Error Message

The system core will have a panic string similar to this.

PANIC: "BUG: unable to handle kernel NULL pointer dereference at 0000000000000520"
 

Backtrace of an affected system shows "exception RIP: vx_bio_associate_blkg".

crash> bt
PID: 3203331 TASK: ffff950836570000 CPU: 5 COMMAND: "oracle"
#0 [ffffb7eafc033450] machine_kexec at ffffffff90e5982e
#1 [ffffb7eafc0334a8] __crash_kexec at ffffffff90f58d8d
#2 [ffffb7eafc033570] crash_kexec at ffffffff90f59c6d
#3 [ffffb7eafc033588] oops_end at ffffffff90e21edd
#4 [ffffb7eafc0335a8] no_context at ffffffff90e6872e
#5 [ffffb7eafc033600] do_page_fault at ffffffff90e69262
#6 [ffffb7eafc033630] page_fault at ffffffff9180120e
[exception RIP: vx_bio_associate_blkg+40]
RIP: ffffffffc0fe9408 RSP: ffffb7eafc0336e8 RFLAGS: 00010246
RAX: ffffffff92c798a0 RBX: ffff94f3907fb300 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff94f3907fb300
RBP: ffff94f3907fb300 R8: ffff94f3907fb300 R9: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff95015e05f170
R13: ffff951feb148780 R14: ffff95015e05f020 R15: ffff95015e05f000
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#7 [ffffb7eafc0336f8] vx_dio_physio at ffffffffc103504f [vxfs]
#8 [ffffb7eafc0338e8] vx_dio_rdwri at ffffffffc0ec55aa [vxfs]
#9 [ffffb7eafc033b38] vx_dio_read at ffffffffc100eaa6 [vxfs]
#10 [ffffb7eafc033c00] vx_read_common_noinline at ffffffffc100fe37 [vxfs]
#11 [ffffb7eafc033cc8] vx_read1 at ffffffffc101071b [vxfs]
#12 [ffffb7eafc033d70] vx_vop_read at ffffffffc0ff0ac2 [vxfs]
#13 [ffffb7eafc033dc0] vx_read at ffffffffc0ff0d88 [vxfs]
#14 [ffffb7eafc033ec8] vfs_read at ffffffff910c70c1
#15 [ffffb7eafc033f00] ksys_pread64 at ffffffff910c76f1
#16 [ffffb7eafc033f38] do_syscall_64 at ffffffff90e0419b
#17 [ffffb7eafc033f50] entry_SYSCALL_64_after_hwframe at ffffffff918000ad
RIP: 00007f9b2852e478 RSP: 00007fff1bd35e28 RFLAGS: 00000246
RAX: ffffffffffffffda RBX: 0000000000002000 RCX: 00007f9b2852e478
RDX: 0000000000002000 RSI: 00000000bed3c000 RDI: 000000000000010a
RBP: 00007fff1bd3a830 R8: 00000000735cff10 R9: 00007f9b2c2b8078
R10: 000000058e7ae000 R11: 0000000000000246 R12: 00007f9b2c2b7f50
R13: 000001ad417f26cd R14: 000000000000001d R15: 00007f9b2c2b8158
ORIG_RAX: 0000000000000011 CS: 0033 SS: 002b
 

When a directory block is full, it will automatically be reallocated to a larger extent to allow new file entries. As the new extent gets allocated, the old cbuf (cluster buffer structure) will be part of the new extent. The old cbuf does not get invalidated during reallocation, which ends up with a stale cbuf left in the cache. This stale buffer can cause a buffer overflow.

As of the time of authoring this article, this issue has only been noted on Linux operating systems.  

The fix is provided through the 7.4.2 Update 7 Cumulative Patch for RHEL 7 and RHEL8.

InfoScale 7.4.2 Update 7 Cumulative Patch on RHEL7 Platform: https://downloads.infoscale.com/infoscale/REL600675/7.4.2.4900?q=UPD226123&fileNumber=FILE515110&updateNumber=UPD226123 

InfoScale 7.4.2 Update 7 Cumulative Patch on RHEL8 Platform: https://downloads.infoscale.com/infoscale/REL600675/7.4.2.4900?q=UPD424106&fileNumber=FILE118471&updateNumber=UPD424106 

If this fix is needed for a different version, then please engage Infoscale support for additional assistance.

RedHat article related to this issue: https://access.redhat.com/solutions/6810931

The system core will have a panic string similar to this.

PANIC: "BUG: unable to handle kernel NULL pointer dereference at 0000000000000520"

Backtrace of an affected system shows "exception RIP: vx_bio_associate_blkg".

crash> bt
PID: 3203331 TASK: ffff950836570000 CPU: 5 COMMAND: "oracle"
#0 [ffffb7eafc033450] machine_kexec at ffffffff90e5982e
#1 [ffffb7eafc0334a8] __crash_kexec at ffffffff90f58d8d
#2 [ffffb7eafc033570] crash_kexec at ffffffff90f59c6d
#3 [ffffb7eafc033588] oops_end at ffffffff90e21edd
#4 [ffffb7eafc0335a8] no_context at ffffffff90e6872e
#5 [ffffb7eafc033600] do_page_fault at ffffffff90e69262
#6 [ffffb7eafc033630] page_fault at ffffffff9180120e
[exception RIP: vx_bio_associate_blkg+40]
RIP: ffffffffc0fe9408 RSP: ffffb7eafc0336e8 RFLAGS: 00010246
RAX: ffffffff92c798a0 RBX: ffff94f3907fb300 RCX: 0000000000000000
RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff94f3907fb300
RBP: ffff94f3907fb300 R8: ffff94f3907fb300 R9: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff95015e05f170
R13: ffff951feb148780 R14: ffff95015e05f020 R15: ffff95015e05f000
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
#7 [ffffb7eafc0336f8] vx_dio_physio at ffffffffc103504f [vxfs]
#8 [ffffb7eafc0338e8] vx_dio_rdwri at ffffffffc0ec55aa [vxfs]
#9 [ffffb7eafc033b38] vx_dio_read at ffffffffc100eaa6 [vxfs]
#10 [ffffb7eafc033c00] vx_read_common_noinline at ffffffffc100fe37 [vxfs]
#11 [ffffb7eafc033cc8] vx_read1 at ffffffffc101071b [vxfs]
#12 [ffffb7eafc033d70] vx_vop_read at ffffffffc0ff0ac2 [vxfs]
#13 [ffffb7eafc033dc0] vx_read at ffffffffc0ff0d88 [vxfs]
#14 [ffffb7eafc033ec8] vfs_read at ffffffff910c70c1
#15 [ffffb7eafc033f00] ksys_pread64 at ffffffff910c76f1
#16 [ffffb7eafc033f38] do_syscall_64 at ffffffff90e0419b
#17 [ffffb7eafc033f50] entry_SYSCALL_64_after_hwframe at ffffffff918000ad
RIP: 00007f9b2852e478 RSP: 00007fff1bd35e28 RFLAGS: 00000246
RAX: ffffffffffffffda RBX: 0000000000002000 RCX: 00007f9b2852e478
RDX: 0000000000002000 RSI: 00000000bed3c000 RDI: 000000000000010a
RBP: 00007fff1bd3a830 R8: 00000000735cff10 R9: 00007f9b2c2b8078
R10: 000000058e7ae000 R11: 0000000000000246 R12: 00007f9b2c2b7f50
R13: 000001ad417f26cd R14: 000000000000001d R15: 00007f9b2c2b8158
ORIG_RAX: 0000000000000011 CS: 0033 SS: 002b

ETrack: 4136095