System crash on NULL pointer dereference in scsi_send_eh_cmnd() function of SCSI error handler kernel thread code path

Solution Verified - Updated -

Issue

  • System crashes in SCSI error handling code during an issue with storage.
  • Kernel crashes with null point dereference in function scsi_send_eh_cmnd+0x63 as follows : 
BUG: unable to handle kernel NULL pointer dereference at (null)
IP: [<ffffffff813860e3>] scsi_send_eh_cmnd+0x63/0x530
  • Or similar traces on PowerPC platform:
ses 4:0:2:0: [sg78] Aborting command: 12
Unable to handle kernel paging request for data at address 0x00000000
Faulting instruction address: 0xc0000000003ed230
Oops: Kernel access of bad area, sig: 11 [#1]
...
TASK = c00000073f4e4610[773] 'scsi_eh_4' THREAD: c00000073e178000 CPU: 25
...
NIP [c0000000003ed230] .scsi_send_eh_cmnd+0x80/0x5b0
LR [c0000000003ed874] .scsi_eh_tur+0x54/0x110
Call Trace:
[c00000073e17bac0] [c00000073e17bb80] 0xc00000073e17bb80 (unreliable)
[c00000073e17bc40] [c0000000003ed874] .scsi_eh_tur+0x54/0x110
[c00000073e17bce0] [c0000000003ed9d0] .scsi_eh_test_devices+0xa0/0x2d0
[c00000073e17bd80] [c0000000003ef110] .scsi_error_handler+0x6c0/0x8d0
[c00000073e17bed0] [c0000000000bf03c] .kthread+0xbc/0xd0
[c00000073e17bf90] [c000000000033af4] .kernel_thread+0x54/0x70

Environment

  • Red Hat Enterprise Linux 6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.