System crash when mounting XFS filesystem during log recovery on RHEL

Solution Unverified - Updated -

Issue

  • Server is rebooting when mounting a volume.
    /var/crash/<timestamp>/vmcore-dmesg.txt contains:

    XFS (dm-22): Mounting V5 Filesystem
XFS (dm-22): Starting recovery (logdev: internal)
BUG: unable to handle kernel NULL pointer dereference at 0000000000000004
IP: [<ffffffffc06b2be6>] xfs_bmbt_init_cursor+0x46/0x180 [xfs]
PGD 0 
Oops: 0000 [#1] SMP 
Modules linked in: bonding oracleasm(O) falcon_lsm_serviceable(PE) falcon_nf_netcontain(PE) falcon_kal(E) falcon_lsm_pinned_11711(E) vfat fat ipmi_ssif dm_service_time skx_edac nfit libnvdimm intel_powerclamp coretemp intel_rapl iosf_mbi kvm_intel kvm irqbypass crc32_pclmul dm_round_robin ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd pcspkr ses enclosure hpwdt joydev wmi sg lpc_ich mei_me hpilo mei ipmi_si ipmi_devintf ipmi_msghandler acpi_power_meter dm_multipath auth_rpcgss binfmt_misc sunrpc ip_tables xfs libcrc32c sd_mod crc_t10dif crct10dif_generic mgag200 i2c_algo_bit drm_kms_helper qla2xxx syscopyarea sysfillrect sysimgblt fb_sys_fops ttm drm uas usb_storage drm_panel_orientation_quirks crct10dif_pclmul crct10dif_common crc32c_intel nvme_fc smartpqi
nvme_fabrics tg3 nvme_core scsi_transport_sas scsi_transport_fc scsi_tgt ptp pps_core dm_mirror dm_region_hash dm_log dm_mod
CPU: 8 PID: 16730 Comm: mount Kdump: loaded Tainted: P           OE  ------------   3.10.0-1160.25.1.el7.x86_64 #1
Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 11/14/2017
task: ffff94e6157c6300 ti: ffff94ed715ac000 task.ti: ffff94ed715ac000
RIP: 0010:[<ffffffffc06b2be6>]  [<ffffffffc06b2be6>] xfs_bmbt_init_cursor+0x46/0x180 [xfs]
RSP: 0018:ffff94ed715af7d0  EFLAGS: 00010282
RAX: ffff94e6157f10e0 RBX: ffff94ed6c5ce900 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff94e6157f11b8
RBP: ffff94ed715af7f8 R08: 0000384dc0205fa0 R09: ffff94e6157f10e0
R10: ffff94deffc03b00 R11: ffffeab14583fe80 R12: ffff94e6037be000
R13: 0000000000000000 R14: 0000000000000000 R15: ffff94ed6c5ce940
FS:  00007fd30a465880(0000) GS:ffff94edbf880000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 0000000000000004 CR3: 00000008bff7e000 CR4: 00000000007607e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 55555554
Call Trace:
[<ffffffffc06b2df7>] xfs_bmbt_change_owner+0x27/0x70 [xfs]
[<ffffffffc0709673>] xfs_recover_inode_owner_change.isra.27+0xb3/0xd0 [xfs]
[<ffffffffc070b02c>] xlog_recover_inode_pass2+0x54c/0x9c0 [xfs]
[<ffffffffc070b592>] xlog_recover_commit_pass2+0xf2/0x1a0 [xfs]
[<ffffffffc070b689>] xlog_recover_items_pass2+0x49/0x70 [xfs]
[<ffffffffc070b8c5>] xlog_recover_commit_trans+0x215/0x250 [xfs]
[<ffffffffc070b997>] xlog_recovery_process_trans+0x97/0xe0 [xfs]
[<ffffffffc070ba69>] xlog_recover_process_ophdr+0x89/0x140 [xfs]
[<ffffffffc070bbd6>] xlog_recover_process_data+0xb6/0x130 [xfs]
[<ffffffffc070bcf5>] xlog_recover_process+0xa5/0x110 [xfs]
[<ffffffffc070c290>] xlog_do_recovery_pass+0x530/0x6e0 [xfs]
[<ffffffffc070c4c9>] xlog_do_log_recovery+0x89/0xd0 [xfs]
[<ffffffffc070c541>] xlog_do_recover+0x31/0x180 [xfs]
[<ffffffffc070d65f>] xlog_recover+0xbf/0x190 [xfs]
[<ffffffffc06ffb9f>] xfs_log_mount+0xff/0x310 [xfs]
[<ffffffffc06f6751>] xfs_mountfs+0x501/0x8c0 [xfs]
[<ffffffffc06f9890>] xfs_fs_fill_super+0x440/0x580 [xfs]
[<ffffffff88651f23>] mount_bdev+0x1b3/0x1f0
[<ffffffffc06f9450>] ? xfs_test_remount_options.isra.12+0x70/0x70 [xfs] 
[<ffffffffc06f8045>] xfs_fs_mount+0x15/0x20 [xfs]
[<ffffffff8865288e>] mount_fs+0x3e/0x1b0
[<ffffffff885e4cc5>] ? __alloc_percpu+0x15/0x20
[<ffffffff88671537>] vfs_kern_mount+0x67/0x110
[<ffffffff88673c6f>] do_mount+0x1ef/0xd00
[<ffffffff8864a9aa>] ? __check_object_size+0x1ca/0x250
[<ffffffff885de12f>] ? memdup_user+0x4f/0x80
[<ffffffff88674ac3>] SyS_mount+0x83/0xd0
[<ffffffff88b95f92>] system_call_fastpath+0x25/0x2a
Code: 41 54 49 89 fc 53 48 89 d3 74 04 4c 8b 7a 38 48 8b 3d bf dc 09 00 be 14 00 00 00 e8 a5 b1 04 00 4c 89 30 4c 89 60 08 49 8b 57 08 <0f> b7 52 04 c7 80 ac 00 00 00 02 00 00 00 66 c1 c2 08 83 c2 01
RIP  [<ffffffffc06b2be6>] xfs_bmbt_init_cursor+0x46/0x180 [xfs]
RSP <ffff94ed715af7d0>
CR2: 0000000000000004

Environment

  • Red Hat Enterprise Linux Server release 7.9
  • kernel-3.10.0-1160.25.1.el7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content