[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240529175721.1e07b506@kernel.org>
Date: Wed, 29 May 2024 17:57:21 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Matthias Stocker <mstocker@...racuda.com>
Cc: doshir@...are.com, pv-drivers@...are.com, netdev@...r.kernel.org
Subject: Re: [PATCH] vmxnet3: disable rx data ring on dma allocation failure
On Tue, 28 May 2024 12:06:15 +0200 Matthias Stocker wrote:
> When vmxnet3_rq_create fails to allocate memory for the data ring,
> vmxnet3_rq_destroy_all_rxdataring is called, but rq->data_ring.desc_size
> is not zeroed, as is the case when adapter->rxdataring_enabled is set to
> false. This leads to the box crashing a short time later with a
> NULL pointer dereference in memcpy.
That's not much of an explanation, more of restating what the logs say.
I can't spot the bug in the existing code after looking at this for
10min. Please provide a proper explanation.
> [1101376.713751] vmxnet3 0000:13:00.0 dhcp: rx data ring will be disabled
> [1101376.719942] vmxnet3 0000:13:00.0 dhcp: intr type 3, mode 0, 3 vectors allocated
> [1101376.721085] vmxnet3 0000:13:00.0 dhcp: NIC Link is Up 10000 Mbps
> [1101377.020907] BUG: kernel NULL pointer dereference, address: 0000000000000000
> [1101377.023396] #PF: supervisor read access in kernel mode
> [1101377.025172] #PF: error_code(0x0000) - not-present page
> [1101377.026966] PGD 115a58067 P4D 115a58067 PUD 115a55067 PMD 0
> [1101377.028930] Oops: 0000 [#1] SMP NOPTI
> [1101377.033776] Hardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020
> [1101377.037316] RIP: 0010:__memcpy+0x12/0x20
Grrr.. Looks like you hid the kernel version. Are you sure your kernel
has commit 6f4833383e85 ("net: vmxnet3: Fix NULL pointer dereference in
vmxnet3_rq_rx_complete()") ?
--
pw-bot: cr
Powered by blists - more mailing lists