Re: IPv6 oops on ifup in latest BK

From: David S. Miller
Date: Tue Aug 24 2004 - 01:54:30 EST

Next message: Arjan van de Ven: "Re: [patch] lazy TSS's I/O bitmap copy ..."
Previous message: Guillaume Thouvenin: "[PATCH] ELSA v0.1 for 2.6.8.1"
In reply to: Jeff Garzik: "IPv6 oops on ifup in latest BK"
Next in thread: Herbert Xu: "Re: IPv6 oops on ifup in latest BK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 24 Aug 2004 02:07:28 -0400
Jeff Garzik <jgarzik@xxxxxxxxx> wrote:

> Attached minicom.cap.txt gives the ksymoops output and dmesg output.
> Appears to die in ipv6_get_hoplimit.

Yoshifuji-san, it is rt6i_dev changes. The problem is that
ipv6_get_hoplimit() gets called with NULL dev.

I believe it is an error in the logic for RTCF_REJECT
processing. If user does not specify a specific device
index, and this is RTCF_REJECT, then we will end up
with dev being NULL.

It is this piece of code in ip6_route_add():

if (dev && dev != &loopback_dev) {

It does not handle the case where dev == NULL correctly.
Original code did do the right thing:

if (dev)
dev_put(dev);
dev = &loopback_dev;
dev_hold(dev);

Maybe new code should be something like:

if (dev && dev != &loopback_dev) {
dev_put(dev);
in6_dev_put(idev);
}
dev = &loopback_dev;
dev_hold(dev);
idev = in6_dev_get(dev);
if (!idev) {
err = -ENODEV;
goto out;
}

What do you think?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Arjan van de Ven: "Re: [patch] lazy TSS's I/O bitmap copy ..."
Previous message: Guillaume Thouvenin: "[PATCH] ELSA v0.1 for 2.6.8.1"
In reply to: Jeff Garzik: "IPv6 oops on ifup in latest BK"
Next in thread: Herbert Xu: "Re: IPv6 oops on ifup in latest BK"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]