Re: 2.6.34 Crash in dmaengine_put()

From: Jeffrey Merkey
Date: Tue Jun 22 2010 - 10:08:23 EST

Next message: Guenter Roeck: "[PATCH v2] i2c/mips: Fix error return codes from Sibyte i2c bus driver"
Previous message: Yong Wang: "Re: [PATCH] Topcliff PHUB: Generate PacketHub driver"
In reply to: Andrew Morton: "Re: 2.6.34 Crash in dmaengine_put()"
Next in thread: Eric Dumazet: "Re: 2.6.34 Crash in dmaengine_put()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

OK. This bug occurs if you OR in the IFF_UP flag while creating
virtual interfaces without going through the normal ifup/ifdown
scripts. Looks like a hole. I will post the trace shortly. It's
easy to reproduce, take the dummy net driver, OR in the IFF_UP flag in
dummy_setup, and watch the kernel crash.

Jeff

On Mon, Jun 21, 2010 at 9:28 PM, Andrew Morton
<akpm@xxxxxxxxxxxxxxxxxxxx> wrote:
> On Mon, 21 Jun 2010 20:57:40 -0600 Jeffrey Merkey <jeffmerkey@xxxxxxxxx> wrote:
>
>> If someone sets the IFF_UP flags in the netdev structure without going
>> through ifup userspace stuff, during unregister of the the netdev
>> the dmaengine-put code will decrement the reference counter negative,
>> and crash at BUG! in the driver/dma/dmaengine.c code. This seems
>> busted.
>>
>
> Please send a copy of the kernel BUG trace.
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Guenter Roeck: "[PATCH v2] i2c/mips: Fix error return codes from Sibyte i2c bus driver"
Previous message: Yong Wang: "Re: [PATCH] Topcliff PHUB: Generate PacketHub driver"
In reply to: Andrew Morton: "Re: 2.6.34 Crash in dmaengine_put()"
Next in thread: Eric Dumazet: "Re: 2.6.34 Crash in dmaengine_put()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]