Kernel panic due to BUG_ON() in the third party kernel module 'fortiedr '
Issue
- Kernel panics with the following messages:
[ 71.427244] ------------[ cut here ]------------
[ 71.427284] kernel BUG at /Build_Workspace/linux_collector/4.1.0-linux/NsloDriver/Linux/../../CommonUtils/NsloList.h:130!
[ 71.427326] invalid opcode: 0000 [#1] SMP
[ 71.427349] Modules linked in: rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache vmw_vsock_vmci_transport vsock sunrpc sb_edac iosf_mbi crc32_pclmul ghash_clmulni_intel aesni_intel lrw gf128mul glue_helper ablk_helper cryptd ppdev joydev pcspkr vmw_balloon sg nfit i2c_piix4 vmw_vmci parport_pc libnvdimm parport ip_tables ext4 mbcache jbd2 sr_mod cdrom ata_generic pata_acpi vmwgfx drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops sd_mod ttm crc_t10dif crct10dif_generic ahci drm ata_piix libahci crct10dif_pclmul crct10dif_common crc32c_intel libata serio_raw vmxnet3 drm_panel_orientation_quirks vmw_pvscsi floppy dm_mirror dm_region_hash dm_log dm_mod
[ 71.427758] CPU: 5 PID: 2508 Comm: Agent.Listener Kdump: loaded Tainted: POE ------------ 3.10.0-1160.2.1.el7.x86_64 #1
[ 71.427803] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018
[ 71.427843] task: ffff95bb4afe3180 ti: ffff95bb47788000 task.ti: ffff95bb47788000
[ 71.427871] RIP: 0010:[<ffffffffc05f4c89>] [<ffffffffc05f4c89>] 0xffffffffc05f4c89
[ 71.427909] RSP: 0018:ffff95bb4778bec0 EFLAGS: 00010287
[ 71.427931] RAX: ffff95bb423a2b68 RBX: ffff95bb92fc8010 RCX: 0020020000200200
[ 71.427960] RDX: ffff95bbb0f56190 RSI: 0010010000100100 RDI: ffff95bb903f8aa8
[ 71.427989] RBP: ffff95bb4778bef8 R08: 0000000000000153 R09: 00007fb5275b45d8
[ 71.428018] R10: 00007fb5284e5c20 R11: 0000000000000293 R12: ffff95bb81fff4a0
[ 71.428047] R13: ffff95bb81fff490 R14: ffff95bb4b39e540 R15: 0000000000000000
[ 71.428076] FS: 00007fb59a2ec700(0000) GS:ffff95ca7fd40000(0000) knlGS:0000000000000000
[ 71.428107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 71.428130] CR2: 00007fb52780cde8 CR3: 00000001547b6000 CR4: 00000000000607e0
[ 71.428228] Call Trace:
[ 71.428284] [<ffffffffa2993f92>] ? system_call_fastpath+0x25/0x2a
[ 71.428312] [<ffffffffa2993ed5>] ? system_call_after_swapgs+0xa2/0x13a
[ 71.428337] Code: 74 ac 48 8d 7a f0 e8 c7 26 fa e1 49 8b 45 38 eb 9d e8 0c 63 ca e1 e8 8d a2 01 00 0f 0b 0f 1f 44 00 00 e8 75 a2 01 00 0f 0b 0f 0b <0f> 0b 0f 0b 0f 1f 00 e8 6b a2 01 00 0f 0b 66 0f 1f 84 00 00 00
[ 71.428526] RIP [<ffffffffc05f4c89>
OR
[ 1144.951166] ------------[ cut here ]------------
[ 1144.951172] kernel BUG at /nslo-src/FortiEDR/NsloDriver/Linux/../../CommonUtils/NsloList.h:130!
[ 1144.951371] invalid opcode: 0000 [#1] SMP PTI
[ 1144.951377] CPU: 2 PID: 18614 Comm: AgentResolver[2 Kdump: loaded Tainted: P OE --------- - - 4.18.0-147.el8.x86_64 #1
[ 1144.951380] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS 090006 05/23/2012
[ 1144.951411] RIP: 0010:RemoveOpenedFileFromList+0x5cd/0x5e0 [fortiedr_4_18_0_147_x86_64]
[ 1144.951415] Code: 78 f0 e8 a6 75 7c c6 49 8b 7c 24 38 e9 92 fd ff ff e8 27 64 c7 c5 e8 02 c3 ff ff 0f 0b e8 6b c2 ff ff 0f 0b 0f 0b 0f 0b 0f 0b <0f> 0b 0f 0b 0f 0b 0f 0b 0f 0b e8 94 c2 ff ff 0f 0b 0f 0b 0f 1f 44
[ 1144.951418] RSP: 0018:ffffa64fca6b3ee0 EFLAGS: 00010202
[ 1144.951422] RAX: ffff8889bc7899e0 RBX: ffff88897a008010 RCX: ffff88898662ae38
[ 1144.951425] RDX: ffff8889bdd19f10 RSI: 0020020000200200 RDI: ffff88897a10c010
[ 1144.951427] RBP: ffff88897daa5800 R08: 0000000000000000 R09: ffff88897a53a3c0
[ 1144.951429] R10: 0000000000000101 R11: 0000000000000000 R12: ffff8889bc7899d0
[ 1144.951431] R13: ffff8889bdd19f10 R14: 0000000000000000 R15: 0000000000000000
[ 1144.951434] FS: 00007f68d24e6700(0000) GS:ffff8889f6c80000(0000) knlGS:0000000000000000
[ 1144.951437] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1144.951439] CR2: 000055e0de308808 CR3: 000000037a174000 CR4: 00000000001406e0
[ 1144.951444] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1144.951446] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1144.951448] Call Trace:
[ 1144.951474] new_sys_close+0x4a/0x90 [fortiedr_4_18_0_147_x86_64]
[ 1144.951483] do_syscall_64+0x5b/0x1b0
[ 1144.951491] entry_SYSCALL_64_after_hwframe+0x65/0xca
[ 1144.951495] RIP: 0033:0x7f696aa518cb
[ 1144.951498] Code: c3 48 8b 15 bf a5 2c 00 f7 d8 64 89 02 b8 ff ff ff ff eb b8 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 8b 15 89 a5 2c 00 f7 d8
[ 1144.951501] RSP: 002b:00007f68d24e3bd8 EFLAGS: 00000213 ORIG_RAX: 0000000000000003
[ 1144.951504] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f696aa518cb
[ 1144.951506] RDX: 00000000000000c1 RSI: 0000000000000000 RDI: 0000000000000101
[ 1144.951508] RBP: 00007f68d24e6db8 R08: 0000000000000000 R09: 00000000000001ff
[ 1144.951510] R10: 00007f68d24e321a R11: 0000000000000213 R12: 0000000000000000
[ 1144.951512] R13: 0000000000000000 R14: 0000000000000077 R15: 0000000000000000
[ 1144.951516] Modules linked in: nf_tables nfnetlink nfsv3 nfs_acl binfmt_misc rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver nfs lockd grace fscache sunrpc sb_edac crct10dif_pclmul crc32_pclmul ghash_clmulni_intel intel_rapl_perf sg hv_utils pcspkr i2c_piix4 joydev ip_tables ext4 mbcache jbd2 sr_mod cdrom sd_mod ata_generic hv_netvsc hv_storvsc scsi_transport_fc ata_piix hid_hyperv hyperv_keyboard libata hyperv_fb crc32c_intel serio_raw hv_vmbus dm_mirror dm_region_hash dm_log dm_mod
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- Third-Party
fortiedrkernel module.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.
