[Openswan Users] BUG: unable to handle kernel NULL pointer -- 2.6.33 w/ |KLIPS

Lawrence Manning lawrence.manning at smoothwall.net
Thu May 5 05:25:17 EDT 2011 

Hi,

I have reproduced this issue on a pair of debian systems, both identical.  System is debian 6.0, running kernel:

Linux debian 2.6.32-5-686 #1 SMP Tue Mar 8 21:36:00 UTC 2011 i686 GNU/Linux

The "network" is trivial:

10.1.0.1/24 - 192.168.137.221 - ( "internet" ) - 192.168.137.222 - 10.2.0.1/24

Opesnwan is 2.4.34dr2.

Install was done using:

make KERNELSRC=/usr/src/linux-headers-2.6.32-5-686 module minstall programs install

... after installing the needed deps, like bison, gmp etc.

Config, such as it is...  ipsec.conf:

version	2.0	# conforms to second version of ipsec.conf specification

config setup
	protostack=klips

conn test
	left=192.168.137.221
	right=192.168.137.222
	leftsubnet=10.1.0.0/24
	rightsubnet=10.2.0/24
	authby=secret
	auto=start

and ipsec.secrets:

192.168.137.221 192.168.137.222: PSK "secret"

Both config files on both ends are identical, of course.

Starting the ipsec service on both gateways results in the tunnels coming up.  Sending pings down the tunnel, as tested from one of the gateways itself:

ping -I 10.1.0.1 10.2.0.1

Results in a nice stream of ping replies.  For our test, we leave the pings running.

Now, if on the target (of the pings) machine you do:

ifconfig eth0 down (eth0 is the "external" side, the one bound to ipsec0)

The pings then stop, of course.

Now we can crash the kernel:

ifconfig eth0 up

This results in a panic on the machine running the ifconfig command.  If absolutely no packets attempt to use the tunnel while the interface is down (you have to be quick!) then the panic does not happen.

On the debian system I see a slightly different crash to the machine we originally observed this problem on (a Smoothwall).  Hopefully the cause is the same!

You can see the Smoothwall panic text in my previous posting, but for now here is the debian panic:

[  158.354061] BUG: unable to handle kernel NULL pointer dereference at 00000240
[  158.356173] IP: [<c11d8ac0>] netpoll_rx+0x9/0x57
[  158.356173] *pde = 00000000 
[  158.356173] Oops: 0000 [#1] SMP 
[  158.356173] last sysfs file: /sys/devices/virtual/net/lo/operstate
[  158.356173] Modules linked in: ipsec camellia lzo lzo_decompress lzo_compress cast6 cast5 deflate zlib_deflate cts ctr gcm ccm serpent blowfish twofish twofish_common ecb xcbc cbc sha256_generic sha512_generic des_generic aes_i586 geode_aes aes_generic loop snd_intel8x0 snd_ac97_codec ac97_bus snd_pcm snd_timer snd i2c_piix4 psmouse soundcore parport_pc parport pcspkr snd_page_alloc joydev i2c_core evdev serio_raw vboxguest ac button ext3 jbd mbcache usbhid hid sg sr_mod cdrom sd_mod crc_t10dif ata_generic ahci ata_piix ohci_hcd thermal ehci_hcd thermal_sys libata usbcore nls_base scsi_mod e1000 [last unloaded: scsi_wait_scan]
[  158.356173] 
[  158.356173] Pid: 1375, comm: ifconfig Not tainted (2.6.32-5-686 #1) VirtualBox
[  158.356173] EIP: 0060:[<c11d8ac0>] EFLAGS: 00010286 CPU: 0
[  158.356173] EIP is at netpoll_rx+0x9/0x57
[  158.356173] EAX: 00000000 EBX: d6295240 ECX: 00000000 EDX: 00000000
[  158.356173] ESI: d6295240 EDI: d6295240 EBP: c14c7a24 ESP: d6437c04
[  158.356173]  DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068
[  158.356173] Process ifconfig (pid: 1375, ti=d6436000 task=d79b9dc0 task.ti=d6436000)
[  158.356173] Stack:
[  158.356173]  d6295240 d6295240 d7a28000 c14c7a24 c11d8b1b 00000018 d6295240 d792ec4e
[  158.356173] <0> d7a28000 da0a7958 d7a28000 00000032 da0e323c da0a9436 d6295240 da0a9707
[  158.356173] <0> d6295240 c11f745a 00000000 d6295240 d792ec30 d63b8000 c11f7080 00000400
[  158.356173] Call Trace:
[  158.356173]  [<c11d8b1b>] ? netif_rx+0xd/0xbf
[  158.356173]  [<da0a7958>] ? ipsec_rcv_complete+0x12b/0x137 [ipsec]
[  158.356173]  [<da0a9436>] ? ipsec_rsm+0xb1/0x25d [ipsec]
[  158.356173]  [<da0a9707>] ? ipsec_rcv+0x5c/0x69 [ipsec]
[  158.356173]  [<c11f745a>] ? ip_local_deliver_finish+0x10c/0x18c
[  158.356173]  [<c11f7080>] ? ip_rcv_finish+0x2c4/0x2d8
[  158.356173]  [<c11d9061>] ? netif_receive_skb+0x3bb/0x3d6
[  158.356173]  [<d881ea2c>] ? e1000_clean_rx_irq+0x351/0x400 [e1000]
[  158.356173]  [<d88223c2>] ? e1000_clean+0x29f/0x40d [e1000]
[  158.356173]  [<c11d95e1>] ? net_rx_action+0x96/0x194
[  158.356173]  [<c103570e>] ? __do_softirq+0xaa/0x156
[  158.356173]  [<c10357eb>] ? do_softirq+0x31/0x3c
[  158.356173]  [<c11d85cd>] ? __dev_set_rx_mode+0x77/0x7a
[  158.356173]  [<c103595a>] ? _local_bh_enable_ip+0x63/0x6e
[  158.356173]  [<c11dd1c7>] ? dev_mc_add+0x45/0x4c
[  158.356173]  [<c121cfda>] ? igmp_group_added+0x4a/0xf6
[  158.356173]  [<c11ef948>] ? netlink_broadcast+0x224/0x259
[  158.356173]  [<c121d1b5>] ? ip_mc_inc_group+0x74/0x1c3
[  158.356173]  [<c121d2f0>] ? ip_mc_inc_group+0x1af/0x1c3
[  158.356173]  [<c121d40d>] ? ip_mc_up+0x34/0x49
[  158.356173]  [<c121815c>] ? inetdev_event+0x175/0x3c3
[  158.356173]  [<c11e1e24>] ? rtmsg_ifinfo+0x88/0xac
[  158.356173]  [<c11e5984>] ? fib_rules_event+0x16/0xe3
[  158.356173]  [<c126ff88>] ? notifier_call_chain+0x2a/0x47
[  158.356173]  [<c1047586>] ? raw_notifier_call_chain+0x9/0xc
[  158.356173]  [<c11dab3c>] ? dev_open+0xc6/0xcc
[  158.356173]  [<c11da3d0>] ? dev_change_flags+0xa2/0x153
[  158.356173]  [<c1218fdf>] ? devinet_ioctl+0x236/0x4cb
[  158.356173]  [<c11cca71>] ? sock_ioctl+0x1c9/0x1ee
[  158.356173]  [<c11cc8a8>] ? sock_ioctl+0x0/0x1ee
[  158.356173]  [<c10bd964>] ? vfs_ioctl+0x1c/0x5f
[  158.356173]  [<c10bdef8>] ? do_vfs_ioctl+0x4aa/0x4e5
[  158.356173]  [<c10c39e5>] ? alloc_fd+0x52/0xb7
[  158.356173]  [<c126ff48>] ? do_page_fault+0x2f1/0x307
[  158.356173]  [<c10bdf74>] ? sys_ioctl+0x41/0x58
[  158.356173]  [<c10030fb>] ? sysenter_do_call+0x12/0x28
[  158.356173] Code: c1 85 c0 74 0d e8 31 27 e7 ff 89 43 0c 89 53 10 eb 0e c7 43 0c 00 00 00 00 c7 43 10 00 00 00 00 5b c3 55 57 89 c7 56 53 8b 40 14 <8b> 98 40 02 00 00 85 db 74 3b 83 7b 0c 00 75 06 83 7b 04 00 74 
[  158.356173] EIP: [<c11d8ac0>] netpoll_rx+0x9/0x57 SS:ESP 0068:d6437c04
[  158.356173] CR2: 0000000000000240
[  160.261325] ---[ end trace 5acc2ade89da2ffb ]---
[  160.272330] Kernel panic - not syncing: Fatal exception in interrupt
[  160.323099] Pid: 1375, comm: ifconfig Tainted: G      D    2.6.32-5-686 #1
[  160.362384] Call Trace:
[  160.406472]  [<c126c7aa>] ? panic+0x38/0xe6
[  160.409599]  [<c126edb9>] ? oops_end+0x91/0x9d
[  160.441483]  [<c101b77f>] ? no_context+0x105/0x10e
[  160.523454]  [<c101b89d>] ? __bad_area_nosemaphore+0x115/0x11d
[  160.596574]  [<da0a7efe>] ? ipsec_rcv_cleanup+0x4fe/0x817 [ipsec]
[  160.612611]  [<c126fc57>] ? do_page_fault+0x0/0x307
[  160.619568]  [<c101b8af>] ? bad_area_nosemaphore+0xa/0xc
[  160.622650]  [<c126e4ab>] ? error_code+0x73/0x78
[  160.629605]  [<da0b00d8>] ? pfkey_acquire+0x1f3/0x290 [ipsec]
[  160.634808]  [<c11d8ac0>] ? netpoll_rx+0x9/0x57
[  160.638420]  [<c11d8b1b>] ? netif_rx+0xd/0xbf
[  160.658918]  [<da0a7958>] ? ipsec_rcv_complete+0x12b/0x137 [ipsec]
[  160.663531]  [<da0a9436>] ? ipsec_rsm+0xb1/0x25d [ipsec]
[  160.666799]  [<da0a9707>] ? ipsec_rcv+0x5c/0x69 [ipsec]
[  160.672040]  [<c11f745a>] ? ip_local_deliver_finish+0x10c/0x18c
[  160.689132]  [<c11f7080>] ? ip_rcv_finish+0x2c4/0x2d8
[  160.702318]  [<c11d9061>] ? netif_receive_skb+0x3bb/0x3d6
[  160.752665]  [<d881ea2c>] ? e1000_clean_rx_irq+0x351/0x400 [e1000]
[  160.778142]  [<d88223c2>] ? e1000_clean+0x29f/0x40d [e1000]
[  160.779797]  [<c11d95e1>] ? net_rx_action+0x96/0x194
[  160.822152]  [<c103570e>] ? __do_softirq+0xaa/0x156
[  160.865596]  [<c10357eb>] ? do_softirq+0x31/0x3c
[  160.882173]  [<c11d85cd>] ? __dev_set_rx_mode+0x77/0x7a
[  160.906766]  [<c103595a>] ? _local_bh_enable_ip+0x63/0x6e
[  160.952242]  [<c11dd1c7>] ? dev_mc_add+0x45/0x4c
[  160.955669]  [<c121cfda>] ? igmp_group_added+0x4a/0xf6
[  160.958959]  [<c11ef948>] ? netlink_broadcast+0x224/0x259
[  160.963616]  [<c121d1b5>] ? ip_mc_inc_group+0x74/0x1c3
[  160.966878]  [<c121d2f0>] ? ip_mc_inc_group+0x1af/0x1c3
[  161.002479]  [<c121d40d>] ? ip_mc_up+0x34/0x49
[  161.022037]  [<c121815c>] ? inetdev_event+0x175/0x3c3
[  161.032750]  [<c11e1e24>] ? rtmsg_ifinfo+0x88/0xac
[  161.047595]  [<c11e5984>] ? fib_rules_event+0x16/0xe3
[  161.050892]  [<c126ff88>] ? notifier_call_chain+0x2a/0x47
[  161.068380]  [<c1047586>] ? raw_notifier_call_chain+0x9/0xc
[  161.079936]  [<c11dab3c>] ? dev_open+0xc6/0xcc
[  161.089715]  [<c11da3d0>] ? dev_change_flags+0xa2/0x153
[  161.123420]  [<c1218fdf>] ? devinet_ioctl+0x236/0x4cb
[  161.148900]  [<c11cca71>] ? sock_ioctl+0x1c9/0x1ee
[  161.173373]  [<c11cc8a8>] ? sock_ioctl+0x0/0x1ee
[  161.202439]  [<c10bd964>] ? vfs_ioctl+0x1c/0x5f
[  161.243687]  [<c10bdef8>] ? do_vfs_ioctl+0x4aa/0x4e5
[  161.322870]  [<c10c39e5>] ? alloc_fd+0x52/0xb7
[  161.324147]  [<c126ff48>] ? do_page_fault+0x2f1/0x307
[  161.331299]  [<c10bdf74>] ? sys_ioctl+0x41/0x58
[  161.353351]  [<c10030fb>] ? sysenter_do_call+0x12/0x28


-- 

Lawrence Manning
Lead Developer

lawrence.manning at smoothwall.net

Smoothwall Ltd
1 John Charles Way, Leeds, LS12 6QA United Kingdom 
Telephone:  USA: 1 800 959 3760  Europe: +44 (0) 8701 999500
www.smoothwall.net

Smoothwall Limited is registered in England, Company Number: 4298247.  This email and any attachments transmitted with it are confidential to the intended recipient(s) and may not be communicated to any other person or published by any means without the permission of Smoothwall Limited.  Any opinions stated in this message are solely those of the author.

More information about the Users mailing list