rmmod crashes kernel

Question

rmmod crashes kernel

djwatson opened this issue 9 years ago · 3 comments

Seen this a couple times, haven't nailed it down yet though

Console initialized - press Ctrl-D for menu [45/96761]
[ 282.613149] tls: --> tls_init
[ 307.655912] tls: --> tls_exit
[ 307.664466] ------------[ cut here ]------------
[ 307.671461] general protection fault: 0000 [#1] SMP
[ 307.672294] Last file read FILE* = ffff8823b7b30800
[ 307.673186] Modules linked in: af_ktls(O-) decnet tcp_diag inet_diag ip6table_filter xt_NFLOG xt_comment iptable_filter netconsole autofs4 hwmon_vid w83795
i2c_piix4 rpcsec_gss_krb5 auth_rpcgss oid_registry dm_mod loop sg serio_raw iTCO_wdt iTCO_vendor_support e1000e ipmi_devintf x86_pkg_temp_thermal coretemp kv
m irqbypass crc32c_intel aesni_intel ablk_helper cryptd lrw gf128mul glue_helper aes_x86_64 pcspkr i2c_i801 i2c_core lpc_ich mfd_core ehci_pci ehci_hcd ipmi_s
i ipmi_msghandler shpchp button
[ 307.681160] CPU: 13 PID: 7393 Comm: rmmod Tainted: G O 4.6.0-rc6_00054_g5294e32 #117
[ 307.682649] Hardware name: Quanta Freedom/Winterfell, BIOS F03_3B09 05/22/2014
[ 307.683901] task: ffff8823e65daa00 ti: ffff8811d4628000 task.ti: ffff8811d4628000
[ 307.685257] RIP: 0010:[] [] proto_unregister+0x48/0xe0
[ 307.686644] RSP: 0018:ffff8811d462be88 EFLAGS: 00010282
[ 307.687541] RAX: dead000000000100 RBX: ffffffffa023e000 RCX: 0000000000000000
[ 307.688729] RDX: dead000000000200 RSI: ffff88247f8ccb18 RDI: ffffffff81f00360
[ 307.689970] RBP: ffff8811d462bea8 R08: 00000000fffffffe R09: 0000000000000000
[ 307.691331] R10: 0000000000000005 R11: 0000000000000001 R12: 00007ffe72736270
[ 307.697318] R13: 00007ffe727377c2 R14: 0000000000000000 R15: 0000000000000001
[ 307.705584] FS: 00007f251200c700(0000) GS:ffff88247f8c0000(0000) knlGS:0000000000000000
[ 307.712018] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 307.713913] CR2: 00007f2511ba5183 CR3: 00000023e7bbb000 CR4: 00000000001406e0
[ 307.715328] Stack:
[ 307.715686] 0000000000000000 ffff8811d462bed8 ffffffffa023e180 ffffffffa023e180
[ 307.717317] ffff8811d462beb8 ffffffffa023c29f ffff8811d462bf48 ffffffff810daed5
[ 307.718601] 0000000000000000 ffff8824280896e8 00736c746b5f6661 00007f2512014000
[ 307.720006] Call Trace:
[ 307.720421] [] tls_exit+0x2f/0xd90 [af_ktls]
[ 307.721430] [] SyS_delete_module+0x155/0x1a0
[ 307.722416] [] ? vm_munmap+0x5c/0x80
[ 307.723268] [] ? SyS_munmap+0x2c/0x40
[ 307.724151] [] entry_SYSCALL_64_fastpath+0x13/0x8f
[ 307.725309] Code: 8b 83 c0 00 00 00 83 f8 3f 74 0b 89 c0 f0 48 0f b3 05 c5 82 b5 00 48 8b 83 68 01 00 00 48 8b 93 70 01 00 00 48 c7 c7 60 03 f0 81 <48> 89
50 08 48 89 45 e0 48 89 02 48 b8 00 02 00 00 00 00 ad de
[ 307.728639] RIP [] proto_unregister+0x48/0xe0
[ 307.731148] RSP
[ 307.731732] ------------[ cut here ]------------

Answer 1 · 2016-05-11T06:45:40.000Z

Could you attach some reproducer? I haven't seen it.

Answer 2 · 2016-05-19T17:50:20.000Z

It looks like if sock_register fails, sock_unregister will crash. This is probably a non-issue if the module is merged to mainline, but would be nice to fix.

Answer 3 · 2016-05-19T18:00:16.000Z

Ah, I see it now. This should be easyfix.