Running tcpdump on a SLES12 SP4 System with Kernel 4.12.14-95.48-default may crash the system

This document (000019666) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 12 SP4 (SLES12 SP4)


Situation

On a SLES12 SP4 system with kernel 4.12.14-95.48-default installed running the following command may crash the system.

# tcpdump -i eth0 -n "tcp[tcp[12]/16*4]=22 and (tcp[tcp[12]/16*4+5]=1 or tcp[tcp[12]/16*4+5]=2)"

If kdump is enabled and configured, the resulting dmesg.txt in /var/crash/<date-time-of-crash> will show the following stack trace at the end of the file:

[   48.001044] BUG: unable to handle kernel paging request at ffff9d0fbf403e88 
[   48.001124] IP: 0xffff9d0fbf403e88
[   48.001170] PGD 4e27c067 P4D 4e27c067 PUD 4e280067 PMD 800000007f4000e3  
[   48.001255] Oops: 0011 [#1] SMP PTI
[   48.001273] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G        W          4.12.14-95.48-default #1 SLE12-SP4
[   48.001348] Hardware name: Xen HVM domU, BIOS 4.9.4_04-3.53 05/08/2019
[   48.001381] task: ffffffffab0134c0 task.stack: ffffffffab000000
[   48.001411] RIP: 0010:0xffff9d0fbf403e88
[   48.001432] RSP: 0018:ffff9d0fbf403ca8 EFLAGS: 00010282
[   48.001459] RAX: 0000000000000000 RBX: ffff9d0f95b45800 RCX: 0000000000000001
[   48.001495] RDX: ffff9d0fbf403c90 RSI: 0000000000000042 RDI: ffff9d0fadfdcd00
[   48.001530] RBP: 0000000000022e40 R08: ffff9d0fac9e7880 R09: 0000000000000042
[   48.001566] R10: ffff9d0fac9e78c0 R11: 0000000000000020 R12: ffff9d0fb03d4000
[   48.001600] R13: ffffffffc06415c8 R14: ffff9d0fb03d4000 R15: ffff9d0fbf403e88
[   48.001650] FS:  0000000000000000(0000) GS:ffff9d0fbf400000(0000) knlGS:0000000000000000
[   48.001701] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   48.001727] CR2: ffff9d0fbf403e88 CR3: 000000004d00a005 CR4: 00000000003606f0
[   48.001764] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[   48.001795] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[   48.001827] Call Trace:
[   48.001841]  <IRQ>
[   48.001857]  ? find_busiest_group+0x110/0xa20
[   48.001881]  ? __netif_receive_skb_core+0x2b6/0xa50
[   48.001905]  ? update_load_avg+0x84f/0x8b0
[   48.001925]  ? netif_receive_skb_internal+0x2d/0x3d0
[   48.001949]  ? dev_gro_receive+0x43b/0x460
[   48.001969]  ? napi_gro_receive+0xbf/0xe0
[   48.001991]  ? xennet_poll+0x7cc/0xbc0 [xen_netfront]
[   48.002015]  ? net_rx_action+0x281/0x3c0
[   48.002037]  ? __do_softirq+0xce/0x28b
[   48.002057]  ? irq_exit+0xdb/0xf0
[   48.002077]  ? xen_evtchn_do_upcall+0x2c/0x50
[   48.002098]  ? xen_hvm_callback_vector+0x8f/0xa0
[   48.002119]  </IRQ>
[   48.002134]  ? ldsem_down_write+0x210/0x210
[   48.002155]  ? native_safe_halt+0xe/0x10
[   48.002175]  ? default_idle+0x18/0x100
[   48.002193]  ? do_idle+0x160/0x1f0
[   48.002210]  ? cpu_startup_entry+0x5d/0x70
[   48.002231]  ? start_kernel+0x49d/0x4a8
[   48.002249]  ? set_init_arg+0x55/0x55
[   48.003207]  ? early_idt_handler_array+0x120/0x120
[   48.004167]  ? x86_64_start_kernel+0x131/0x13e
[   48.005129]  ? secondary_startup_64+0xa5/0xb0
[   48.006089] Code: 9d ff ff 00 40 3d b0 0f 9d ff ff 68 3e 40 bf 0f 9d ff ff 68 3e 40 bf 0f 9d ff ff 00 00 00 00 00 00 00 00 80 3e 40 bf 0f 9d ff ff <80> 3e 40 bf 0f 9d ff ff 00 0
0 00 00 00 00 00 00 98 3e 40 bf 0f  
[   48.008046] Modules linked in: msr af_packet iscsi_ibft iscsi_boot_sysfs xen_netback xen_blkback xen_gntalloc xen_gntdev xen_evtchn intel_rapl sb_edac crc32_pclmul ghash_clmulni
_intel pcbc joydev xen_kbdfront aesni_intel aes_x86_64 xen_netfront crypto_simd glue_helper cryptd i2c_piix4 pcspkr button xenfs xen_privcmd hid_generic usbhid ata_generic xfs libc
rc32c ata_piix ahci libahci cirrus drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops ttm xen_blkfront crc32c_intel floppy serio_raw drm uhci_hcd ehci_hcd usbcore drm_pan
el_orientation_quirks libata sg dm_multipath dm_mod scsi_dh_rdac scsi_dh_emc scsi_dh_alua scsi_mod autofs4
[   48.014301] Supported: Yes
[   48.015314] CR2: ffff9d0fbf403e88

Depending whether the system is bare metal or running as VM on XEN or VMware the output might be slightly different.

 

Resolution

This is a bug which has been fixed with kernel 4.12.14-95.54-default.

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000019666
  • Creation Date: 16-Jul-2020
  • Modified Date:16-Jul-2020
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.


SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center