194849 – general protection fault: 0000 [#1] SMP

Bug 194849 - general protection fault: 0000 [#1] SMP

Summary: general protection fault: 0000 [#1] SMP

Status:	NEW

Alias:	None

Product:	Networking
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	x86-64 Linux

Importance:	P1 normal
Assignee:	Stephen Hemminger

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-03-11 10:30 UTC by Li Wang
Modified:	2017-04-27 05:25 UTC (History)
CC List:	2 users (show)

See Also:
Kernel Version:	4.11.0-rc1
Subsystem:
Regression:	No
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Li Wang 2017-03-11 10:30:54 UTC

[    7.979311] general protection fault: 0000 [#1] SMP 
[    7.979824] Modules linked in: crct10dif_pclmul crc32_pclmul ghash_clmulni_intel pcbc aesni_intel ppdev crypto_simd glue_helper cryptd pcspkr i2c_piix4 virtio_balloon nfsd parport_pc i2c_core parport auth_rpcgss nfs_acl acpi_cpufreq lockd grace sunrpc ip_tables xfs libcrc32c ata_generic pata_acpi ata_piix libata virtio_console virtio_blk virtio_net crc32c_intel serio_raw virtio_pci virtio_ring virtio floppy dm_mirror dm_region_hash dm_log dm_mod 
[    7.983569] CPU: 0 PID: 698 Comm: NetworkManager Not tainted 4.11.0-rc1 #1 
[    7.984229] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 
[    7.984777] task: ffff880139adad00 task.stack: ffffc90001280000 
[    7.985349] RIP: 0010:inet6_fill_ifaddr+0x6c/0x230 
[    7.985811] RSP: 0018:ffffc90001283a20 EFLAGS: 00010282 
[    7.986316] RAX: ffff880135503f08 RBX: ff007475707474a7 RCX: 0000000000000000 
[    7.986994] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff880135503f20 
[    7.987679] RBP: ffffc90001283a58 R08: 0000000000000008 R09: ffff880135503f20 
[    7.988366] R10: 20c49ba5e353f7cf R11: ffffff9c01c9c380 R12: ffff880139677300 
[    7.989046] R13: ffff880135503f08 R14: 0000000000000000 R15: ffff8801333a8008 
[    7.989730] FS:  00007f9f8626c940(0000) GS:ffff88013fc00000(0000) knlGS:0000000000000000 
[    7.990501] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 
[    7.991052] CR2: 000055ae707b40c8 CR3: 000000013518d000 CR4: 00000000001406f0 
[    7.991728] Call Trace: 
[    7.991983]  inet6_dump_addr+0x32e/0x520 
[    7.992372]  inet6_dump_ifaddr+0x10/0x20 
[    7.992739]  netlink_dump+0x12c/0x290 
[    7.993104]  __netlink_dump_start+0x186/0x1f0 
[    7.993528]  ? inet6_dump_ifmcaddr+0x20/0x20 
[    7.993943]  rtnetlink_rcv_msg+0x140/0x230 
[    7.994344]  ? inet6_dump_ifmcaddr+0x20/0x20 
[    7.994755]  ? rtnl_newlink+0x830/0x830 
[    7.995116]  netlink_rcv_skb+0xa7/0xc0 
[    7.995471]  rtnetlink_rcv+0x28/0x30 
[    7.995807]  netlink_unicast+0x181/0x240 
[    7.996175]  netlink_sendmsg+0x32e/0x3b0 
[    7.996547]  sock_sendmsg+0x38/0x50 
[    7.996877]  ___sys_sendmsg+0x279/0x290 
[    7.997242]  ? sock_destroy_inode+0x2f/0x40 
[    7.997635]  ? destroy_inode+0x3b/0x60 
[    7.997987]  ? evict+0x142/0x1a0 
[    7.998295]  ? iput+0x197/0x200 
[    7.998612]  ? dentry_free+0x4e/0x90 
[    7.998962]  ? __dentry_kill+0x119/0x170 
[    7.999339]  __sys_sendmsg+0x54/0x90 
[    7.999710]  SyS_sendmsg+0x12/0x20 
[    8.000052]  do_syscall_64+0x67/0x180 
[    8.000427]  entry_SYSCALL64_slow_path+0x25/0x25 
[    8.000878] RIP: 0033:0x7f9f84a939fd 
[    8.001215] RSP: 002b:00007ffc3ec87640 EFLAGS: 00000293 ORIG_RAX: 000000000000002e 
[    8.001911] RAX: ffffffffffffffda RBX: 000055ae707ac4f0 RCX: 00007f9f84a939fd 
[    8.002571] RDX: 0000000000000000 RSI: 00007ffc3ec876f0 RDI: 000000000000000c 
[    8.003230] RBP: 000055ae707ac400 R08: 0000000000000001 R09: 0000000000001000 
[    8.003885] R10: 0000000000000063 R11: 0000000000000293 R12: 000055ae707a6090 
[    8.004546] R13: 00007ffc3ec876f0 R14: 0000000000000000 R15: 000055ae707a6090 
[    8.005201] Code: 00 83 f8 17 0f 8e 83 01 00 00 48 89 f3 89 d6 89 ca 44 89 c1 41 b8 08 00 00 00 e8 90 26 f7 ff 48 85 c0 49 89 c5 0f 84 62 01 00 00 <48> 8b 83 a8 00 00 00 0f b7 53 2e 48 8b 00 f6 c2 10 8b 88 08 01  
[    8.006970] RIP: inet6_fill_ifaddr+0x6c/0x230 RSP: ffffc90001283a20 
[    8.007613] ---[ end trace 34379462471efc3b ]--- 
[    8.008062] Kernel panic - not syncing: Fatal exception in interrupt 
[    8.021207] Kernel Offset: disabled 
[    8.021573] ---[ end Kernel panic - not syncing: Fatal exception in inte

Comment 1 The Linux kernel's regression tracker (Thorsten Leemhuis) 2017-03-14 09:30:43 UTC

What's the status of this? Did anyone brought this issue to the list of network developers? They iirc don't track bugzilla and prefer mail.

JFYI: I added this report to the list of regressions for Linux 4.11.
I'll watch this place for further updates on this issue to document
progress in my weekly reports, hence to allow me to keep track please send a quick note here in case this issue gets discussed somewhere else.

Comment 2 Cong Wang 2017-04-03 16:48:36 UTC

Yeah, in the future please report networking bugs directly to netdev@vger.kernel.org.

For this one, do you know how to reproduce it? And can you help us to match inet6_fill_ifaddr+0x6c/0x230 to the source code with addr2line?

Comment 3 Cong Wang 2017-04-27 05:25:55 UTC

Seems resolved by:

commit a2d6cbb0670d54806f18192cb0db266b4a6d285a
Author: Rabin Vincent <rabinv@axis.com>
Date:   Mon Apr 10 08:36:39 2017 +0200

    ipv6: Fix idev->addr_list corruption

Note You need to log in before you can comment on or make changes to this bug.