System crash on Ubuntu 18, in netlink code when using iptables / netfilter

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Yuri Lipnesh <yuri.lipnesh@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: System crash on Ubuntu 18, in netlink code when using iptables / netfilter
Date: Mon, 30 Nov 2020 14:38:42 -0500	[thread overview]
Message-ID: <B37EABB8-355F-4A05-9BF3-1119D1E0470D@gmail.com> (raw)

Linux system crashed

[    0.000000] Linux version 5.4.0-54-generic (buildd@lcy01-amd64-008) (gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04)) #60~18.04.1-Ubuntu SMP Fri Nov 6 17:25:16 UTC 2020 (Ubuntu 5.4.0-54.60~18.04.1-generic 5.4.65)
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-5.4.0-54-generic root=UUID=11885fd3-b840-4c9b-a500-532c73ac952a ro find_preseed=/preseed.cfg auto noprompt priority=critical locale=en_US quiet crashkernel=512M-:192M

…
[  156.321147] TCP: eth0: Driver has suspect GRO implementation, TCP performance may be compromised.
[  177.519159] general protection fault: 0000 [#1] SMP PTI
[  177.519737] CPU: 5 PID: 18484 Comm: worker-1 Kdump: loaded Not tainted 5.4.0-54-generic #60~18.04.1-Ubuntu
[  177.519742] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 02/27/2020
[  177.519814] RIP: 0010:dev_hard_start_xmit+0x38/0x200
[  177.519827] Code: 55 41 54 53 48 83 ec 20 48 85 ff 48 89 55 c8 48 89 4d b8 0f 84 c1 01 00 00 48 8d 86 90 00 00 00 48 89 fb 49 89 f4 48 89 45 c0 <4c> 8b 2b 48 c7 c0 d0 f2 04 8f 48 c7 03 00 00 00 00 48 8b 00 4d 85
[  177.519829] RSP: 0018:ffffbc6d0609b5e8 EFLAGS: 00010286
[  177.519833] RAX: 0000000000000000 RBX: dead000000000100 RCX: ffff95cf4bcfe800
[  177.519835] RDX: 0000000000000000 RSI: ffff95cf4bcfe800 RDI: 0000000000000286
[  177.519837] RBP: ffffbc6d0609b630 R08: ffff95cf6a190ec8 R09: ffff95cf4a2f7438
[  177.519839] R10: ffffbc6d0609b6d0 R11: ffff95cf49d4d180 R12: ffff95cf51a5f000
[  177.519841] R13: dead000000000100 R14: 000000000000009c R15: ffff95d02996b400
[  177.519844] FS:  00007ff394cdfb20(0000) GS:ffff95d035d40000(0000) knlGS:0000000000000000
[  177.519846] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  177.519848] CR2: 00007fb4a9c2d000 CR3: 00000001049fa004 CR4: 00000000003606e0
[  177.519908] Call Trace:
[  177.519917]  __dev_queue_xmit+0x719/0x920
[  177.519930]  ? ctnetlink_conntrack_event+0x8c/0x5e0 [nf_conntrack_netlink]
[  177.519934]  dev_queue_xmit+0x10/0x20
[  177.519937]  ? dev_queue_xmit+0x10/0x20
[  177.519940]  ip_finish_output2+0x304/0x5a0
[  177.519944]  ? conntrack_mt_v3+0x20/0x30 [xt_conntrack]
[  177.519947]  __ip_finish_output+0xfa/0x1c0
[  177.519949]  ? __ip_finish_output+0xfa/0x1c0
[  177.519952]  ip_finish_output+0x2c/0xa0
[  177.519954]  ip_output+0x6d/0xe0
[  177.519957]  ? __ip_finish_output+0x1c0/0x1c0
[  177.519960]  ip_forward_finish+0x57/0x90
[  177.519963]  ip_forward+0x38c/0x480
[  177.519967]  ? ip4_key_hashfn+0xc0/0xc0
[  177.519970]  ip_rcv_finish+0x84/0xa0
[  177.519973]  nf_reinject+0x18e/0x1e0
[  177.519980]  nfqnl_reinject+0x50/0x60 [nfnetlink_queue]
[  177.519984]  nfqnl_recv_verdict+0x310/0x4c0 [nfnetlink_queue]
[  177.519990]  nfnetlink_rcv_msg+0x165/0x290 [nfnetlink]
[  177.520000]  ? __switch_to_asm+0x34/0x70
[  177.520002]  ? __switch_to_asm+0x40/0x70
[  177.520005]  ? __switch_to_asm+0x34/0x70
[  177.520008]  ? apic_timer_interrupt+0xa/0x20
[  177.520013]  ? nfnetlink_net_exit_batch+0x70/0x70 [nfnetlink]
[  177.520016]  netlink_rcv_skb+0x51/0x120
[  177.520021]  nfnetlink_rcv+0x88/0x145 [nfnetlink]
[  177.520024]  netlink_unicast+0x1a4/0x250
[  177.520027]  netlink_sendmsg+0x2eb/0x3f0
[  177.520032]  sock_sendmsg+0x63/0x70
[  177.520036]  ____sys_sendmsg+0x200/0x280
[  177.520041]  ___sys_sendmsg+0x88/0xd0
[  177.520047]  ? __wake_up+0x13/0x20
[  177.520052]  ? fput+0x13/0x20
[  177.520055]  ? __sys_recvfrom+0x14b/0x160
[  177.520058]  ? sock_poll+0x79/0xb0
[  177.520061]  __sys_sendmsg+0x63/0xa0
[  177.520063]  ? __sys_sendmsg+0x63/0xa0
[  177.520067]  __x64_sys_sendmsg+0x1f/0x30
[  177.520072]  do_syscall_64+0x57/0x190
[  177.520075]  entry_SYSCALL_64_after_hwframe+0x44/0xa9
[  177.520079] RIP: 0033:0x7ff39660c879
[  177.520083] Code: c3 8b 07 85 c0 75 24 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> e9 4d d3 ff ff 41 54 b8 02 00 00 00 49 89 f4 be 00 08 08 00 55
[  177.520085] RSP: 002b:00007ff394cddaa8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  177.520089] RAX: ffffffffffffffda RBX: 00007ff394cdfb20 RCX: 00007ff39660c879
[  177.520091] RDX: 0000000000000000 RSI: 00007ff394cddb08 RDI: 0000000000000022
[  177.520092] RBP: 0000000000000022 R08: 0000000000000000 R09: 0000000000000000
[  177.520094] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000002e
[  177.520095] R13: 0000000000000022 R14: 00007ff394cddb08 R15: 00000000fa000000
[  177.520098] Modules linked in: nfnetlink_queue xt_NFQUEUE ipt_rpfilter xt_multiport xt_set iptable_raw ip_set_hash_ip ip_set_hash_net ipip tunnel4 ip_tunnel vxlan ip6_udp_tunnel udp_tunnel ipt_REJECT nf_reject_ipv4 ip_set ip_vs_sh ip_vs_wrr ip_vs_rr ip_vs iptable_mangle xt_comment xt_mark rfcomm veth xt_nat xt_tcpudp xt_conntrack xt_MASQUERADE nf_conntrack_netlink nfnetlink xfrm_user xfrm_algo xt_addrtype iptable_filter iptable_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c bpfilter br_netfilter bridge stp llc intel_rapl_msr intel_rapl_common crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel crypto_simd cryptd glue_helper rapl bnep vmw_balloon aufs snd_ens1371 snd_ac97_codec gameport ac97_bus input_leds snd_pcm joydev serio_raw snd_seq_midi snd_seq_midi_event snd_rawmidi btusb btrtl btbcm snd_seq btintel bluetooth snd_seq_device snd_timer ecdh_generic ecc snd soundcore overlay mac_hid vmw_vsock_vmci_transport vsock vmw_vmci sch_fq_codel vmwgfx ttm
[  177.520148]  drm_kms_helper drm fb_sys_fops syscopyarea sysfillrect sysimgblt parport_pc ppdev lp parport ip_tables x_tables autofs4 hid_generic usbhid hid mptspi mptscsih mptbase ahci psmouse e1000 libahci scsi_transport_spi i2c_piix4 pata_acpi


Two products Calico and Aqua security use iptables /netfilter on that system

Regards,
Yuri Lipnesh

next             reply	other threads:[~2020-11-30 19:39 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-30 19:38 Yuri Lipnesh [this message]
2020-11-30 19:58 ` System crash on Ubuntu 18, in netlink code when using iptables / netfilter Florian Westphal
2020-12-03 17:00   ` Yuri Lipnesh
2021-08-30 15:43     ` System crash in netfilter 5.10.25 Yuri Lipnesh
2021-08-30 20:51       ` Florian Westphal

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=B37EABB8-355F-4A05-9BF3-1119D1E0470D@gmail.com \
    --to=yuri.lipnesh@gmail.com \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).