-
Task
-
Resolution: Done
-
Undefined
-
None
-
1
-
rhel-net-core-2
-
NST-Core2-25W30
-
5
-
False
-
-
None
Original description:
A kernel panic as follows was found in tc qdisc ets tests:
[68139.485791] BUG: kernel NULL pointer dereference, address: 0000000000000000 [68139.492751] #PF: supervisor read access in kernel mode [68139.497892] #PF: error_code(0x0000) - not-present page [68139.503031] PGD 0 P4D 0 [68139.505570] Oops: Oops: 0000 [#1] SMP NOPTI [68139.509756] CPU: 62 UID: 0 PID: 39457 Comm: tc Kdump: loaded Not tainted 6.12.0-116.el10.x86_64 #1 PREEMPT(voluntary) [68139.520441] Hardware name: Dell Inc. PowerEdge R640/06DKY5, BIOS 2.12.2 07/09/2021 [68139.528005] RIP: 0010:__list_del_entry_valid_or_report+0x4/0x80 [68139.533926] Code: ff 4c 39 c7 0f 84 39 19 8e ff b8 01 00 00 00 c3 cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <48> 8b 17 48 8b 4f 08 48 85 d2 0f 84 56 19 8e ff 48 85 c9 0f 84 ab [68139.552671] RSP: 0018:ffffba186009f400 EFLAGS: 00010202 [68139.557897] RAX: 00000000000000d6 RBX: 0000000000000000 RCX: 0000000000000004 [68139.565027] RDX: ffff9f0fa29b69c0 RSI: 0000000000000000 RDI: 0000000000000000 [68139.572161] RBP: ffffffffc12c2400 R08: 0000000000000008 R09: 0000000000000004 [68139.579293] R10: ffffffffffffffff R11: 0000000000000004 R12: 0000000000000000 [68139.586425] R13: ffff9f0f8cfe0000 R14: 0000000000100005 R15: 0000000000000000 [68139.593556] FS: 00007f2154f37480(0000) GS:ffff9f269c1c0000(0000) knlGS:0000000000000000 [68139.601642] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [68139.607390] CR2: 0000000000000000 CR3: 00000001530be001 CR4: 00000000007726f0 [68139.614520] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [68139.621655] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [68139.628786] PKRU: 55555554 [68139.631500] Call Trace: [68139.633952] <TASK> [68139.636060] ? show_trace_log_lvl+0x1b0/0x2f0 [68139.640417] ? show_trace_log_lvl+0x1b0/0x2f0 [68139.644781] ? ets_class_qlen_notify+0x65/0x90 [sch_ets] [68139.650096] ? __die_body.cold+0x8/0x12 [68139.653936] ? page_fault_oops+0x148/0x160 [68139.658036] ? exc_page_fault+0x73/0x160 [68139.661960] ? asm_exc_page_fault+0x26/0x30 [68139.666149] ? __list_del_entry_valid_or_report+0x4/0x80 [68139.671461] ets_class_qlen_notify+0x65/0x90 [sch_ets] [68139.676598] qdisc_tree_reduce_backlog+0x74/0x110 [68139.681306] ets_qdisc_change+0x630/0xa40 [sch_ets] [68139.686183] ? __nla_put+0x10/0x30 [68139.689593] __tc_modify_qdisc.constprop.0+0x216/0x7f0 [68139.694728] tc_modify_qdisc+0x7c/0x120 [68139.698571] rtnetlink_rcv_msg+0x145/0x3f0 [68139.702669] ? avc_has_perm_noaudit+0x69/0xf0 [68139.707036] ? __pfx_rtnetlink_rcv_msg+0x10/0x10 [68139.711653] netlink_rcv_skb+0x53/0x100 [68139.715494] netlink_unicast+0x245/0x390 [68139.719420] netlink_sendmsg+0x21b/0x470 [68139.723346] ____sys_sendmsg+0x39d/0x3d0 [68139.727270] ___sys_sendmsg+0x9a/0xe0 [68139.730940] __sys_sendmsg+0x7a/0xd0 [68139.734525] do_syscall_64+0x7d/0x160 [68139.738191] ? __wake_up+0x44/0x60 [68139.741595] ? netlink_recvmsg+0x240/0x300 [68139.745696] ? __check_object_size.part.0+0x35/0xc0 [68139.750574] ? _copy_to_user+0x36/0x50 [68139.754326] ? move_addr_to_user+0x4a/0xc0 [68139.758426] ? ____sys_recvmsg+0xf4/0x1f0 [68139.762440] ? ___sys_recvmsg+0xc6/0xe0 [68139.766278] ? __sys_recvmsg+0x77/0xd0 [68139.770031] ? __sys_recvmsg+0x77/0xd0 [68139.773782] ? syscall_exit_work+0xf3/0x120 [68139.777968] ? syscall_exit_to_user_mode+0x32/0x190 [68139.782846] ? do_syscall_64+0x89/0x160 [68139.786688] ? clear_bhb_loop+0x40/0x90 [68139.790527] ? clear_bhb_loop+0x40/0x90 [68139.794365] ? clear_bhb_loop+0x40/0x90 [68139.798203] entry_SYSCALL_64_after_hwframe+0x76/0x7e [68139.803256] RIP: 0033:0x7f2155114084 [68139.806855] Code: 89 02 b8 ff ff ff ff eb bb 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 80 3d 25 f0 0c 00 00 74 13 b8 2e 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 54 c3 0f 1f 00 48 83 ec 28 89 54 24 1c 48 89 [68139.825598] RSP: 002b:00007fff1fd7a988 EFLAGS: 00000202 ORIG_RAX: 000000000000002e [68139.833163] RAX: ffffffffffffffda RBX: 0000560ec063e5e0 RCX: 00007f2155114084 [68139.840297] RDX: 0000000000000000 RSI: 00007fff1fd7a9f0 RDI: 0000000000000003 [68139.847429] RBP: 00007fff1fd7aa60 R08: 0000000000000010 R09: 000000000000003f [68139.854561] R10: 0000560ee9b3a010 R11: 0000000000000202 R12: 00007fff1fd7aae0 [68139.861694] R13: 000000006891ccde R14: 0000560ec063e5e0 R15: 00007fff1fd7aad0 [68139.868827] </TASK> [68139.871019] Modules linked in: sch_ets sch_tbf dummy rfkill sunrpc intel_rapl_msr intel_rapl_common intel_uncore_frequency intel_uncore_frequency_common skx_edac skx_edac_common nfit libnvdimm x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel ipmi_ssif kvm iTCO_wdt irqbypass iTCO_vendor_support rapl intel_cstate dell_pc dell_smbios mei_me igb platform_profile mgag200 i2c_i801 i40e dell_wmi_descriptor dcdbas sg intel_uncore mei wmi_bmof pcspkr i2c_algo_bit dca i2c_smbus lpc_ich intel_pch_thermal libie ipmi_si acpi_power_meter acpi_ipmi ipmi_devintf ipmi_msghandler loop fuse nfnetlink xfs sr_mod cdrom sd_mod uas usb_storage ahci libahci libata megaraid_sas crct10dif_pclmul crc32_pclmul crc32c_intel ghash_clmulni_intel wmi dm_mirror dm_region_hash dm_log dm_mod [last unloaded: sch_ets] [68139.940862] CR2: 0000000000000000
Steps to reproduce:
- sh bz2013073.sh setup
- sh bz2013073.sh test
We can use the bug reproducer of Bug 2013073 to reproduce this issue.
No panic on kernel 6.12.0-110.el10.x86_64, so it should be a regression issue.