Panic at sctp_auth_calculate_hmac

Solution Unverified - Updated -

Issue

The following panic is seen when performing Codenomicon sctp compliance tests

BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffffa01b1481>] sctp_auth_calculate_hmac+0xe1/0x150 [sctp]
PGD 102277d067 PUD 101aed3067 PMD 0 
Oops: 0000 [#1] SMP 
last sysfs file: /sys/devices/system/cpu/online
CPU 6 
Modules linked in: nfs lockd fscache auth_rpcgss nfs_acl sunrpc deflate zlib_deflate ctr camellia cast5 rmd160 crypto_null ccm serpent blowfish twofish_x86_64 twofish_common ecb xcbc cbc sha256_generic sha512_generic des_generic aesni_intel cryptd aes_x86_64 aes_generic ah6 ah4 esp6 esp4 xfrm4_mode_beet xfrm4_tunnel tunnel4 xfrm4_mode_tunnel xfrm4_mode_transport xfrm6_mode_transport xfrm6_mode_ro xfrm6_mode_beet xfrm6_mode_tunnel ipcomp ipcomp6 xfrm_ipcomp xfrm6_tunnel tunnel6 af_key autofs4 ipmi_devintf dummy bonding 8021q garp stp llc xt_sctp nf_conntrack_ipv6 nf_defrag_ipv6 xt_state nf_conntrack xt_NFLOG nfnetlink_log nfnetlink xt_limit ip6t_frag xt_comment ip6table_filter ip6_tables sctp ipv6 libcrc32c power_meter hpilo hpwdt sg be2net(U) serio_raw iTCO_wdt iTCO_vendor_support ioatdma dca shpchp ext4 jbd2 mbcache sd_mod crc_t10dif hpsa video output dm_mirror dm_region_hash dm_log dm_mod [last unloaded: nf_defrag_ipv4]

Pid: 0, comm: swapper Not tainted 2.6.32-358.23.2.el6.x86_64 #1 HP ProLiant BL460c Gen8
RIP: 0010:[<ffffffffa01b1481>]  [<ffffffffa01b1481>] sctp_auth_calculate_hmac+0xe1/0x150 [sctp]
RSP: 0018:ffff8800614c36a0  EFLAGS: 00010282
RAX: 0000000000000000 RBX: ffff881023b3c800 RCX: ffffea0000000000
RDX: 0000000000000002 RSI: 0000000000000008 RDI: ffff880e0a0ca450
RBP: ffff8800614c3710 R08: 0000000000000000 R09: ffff8800614c36b0
R10: ffff881023b3c800 R11: 0000000000000000 R12: ffff880e0a0ca450
R13: 0000000000000000 R14: ffff8800614c36b0 R15: 0000000000000001
FS:  0000000000000000(0000) GS:ffff8800614c0000(0000) knlGS:0000000000000000
CS:  0010 DS: 0018 ES: 0018 CR0: 000000008005003b
CR2: 0000000000000008 CR3: 000000101ca36000 CR4: 00000000000407e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process swapper (pid: 0, threadinfo ffff882029090000, task ffff8810291c1500)
Stack:
 0000000000000246 0000000000000020 ffffea0031232c32 0000012400000450
<d> 0000000000000000 0000000000000000 ffff8800614c3920 ffff880e0a0ca458
<d> ffff8800614c3710 ffff8800614c3790 ffff881023b3c800 0000000000000014
Call Trace:
 <IRQ> 
 [<ffffffffa0193442>] sctp_sf_authenticate+0x122/0x160 [sctp]
 [<ffffffffa0196583>] sctp_sf_do_5_1D_ce+0x2e3/0x560 [sctp]
 [<ffffffff81449428>] ? dev_hard_start_xmit+0x308/0x530
 [<ffffffff81065c75>] ? enqueue_entity+0x125/0x410
 [<ffffffff81065fc4>] ? enqueue_task_fair+0x64/0x100
 [<ffffffff81055f96>] ? enqueue_task+0x66/0x80
 [<ffffffffa0197651>] sctp_do_sm+0x71/0x11f0 [sctp]
 [<ffffffff8145bc44>] ? flow_cache_lookup+0x3b4/0x3c0
 [<ffffffffa0199ae9>] ? sctp_endpoint_lookup_assoc+0xc9/0xf0 [sctp]
 [<ffffffffa019a0d6>] sctp_endpoint_bh_rcv+0x116/0x220 [sctp]
 [<ffffffffa01a2704>] sctp_inq_push+0x34/0x50 [sctp]
 [<ffffffffa01b05d2>] sctp_rcv+0x972/0xa00 [sctp]
 [<ffffffff81063990>] ? default_wake_function+0x0/0x20
 [<ffffffff81055a3e>] ? __wake_up_sync_key+0x5e/0x80
 [<ffffffff81051439>] ? __wake_up_common+0x59/0x90
 [<ffffffff8147fa6d>] ip_local_deliver_finish+0xdd/0x2d0
 [<ffffffff8147fcf8>] ip_local_deliver+0x98/0xa0
 [<ffffffff8147f1bd>] ip_rcv_finish+0x12d/0x440
 [<ffffffff8147f745>] ip_rcv+0x275/0x350
 [<ffffffff8144891b>] __netif_receive_skb+0x4ab/0x750
 [<ffffffff8144acf8>] netif_receive_skb+0x58/0x60
 [<ffffffff8143de31>] ? __alloc_skb+0x81/0x190
 [<ffffffff814e75e0>] __vlan_hwaccel_rx+0x1d0/0x270
 [<ffffffffa011ac58>] be_poll_rx+0x6f8/0x7f0 [be2net]
 [<ffffffff8144d4c3>] net_rx_action+0x103/0x2f0
 [<ffffffff810770b1>] __do_softirq+0xc1/0x1e0
 [<ffffffff810e1760>] ? handle_IRQ_event+0x60/0x170
 [<ffffffff8100c1cc>] call_softirq+0x1c/0x30
 [<ffffffff8100de05>] do_softirq+0x65/0xa0
 [<ffffffff81076e95>] irq_exit+0x85/0x90
 [<ffffffff81517775>] do_IRQ+0x75/0xf0
 [<ffffffff8100b9d3>] ret_from_intr+0x0/0x11
 <EOI> 
 [<ffffffff812d3cfe>] ? intel_idle+0xde/0x170
 [<ffffffff812d3ce1>] ? intel_idle+0xc1/0x170
 [<ffffffff81415647>] cpuidle_idle_call+0xa7/0x140
 [<ffffffff81009fc6>] cpu_idle+0xb6/0x110
 [<ffffffff81507600>] start_secondary+0x2ac/0x2ef
Code: 00 4c 8d 75 a0 66 41 c1 c7 08 4c 89 f7 45 0f b7 ff 44 29 e2 e8 91 56 0d e1 48 8b 83 a0 00 00 00 49 8d 75 08 48 8b 80 f8 00 00 00 <4a> 8b 04 f8 c7 45 c8 00 00 00 00 48 89 45 c0 48 89 c7 41 8b 55 
RIP  [<ffffffffa01b1481>] sctp_auth_calculate_hmac+0xe1/0x150 [sctp]
 RSP <ffff8800614c36a0>
CR2: 0000000000000008

Environment

  • Red Hat Enterprise Linux 6.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content