NPIV enabled host crashed with NULL pointer dereference while executing 'scsi_softirq_done+0x22/0x150'

Solution Unverified - Updated -

Issue

  • NPIV enabled host crashed with NULL pointer dereference errors; this crash was occurred while doing following tests:

    • Configured a system with 2 Qlogic FC HBAs.
    • Configured 249 NPIV ports on each FC port.
    • Assigned the SAN devices to all 249 NPIV ports and started the IO.
    • When some of the target FC ports were manually disabled, the SCSI error handling process was triggered, but soon the NPIV host gets crashed with following error messages:

    Logs from system console:

    [41510.278952] qla2xxx [0000:04:00.0]-3821:9: Port to be marked lost on fcport=010200, current port state= LOST.
[41510.278956] qla2xxx [0000:04:00.0]-3822:9: FCP command status: 0x29-0x0 (0xe0000) nexus=1:1:1 portid=010200 oxid=0x0 cdb=2a0000c2d3df00000800 len=0x1000 rsp_info=0x0 resid=0x0 fw_resid=0x0 sp=ffff880428309040 cp=ffff8803f4321f80.
[41510.279378] BUG: unable to handle kernel NULL pointer dereference at 00000000000000c4
[41510.279388] IP: [<ffffffff81420472>] scsi_softirq_done+0x22/0x150
[41510.279391] PGD 35c21067 PUD 35c20067 PMD 0 
[41510.279392] Oops: 0000 [#1] SMP 
[...]
[41510.279457] Stack:
[41510.279464]  ffff880405d84e00 ffff880405d84d80 ffff88042fa03e80 ffffffff819430a0
[41510.279468]  ffff88042fa03eb0 ffffffff812d16a0 ffff88042fa03e80 ffff88042fa03e80
[41510.279471]  4b91c5db6999bcc1 0000000000000004 0000000000000004 0000000000000064
[41510.279472] Call Trace:
[41510.279475]  <IRQ> 
[41510.279480]  [<ffffffff812d16a0>] blk_done_softirq+0x90/0xc0
[41510.279485]  [<ffffffff81084b0f>] __do_softirq+0xef/0x280
[41510.279491]  [<ffffffff8164721c>] call_softirq+0x1c/0x30
[41510.279498]  [<ffffffff81016fc5>] do_softirq+0x65/0xa0
[41510.279501]  [<ffffffff81084ea5>] irq_exit+0x115/0x120
[41510.279504]  [<ffffffff81647db8>] do_IRQ+0x58/0xf0
[41510.279508]  [<ffffffff8163d0ed>] common_interrupt+0x6d/0x6d
[41510.279510]  <EOI> 
[41510.279514]  [<ffffffff810b41c6>] ? finish_task_switch+0x56/0x170
[41510.279517]  [<ffffffff8163a2b8>] __schedule+0x2d8/0x900
[41510.279520]  [<ffffffff8163b9e9>] schedule_preempt_disabled+0x29/0x70
[41510.279525]  [<ffffffff810d6244>] cpu_startup_entry+0x184/0x290
[41510.279529]  [<ffffffff81624e07>] rest_init+0x77/0x80
[41510.279535]  [<ffffffff81a8d057>] start_kernel+0x429/0x44a
[41510.279538]  [<ffffffff81a8ca37>] ? repair_env_string+0x5c/0x5c
[41510.279542]  [<ffffffff81a8c120>] ? early_idt_handlers+0x120/0x120
[41510.279545]  [<ffffffff81a8c5ee>] x86_64_start_reservations+0x2a/0x2c
[41510.279548]  [<ffffffff81a8c742>] x86_64_start_kernel+0x152/0x175
[41510.279570] Code: 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 56 41 55 41 54 53 48 8b 9f 00 01 00 00 44 8b af 60 01 00 00 48 8d 43 18 <44> 8b b3 c4 00 00 00 48 8b 13 48 89 43 18 48 89 43 20 f0 ff 82 
[41510.279573] RIP  [<ffffffff81420472>] scsi_softirq_done+0x22/0x150
[41510.279574]  RSP <ffff88042fa03e50>
[41510.279574] CR2: 00000000000000c4

Environment

  • Red Hat Enterprise Linux 7.2
  • Qlogic FC HBA with NPIV enabled
  • kernel-3.10.0-327.el7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content