In the Linux kernel before 4.9.3, fs/xfs/xfsaops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUGON instead of an I/O failure.