Bug 1466426 - Kernel BUG when a PPP interface is deleted
Kernel BUG when a PPP interface is deleted
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: kernel (Show other bugs)
26
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Kernel Maintainer List
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-06-29 10:37 EDT by Beniamino Galvani
Modified: 2018-02-28 03:17 EST (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2018-02-28 03:17:19 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Beniamino Galvani 2017-06-29 10:37:28 EDT
Description of problem:

Kernel BUG when a PPP interface is deleted.


Version-Release number of selected component (if applicable):
kernel 4.11.6-301.fc26.x86_64


How reproducible:
always


Steps to Reproduce:

1. start a PPPoE connection:
# pppd nodetach lock user client plugin rp-pppoe.so ens11 noauth nodeflate password password &
 Plugin rp-pppoe.so loaded.
 RP-PPPoE plugin version 3.8p compiled against pppd 2.4.7
 PPP session is 16
 Connected to fe:54:00:5f:04:13 via interface ens11
 Using interface ppp0
 Connect: ppp0 <--> ens11
 CHAP authentication succeeded: Access granted
 CHAP authentication succeeded
 peer from calling number FE:54:00:5F:04:13 authorized
 local  IP address 3.1.1.17
 remote IP address 3.1.1.1

2. Bring down and delete the interface while pppd is still running
# ip l set ppp0 down
# ip l del ppp0


Actual results:

[   50.365826] ------------[ cut here ]------------
[   50.365830] kernel BUG at net/core/dev.c:7821!
[   50.365832] invalid opcode: 0000 [#1] SMP
[   50.365834] Modules linked in: pppoe pppox ppp_generic slhc fuse joydev uinput nf_conntrack_netbios_ns nf_conntrack_broadcast xt_CT ip6t_rpfilter ip6t_REJECT nf_reject_ipv6 xt_conntrack ip_set nfnetlink ebtable_nat ebtable_broute bri\
dge stp llc ip6table_nat nf_conntrack_ipv6 nf_defrag_ipv6 nf_nat_ipv6 ip6table_mangle ip6table_raw ip6table_security iptable_nat nf_conntrack_ipv4 nf_defrag_ipv4 nf_nat_ipv4 nf_nat nf_conntrack libcrc32c iptable_mangle iptable_raw iptab\
le_security ebtable_filter ebtables tun ip6table_filter ip6_tables sunrpc snd_hda_codec_generic crct10dif_pclmul crc32_pclmul snd_hda_intel snd_hda_codec ghash_clmulni_intel ppdev snd_hda_core parport_pc parport virtio_balloon snd_hwdep\
 i2c_piix4 tpm_tis tpm_tis_core snd_seq snd_seq_device tpm snd_pcm snd_timer snd soundcore 8139too virtio_console
[   50.365872]  qxl drm_kms_helper ttm drm crc32c_intel serio_raw ata_generic virtio_pci e1000 8139cp virtio_ring virtio mii pata_acpi qemu_fw_cfg
[   50.365882] CPU: 3 PID: 1818 Comm: pppd Not tainted 4.11.6-301.fc26.x86_64 #1
[   50.365883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.fc25 04/01/2014
[   50.365885] task: ffff98f9d59c4b00 task.stack: ffffbd7e42f0c000
[   50.365890] RIP: 0010:free_netdev+0xe9/0xf0
[   50.365891] RSP: 0018:ffffbd7e42f0fd88 EFLAGS: 00010297
[   50.365893] RAX: 0000000000000002 RBX: ffff98f9ab5098c0 RCX: 0000000000000e84
[   50.365895] RDX: 0000000000000001 RSI: 0000000000000282 RDI: 0000000000000282
[   50.365896] RBP: ffffbd7e42f0fda0 R08: ffffbd7e408c9000 R09: 0000000000000000
[   50.365897] R10: 000800010000dc48 R11: 0000dc480000db29 R12: ffff98f9ab509000
[   50.365898] R13: ffff98f9ab509060 R14: ffff98f9ab50993c R15: 0000000000000000
[   50.365901] FS:  00007f9f830d8840(0000) GS:ffff98f9ffd80000(0000) knlGS:0000000000000000
[   50.365902] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   50.365904] CR2: 000055efe66bf078 CR3: 000000002dca2000 CR4: 00000000001406e0
[   50.365907] Call Trace:
[   50.365914]  ppp_destroy_interface+0xcc/0xd0 [ppp_generic]
[   50.365917]  ppp_disconnect_channel+0xda/0x110 [ppp_generic]
[   50.365919]  ppp_unregister_channel+0x5e/0x110 [ppp_generic]
[   50.365922]  pppox_unbind_sock+0x23/0x30 [pppox]
[   50.365925]  pppoe_connect+0x130/0x440 [pppoe]
[   50.365928]  SYSC_connect+0x98/0x110
[   50.365932]  ? SyS_fcntl+0x38c/0x5d0
[   50.365935]  SyS_connect+0xe/0x10
[   50.365938]  entry_SYSCALL_64_fastpath+0x1a/0xa9
[   50.365940] RIP: 0033:0x7f9f81ae4820
[   50.365941] RSP: 002b:00007ffe94a235a8 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[   50.365943] RAX: ffffffffffffffda RBX: 0000000000000028 RCX: 00007f9f81ae4820
[   50.365944] RDX: 000000000000001e RSI: 00007ffe94a235b0 RDI: 0000000000000008
[   50.365945] RBP: 000055efe492b7b0 R08: 000055efe66c4210 R09: 0000000000000160
[   50.365947] R10: 00000000aaaaaaab R11: 0000000000000246 R12: 0000000000000005
[   50.365948] R13: 000055efe66bf050 R14: 000055efe46c8eb9 R15: 0000000000000005
[   50.365949] Code: 04 00 00 04 e8 c9 9e e4 ff 5b 41 5c 41 5d 5d c3 41 0f b7 84 24 2a 02 00 00 4c 89 e7 48 29 c7 e8 de a1 ab ff 5b 41 5c 41 5d 5d c3 <0f> 0b 0f 1f 44 00 00 0f 1f 44 00 00 55 48 89 e5 41 54 53 0f b7
[   50.365980] RIP: free_netdev+0xe9/0xf0 RSP: ffffbd7e42f0fd88
[   50.365983] ---[ end trace a2b7fdff2d2a7b10 ]---
[   60.608226] unregister_netdevice: waiting for ppp0 to become free. Usage count = -2
[   70.848210] unregister_netdevice: waiting for ppp0 to become free. Usage count = -2
[   81.088258] unregister_netdevice: waiting for ppp0 to become free. Usage count = -2
[   91.328084] unregister_netdevice: waiting for ppp0 to become free. Usage count = -2
[  101.568113] unregister_netdevice: waiting for ppp0 to become free. Usage count = -2
Comment 1 Beniamino Galvani 2017-06-29 10:42:52 EDT
This is reproducible also with upstream kernel 4.12.0-rc6.
Comment 2 Laura Abbott 2017-06-29 11:19:57 EDT
This needs to be reported to the upstream networking maintainers
Comment 4 Laura Abbott 2018-02-27 22:48:26 EST
We apologize for the inconvenience.  There is a large number of bugs to go through and several of them have gone stale. The kernel moves very fast so bugs may get fixed as part of a kernel update. Due to this, we are doing a mass bug update across all of the Fedora 26 kernel bugs.
 
Fedora 26 has now been rebased to 4.15.4-200.fc26.  Please test this kernel update (or newer) and let us know if you issue has been resolved or if it is still present with the newer kernel.
 
If you have moved on to Fedora 27, and are still experiencing this issue, please change the version to Fedora 27.
 
If you experience different issues, please open a new bug report for those.
Comment 5 Beniamino Galvani 2018-02-28 03:17:19 EST
The issue is fixed on 4.15.4-200.fc26, this can be closed.

Note You need to log in before you can comment on or make changes to this bug.