From mboxrd@z Thu Jan 1 00:00:00 1970 From: Weiping Pan Subject: Fwd: Re: [PATCH v3] net-tcp: TCP/IP stack bypass for loopback connections Date: Thu, 18 Oct 2012 18:19:17 +0800 Message-ID: <507FD7A5.9080503@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit To: "open list:NETWORKING [GENERAL]" Return-path: Received: from mail-pb0-f46.google.com ([209.85.160.46]:59934 "EHLO mail-pb0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755244Ab2JRKRT (ORCPT ); Thu, 18 Oct 2012 06:17:19 -0400 Received: by mail-pb0-f46.google.com with SMTP id rr4so8225166pbb.19 for ; Thu, 18 Oct 2012 03:17:19 -0700 (PDT) Sender: netdev-owner@vger.kernel.org List-ID: Sorry, forget to cc the list. 2012/9/18 Bruce "Brutus" Curtis: > From: "Bruce \"Brutus\" Curtis" > > TCP/IP loopback socket pair stack bypass, based on an idea by, and > rough upstream patch from, David Miller called > "friends", the data structure modifcations and connection scheme are > reused with extensive data-path changes. Hi, Bruce, I found that there is a bug in the tcp friends patch, when I kill netperf randomly, panic occurs in tcp_close(). BUG: unable to handle kernel NULL pointer dereference at 0000000d IP: [] tcp_close+0x7b/0x3a0 *pde = 00000000 Oops: 0000 [#1] SMP Modules linked in: fuse 8021q garp stp llc ip6t_REJECT nf_conntrack_ipv6 nf_defrag_ipv6 nf_conntrack_ipv4 nf_defrag_ipv4 ip6table_filter xt_state nf_conntrack ip6_tables ppdev parport_pc pcspkr i2c_piix4 i2c_core parport microcode e1000 uinput Pid: 16627, comm: netperf Not tainted 3.6.0+ #25 innotek GmbH VirtualBox EIP: 0060:[] EFLAGS: 00010202 CPU: 1 EIP is at tcp_close+0x7b/0x3a0 EAX: f6f41240 EBX: c2a46f40 ECX: 00000000 EDX: 00000001 ESI: 00000000 EDI: c2a46f88 EBP: c2a1fd8c ESP: c2a1fd78 DS: 007b ES: 007b FS: 00d8 GS: 00e0 SS: 0068 CR0: 8005003b CR2: 0000000d CR3: 00c07000 CR4: 000006d0 DR0: 00000000 DR1: 00000000 DR2: 00000000 DR3: 00000000 DR6: ffff0ff0 DR7: 00000400 Process netperf (pid: 16627, ti=c2a1e000 task=f44cd780 task.ti=c2a1e000) Stack: c0b4d880 00000000 c2a46f40 ed821080 f4de7f00 c2a1fd9c c0857cff ed821080 00000000 c2a1fdb0 c07e3db0 00000000 f6f07540 00000008 c2a1fdbc c07e4127 f4de7f00 c2a1fdec c05378e8 00000001 00000000 00000000 f54bf010 ed82109c Call Trace: [] inet_release+0x5f/0x70 [] sock_release+0x20/0x80 [] sock_close+0x17/0x30 [] __fput+0x98/0x1f0 [] ____fput+0xd/0x10 [] task_work_run+0x91/0xb0 [] do_exit+0x177/0x7f0 [] ? smp_reschedule_interrupt+0x27/0x30 [] do_group_exit+0x37/0xa0 [] get_signal_to_deliver+0x1c9/0x5b0 [] ? update_curr+0x213/0x380 [] do_signal+0x2a/0x980 [] ? __switch_to+0xc7/0x340 [] ? __schedule+0x379/0x780 [] ? apic_timer_interrupt+0x34/0x3c [] ? __audit_syscall_exit+0x36e/0x3a0 [] ? __audit_syscall_exit+0x36e/0x3a0 [] do_notify_resume+0x75/0xa0 [] work_notifysig+0x30/0x37 Code: 85 c0 74 3e 83 6b 50 01 8b 08 8b 50 04 c7 00 00 00 00 00 c7 40 04 00 00 00 00 89 51 04 89 0a 8b 88 9c 00 00 00 8b 50 34 2b 50 30<0f> b6 49 0d 83 e1 01 29 ca 01 d6 e8 c5 64 fb ff 8b 43 48 39 f8 EIP: [] tcp_close+0x7b/0x3a0 SS:ESP 0068:c2a1fd78 CR2: 000000000000000d ---[ end trace 9f6d5c8fc973265c ]--- How to reproduce it ? 1 run netserver in a loop 2 run netperf with different modes in a loop 3 kill netperf randomly And I found it is easy to see the panic on VirtualBox, but I did not see it on the real machine. Any hints ? thanks Weiping Pan