We are observing kernel panic while handling vxlan encap frames. While we checked vxlan driver handling of GRO rx skb(vxlan_gro_receive), there was no RCU protection. Can this OOPS happen upon vxlan packet rx due to RCU protection missing in GRO receive handler?
Below is the stack trace: [10825.419951] general protection fault: 0000 [#1] SMP [10825.566671] CPU: 4 PID: 30711 Comm: bash Tainted: G O 4.9.0-11-2-amd64 #1 Debian 4.9.189-3+deb9u2 [10825.587297] task: ffff8b6571f71000 task.stack: ffffaec30b96c000 [10825.593917] RIP: 0010:[<ffffffffc07c27ee>] [<ffffffffc07c27ee>] br_pass_frame_up+0x3e/0x160 [bridge] [10825.604252] RSP: 0018:ffff8b673fd03c98 EFLAGS: 00010207 [10825.610194] RAX: 021091b841220211 RBX: ffff8b665f3baa00 RCX: ffffd4154dd5789f [10825.618179] RDX: 000000000000001f RSI: ffff8b65d62c3000 RDI: ffff8b665f3baa00 [10825.626161] RBP: ffff8b66000000f8 R08: 000000000001f158 R09: 000000000000001e [10825.634142] R10: ffff8b6568f200b4 R11: ffffffff9995e350 R12: ffff8b66000009b8 [10825.642124] R13: 0000000000000001 R14: ffff8b66451768c0 R15: 0000000000000000 [10825.650105] FS: 0000000000000000(0000) GS:ffff8b673fd00000(0000) knlGS:0000000000000000 [10825.659156] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [10825.665580] CR2: 00007fe56de195d8 CR3: 00000002a69d0000 CR4: 0000000000360670 [10825.673562] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [10825.681542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [10825.689520] Stack: [10825.691768] 0000000000000000 ffff8b665f3baa00 0000000002080020 ffff8b66000000f8 000 [10825.708380] cdf7e86fbdb8e0ae ffff8b665f3baa00 ffff8b65c6f28c00 ffff8b6568f200c8 [10825.716682] Call Trace: [10825.719418] <IRQ> [10825.721563] [<ffffffffc07c2b4b>] ? br_handle_frame_finish+0x23b/0x410 [bridge] [10825.729749] [<ffffffff99b33934>] ? nf_iterate+0x54/0x60 [10825.735698] [<ffffffffc07c2d20>] ? br_handle_frame_finish+0x410/0x410 [bridge] [10825.743882] [<ffffffffc07c2e8b>] ? br_handle_frame+0x16b/0x300 [bridge] [10825.751388] [<ffffffffc07c2910>] ? br_pass_frame_up+0x160/0x160 [bridge] [10825.758986] [<ffffffff99af8e38>] ? __netif_receive_skb_core+0x308/0xa40 [10825.766488] [<ffffffff99af904d>] ? __netif_receive_skb_core+0x51d/0xa40 [10825.773986] [<ffffffff9962f240>] ? recalibrate_cpu_khz+0x10/0x10 [10825.780804] [<ffffffff99af95ef>] ? netif_receive_skb_internal+0x2f/0xa0 [10825.788305] [<ffffffff99afa438>] ? napi_gro_receive+0xb8/0xe0 [10825.794835] [<ffffffffc0a80390>] ? gro_cell_poll+0x50/0x90 [vxlan] [10825.801849] [<ffffffff99af9e66>] ? net_rx_action+0x246/0x380 [10825.808279] [<ffffffff99c085ad>] ? __do_softirq+0x10d/0x2b0 [10825.814615] [<ffffffff996812a2>] ? irq_exit+0xc2/0xd0 [10825.820365] [<ffffffff99c07637>] ? do_IRQ+0x57/0xe0 [10825.825923] [<ffffffff99c051de>] ? common_interrupt+0x9e/0x9e [10825.832443] <EOI> [10825.834597] [<ffffffff997c9d8f>] ? unlink_anon_vmas+0x11f/0x180 [10825.841322] [<ffffffff997b8742>] ? free_pgtables+0x92/0x120 [10825.847654] [<ffffffff997c30b0>] ? exit_mmap+0xb0/0x150 [10825.853597] [<ffffffff99677744>] ? mmput+0x54/0x100 [10825.859149] [<ffffffff9967f419>] ? do_exit+0x279/0xb60 [10825.865000] [<ffffffff9967fd7a>] ? do_group_exit+0x3a/0xa0 [10825.871226] [<ffffffff9967fdf0>] ? SyS_exit_group+0x10/0x10 [10825.877561] [<ffffffff99603b7d>] ? do_syscall_64+0x8d/0x100 [10825.883898] [<ffffffff99c048ce>] ? entry_SYSCALL_64_after_swapgs+0x58/0xc6 [10825.891676] Code: 48 48 8b 6f 28 65 48 8b 04 25 28 00 00 00 48 89 44 24 40 31 c0 4c 8d a5 c0 08 00 00 48 8b 85 e0 08 00 00 65 48 03 05 ea a9 84 3f <48> 83 00 01 8b 97 80 00 00 00 48 01 50 08 f6 85 09 02 00 00 01 [10825.913101] RIP [<ffffffffc07c27ee>] br_pass_frame_up+0x3e/0x160 [bridge] [10825.920807] RSP <ffff8b673fd03c98> Preetham
