Re: Help: major pppoe regression since 2.6.35 (panic on first pppconection)?
From: Eric Dumazet
Date: Thu Dec 23 2010 - 07:12:43 EST
Le jeudi 23 dÃcembre 2010 Ã 11:02 +0000, Joel Soete a Ãcrit :
> Hello Eric,
>
>
> On 12/22/2010 04:25 PM, Eric Dumazet wrote:
> [snip]
> >
> > Something overwrites nr_frags in skb_shinfo(skb)
> >
> > As skb_shinfo follows head portion of an skb, something overflows skb
> > head
> >
> > Please try adding some room like in following patch ?
> >
> > diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
> > index e6ba898..adf2834 100644
> > --- a/include/linux/skbuff.h
> > +++ b/include/linux/skbuff.h
> > @@ -187,6 +187,7 @@ enum {
> > * the end of the header data, ie. at skb->end.
> > */
> > struct skb_shared_info {
> > + char filler[64];
> > unsigned short nr_frags;
> > unsigned short gso_size;
> > /* Warning: this field is not always filled in (UFO)! */
> >
> Sorry for delay but I have good news, I am sending this answer from:
> $ uname -a
> Linux sidh2 2.6.37-rc7-amd64-t1 #1 SMP Thu Dec 23 10:30:27 GMT 2010 x86_64 GNU/Linux
>
> with your tips ;<) (without kernel had already died)
>
> That said how can find stuff overflowing skb head? (all I say, is that this issue started with 2.6.34-git6???)
>
> Thanks a lot,
You're welcome. At least we know were to search. Thanks !
I am taking holidays right now for about 5 days, I guess someone else
might find the bug before me ;)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/