RHEL7: NULL pointer dereference in xfs_iflush_int+248

Solution Verified - Updated -

Issue

  • System crashed with the bug line "BUG: unable to handle kernel NULL pointer dereference at 0000000000000090"
[979563.726006] BUG: unable to handle kernel NULL pointer dereference at 0000000000000090
[979563.734859] IP: [<ffffffffa03fb4d8>] xfs_iflush_int+0xf8/0x310 [xfs]
[979563.742084] PGD 0 
[979563.744429] Oops: 0000 [#1] SMP 
[979563.748147] Modules linked in: stap_1cfcab7240f92d3409ef0a276303fa1b_11096(OE) stap_14af7e9b52608b3229cbfd401e21f84e_19917(OE) mmfs26(OE) mmfslinux(OE) tracedev(OE) nfsv3 nfs fscache fuse onload(OE) sfc_char(OE) sfc_resource(OE) sfc_affinity(OE) sfc(OE) mtd mdio onload_cplane(POE) 8021q garp mrp bridge stp llc mlx4_en(OE) mlx4_core(OE) intel_powerclamp ipmi_devintf iTCO_wdt coretemp mxm_wmi iTCO_vendor_support intel_rapl iosf_mbi kvm_intel kvm irqbypass crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd cdc_ether pcspkr sg usbnet sb_edac mei_me mii edac_core lpc_ich i2c_i801 mei shpchp ipmi_si ipmi_msghandler wmi acpi_pad acpi_power_meter binfmt_misc nfsd nfs_acl lockd grace auth_rpcgss sunrpc ip_tables xfs libcrc32c mlx5_ib(OE) sd_mod crc_t10dif crct10dif_generic
[979563.827941]  mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops mlx5_core(OE) ttm tg3 mlx_compat(OE) crct10dif_pclmul drm crct10dif_common crc32c_intel ptp i2c_core megaraid_sas pps_core fjes dm_mirror dm_region_hash dm_log dm_mod
[979563.852508] CPU: 12 PID: 1189 Comm: xfsaild/dm-1 Tainted: P        W  OE  ------------   3.10.0-514.2.2.el7.x86_64 #1
[979563.875119] task: ffff8801735dee40 ti: ffff881ffef04000 task.ti: ffff881ffef04000
[979563.883564] RIP: 0010:[<ffffffffa03fb4d8>]  [<ffffffffa03fb4d8>] xfs_iflush_int+0xf8/0x310 [xfs]
[979563.893491] RSP: 0018:ffff881ffef07cc8  EFLAGS: 00010246
[979563.899512] RAX: 0000000000000000 RBX: ffff8817941c5500 RCX: 0000000000000000
[979563.907570] RDX: 0000000000000000 RSI: ffff88101e169200 RDI: ffff8817941c5500
[979563.915627] RBP: ffff881ffef07d00 R08: 000000000557cb00 R09: 0000000000000000
[979563.923683] R10: 0000000000000000 R11: 0000000000000220 R12: 0000000000000000
[979563.931740] R13: ffff88101e169200 R14: ffff881ffda28000 R15: ffff8817b9254c40
[979563.939797] FS:  0000000000000000(0000) GS:ffff882000100000(0000) knlGS:0000000000000000
[979563.948920] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[979563.955426] CR2: 0000000000000090 CR3: 00000000019ba000 CR4: 00000000001407e0
[979563.963484] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[979563.971541] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[979563.979598] Stack:
[979563.981933]  000000000557cb40 ffff881ffef07d00 ffff8817941c2640 ffff8817941c2734
[979563.990333]  ffff881ffb1d8230 0000000000000008 ffff8817941c5500 ffff881ffef07d70
[979563.998716]  ffffffffa03fbeb9 ffff8817941c55f4 ffff8817b9254c40 ffff883ffcecf950
[979564.007097] Call Trace:
[979564.009948]  [<ffffffffa03fbeb9>] xfs_iflush_cluster+0x2d9/0x400 [xfs]
[979564.017336]  [<ffffffffa03ffb2b>] xfs_iflush+0x15b/0x260 [xfs]
[979564.023967]  [<ffffffffa0411a9e>] xfs_inode_item_push+0xee/0x150 [xfs]
[979564.031355]  [<ffffffffa0419360>] ? xfs_trans_ail_cursor_first+0x90/0x90 [xfs]
[979564.039519]  [<ffffffffa0419671>] xfsaild+0x311/0x660 [xfs]
[979564.045841]  [<ffffffffa0419360>] ? xfs_trans_ail_cursor_first+0x90/0x90 [xfs]
[979564.053998]  [<ffffffff810b064f>] kthread+0xcf/0xe0
[979564.059535]  [<ffffffff810b0580>] ? kthread_create_on_node+0x140/0x140
[979564.066916]  [<ffffffff81696618>] ret_from_fork+0x58/0x90
[979564.073034]  [<ffffffff810b0580>] ? kthread_create_on_node+0x140/0x140
[979564.080412] Code: 66 83 bb 26 01 00 00 ff 0f 84 05 01 00 00 31 c9 4c 89 e2 4c 89 ee 48 89 df e8 15 11 fe ff 80 bb 5a 01 00 00 00 0f 85 d0 00 00 00 <41> 8b 84 24 90 00 00 00 41 c7 84 24 94 00 00 00 00 00 00 00 4c 
[979564.102162] RIP  [<ffffffffa03fb4d8>] xfs_iflush_int+0xf8/0x310 [xfs]
[979564.109463]  RSP <ffff881ffef07cc8>
[979564.113448] CR2: 0000000000000090

Environment

  • Red Hat Enterprise Linux 7.1 (Unconfirmed, but racing code is the same)
  • Red Hat Enterprise Linux 7.2 (Unconfirmed, but racing code is the same)
  • Red Hat Enterprise Linux 7.3 (Confirmed)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.