Reference counter issue in 4.15 (nf_xfrm_me_harder / dst_release)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Confirmed
|
Medium
|
Unassigned |
Bug Description
Since upgrading from 14.04 to 18.04, we see very frequent warnings about negative refcnts in dst_release:
[ 3117.882227] WARNING: CPU: 6 PID: 0 at /build/
[ 3117.882229] Modules linked in: xt_policy cls_u32 sch_sfq ip_vti ip_tunnel authenc echainiv xfrm6_mode_tunnel xfrm4_mode_tunnel xfrm4_tunnel tunnel4 ipcomp xfrm_ipcomp esp4 ah4 af_key nfnetlink_queue nfnetlink_log sch_htb xt_TPROXY xt_multiport veth nf_conntrack_
[ 3117.882265] irqbypass intel_cstate mei_me mei ioatdma acpi_pad intel_rapl_perf shpchp ipmi_devintf ipmi_msghandler acpi_power_meter lpc_ich mac_hid ip6table_filter ip6_tables nf_conntrack_
[ 3117.882309] drm libahci megaraid_sas pps_core mdio wmi
[ 3117.882315] CPU: 6 PID: 0 Comm: swapper/6 Tainted: G W 4.15.0-30-generic #32-Ubuntu
[ 3117.882316] Hardware name: Intel Corporation S2600WT2R/
[ 3117.882319] RIP: 0010:nf_
[ 3117.882320] RSP: 0018:ffff88d77f
[ 3117.882322] RAX: 0000000000000000 RBX: ffffffff90de4000 RCX: 0000000000001924
[ 3117.882323] RDX: 0000000000000000 RSI: ffff88d749ae6400 RDI: ffff88d655e96600
[ 3117.882324] RBP: ffff88d77f383a68 R08: ffff88d7493dc000 R09: 0000000000000018
[ 3117.882324] R10: 0000000000000001 R11: ffff88e770dedc00 R12: ffff88d655e96600
[ 3117.882325] R13: ffff88d77f383ae8 R14: ffff88d7799ff200 R15: ffff88d7493dc000
[ 3117.882327] FS: 000000000000000
[ 3117.882327] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3117.882328] CR2: ffffffffff600400 CR3: 000000193de0a002 CR4: 00000000003606e0
[ 3117.882329] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3117.882330] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 3117.882331] Call Trace:
[ 3117.882332] <IRQ>
[ 3117.882337] ? nf_nat_
[ 3117.882339] nf_nat_
[ 3117.882342] iptable_
[ 3117.882347] nf_hook_
[ 3117.882353] ip_output+0xd2/0xe0
[ 3117.882355] ? ip_fragment.
[ 3117.882357] ip_forward_
[ 3117.882359] ip_forward+
[ 3117.882361] ? ip_frag_
[ 3117.882362] ip_rcv_
[ 3117.882364] ip_rcv+0x28f/0x3a0
[ 3117.882366] ? inet_del_
[ 3117.882372] __netif_
[ 3117.882379] ? handle_
[ 3117.882384] ? irq_exit+0x67/0xc0
[ 3117.882391] ? do_IRQ+0x82/0xd0
[ 3117.882393] __netif_
[ 3117.882395] ? __netif_
[ 3117.882397] netif_receive_
[ 3117.882398] napi_gro_
[ 3117.882407] ixgbe_clean_
[ 3117.882411] ixgbe_poll+
[ 3117.882413] ? do_IRQ+0x82/0xd0
[ 3117.882415] net_rx_
[ 3117.882418] __do_softirq+
[ 3117.882419] irq_exit+0xb6/0xc0
[ 3117.882421] do_IRQ+0x82/0xd0
[ 3117.882423] common_
[ 3117.882424] </IRQ>
[ 3117.882427] RIP: 0010:cpuidle_
[ 3117.882428] RSP: 0018:ffff9e1a46
[ 3117.882430] RAX: ffff88d77f3a2880 RBX: 000002d5f0422d24 RCX: 000000000000001f
[ 3117.882430] RDX: 000002d5f0422d24 RSI: fffa51c90e2bb456 RDI: 0000000000000000
[ 3117.882431] RBP: ffff9e1a46413ea8 R08: 000000000000003c R09: 0000000000000007
[ 3117.882432] R10: ffff9e1a46413e38 R11: 0000000000000036 R12: ffffbe0a3fb82240
[ 3117.882432] R13: 0000000000000001 R14: ffffffff90d71c98 R15: 0000000000000000
[ 3117.882435] ? cpuidle_
[ 3117.882436] cpuidle_
[ 3117.882439] call_cpuidle+
[ 3117.882441] do_idle+0x18c/0x1f0
[ 3117.882443] cpu_startup_
[ 3117.882446] start_secondary
[ 3117.882449] secondary_
[ 3117.882450] Code: ff ff ff eb cc 48 83 e7 fe 48 89 45 88 e8 b2 bb c7 cf 48 8b 45 88 eb 90 85 c0 74 0f 8d 50 01 f0 0f b1 11 0f 84 53 ff ff ff eb ed <0f> 0b e9 4a ff ff ff e8 7d 1d 4b cf 0f 1f 00 66 2e 0f 1f 84 00
[ 3117.882475] ---[ end trace 034946ae5013518a ]---
[ 3117.882481] dst_release: dst:00000000444
# uname -a
Linux server 4.15.0-30-generic #32-Ubuntu SMP Thu Jul 26 17:42:43 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
This change was made by a bot.