Re: [PATCH net-next v2] net: Initialize table in fib result

public inbox for netdev@vger.kernel.org 
 help / color / mirror / Atom feed

From: Nikolay Aleksandrov <nikolay@cumulusnetworks•com>
To: David Ahern <dsa@cumulusnetworks•com>, netdev@vger•kernel.org
Cc: sergey.senozhatsky.work@gmail•com, richard.alpe@ericsson•com,
	festevam@gmail•com
Subject: Re: [PATCH net-next v2] net: Initialize table in fib result
Date: Wed, 16 Sep 2015 18:19:56 +0200	[thread overview]
Message-ID: <55F996AC.1090305@cumulusnetworks.com> (raw)
In-Reply-To: <1442420199-51715-1-git-send-email-dsa@cumulusnetworks.com>

On 09/16/2015 06:16 PM, David Ahern wrote:
> Sergey, Richard and Fabio reported an oops in ip_route_input_noref. e.g., from Richard:
> 
> [    0.877040] BUG: unable to handle kernel NULL pointer dereference at 0000000000000056
> [    0.877597] IP: [<ffffffff8155b5e2>] ip_route_input_noref+0x1a2/0xb00
> [    0.877597] PGD 3fa14067 PUD 3fa6e067 PMD 0
> [    0.877597] Oops: 0000 [#1] SMP
> [    0.877597] Modules linked in: virtio_net virtio_pci virtio_ring virtio
> [    0.877597] CPU: 1 PID: 119 Comm: ifconfig Not tainted 4.2.0+ #1
> [    0.877597] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
> [    0.877597] task: ffff88003fab0bc0 ti: ffff88003faa8000 task.ti: ffff88003faa8000
> [    0.877597] RIP: 0010:[<ffffffff8155b5e2>]  [<ffffffff8155b5e2>] ip_route_input_noref+0x1a2/0xb00
> [    0.877597] RSP: 0018:ffff88003ed03ba0  EFLAGS: 00010202
> [    0.877597] RAX: 0000000000000046 RBX: 00000000ffffff8f RCX: 0000000000000020
> [    0.877597] RDX: ffff88003fab50b8 RSI: 0000000000000200 RDI: ffffffff8152b4b8
> [    0.877597] RBP: ffff88003ed03c50 R08: 0000000000000000 R09: 0000000000000000
> [    0.877597] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88003fab6f00
> [    0.877597] R13: ffff88003fab5000 R14: 0000000000000000 R15: ffffffff81cb5600
> [    0.877597] FS:  00007f6de5751700(0000) GS:ffff88003ed00000(0000) knlGS:0000000000000000
> [    0.877597] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
> [    0.877597] CR2: 0000000000000056 CR3: 000000003fa6d000 CR4: 00000000000006e0
> [    0.877597] Stack:
> [    0.877597]  0000000000000000 0000000000000046 ffff88003fffa600 ffff88003ed03be0
> [    0.877597]  ffff88003f9e2c00 697da8c0017da8c0 ffff880000000000 000000000007fd00
> [    0.877597]  0000000000000000 0000000000000046 0000000000000000 0000000400000000
> [    0.877597] Call Trace:
> [    0.877597]  <IRQ>
> [    0.877597]  [<ffffffff812bfa1f>] ? cpumask_next_and+0x2f/0x40
> [    0.877597]  [<ffffffff8158e13c>] arp_process+0x39c/0x690
> [    0.877597]  [<ffffffff8158e57e>] arp_rcv+0x13e/0x170
> [    0.877597]  [<ffffffff8151feec>] __netif_receive_skb_core+0x60c/0xa00
> [    0.877597]  [<ffffffff81515795>] ? __build_skb+0x25/0x100
> [    0.877597]  [<ffffffff81515795>] ? __build_skb+0x25/0x100
> [    0.877597]  [<ffffffff81521ff6>] __netif_receive_skb+0x16/0x70
> [    0.877597]  [<ffffffff81522078>] netif_receive_skb_internal+0x28/0x90
> [    0.877597]  [<ffffffff8152288f>] napi_gro_receive+0x7f/0xd0
> [    0.877597]  [<ffffffffa0017906>] virtnet_receive+0x256/0x910 [virtio_net]
> [    0.877597]  [<ffffffffa0017fd8>] virtnet_poll+0x18/0x80 [virtio_net]
> [    0.877597]  [<ffffffff815234cd>] net_rx_action+0x1dd/0x2f0
> [    0.877597]  [<ffffffff81053228>] __do_softirq+0x98/0x260
> [    0.877597]  [<ffffffff8164969c>] do_softirq_own_stack+0x1c/0x30
> 
> The root cause is use of res.table uninitialized.
> 
> Thanks to Nikolay for noticing the uninitialized use amongst the maze of
> gotos.
> 
> As Nikolay pointed out the second initialization is not required to fix
> the oops, but rather to fix a related problem where a valid lookup should
> be invalidated before creating the rth entry.
> 
> Fixes: b7503e0cdb5d ("net: Add FIB table id to rtable")
> Reported-by: Sergey Senozhatsky <sergey.senozhatsky.work@gmail•com>
> Reported-by: Richard Alpe <richard.alpe@ericsson•com>
> Reported-by: Fabio Estevam <festevam@gmail•com>
> Tested-by: Fabio Estevam <fabio.estevam@freescale•com>
> Signed-off-by: David Ahern <dsa@cumulusnetworks•com>
> ---
> v2:
> - clarification in the commit message regarding the second initialization
> 
>  net/ipv4/route.c | 2 ++
>  1 file changed, 2 insertions(+)
> 

Thanks again!

Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks•com>

next prev parent reply	other threads:[~2015-09-16 16:19 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-09-16 16:16 [PATCH net-next v2] net: Initialize table in fib result David Ahern
2015-09-16 16:19 ` Nikolay Aleksandrov [this message]
2015-09-17  7:45   ` Richard Alpe
2015-09-16 23:58 ` Florian Fainelli
2015-09-17  0:00 ` Sergey Senozhatsky
2015-09-18  4:35 ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=55F996AC.1090305@cumulusnetworks.com \
    --to=nikolay@cumulusnetworks$(echo .)com \
    --cc=dsa@cumulusnetworks$(echo .)com \
    --cc=festevam@gmail$(echo .)com \
    --cc=netdev@vger$(echo .)kernel.org \
    --cc=richard.alpe@ericsson$(echo .)com \
    --cc=sergey.senozhatsky.work@gmail$(echo .)com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox