| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20120706055859.GA27693@localhost>
Date: Fri, 6 Jul 2012 13:58:59 +0800
From: Fengguang Wu <wfg@...ux.intel.com>
To: David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org,
Steffen Klassert <steffen.klassert@...unet.com>
Subject: BUG: unable to handle kernel paging request at 00000000d8be176d
On Thu, Jul 05, 2012 at 02:22:00PM -0700, David Miller wrote:
>
> Steffen Klassert posted a patch which fixes this.
Steffen's patch converts one oops message into another.
tree: git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next.git master
head: 700db99d0140e9da2a31e08ebd3e1b121691aa26
commit: a2de86f63cfc92f7aaf11e7b9d9f2150946a1622 [1/2] ipv6: Initialize the neighbour pointer of rt6_info on allocation
x86_64-allyesdebian BBB
That 3 'B's indicate boot failures for all the 3 commits (detailed
below). Where commit 0 still has the old error message. Commit 1 and
2 (both with Steffen's fix) trigger another oops. Note that commit 2
is boot tested 9 times, all of them produce about the same error message.
0: B c90a9bb [ 77.308688] general protection fault: 0000 [#1] SMP DEBUG_PAGEALLOC [__nla_put nla_put inet6_rt_notify fib6_add __ip6_ins_rt ip6_route_add addrconf_add_mroute addrconf_add_dev addrconf_dev_config addrconf_notify notifier_call_chain __raw_notifier_call_chain raw_notifier_call_chain call_netdevice_notifiers __dev_notify_flags dev_change_flags ip_auto_config do_one_initcall kernel_init kernel_thread_helper]
1: B a2de86f [ 127.378529] BUG: unable to handle kernel paging request at 00000000d8be176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 86.189249] BUG: unable to handle kernel paging request at 00000000d0d4176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 91.294019] BUG: unable to handle kernel paging request at 00000000eac8176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 136.361566] BUG: unable to handle kernel paging request at 000000008eab176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 133.408933] BUG: unable to handle kernel paging request at 000000009bc2176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 136.259517] BUG: unable to handle kernel paging request at 00000000b79d176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 82.898992] BUG: unable to handle kernel paging request at 000000003ae1176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 85.065760] BUG: unable to handle kernel paging request at 00000000a2c1176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 83.797562] BUG: unable to handle kernel paging request at 00000000fca1176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
2: B 700db99 [ 157.345636] BUG: unable to handle kernel paging request at 0000000067bc176d [ip6_dst_lookup_tail ip6_dst_lookup_flow ip6_datagram_connect inet_dgram_connect sys_connect system_call_fastpath]
[ 124.000087] vhci_hcd: changed 0
[ 126.016883] vhci_hcd: changed 0
[ 127.378529] BUG: unable to handle kernel paging request at 00000000d8be176d
[ 127.381203] IP: [<ffffffff82aecfc2>] ip6_dst_lookup_tail+0xd5/0x1d8
[ 127.381203] PGD 0
[ 127.381203] Oops: 0000 [#1] SMP DEBUG_PAGEALLOC
[ 127.381203] CPU 0
[ 127.381203] Modules linked in:
[ 127.381203]
[ 127.381203]
[ 127.381203] Pid: 3073, comm: sshd Not tainted 3.5.0-rc5+ #2 Bochs Bochs
[ 127.381203] RIP: 0010:[<ffffffff82aecfc2>] [<ffffffff82aecfc2>] ip6_dst_lookup_tail+0xd5/0x1d8
[ 127.381203] RSP: 0018:ffff8800122d1d08 EFLAGS: 00010206
[ 127.381203] RAX: 00000000d8be1600 RBX: ffff8800122d1db0 RCX: 0000000000000015
[ 127.381203] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000246
[ 127.381203] RBP: ffff8800122d1d98 R08: ffff88001f3d5580 R09: ffffffff85124e70
[ 127.381203] R10: ffffffff840401a0 R11: ffff88001214be70 R12: ffff8800122d1e10
[ 127.381203] R13: 0000000000000000 R14: ffffffff855c5e00 R15: ffff88000cf6e938
[ 127.381203] FS: 00007fc9742597c0(0000) GS:ffff88001f200000(0000) knlGS:0000000000000000
[ 127.381203] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 127.381203] CR2: 00000000d8be176d CR3: 000000001219a000 CR4: 00000000000006f0
[ 127.381203] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 127.381203] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 127.381203] Process sshd (pid: 3073, threadinfo ffff8800122d0000, task ffff880011c74d40)
[ 127.381203] Stack:
[ 127.381203] ffff8800122d1d18 ffff8800122d1e34 ffff8800122d1d28 ffffffff8111ee10
[ 127.381203] ffff8800122d1d48 ffffffff8111f528 ffffffff810c0f1e ffffffff810da5f8
[ 127.381203] ffff8800122d1d68 00000000810da56c 0000000000000092 00000000b4cb58b8
[ 127.381203] Call Trace:
[ 127.381203] [<ffffffff8111ee10>] ? irq_trace+0x14/0x21
[ 127.381203] [<ffffffff8111f528>] ? time_hardirqs_off+0x26/0x2a
[ 127.381203] [<ffffffff810c0f1e>] ? local_clock+0x3b/0x52
[ 127.381203] [<ffffffff810da5f8>] ? trace_hardirqs_off+0xd/0xf
[ 127.381203] [<ffffffff81097236>] ? _local_bh_enable_ip+0xbb/0xd8
[ 127.381203] [<ffffffff82aed0f9>] ip6_dst_lookup_flow+0x34/0x7e
[ 127.381203] [<ffffffff82b11a51>] ip6_datagram_connect+0x34b/0x4a4
[ 127.381203] [<ffffffff81097261>] ? local_bh_enable_ip+0xe/0x10
[ 127.381203] [<ffffffff82ab37c0>] inet_dgram_connect+0x3f/0x6e
[ 127.381203] [<ffffffff829d1aa3>] sys_connect+0x9b/0xd9
[ 127.381203] [<ffffffff810de26a>] ? trace_hardirqs_on_caller+0x123/0x17f
[ 127.381203] [<ffffffff816b050e>] ? trace_hardirqs_on_thunk+0x3a/0x3f
[ 127.381203] [<ffffffff82e53629>] system_call_fastpath+0x16/0x1b
[ 127.381203] Code: 8a 48 6e c0 e9 05 0f b6 c9 eb 02 31 c9 4c 8b 85 78 ff ff ff 49 8d 54 24 14 4c 89 f7 e8 fa db 00 00 85 c0 0f 85 bb 00 00 00 eb a4 <f6> 80 6d 01 00 00 de 0f 85 a5 00 00 00 e8 53 fc ff ff 48 8b 03
[ 127.381203] RIP [<ffffffff82aecfc2>] ip6_dst_lookup_tail+0xd5/0x1d8
[ 127.381203] RSP <ffff8800122d1d08>
[ 127.381203] CR2: 00000000d8be176d
[ 127.484620] ---[ end trace 86ddee5921c27d8c ]---
commit a2de86f63cfc92f7aaf11e7b9d9f2150946a1622
Author: Steffen Klassert <steffen.klassert@...unet.com>
Date: Thu Jul 5 03:18:28 2012 +0000
ipv6: Initialize the neighbour pointer of rt6_info on allocation
git commit 97cac082 (ipv6: Store route neighbour in rt6_info struct)
added a neighbour pointer to rt6_info. Currently we don't initialize
this pointer at allocation time. We assume this pointer to be valid
if it is not a null pointer, so initialize it on allocation.
Signed-off-by: Steffen Klassert <steffen.klassert@...unet.com>
Signed-off-by: David S. Miller <davem@...emloft.net>
diff --git a/net/ipv6/route.c b/net/ipv6/route.c
index ceff71d..6cc6c88 100644
--- a/net/ipv6/route.c
+++ b/net/ipv6/route.c
@@ -273,7 +273,7 @@ static inline struct rt6_info *ip6_dst_alloc(struct net *net,
0, 0, flags);
if (rt) {
- memset(&rt->rt6i_table, 0,
+ memset(&rt->n, 0,
sizeof(*rt) - sizeof(struct dst_entry));
rt6_init_peer(rt, table ? &table->tb6_peers : net->ipv6.peers);
}
View attachment "dmesg-kvm-fat-3730-2012-07-06-13-19-00" of type "text/plain" (267119 bytes)
Powered by blists - more mailing lists