Kernel panic in the xfpregs_get() function

Solution Verified - Updated -

Issue

  • Kernel panic due to race between clear_used_math() and cpuset_attach_task()
  • The following call trace is seen:
[4105188.086601] BUG: unable to handle kernel NULL pointer dereference at (null)
[4105188.086721] IP: [<ffffffff81282f3b>] memcpy+0xb/0x120
[4105188.086803] PGD 17ff08e067 PUD 16e720a067 PMD 0 
[4105188.089480] Oops: 0000 [#1] SMP 
[4105188.092147] last sysfs file: /sys/devices/pci0000:00/0000:00:09.0/0000:09:00.0/net/ib0/address
[4105188.094884] CPU 0 
[4105188.094913] Modules linked in: bluetooth rfkill mptctl mptbase ipmi_devintf autofs4 nfs lockd fscache auth_rpcgss nfs_acl sunrpc bonding 8021q garp stp llc rdma_ucm rdma_cm iw_cm ib_addr ib_ipoib ib_cm ipv6 ib_uverbs ib_umad iw_nes iw_cxgb4 cxgb4 iw_cxgb3 cxgb3 ib_qib mlx4_ib ib_sa mlx4_en mlx4_core ib_mthca ib_mad ib_core power_meter hpilo hpwdt bnx2x libcrc32c mdio serio_raw iTCO_wdt iTCO_vendor_support sg i7core_edac edac_core shpchp ext4 mbcache jbd2 sd_mod crc_t10dif qla2xxx scsi_transport_fc scsi_tgt hpsa radeon ttm drm_kms_helper drm i2c_algo_bit i2c_core dm_multipath dm_mirror dm_region_hash dm_log dm_mod [last unloaded: scsi_wait_scan]
[4105188.115889] 
[4105188.118964] Pid: 27926, comm: bash Not tainted 2.6.32-358.el6.x86_64 #1 HP ProLiant BL460c G6
[4105188.122210] RIP: 0010:[<ffffffff81282f3b>]  [<ffffffff81282f3b>] memcpy+0xb/0x120
[4105188.125518] RSP: 0018:ffff880bd948bab0  EFLAGS: 00010246
[4105188.128810] RAX: ffff881020de6600 RBX: ffff880ae278eaa0 RCX: 0000000000000040
[4105188.132182] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff881020de6600
[4105188.135608] RBP: ffff880bd948baf8 R08: ffff881020de6600 R09: 0000000000000000
[4105188.139037] R10: 0000000000000200 R11: 0000000000000000 R12: ffff881020de6600
[4105188.142520] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000200
[4105188.145969] FS:  0000000000000000(0000) GS:ffff880c4a600000(0000) knlGS:0000000000000000
[4105188.149483] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[4105188.153015] CR2: 0000000000000000 CR3: 0000000d1792c000 CR4: 00000000000007f0
[4105188.156574] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[4105188.160148] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[4105188.163682] Process bash (pid: 27926, threadinfo ffff880bd948a000, task ffff880ae278eaa0)
[4105188.167268] Stack:
[4105188.170797]  ffffffff81015856 ffffffff81017e35 0000000000000000 ffffffff81017e9c
[4105188.170918] <d> ffffffff81bfd0f8 0000000000000001 ffff880d6cd8c400 0000000000000001
[4105188.174632] <d> ffffffff81601860 ffff880bd948bc38 ffffffff811db07c 0000000000000001
[4105188.182189] Call Trace:
[4105188.186094]  [<ffffffff81015856>] ? xfpregs_get+0x66/0xc0
[4105188.190049]  [<ffffffff81017e35>] ? getreg+0x105/0x130
[4105188.194020]  [<ffffffff81017e9c>] ? genregs_get+0x3c/0xa0
[4105188.198043]  [<ffffffff811db07c>] elf_core_dump+0x52c/0xfe0
[4105188.202121]  [<ffffffff81055ab3>] ? __wake_up+0x53/0x70
[4105188.206130]  [<ffffffff8108f76b>] ? call_usermodehelper_exec+0xab/0x120
[4105188.210136]  [<ffffffff81187904>] do_coredump+0x814/0xc00
[4105188.214071]  [<ffffffff8108500d>] ? __sigqueue_free+0x3d/0x50
[4105188.217938]  [<ffffffff81088e0d>] get_signal_to_deliver+0x1ed/0x460
[4105188.221861]  [<ffffffff81063340>] ? wake_up_state+0x10/0x20
[4105188.225770]  [<ffffffff8100a265>] do_signal+0x75/0x800
[4105188.229720]  [<ffffffff81088232>] ? force_sig_info+0xa2/0x110
[4105188.233724]  [<ffffffff8100aa80>] do_notify_resume+0x90/0xc0
[4105188.237780]  [<ffffffff8100badc>] retint_signal+0x48/0x8c
[4105188.241809] Code: 49 89 70 50 19 c0 49 89 70 58 41 c6 40 4c 04 83 e0 fc 83 c0 08 41 88 40 4d c9 c3 90 90 90 90 90 48 89 f8 89 d1 c1 e9 03 83 e2 07 <f3> 48 a5 89 d1 f3 a4 c3 20 48 83 ea 20 4c 8b 06 4c 8b 4e 08 4c 
[4105188.250703] RIP  [<ffffffff81282f3b>] memcpy+0xb/0x120
[4105188.255036]  RSP <ffff880bd948bab0>
[4105188.259321] CR2: 0000000000000000

Environment

  • Red Hat Enterprise Linux 6
  • Kernel-2.6.32-220.7.1.el6.x86_64
  • Kernel-2.6.32-358.el6.x86_64
  • Kernel-2.6.32-358.6.1.el6.x86_64
  • Kernel-2.6.32-431.3.1.el6.x86_64
  • Red Hat Enterprise Linux 7

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In