Kernel panic on RIP hash_net4_test

Solution Unverified - Updated -

Issue

  • Kernel panic on RIP hash_net4_test
  • NULL pointer dereference in ipset with backtrace like:
crash> bt
PID: 0      TASK: ffff8afef238a100  CPU: 43  COMMAND: "swapper/43"
 #0 [ffff8b2bff4c3530] machine_kexec at ffffffffb12662c4
 #1 [ffff8b2bff4c3590] __crash_kexec at ffffffffb1322802
 #2 [ffff8b2bff4c3660] crash_kexec at ffffffffb13228f0
 #3 [ffff8b2bff4c3678] oops_end at ffffffffb198b798
 #4 [ffff8b2bff4c36a0] no_context at ffffffffb1275d14
 #5 [ffff8b2bff4c36f0] __bad_area_nosemaphore at ffffffffb1275fe2
 #6 [ffff8b2bff4c3740] bad_area_nosemaphore at ffffffffb1276104
 #7 [ffff8b2bff4c3750] __do_page_fault at ffffffffb198e750
 #8 [ffff8b2bff4c37c0] do_page_fault at ffffffffb198e975
 #9 [ffff8b2bff4c37f0] page_fault at ffffffffb198a778
    [exception RIP: hash_net4_kadt+0x4f]
    RIP: ffffffffc09f414f  RSP: ffff8b2bff4c38a8  RFLAGS: 00010246
    RAX: 0000000000000000  RBX: ffffffffc09f6190  RCX: 0000000000000006
    RDX: ffffffffc09fa4c0  RSI: ffff8b11691e6c00  RDI: ffff8b5b7b8bf2c0
    RBP: ffff8b2bff4c3908   R8: ffff8b2bff4c3950   R9: 0000000000000020
    R10: ffff8b5b7b8bf2c0  R11: ffffffffc02c55f8  R12: 0000000000000002
    R13: ffff8b11691e6c00  R14: ffff8b2bff4c3a80  R15: ffff8b11691e6c00
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
#10 [ffff8b2bff4c3910] ip_set_test at ffffffffc0895cc0 [ip_set]
#11 [ffff8b2bff4c3948] set_match_v4 at ffffffffc0914dc0 [xt_set]
#12 [ffff8b2bff4c39a0] ipt_do_table at ffffffffc02c0640 [ip_tables]
#13 [ffff8b2bff4c3af0] iptable_filter_hook at ffffffffc0720036 [iptable_filter]
#14 [ffff8b2bff4c3b00] nf_iterate at ffffffffb1894a48
#15 [ffff8b2bff4c3b40] nf_hook_slow at ffffffffb1894b38
#16 [ffff8b2bff4c3b78] ip_local_deliver at ffffffffb189f206
#17 [ffff8b2bff4c3bd8] ip_rcv_finish at ffffffffb189eb10
#18 [ffff8b2bff4c3c00] ip_rcv at ffffffffb189f4e0
#19 [ffff8b2bff4c3c70] __netif_receive_skb_core at ffffffffb1854829
#20 [ffff8b2bff4c3ce8] __netif_receive_skb at ffffffffb1854b28
#21 [ffff8b2bff4c3d08] netif_receive_skb_internal at ffffffffb1854bb0
#22 [ffff8b2bff4c3d38] napi_gro_receive at ffffffffb1855838
... (NIC receive here)
--- <IRQ stack> ---

Environment

  • RHEL 7.9 (kernel-3.10.0-1160.11.1.el7.x86_64)
  • iptables firewall using ipsets with a hash map
  • Optional: Observed with Kubernetes changing firewall rules rapidly

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content