Re: [E1000-devel] ixgbe NULL pointer dereference on ubuntu-5.8.0-25-generic

Dmitry Kravkov Wed, 24 Feb 2021 07:07:36 -0800

On Wed, Feb 24, 2021 at 2:28 AM Fujinaka, Todd <todd.fujin...@intel.com>
wrote:


> What version of Ubuntu is this? It's going to take me a bit to try to find
> the kernel from the release.
>
Ubuntu 20.10

>
> Todd Fujinaka
> Software Application Engineer
> Data Center Group
> Intel Corporation
> todd.fujin...@intel.com
>
> -----Original Message-----
> From: Dmitry Kravkov <dmit...@qwilt.com>
> Sent: Sunday, February 21, 2021 11:43 PM
> To: e1000-de...@lists.sf.net
> Subject: [E1000-devel] ixgbe NULL pointer dereference on
> ubuntu-5.8.0-25-generic
>
> Hi All
>
> I'm hitting the following bug during unload inbox driver and insmod'ing
> 5.9.4 (also happens with 5.10.2):
>
> [ 1739.889642] BUG: kernel NULL pointer dereference, address:
> 00000000000004f0
> [ 1739.897969] #PF: supervisor read access in kernel mode [ 1739.904155]
> #PF: error_code(0x0000) - not-present page [ 1739.910327] PGD 0 P4D 0 [
> 1739.913648] Oops: 0000 [#1] SMP PTI [ 1739.917985] CPU: 16 PID: 0 Comm:
> swapper/16 Kdump: loaded Tainted: G
>       OE     5.8.0-25-generic #26-Ubuntu
> [ 1739.929943] Hardware name:  /, BIOS 2.2.2 01/16/2014 [ 1739.936043]
> RIP: 0010:eth_get_headlen+0x26/0xb0 [ 1739.941625] Code: 00 00 00 00 66 66
> 66 66 90 55 48 89 e5 41 54 53 89 d3
> 48 83 ec 18 65 48 8b 04 25 28 00 00 00 48 89 45 e8 31 c0 83 fa 0d 76 7e
> <48> 8b bf f0 04 00 00 6a 01 49 89 f0 49 89 f4 52 48 8d 4d dc 48 c7 [
> 1739.963567] RSP: 0018:ffffbe2506798db8 EFLAGS: 00010216 [ 1739.969961]
> RAX: 0000000000000000 RBX: 00000000000005ea RCX:
> 0000000000000002
> [ 1739.978453] RDX: 00000000000005ea RSI: ffff9f6fb733c0c0 RDI:
> 0000000000000000
> [ 1739.986957] RBP: ffffbe2506798de0 R08: 0000000000000000 R09:
> ffff9f733306ff00
> [ 1739.995423] R10: 00000000000005ea R11: 0000000000000100 R12:
> ffff9f727b2c0740
> [ 1740.003871] R13: ffff9f724b0e6010 R14: 00000000400a838d R15:
> 0000000000000000
> [ 1740.012330] FS:  0000000000000000(0000) GS:ffff9f733fa00000(0000)
> knlGS:0000000000000000
> [ 1740.021848] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [
> 1740.028757] CR2: 00000000000004f0 CR3: 00000002c740a001 CR4:
> 00000000000606e0
> [ 1740.037209] Call Trace:
> [ 1740.040425]  <IRQ>
> [ 1740.043154]  ixgbe_process_skb_fields+0x55/0x260 [ixgbe] [
> 1740.049577]  ixgbe_poll+0x52b/0x12c0 [ixgbe] [ 1740.054809]
> napi_poll+0x96/0x1b0 [ 1740.058985]  net_rx_action+0xb8/0x1c0 [
> 1740.063575]  __do_softirq+0xd0/0x2a1 [ 1740.068055]
> asm_call_irq_on_stack+0x12/0x20 [ 1740.073345]  </IRQ> [ 1740.076223]
> do_softirq_own_stack+0x3d/0x50 [ 1740.081402]  irq_exit_rcu+0x95/0xd0 [
> 1740.085829]  common_interrupt+0x7c/0x150 [ 1740.090730]
> asm_common_interrupt+0x1e/0x40 [ 1740.095941] RIP:
> 0010:cpuidle_enter_state+0xb4/0x3f0
> [ 1740.102049] Code: 65 8b 3d 3f fb c6 58 e8 4a 5d 74 ff 48 89 45 d0 66 66
> 66 66 90 31 ff e8 fa 68 74 ff 80 7d c7 00 0f 85 d3 01 00 00 fb 66 66 90
> <66> 66 90 45 85 e4 0f 88 df 01 00 00 49 63 d4 48 8d 04 52 48 8d 0c [
> 1740.124194] RSP: 0018:ffffbe250634fe48 EFLAGS: 00000246 [ 1740.130699]
> RAX: ffff9f733fa2c6c0 RBX: ffffde14bfa00f00 RCX:
> 000000000000001f
> [ 1740.139315] RDX: 0000000000000000 RSI: 000000003333373a RDI:
> 0000000000000000
> [ 1740.147943] RBP: ffffbe250634fe88 R08: 000001951980e894 R09:
> 000000002840a000
> [ 1740.156580] R10: 00000000000002b9 R11: ffff9f733fa2b364 R12:
> 0000000000000005
> [ 1740.165266] R13: ffffffffa856adc0 R14: 0000000000000005 R15:
> 0000000000000000
> [ 1740.173911]  ? cpuidle_enter_state+0xa6/0x3f0 [ 1740.179470]
> cpuidle_enter+0x2e/0x40 [ 1740.184136]  cpuidle_idle_call+0x145/0x200 [
> 1740.189359]  do_idle+0x7a/0xe0 [ 1740.193426]  cpu_startup_entry+0x20/0x30
> [ 1740.198466]  start_secondary+0xe6/0x100 [ 1740.203425]
> secondary_startup_64+0xb6/0xc0 [ 1740.208779] Modules linked in:
> igb_uio(OE) ice(OE) i40e(OE) ixgbe(OE) dell_rbu vxlan ip6_udp_tunnel
> udp_tunnel ip6table_filter ip6table_raw ip6_tables mpt3sas raid_class
> scsi_transport_sas mptctl mptbase xt_conntrack iptable_filter xt_tcpudp
> xt_CT nf_conntrack nf_defrag_ipv6
> nf_defrag_ipv4 iptable_raw bpfilter intel_rapl_msr intel_rapl_common
> sb_edac iTCO_wdt intel_pmc_bxt iTCO_vendor_support x86_pkg_temp_thermal
> mgag200 intel_powerclamp drm_kms_helper cec rc_core coretemp drm kvm_intel
> i2c_algo_bit fb_sys_fops syscopyarea kvm sysfillrect sysimgblt rapl
> intel_cstate joydev pcspkr input_leds mei_me mei ipmi_si acpi_power_meter
> evbug ipmi_devintf lpc_ich ipmi_msghandler mac_hid ip_tables x_tables
> dm_multipath crct10dif_pclmul crc32_pclmul ghash_clmulni_intel aesni_intel
> uas crypto_simd cryptd glue_helper xfrm_algo usb_storage megaraid_sas dca
> tg3 wmi hid_generic usbkbd usbmouse usbhid hid btrfs blake2b_generic
> libcrc32c xor raid6_pq sunrpc dm_mirror dm_region_hash dm_log be2iscsi
> bnx2i cnic [ 1740.208816]  uio cxgb4i cxgb4 cxgb3i cxgb3 mdio libcxgbi
> libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi
> scsi_transport_iscsi
> autofs4 [last unloaded: igb_uio]
> [ 1740.331702] CR2: 00000000000004f0
>
>
> Any chance that skb->dev is set to zero in  ixgbe_set_rsc_gso_size ?
>
> I noticed that in kernel code ixgbe_set_rsc_gso_size() calls
> skb_headlen(skb) and not eth_get_headlen(skb->dev, skb->data,
> skb_headlen(skb));
>
>
> --
> Thanks,
> Dmitry
>
> _______________________________________________
> E1000-devel mailing list
> E1000-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/e1000-devel
> To learn more about Intel Ethernet, visit
> https://forums.intel.com/s/topic/0TO0P00000018NbWAI/intel-ethernet
>


-- 
Thanks,
Dmitry

_______________________________________________
E1000-devel mailing list
E1000-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/e1000-devel
To learn more about Intel Ethernet, visit 
https://forums.intel.com/s/topic/0TO0P00000018NbWAI/intel-ethernet

Re: [E1000-devel] ixgbe NULL pointer dereference on ubuntu-5.8.0-25-generic

Reply via email to