>] __list_del_entry_valid+0x9a/0xb0 
[11495.384496] ([<00000003c36b1a36>] __list_del_entry_valid+0x96/0xb0)
[11495.384498]  [<00000003c3511ee6>] ep_poll+0x2a6/0x450 
[11495.384504]  [<00000003c3512140>] do_epoll_wait+0xb0/0xd0 
[11495.384506]  [<00000003c3512afc>] __s390x_sys_epoll_wait+0x11c/0x150 
[11495.384509]  [<00000003c3ae60a0>] __do_syscall+0x1d0/0x200 
[11495.384513]  [<00000003c3af5002>] system_call+0x82/0xb0 
[11495.384516] Last Breaking-Event-Address:
[11495.384517]  [<00000003c3ad953c>] _printk+0x4c/0x58
[11495.384521] Kernel panic - not syncing: Fatal exception: panic_on_oops

Environment

  • Red Hat Enterprise Linux for IBM z Systems (s390x)
  • Red Hat OpenShift Container Platform 4.16
    • RHCOS - kernel-5.14.0-427.57.1.el9_4.s390x
  • IBM Spectrum Scale (formerly GPFS)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content