Re: [BUG] ipv6, rawv6_close(): BUG: unable to handle kernel paging request

[Hannes Frederic Sowa]

On Mon, Jul 22, 2013 at 06:29:58PM +0800, Fan Du wrote:
> Hallo Srivatsa
> 
> 
> On 2013å07æ22æ 02:28, Srivatsa S. Bhat wrote:
> >Hi,
> >
> >I'm seeing this on every boot.
> >
> >Version: Latest mainline (commit ea45ea70b)
> 
> I tested with this commit using your updated IPv6 config, this incident 
> didn't show up after several times of reboot.
> Could you please elaborate your testing details if possible?
> 
> A wild guess, it dereference mrt->mroute6_sk, indicating mrt is invalid.

Yes, that seems to be the case.

Could you test the following patch if you have a bit of time?

rtnl_lock is for some functions down lower the call stack in ip6mr_free_table.

diff --git a/net/ipv6/ip6mr.c b/net/ipv6/ip6mr.c
index 583e8d4..03986d3 100644
--- a/net/ipv6/ip6mr.c
+++ b/net/ipv6/ip6mr.c
@@ -259,10 +259,12 @@ static void __net_exit ip6mr_rules_exit(struct net *net)
 {
 	struct mr6_table *mrt, *next;
 
+	rtnl_lock();
 	list_for_each_entry_safe(mrt, next, &net->ipv6.mr6_tables, list) {
 		list_del(&mrt->list);
 		ip6mr_free_table(mrt);
 	}
+	rtnl_unlock();
 	fib_rules_unregister(net->ipv6.mr6_rules_ops);
 }
 #else
@@ -289,7 +291,10 @@ static int __net_init ip6mr_rules_init(struct net *net)
 
 static void __net_exit ip6mr_rules_exit(struct net *net)
 {
+	rtnl_lock();
 	ip6mr_free_table(net->ipv6.mrt6);
+	net->ipv6.mrt6 = NULL;
+	rtnl_unlock();
 }
 #endif
 
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/