Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753863Ab1DRNet (ORCPT ); Mon, 18 Apr 2011 09:34:49 -0400 Received: from stinky.trash.net ([213.144.137.162]:43881 "EHLO stinky.trash.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753518Ab1DRNeo (ORCPT ); Mon, 18 Apr 2011 09:34:44 -0400 Message-ID: <4DAC3DEF.6070702@trash.net> Date: Mon, 18 Apr 2011 15:34:39 +0200 From: Patrick McHardy User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110307 Fedora/3.1.9-0.39.b3pre.fc14 Thunderbird/3.1.9 MIME-Version: 1.0 To: Simon Arlott CC: Eric Dumazet , Linux Kernel Mailing List , netdev , Netfilter Development Mailinglist Subject: Re: BUG: unable to handle kernel NULL pointer dereference at 000002c0 / IP: [] in6_dev_finish_destroy+0x35/0x8c References: <4DA77AE5.9060501@simon.arlott.org.uk> <0b5f315dd0f6e8eefabbd8b38b1d43e181fdd728@8b5064a13e22126c1b9329f0dc35b8915774b7c3.invalid> <1302872983.3613.10.camel@edumazet-laptop> <1302873876.3613.11.camel@edumazet-laptop> <4DA86FE5.8080507@simon.arlott.org.uk> In-Reply-To: <4DA86FE5.8080507@simon.arlott.org.uk> Content-Type: multipart/mixed; boundary="------------030102080707030002020304" Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2567 Lines: 55 This is a multi-part message in MIME format. --------------030102080707030002020304 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Am 15.04.2011 18:18, schrieb Simon Arlott: > On 15/04/11 14:24, Eric Dumazet wrote: >> Hmm.. a more complete patch : >> >> diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c >> index 0857272..6f0bed0 100644 > > I applied the patch by recompiling and then reloading the nf_conntrack_ipv6 > module (temporarily flushing and then restoring all ip6tables rules). > Then this happened 10 minutes later: > > [33876.950100] BUG: unable to handle kernel NULL pointer dereference at 00000014 > [33876.951060] IP: [] nf_ct_frag6_gather+0x864/0x881 [nf_conntrack_ipv6] nf_ct_frag6_reasm() can return NULL, so we need to check for a non-NULL ret_skb before trying to set the device. Does this patch (based on Eric's second version) help? --------------030102080707030002020304 Content-Type: text/plain; name="x" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="x" ZGlmZiAtLWdpdCBhL25ldC9pcHY2L25ldGZpbHRlci9uZl9jb25udHJhY2tfcmVhc20uYyBi L25ldC9pcHY2L25ldGZpbHRlci9uZl9jb25udHJhY2tfcmVhc20uYwppbmRleCAwODU3Mjcy Li5iN2VjZmNlIDEwMDY0NAotLS0gYS9uZXQvaXB2Ni9uZXRmaWx0ZXIvbmZfY29ubnRyYWNr X3JlYXNtLmMKKysrIGIvbmV0L2lwdjYvbmV0ZmlsdGVyL25mX2Nvbm50cmFja19yZWFzbS5j CkBAIC01NzYsNyArNTc2LDkgQEAgc3RydWN0IHNrX2J1ZmYgKm5mX2N0X2ZyYWc2X2dhdGhl cihzdHJ1Y3Qgc2tfYnVmZiAqc2tiLCB1MzIgdXNlcikKIAlpZiAoZnEtPnEubGFzdF9pbiA9 PSAoSU5FVF9GUkFHX0ZJUlNUX0lOIHwgSU5FVF9GUkFHX0xBU1RfSU4pICYmCiAJICAgIGZx LT5xLm1lYXQgPT0gZnEtPnEubGVuKSB7CiAJCXJldF9za2IgPSBuZl9jdF9mcmFnNl9yZWFz bShmcSwgZGV2KTsKLQkJaWYgKHJldF9za2IgPT0gTlVMTCkKKwkJaWYgKHJldF9za2IgIT0g TlVMTCkKKwkJCXJldF9za2ItPmRldiA9IGRldjsKKwkJZWxzZQogCQkJcHJfZGVidWcoIkNh bid0IHJlYXNzZW1ibGUgZnJhZ21lbnRlZCBwYWNrZXRzXG4iKTsKIAl9CiAJc3Bpbl91bmxv Y2tfYmgoJmZxLT5xLmxvY2spOwpAQCAtNjAyLDcgKzYwNCw3IEBAIHZvaWQgbmZfY3RfZnJh ZzZfb3V0cHV0KHVuc2lnbmVkIGludCBob29rbnVtLCBzdHJ1Y3Qgc2tfYnVmZiAqc2tiLAog CiAJCXMyID0gcy0+bmV4dDsKIAkJcy0+bmV4dCA9IE5VTEw7Ci0KKwkJcy0+ZGV2ID0gaW47 CiAJCU5GX0hPT0tfVEhSRVNIKE5GUFJPVE9fSVBWNiwgaG9va251bSwgcywgaW4sIG91dCwg b2tmbiwKIAkJCSAgICAgICBORl9JUDZfUFJJX0NPTk5UUkFDS19ERUZSQUcgKyAxKTsKIAkJ cyA9IHMyOwo= --------------030102080707030002020304-- -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/