Re: [Bug #16626] Machine hangs with EIP at skb_copy_and_csum_dev

From: Jarek Poplawski
Date: Wed Sep 01 2010 - 11:05:18 EST

Next message: Matt Garman: "two physical drives, but two device files point to same drive"
Previous message: walter harms: "Re: [PATCH 1/7] drivers/macintosh/via-pmu-led.c: Add of_node_putto avoid memory leak"
In reply to: Eric Dumazet: "Re: [Bug #16626] Machine hangs with EIP at skb_copy_and_csum_dev"
Next in thread: David Miller: "Re: [Bug #16626] Machine hangs with EIP at skb_copy_and_csum_dev"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 01, 2010 at 03:57:41PM +0200, Eric Dumazet wrote:
> Le mercredi 01 septembre 2010 ?? 11:20 +0000, Jarek Poplawski a écrit :
> > On Wed, Sep 01, 2010 at 12:50:51PM +0200, Eric Dumazet wrote:
> > > Plamen, could you test following patch ?
> > >
> > > I reproduced problem on a dev machine and following patch cured it.
> > >
> > > Thanks
> > >
> > > [PATCH] gro: fix different skb headrooms
> > >
> > > packets entering GRO might have different headrooms, even for a given
> > > flow (because of implementation details in drivers, like copybreak).
> > > We cant force drivers to deliver packets with a fixed headroom.
> > >
> > > 1) fix skb_segment()
> > >
> > > skb_segment() makes the false assumption headrooms of fragments are same
> > > than the head. When CHECKSUM_PARTIAL is used, this can give csum_start
> > > errors, and crash later in skb_copy_and_csum_dev()
> >
> > Eric, probably I missed something, but since the same test as in
> > skb_copy_and_csum_dev() gave different result a bit earlier on exactly
> > the same skb, I've suspected some sharing (or use after free)
> > problems, so I'm not sure your current diagnose can explain this.
> > (Unless this old test was dismissed later.)
>
> Oh, this is because your patch had an error for the gso part that read :
>
> - rc = ops->ndo_start_xmit(nskb, dev);
> + if (skb_csum_start_bug(skb, 50)) {
> + kfree_skb(skb);
> + rc = NETDEV_TX_OK;
> + } else
> + rc = ops->ndo_start_xmit(nskb, dev);
> +
> if (unlikely(rc != NETDEV_TX_OK)) {
> if (rc & ~NETDEV_TX_MASK)
> goto out_kfree_gso_skb;
>
> You called skb_csum_start_bug(skb, 50) instead of
> skb_csum_start_bug(nskb, 50)
>
> Hope this clarify a bit ;)

All clear! Sorry for the false alarm!

Thanks,
Jarek P.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Matt Garman: "two physical drives, but two device files point to same drive"
Previous message: walter harms: "Re: [PATCH 1/7] drivers/macintosh/via-pmu-led.c: Add of_node_putto avoid memory leak"
In reply to: Eric Dumazet: "Re: [Bug #16626] Machine hangs with EIP at skb_copy_and_csum_dev"
Next in thread: David Miller: "Re: [Bug #16626] Machine hangs with EIP at skb_copy_and_csum_dev"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]