Re: [Patch net-next] vxlan: do real refcnt for vn_sock

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Cong Wang <amwang@redhat.com>
To: Stephen Hemminger <stephen@networkplumber.org>
Cc: netdev@vger.kernel.org, "David S. Miller" <davem@davemloft.net>
Subject: Re: [Patch net-next] vxlan: do real refcnt for vn_sock
Date: Wed, 29 May 2013 16:39:40 +0800	[thread overview]
Message-ID: <1369816780.12227.21.camel@cr0> (raw)
In-Reply-To: <20130528214142.4e41db6f@nehalam.linuxnetplumber.net>

On Tue, 2013-05-28 at 21:41 -0700, Stephen Hemminger wrote:
> Why not just fix the requirement to drop rtnl when calling igmp.
> The code comes out cleaner and safer as well.

Besides you forget to lock the socket before calling _ip_mc_join_group()
(and also the order is very important too), your patch doesn't fix the
problem I met. The full backtrace is below:

[  114.134123] BUG: unable to handle kernel NULL pointer dereference at
0000000000000068
[  114.136065] IP: [<ffffffff810a1061>] __lock_acquire+0x9c/0x45d
[  114.136065] PGD 71721067 PUD 70e11067 PMD 0 
[  114.136065] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
[  114.136065] CPU: 0 PID: 707 Comm: ip Not tainted 3.10.0-rc2+ #1075
[  114.136065] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2007
[  114.136065] task: ffff88006fce2480 ti: ffff88006d9ec000 task.ti:
ffff88006d9ec000
[  114.136065] RIP: 0010:[<ffffffff810a1061>]  [<ffffffff810a1061>]
__lock_acquire+0x9c/0x45d
[  114.136065] RSP: 0018:ffff88006d9ed6a8  EFLAGS: 00010046
[  114.136065] RAX: 0000000000000068 RBX: 0000000000000000 RCX:
0000000000000000
[  114.136065] RDX: 0000000000000000 RSI: 0000000000000000 RDI:
0000000000000068
[  114.136065] RBP: ffff88006d9ed708 R08: 0000000000000002 R09:
0000000000000000
[  114.136065] R10: ffffffff8104f0bb R11: ffffffff8107632b R12:
ffff88006fce2480
[  114.136065] R13: 0000000000000000 R14: 0000000000000002 R15:
0000000000000000
[  114.136065] FS:  00007fc30cd89740(0000) GS:ffff88007f600000(0000)
knlGS:0000000000000000
[  114.136065] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  114.136065] CR2: 0000000000000068 CR3: 000000006f3a2000 CR4:
00000000000006f0
[  114.136065] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[  114.136065] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7:
0000000000000400
[  114.136065] Stack:
[  114.136065]  ffff88006d9ed6b8 ffffffff00000000 ffff880000000000
000000006fce2480
[  114.136065]  ffffffff00000000 0000000000000068 ffffffff825063d2
0000000000000000
[  114.136065]  ffff88006fce2480 ffffffff81757759 0000000000000002
0000000000000000
[  114.136065] Call Trace:
[  114.136065]  [<ffffffff81757759>] ? lock_sock_nested+0x3c/0x97
[  114.136065]  [<ffffffff810a2162>] lock_acquire+0xfa/0x140
[  114.136065]  [<ffffffff81757759>] ? lock_sock_nested+0x3c/0x97
[  114.136065]  [<ffffffff810a06d4>] ? trace_softirqs_off+0x3b/0xf3
[  114.136065]  [<ffffffff81976a1f>] _raw_spin_lock_bh+0x4a/0x7d
[  114.136065]  [<ffffffff81757759>] ? lock_sock_nested+0x3c/0x97
[  114.136065]  [<ffffffff810798db>] ? should_resched+0x9/0x28
[  114.136065]  [<ffffffff81757759>] lock_sock_nested+0x3c/0x97
[  114.136065]  [<ffffffff815e13a1>] vxlan_leave_group+0xc4/0x111
[  114.136065]  [<ffffffff81054dfc>] ? local_bh_enable_ip+0xe/0x10
[  114.136065]  [<ffffffff815e142d>] vxlan_stop+0x3f/0xaa
[  114.136065]  [<ffffffff817659ff>] __dev_close_many+0x9c/0xc4
[  114.136065]  [<ffffffff81765af3>] dev_close_many+0x70/0xd8
[  114.136065]  [<ffffffff817697f6>] rollback_registered_many+0xa2/0x1a7
[  114.136065]  [<ffffffff81769a4e>] unregister_netdevice_many+0x19/0x51
[  114.136065]  [<ffffffff817738b5>] rtnl_dellink+0xd0/0xfb
[  114.136065]  [<ffffffff81058754>] ? ns_capable+0x4d/0x66
[  114.136065]  [<ffffffff81774aaf>] rtnetlink_rcv_msg+0x19c/0x1ab
[  114.136065]  [<ffffffff81774913>] ? __rtnl_unlock+0x17/0x17
[  114.136065]  [<ffffffff817bc7d8>] netlink_rcv_skb+0x42/0x8d
[  114.136065]  [<ffffffff817748f5>] rtnetlink_rcv+0x26/0x2d
[  114.136065]  [<ffffffff817bb001>] netlink_unicast+0xb7/0x138
[  114.136065]  [<ffffffff817bba6b>] netlink_sendmsg+0x2b8/0x2f2
[  114.136065]  [<ffffffff81752e3e>] sock_sendmsg+0x7f/0xa0
[  114.136065]  [<ffffffff8111ee4d>] ? might_fault+0xa5/0xac
[  114.136065]  [<ffffffff8111ee04>] ? might_fault+0x5c/0xac
[  114.136065]  [<ffffffff817527ba>] ? move_addr_to_kernel+0x41/0x5a
[  114.136065]  [<ffffffff8175db77>] ? verify_iovec+0x5b/0xac
[  114.136065]  [<ffffffff81753064>] __sys_sendmsg+0x205/0x2a1
[  114.136065]  [<ffffffff8102c172>] ? __do_page_fault+0x2ee/0x38b
[  114.136065]  [<ffffffff8107507a>] ? up_read+0x29/0x2e
[  114.136065]  [<ffffffff8116794f>] ? fcheck_files+0xa3/0xe1
[  114.136065]  [<ffffffff81168915>] ? fget_light+0x3a/0xa4
[  114.136065]  [<ffffffff81753f91>] SyS_sendmsg+0x42/0x60
[  114.136065]  [<ffffffff819781c2>] system_call_fastpath+0x16/0x1b
[  114.136065] Code: 00 00 83 3d c1 46 d7 01 00 0f 85 cb 03 00 00 48 c7
c1 1c ef d5 81 48 c7 c2 67 5f d5 81 be fb 0b 00 00 e9 1b 02 00 00 48 8b
45 c8 <48> 81 38 a0 f5 52 82 b8 01 00 00 00 44 0f 44 f0 83 fe 01 77 10 
[  114.136065] RIP  [<ffffffff810a1061>] __lock_acquire+0x9c/0x45d
[  114.136065]  RSP <ffff88006d9ed6a8>
[  114.136065] CR2: 0000000000000068
[  114.136065] ---[ end trace 92078b41edbc404d ]---
[  114.136065] Kernel panic - not syncing: Fatal exception in interrupt

next prev parent reply	other threads:[~2013-05-29  8:39 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-05-28 11:07 [Patch net-next] vxlan: do real refcnt for vn_sock Cong Wang
2013-05-28 15:22 ` Stephen Hemminger
2013-05-29  2:08   ` Cong Wang
2013-05-29  4:22     ` Stephen Hemminger
2013-05-29  4:34       ` Cong Wang
2013-05-29  4:01 ` Cong Wang
2013-05-29  4:41 ` Stephen Hemminger
2013-05-29  5:14   ` Cong Wang
2013-05-29  8:39   ` Cong Wang [this message]
2013-05-31  2:55     ` Cong Wang
2013-05-31  3:56       ` Stephen Hemminger
2013-05-31  4:12         ` Cong Wang

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1369816780.12227.21.camel@cr0 \
    --to=amwang@redhat.com \
    --cc=davem@davemloft.net \
    --cc=netdev@vger.kernel.org \
    --cc=stephen@networkplumber.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).