Bug 1259001 - Kernel crash in iptable_nat_ipv4
Kernel crash in iptable_nat_ipv4
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
22
x86_64 Linux
unspecified Severity high
: ---
: ---
Assigned To: Kernel Maintainer List
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-09-01 13:25 EDT by Milan Bouchet-Valat
Modified: 2015-10-05 07:56 EDT (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-10-05 07:56:30 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
vmcore-dmesg.txt (243.17 KB, text/plain)
2015-09-01 13:25 EDT, Milan Bouchet-Valat
no flags Details

  None (edit)
Description Milan Bouchet-Valat 2015-09-01 13:25:05 EDT
Created attachment 1069089 [details]
vmcore-dmesg.txt

My kernel (4.0.7-300.fc22) crashed with the trace below. abrt-kdump was able to get a trace, but when uploading via ABRT I get a "uReport data is invalid" error. Let me know if there's any way to provide more information (I've uploaded the data to retrace.fedoraproject.org using report_EmergencyAnalysis, FWIW).

[123754.229846] BUG: unable to handle kernel NULL pointer dereference at 0000000000000031
[123754.229897] IP: [<ffffffff817051b4>] ipt_do_table+0x2e4/0x730
[123754.229932] PGD 0 
[123754.229946] Oops: 0000 [#1] SMP 
[123754.229967] Modules linked in: uas usb_storage ccm rfcomm xt_CHECKSUM ipt_MASQUERADE nf_nat_masquerade_ipv4 tun nf_conntrack_netbios_ns nf_conntrack_broadcast ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ebtable_nat ebtable_broute bridge ebtable_filter ebtables ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_security ip6table_raw ip6table_filter ip6_tables iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack iptable_mangle iptable_security iptable_raw bnep fuse snd_hda_codec_hdmi btrfs uvcvideo videobuf2_vmalloc videobuf2_core xor arc4 btusb bluetooth videobuf2_memops v4l2_common raid6_pq brcmsmac cordic brcmutil b43 mac80211 snd_hda_codec_idt snd_hda_codec_generic videodev media cfg80211 snd_hda_intel snd_hda_controller snd_hda_codec
[123754.230446]  coretemp ssb kvm_intel snd_hwdep mmc_core snd_seq snd_seq_device snd_pcm kvm bcma iTCO_wdt crc32c_intel snd_timer snd hp_wmi sparse_keymap iTCO_vendor_support rfkill lpc_ich soundcore i2c_i801 joydev wmi intel_ips mfd_core shpchp hp_accel acpi_cpufreq lis3lv02d input_polldev nfsd auth_rpcgss nfs_acl lockd grace sunrpc binfmt_misc i915 i2c_algo_bit drm_kms_helper drm 8021q garp stp serio_raw llc mrp r8169 mii video ecryptfs encrypted_keys trusted tpm
[123754.230821] CPU: 0 PID: 343 Comm: transmission-gt Not tainted 4.0.7-300.fc22.x86_64 #1
[123754.230858] Hardware name: Hewlett-Packard HP Pavilion dm4 Notebook PC     /146A, BIOS F.11 07/08/2010
[123754.230897] task: ffff8801970731b0 ti: ffff88000b110000 task.ti: ffff88000b110000
[123754.230929] RIP: 0010:[<ffffffff817051b4>]  [<ffffffff817051b4>] ipt_do_table+0x2e4/0x730
[123754.230988] RSP: 0018:ffff88000b113948  EFLAGS: 00010246
[123754.231015] RAX: 0000000000000001 RBX: ffffc9001162b740 RCX: 0000000000000000
[123754.231045] RDX: 0000000000000000 RSI: 0000000000000003 RDI: ffff8801d333e000
[123754.231076] RBP: ffff88000b113a88 R08: ffff8801d1ca5cc0 R09: ffff880083e3bc00
[123754.231107] R10: ffff88000b113cb8 R11: 0000000000000000 R12: ffffc9001162b7b0
[123754.231137] R13: ffff880083e3bcb0 R14: ffffc9001162b740 R15: ffff880171266800
[123754.231168] FS:  00007f94ca3b9700(0000) GS:ffff8801dbc00000(0000) knlGS:0000000000000000
[123754.231202] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[123754.231227] CR2: 0000000000000031 CR3: 000000007109a000 CR4: 00000000000007f0
[123754.231257] Stack:
[123754.231269]  ffff8801d5003700 0000000000000246 ffff88000b1139b8 ffff88016d8fab40
[123754.231309]  ffff8801d219be70 0000000000000003 ffff8801d333e000 ffff88016d8fa90c
[123754.231349]  ffff88016d8fa900 ffffc900216e2000 0000000100000000 ffff8801d276c600
[123754.231390] Call Trace:
[123754.231412]  [<ffffffffa09a5020>] ? iptable_nat_ipv4_fn+0x20/0x20 [iptable_nat]
[123754.231446]  [<ffffffff816b0880>] ? ip_forward_options+0x1c0/0x1c0
[123754.231476]  [<ffffffff81707694>] iptable_filter_hook+0x34/0x70
[123754.231505]  [<ffffffff816a358a>] nf_iterate+0xaa/0xc0
[123754.231529]  [<ffffffff816b0880>] ? ip_forward_options+0x1c0/0x1c0
[123754.231557]  [<ffffffff816a3624>] nf_hook_slow+0x84/0x130
[123754.231582]  [<ffffffff816b0880>] ? ip_forward_options+0x1c0/0x1c0
[123754.231614]  [<ffffffff816b3136>] __ip_local_out+0x76/0x80
[123754.231655]  [<ffffffff816b315a>] ip_local_out_sk+0x1a/0x40
[123754.231681]  [<ffffffff816b44ba>] ip_send_skb+0x1a/0x50
[123754.231708]  [<ffffffff813a95f1>] ? csum_partial+0x11/0x20
[123754.231736]  [<ffffffff816dcc75>] udp_send_skb+0x185/0x290
[123754.231762]  [<ffffffff816ddb99>] udp_sendmsg+0x309/0xa10
[123754.231789]  [<ffffffff8165707f>] ? kfree_skbmem+0x5f/0x70
[123754.231818]  [<ffffffff81328262>] ? sock_has_perm+0x72/0x90
[123754.231846]  [<ffffffff816ebe69>] inet_sendmsg+0x69/0xb0
[123754.231871]  [<ffffffff81328373>] ? selinux_socket_sendmsg+0x23/0x30
[123754.231902]  [<ffffffff8164e47f>] do_sock_sendmsg+0x9f/0xc0
[123754.233350]  [<ffffffff8164fa89>] SYSC_sendto+0x199/0x200
[123754.234777]  [<ffffffff81140acc>] ? __audit_syscall_entry+0xac/0x100
[123754.236198]  [<ffffffff810226b5>] ? do_audit_syscall_entry+0x55/0x80
[123754.237638]  [<ffffffff810239bb>] ? syscall_trace_enter_phase1+0x14b/0x1b0
[123754.239068]  [<ffffffff81023d77>] ? syscall_trace_leave+0xc7/0x140
[123754.240534]  [<ffffffff8165084e>] SyS_sendto+0xe/0x10
[123754.241865]  [<ffffffff81789f09>] system_call_fastpath+0x12/0x17
[123754.243154] Code: c4 4c 01 f3 4c 39 e3 77 c7 41 8b 87 80 00 00 00 49 83 46 60 01 49 01 46 68 41 f6 87 91 00 00 00 01 0f 85 21 01 00 00 48 8b 43 08 <48> 83 78 30 00 0f 84 a9 00 00 00 48 89 45 98 48 8d 43 20 48 8d 
[123754.246161] RIP  [<ffffffff817051b4>] ipt_do_table+0x2e4/0x730
[123754.247534]  RSP <ffff88000b113948>
[123754.248865] CR2: 0000000000000031
Comment 1 Josh Boyer 2015-09-01 13:43:53 EDT
Please update your kernel to 4.1.6 and let us know if this recreates with that version.  F22 has been on 4.1.y for some time now.
Comment 2 Milan Bouchet-Valat 2015-09-01 17:00:04 EDT
OK. But that's the first time I get this trace (maybe because ABRT fixed some some issues with SELinux recently), so I'm not sure I'll see it again.
Comment 3 Milan Bouchet-Valat 2015-10-05 07:56:30 EDT
I haven't seen it again on newer kernels.

Note You need to log in before you can comment on or make changes to this bug.