Bug 433661 - kernel panic with voip traffic (h323)
kernel panic with voip traffic (h323)
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.1
All Linux
low Severity high
: rc
: ---
Assigned To: Thomas Graf
Martin Jenner
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-20 13:24 EST by Juan Jesus Prieto Tapia
Modified: 2015-04-20 07:07 EDT (History)
9 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-20 15:26:14 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
jjprieto: needinfo-


Attachments (Terms of Use)
latest 2.6.18 ipv4 netfilter patch (28.18 KB, patch)
2008-05-12 14:47 EDT, Linda Wang
no flags Details | Diff
proposed patch (1.33 KB, patch)
2008-06-18 17:53 EDT, Thomas Graf
no flags Details | Diff

  None (edit)
Description Juan Jesus Prieto Tapia 2008-02-20 13:24:03 EST
Description of problem:

I have a firewall with latest kernel-2.6.18-53.1.13. When a h323 machine
initiate conections, kernel hangs with message:

# BUG: unable to handle kernel NULL pointer dereference at virtual address 00000020
 printing eip:
c06803d9
*pde = 00000000
Oops: 0000 [0000001]
SMP
last sysfs file: /devices/pci0000:00/0000:00:00.0/irq
Modules linked in: sata_promise(U) megaraid_sas(U) mptsas(U) mptspi(U)
mptscsih(U) mptbase(U) cciss(U) ipt_ipp2p(U) r8169(U) bnx2(U) b44(U) tg3(U)
e1000(U) e100(U) e1000bp(U) sk98lin(U) natsemi(U) reiserfs(U) cloop(U) isofs(U)
cramfs(U)
CPU: 0
EIP: 0060:[<c06803d9>] Not tainted VLI
EFLAGS: 00010202 (2.6.18-8.1.4.el5-lince-nohimem 28)
EIP is at __ip_ct_refresh_acct+0xa1/0x129
eax: 00000000 ebx: 00000002 ecx: 00000000 edx: 00000001
esi: f67396ec edi: 00000008 ebp: 000493e0 esp: f5bffbe8
ds: 007b es: 007b ss: 0068
Process run (pid: 20668, ti=f5bfe000 task=f7def550 task.ti=f5bfe000)
Stack: 00000001 00000000 00000003 00000001 f6739760 f67396ec 00000036 c0689731
       000493e0 00000001 00000003 f5bffcc4 f67396ec 00000004 f5bffcc4 c0690e15
       f5bffcc4 00000000 03bca440 00000000 00000000 f601383c f5bffcc4 c07a9b80
Call Trace:
 [<c0689731>] ras_help+0x416/0x809
 [<c0690e15>] ip_nat_fn+0x171/0x185
 [<c067f6f7>] ip_conntrack_help+0x27/0x34
 [<c0648580>] nf_iterate+0x30/0x61
 [<c06c1943>] br_nf_dev_queue_xmit+0x0/0x34
 [<c06486a6>] nf_hook_slow+0x3a/0x90
 [<c06c1943>] br_nf_dev_queue_xmit+0x0/0x34
 [<c06c1bff>] br_nf_post_routing+0x135/0x157
 [<c06c1943>] br_nf_dev_queue_xmit+0x0/0x34
 [<c0648580>] nf_iterate+0x30/0x61
 [<c06bde49>] br_dev_queue_push_xmit+0x0/0x17e
 [<c06486a6>] nf_hook_slow+0x3a/0x90
 [<c06bde49>] br_dev_queue_push_xmit+0x0/0x17e
 [<c06bdffa>] br_forward_finish+0x33/0x45
 [<c06bde49>] br_dev_queue_push_xmit+0x0/0x17e
 [<c06c1ac4>] br_nf_forward_finish+0xc8/0xce
 [<c06c2218>] br_nf_forward_ip+0x11e/0x12f
 [<c0648580>] nf_iterate+0x30/0x61
 [<c06bdfc7>] br_forward_finish+0x0/0x45
 [<c06486a6>] nf_hook_slow+0x3a/0x90
 [<c06bdfc7>] br_forward_finish+0x0/0x45
 [<c06be052>] __br_forward+0x46/0x57
 [<c06bdfc7>] br_forward_finish+0x0/0x45
 [<c06bea32>] br_handle_frame_finish+0xb2/0xcf
 [<c06c202b>] br_nf_pre_routing_finish+0x26e/0x278
 [<c0648580>] nf_iterate+0x30/0x61
 [<c06c1dbd>] br_nf_pre_routing_finish+0x0/0x278
 [<c06486a6>] nf_hook_slow+0x3a/0x90
 [<c06c1dbd>] br_nf_pre_routing_finish+0x0/0x278
 [<c06c2a93>] br_nf_pre_routing+0x552/0x56f
 [<c0648580>] nf_iterate+0x30/0x61
 [<c06be980>] br_handle_frame_finish+0x0/0xcf
 [<c06486a6>] nf_hook_slow+0x3a/0x90
 [<c06be980>] br_handle_frame_finish+0x0/0xcf
 [<c06beb82>] br_handle_frame+0x133/0x15d
 [<c06be980>] br_handle_frame_finish+0x0/0xcf
 [<c0626daf>] netif_receive_skb+0x240/0x339
 [<f8920d11>] e1000_clean_rx_irq+0xe1/0x4a0 [e1000bp]
 [<f8920c30>] e1000_clean_rx_irq+0x0/0x4a0 [e1000bp]
 [<f891fde5>] e1000_clean+0x225/0x2c0 [e1000bp]
 [<c0628710>] net_rx_action+0x92/0x17e
 [<c0421204>] __do_softirq+0x5a/0xbb
 [<c042129b>] do_softirq+0x36/0x3a
 [<c04064a5>] do_IRQ+0x48/0x53
 [<c04046ba>] common_interrupt+0x1a/0x20
 =======================
Code: 53 08 89 d8 e8 3c 59 da ff bf 08 00 00 00 83 3c 24 00 74 4d 31 d2 83 7c 24
08 02 0f 97 c2 8b 5c d6 24 43 89 5c d6 24 8b 4c 24 04 <8b> 41 20 0f b7 40 02 89
c1 c1 e9 08 c1 e0 08 09 c8 0f b7 c0 03
EIP: [<c06803d9>] __ip_ct_refresh_acct+0xa1/0x129 SS:ESP 0068:f5bffbe8
 <0>Kernel panic - not syncing: Fatal exception in interrupt

I have reviewing h323 patch for this kernel (2.6.18-53-1.13) and the version is
from 20 April 2006!!

Please, see:
http://sourceforge.net/forum/forum.php?thread_id=1502505&forum_id=535960

There is an important bug fixed in the latest patch version (nath323-2.6.18-1.5)
not included in the latest kernel!! ... please, include this bugfix in the new
kernel
Comment 1 Prarit Bhargava 2008-05-08 08:32:49 EDT
Juan, could you post the exact patch you want included?

Thanks,

P.
Comment 2 Juan Jesus Prieto Tapia 2008-05-09 11:10:56 EDT
You can find latest patch for 2.6.18 from:

http://sourceforge.net/project/showfiles.php?group_id=158936

(project: nath323.sourceforge.net)

Regards
Comment 3 Linda Wang 2008-05-12 14:47:29 EDT
Created attachment 305158 [details]
latest 2.6.18 ipv4 netfilter patch

the latest version downloaded from the above website/url:
patch-2.6.18-nath323-1.5
Comment 4 Thomas Graf 2008-06-18 17:53:37 EDT
Created attachment 309793 [details]
proposed patch

I cut it down to the following patch fixing the oops, a locking bug and a
reference leak. We can't include the complete patch for kABI reasons.

Are you ok with this?
Comment 5 RHEL Product and Program Management 2008-06-18 18:11:48 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 7 Don Zickus 2008-09-02 23:38:54 EDT
in kernel-2.6.18-107.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5
Comment 9 Pasi Karkkainen 2008-10-02 09:31:09 EDT
I've been running 2.6.18-116.el5 for a week now without problems on a firewall that used to crash maybe twice a week.. so far it seems to fix the problem!
Comment 10 Mike Gahagan 2008-10-13 14:47:42 EDT
confirmed fix is in the -119 kernel.
Comment 14 errata-xmlrpc 2009-01-20 15:26:14 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-0225.html

Note You need to log in before you can comment on or make changes to this bug.