From: Marc Kleine-Budde <mkl@pengutronix•de>
To: David Miller <davem@davemloft•net>
Cc: Netdev@vger•kernel.org, kernel@pengutronix•de
Subject: Re: BUG: ping without route segfaults in dst_release
Date: Tue, 29 Mar 2011 02:00:35 +0200 [thread overview]
Message-ID: <4D912123.2060604@pengutronix.de> (raw)
In-Reply-To: <20110328.165149.193711805.davem@davemloft.net>
[-- Attachment #1: Type: text/plain, Size: 2150 bytes --]
On 03/29/2011 01:51 AM, David Miller wrote:
> From: Marc Kleine-Budde <mkl@pengutronix•de>
> Date: Tue, 29 Mar 2011 01:18:48 +0200
>
>> root@ptx:~ ping 130.75.1.32
>> PING 130.75.1.32 (130.75[ 10.160000] Unable to handle kernel paging request at virtual address ffffffdb
>
> Well, that was easy enough :-)
..just finished bisecting :)
FWIW:
b23dd4fe42b455af5c6e20966b7d6959fa8352ea is the first bad commit
commit b23dd4fe42b455af5c6e20966b7d6959fa8352ea
Author: David S. Miller <davem@davemloft•net>
Date: Wed Mar 2 14:31:35 2011 -0800
ipv4: Make output route lookup return rtable directly.
Instead of on the stack.
Signed-off-by: David S. Miller <davem@davemloft•net>
:040000 040000 a30b2e32bbbbed71fe97ba44b8e0ac4d8691232b 589f843359ccb53c7800e594ea5efa074413f22e M drivers
:040000 040000 001c629e354ff875e8f2d3d7e4df2506f3396448 a55b417b1c10c3f23fafdf9fa5c6ab3c132d5223 M include
:040000 040000 1a0100ddadb50d9e61b66d1f18f47f25a4866856 4e89411fcefcfb87f8973910a97b4776d7a3f7f1 M net
>
> --------------------
> ipv4: Don't ip_rt_put() an error pointer in RAW sockets.
>
> Reported-by: Marc Kleine-Budde <mkl@pengutronix•de>
> Signed-off-by: David S. Miller <davem@davemloft•net>
> ---
> net/ipv4/raw.c | 1 +
> 1 files changed, 1 insertions(+), 0 deletions(-)
>
> diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c
> index e837ffd..2d3c72e 100644
> --- a/net/ipv4/raw.c
> +++ b/net/ipv4/raw.c
> @@ -569,6 +569,7 @@ static int raw_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg,
> rt = ip_route_output_flow(sock_net(sk), &fl4, sk);
> if (IS_ERR(rt)) {
> err = PTR_ERR(rt);
> + rt = NULL;
IIRC I saw another commit which looks the same, in a different file
though. Any chance there are more rt = NULL missing?
> goto done;
> }
> }
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Industrial Linux Solutions | Phone: +49-231-2826-924 |
Vertretung West/Dortmund | Fax: +49-5121-206917-5555 |
Amtsgericht Hildesheim, HRA 2686 | http://www.pengutronix.de |
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 262 bytes --]
next prev parent reply other threads:[~2011-03-29 0:00 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-03-28 23:18 BUG: ping without route segfaults in dst_release Marc Kleine-Budde
2011-03-28 23:51 ` David Miller
2011-03-29 0:00 ` Marc Kleine-Budde [this message]
2011-03-29 0:18 ` Marc Kleine-Budde
2011-03-29 0:18 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4D912123.2060604@pengutronix.de \
--to=mkl@pengutronix$(echo .)de \
--cc=Netdev@vger$(echo .)kernel.org \
--cc=davem@davemloft$(echo .)net \
--cc=kernel@pengutronix$(echo .)de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox