| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1275730457.5238.14.camel@edumazet-laptop> Date: Sat, 05 Jun 2010 11:34:17 +0200 From: Eric Dumazet <eric.dumazet@...il.com> To: Andrew Morton <akpm@...ux-foundation.org> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org, bugzilla-daemon@...zilla.kernel.org, bugme-daemon@...zilla.kernel.org, alex.vizor@...il.com, Patrick McHardy <kaber@...sh.net> Subject: Re: [Bugme-new] [Bug 16120] New: Oops: 0000 [#1] SMP, unable to handle kernel NULL pointer dereference at (null) Le samedi 05 juin 2010 à 11:17 +0200, Eric Dumazet a écrit : > Le vendredi 04 juin 2010 à 16:17 -0700, Andrew Morton a écrit : > > (switched to email. Please respond via emailed reply-to-all, not via the > > bugzilla web interface). > > > > On Fri, 4 Jun 2010 09:25:58 GMT > > bugzilla-daemon@...zilla.kernel.org wrote: > > > > > https://bugzilla.kernel.org/show_bug.cgi?id=16120 > > > > > > Summary: Oops: 0000 [#1] SMP, unable to handle kernel NULL > > > pointer dereference at (null) > > > Product: Platform Specific/Hardware > > > Version: 2.5 > > > Kernel Version: 2.6.35-rc1 > > > Platform: All > > > OS/Version: Linux > > > Tree: Mainline > > > Status: NEW > > > Severity: high > > > Priority: P1 > > > Component: x86-64 > > > AssignedTo: platform_x86_64@...nel-bugs.osdl.org > > > ReportedBy: alex.vizor@...il.com > > > Regression: Yes > > > > > > > > > Created an attachment (id=26647) > > > --> (https://bugzilla.kernel.org/attachment.cgi?id=26647) id) > > > > 2.6.35-rc1 kernel log > > > > > > It happens randomly, almost a week I used 2.6.35-rc1 and don't have any > > > problems. But since last day it happened twice. > > > > > > I attached kernel log, please inform me if I can help in investigation. > > > > > > > ip6mr_sk_done() oopsed. > > Only thing I found a first glance is a typo but this should not be the > root of the problem. > At a second glance, I think the problem is that we probably cleanup in the wrong order. ip6mr_rules_exit() is probably called before icmpv6_sk_exit() ? I dont know how to fix this order, no more time for me until Monday. We should reinit mr6_tables list in ip6mr_rules_exit() in any case [PATCH] ip6mr: fixes 1) Fix a typo in ip6mr_for_each_table() definition 2) Re-initiliaze mr6_tables in ip6mr_rules_exit() bugzilla report : https://bugzilla.kernel.org/attachment.cgi?id=26647 Signed-off-by: Eric Dumazet <eric.dumazet@...il.com> diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c index 073071f..e2ff192 100644 --- a/net/ipv6/ip6mr.c +++ b/net/ipv6/ip6mr.c @@ -120,7 +120,7 @@ static void mroute_clean_tables(struct mr6_table *mrt); static void ipmr_expire_process(unsigned long arg); #ifdef CONFIG_IPV6_MROUTE_MULTIPLE_TABLES -#define ip6mr_for_each_table(mrt, met) \ +#define ip6mr_for_each_table(mrt, net) \ list_for_each_entry_rcu(mrt, &net->ipv6.mr6_tables, list) static struct mr6_table *ip6mr_get_table(struct net *net, u32 id) @@ -256,6 +256,7 @@ static void __net_exit ip6mr_rules_exit(struct net *net) list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) ip6mr_free_table(mrt); + INIT_LIST_HEAD(&net->ipv6.mr6_tables); fib_rules_unregister(net->ipv6.mr6_rules_ops); } #else -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists