From: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
To: David Ahern <dsa@cumulusnetworks.com>, netdev@vger.kernel.org
Cc: sergey.senozhatsky.work@gmail.com, richard.alpe@ericsson.com,
festevam@gmail.com
Subject: Re: [PATCH net-next v2] net: Initialize table in fib result
Date: Wed, 16 Sep 2015 18:19:56 +0200 [thread overview]
Message-ID: <55F996AC.1090305@cumulusnetworks.com> (raw)
In-Reply-To: <1442420199-51715-1-git-send-email-dsa@cumulusnetworks.com>
On 09/16/2015 06:16 PM, David Ahern wrote:
> Sergey, Richard and Fabio reported an oops in ip_route_input_noref. e.g., from Richard:
>
> [ 0.877040] BUG: unable to handle kernel NULL pointer dereference at 0000000000000056
> [ 0.877597] IP: [<ffffffff8155b5e2>] ip_route_input_noref+0x1a2/0xb00
> [ 0.877597] PGD 3fa14067 PUD 3fa6e067 PMD 0
> [ 0.877597] Oops: 0000 [#1] SMP
> [ 0.877597] Modules linked in: virtio_net virtio_pci virtio_ring virtio
> [ 0.877597] CPU: 1 PID: 119 Comm: ifconfig Not tainted 4.2.0+ #1
> [ 0.877597] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> [ 0.877597] task: ffff88003fab0bc0 ti: ffff88003faa8000 task.ti: ffff88003faa8000
> [ 0.877597] RIP: 0010:[<ffffffff8155b5e2>] [<ffffffff8155b5e2>] ip_route_input_noref+0x1a2/0xb00
> [ 0.877597] RSP: 0018:ffff88003ed03ba0 EFLAGS: 00010202
> [ 0.877597] RAX: 0000000000000046 RBX: 00000000ffffff8f RCX: 0000000000000020
> [ 0.877597] RDX: ffff88003fab50b8 RSI: 0000000000000200 RDI: ffffffff8152b4b8
> [ 0.877597] RBP: ffff88003ed03c50 R08: 0000000000000000 R09: 0000000000000000
> [ 0.877597] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003fab6f00
> [ 0.877597] R13: ffff88003fab5000 R14: 0000000000000000 R15: ffffffff81cb5600
> [ 0.877597] FS: 00007f6de5751700(0000) GS:ffff88003ed00000(0000) knlGS:0000000000000000
> [ 0.877597] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [ 0.877597] CR2: 0000000000000056 CR3: 000000003fa6d000 CR4: 00000000000006e0
> [ 0.877597] Stack:
> [ 0.877597] 0000000000000000 0000000000000046 ffff88003fffa600 ffff88003ed03be0
> [ 0.877597] ffff88003f9e2c00 697da8c0017da8c0 ffff880000000000 000000000007fd00
> [ 0.877597] 0000000000000000 0000000000000046 0000000000000000 0000000400000000
> [ 0.877597] Call Trace:
> [ 0.877597] <IRQ>
> [ 0.877597] [<ffffffff812bfa1f>] ? cpumask_next_and+0x2f/0x40
> [ 0.877597] [<ffffffff8158e13c>] arp_process+0x39c/0x690
> [ 0.877597] [<ffffffff8158e57e>] arp_rcv+0x13e/0x170
> [ 0.877597] [<ffffffff8151feec>] __netif_receive_skb_core+0x60c/0xa00
> [ 0.877597] [<ffffffff81515795>] ? __build_skb+0x25/0x100
> [ 0.877597] [<ffffffff81515795>] ? __build_skb+0x25/0x100
> [ 0.877597] [<ffffffff81521ff6>] __netif_receive_skb+0x16/0x70
> [ 0.877597] [<ffffffff81522078>] netif_receive_skb_internal+0x28/0x90
> [ 0.877597] [<ffffffff8152288f>] napi_gro_receive+0x7f/0xd0
> [ 0.877597] [<ffffffffa0017906>] virtnet_receive+0x256/0x910 [virtio_net]
> [ 0.877597] [<ffffffffa0017fd8>] virtnet_poll+0x18/0x80 [virtio_net]
> [ 0.877597] [<ffffffff815234cd>] net_rx_action+0x1dd/0x2f0
> [ 0.877597] [<ffffffff81053228>] __do_softirq+0x98/0x260
> [ 0.877597] [<ffffffff8164969c>] do_softirq_own_stack+0x1c/0x30
>
> The root cause is use of res.table uninitialized.
>
> Thanks to Nikolay for noticing the uninitialized use amongst the maze of
> gotos.
>
> As Nikolay pointed out the second initialization is not required to fix
> the oops, but rather to fix a related problem where a valid lookup should
> be invalidated before creating the rth entry.
>
> Fixes: b7503e0cdb5d ("net: Add FIB table id to rtable")
> Reported-by: Sergey Senozhatsky <sergey.senozhatsky.work@gmail.com>
> Reported-by: Richard Alpe <richard.alpe@ericsson.com>
> Reported-by: Fabio Estevam <festevam@gmail.com>
> Tested-by: Fabio Estevam <fabio.estevam@freescale.com>
> Signed-off-by: David Ahern <dsa@cumulusnetworks.com>
> ---
> v2:
> - clarification in the commit message regarding the second initialization
>
> net/ipv4/route.c | 2 ++
> 1 file changed, 2 insertions(+)
>
Thanks again!
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
next prev parent reply other threads:[~2015-09-16 16:19 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-16 16:16 [PATCH net-next v2] net: Initialize table in fib result David Ahern
2015-09-16 16:19 ` Nikolay Aleksandrov [this message]
2015-09-17 7:45 ` Richard Alpe
2015-09-16 23:58 ` Florian Fainelli
2015-09-17 0:00 ` Sergey Senozhatsky
2015-09-18 4:35 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55F996AC.1090305@cumulusnetworks.com \
--to=nikolay@cumulusnetworks.com \
--cc=dsa@cumulusnetworks.com \
--cc=festevam@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=richard.alpe@ericsson.com \
--cc=sergey.senozhatsky.work@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.