On Sun, 06 Aug 2006 03:08:09 PDT, Andrew Morton said: > ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.18-rc3/2.6.18-rc3-mm2/ After applying the patch that Patrick McHardy pointed me at, it lived longer. However, I'm now seeing problems at system shutdown (or anytime you try to 'ifdown ethX' where ethX has an IPv6 address attached to it): [ 196.346000] BUG: unable to handle kernel NULL pointer dereference at virtual address 00000014 [ 196.347000] printing eip: [ 196.348000] c032c436 [ 196.348000] *pde = 00000000 [ 196.349000] Oops: 0000 [#1] [ 196.349000] 4K_STACKS PREEMPT [ 196.349000] last sysfs file: /class/net/eth1/address [ 196.349000] Modules linked in: thermal sony_acpi processor fan button battery ac nfnetlink i8k floppy nvram orinoco_cs orinoco hermes pcmcia firmware_class ohci1394 ieee1394 intel_agp agpgart iTCO_wdt yenta_socket rsrc_nonstatic pcmcia_core rtc [ 196.349000] CPU: 0 [ 196.349000] EIP: 0060:[<c032c436>] Not tainted VLI [ 196.349000] EFLAGS: 00010246 (2.6.18-rc3-mm2 #4) [ 196.349000] EIP is at rt6_lookup+0x47/0x83 [ 196.349000] eax: 00000000 ebx: 00000000 ecx: 00000005 edx: 00000000 [ 196.349000] esi: e8b25c98 edi: e8b25c20 ebp: e8b25c78 esp: e8b25c20 [ 196.349000] ds: 007b es: 007b ss: 0068 [ 196.349000] Process ip (pid: 2511, ti=e8b25000 task=effb0aa0 task.ti=e8b25000) [ 196.349000] Stack: 00000005 00000000 000080fe 00000000 00000000 00000000 00000000 00000000 [ 196.349000] 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 [ 196.349000] 00000000 00000000 00000000 00000008 eb6e98c8 e8b25ca8 e8b25cb4 c0327c04 [ 196.349000] Call Trace: [ 196.349000] [<c0327c04>] ipv6_del_addr+0x2ef/0x3a7 [ 196.349000] [<c0327d3f>] inet6_addr_del+0x83/0xbb [ 196.349000] [<c0327dd6>] inet6_rtm_deladdr+0x5f/0x6b [ 196.349000] [<c02da097>] rtnetlink_rcv_msg+0x1b3/0x1d6 [ 196.349000] [<c02e011c>] netlink_run_queue+0x5a/0xc6 [ 196.349000] [<c02d9e9d>] rtnetlink_rcv+0x29/0x42 [ 196.349000] [<c02e0576>] netlink_data_ready+0x12/0x49 [ 196.349000] [<c02df518>] netlink_sendskb+0x1c/0x4d [ 196.349000] [<c02dfea0>] netlink_unicast+0x1c4/0x1d0 [ 196.349000] [<c02e0557>] netlink_sendmsg+0x274/0x281 [ 196.349000] [<c02ca57e>] sock_sendmsg+0xeb/0x106 [ 196.349000] [<c02cad99>] sys_sendto+0xbe/0xdc [ 196.349000] [<c02cb522>] sys_socketcall+0xfb/0x186 [ 196.349000] [<c0102849>] sysenter_past_esp+0x56/0x79 [ 196.349000] DWARF2 unwinder stuck at sysenter_past_esp+0x56/0x79 [ 196.349000] Leftover inexact backtrace: [ 196.349000] [<c01036c7>] show_stack_log_lvl+0x8c/0x97 [ 196.349000] [<c010381f>] show_registers+0x14d/0x1de [ 196.349000] [<c0103a5b>] die+0x1ab/0x26d [ 196.349000] [<c0352205>] do_page_fault+0x3f8/0x4c5 [ 196.349000] [<c0351271>] error_code+0x39/0x40 [ 196.349000] [<c0327c04>] ipv6_del_addr+0x2ef/0x3a7 [ 196.349000] [<c0327d3f>] inet6_addr_del+0x83/0xbb [ 196.349000] [<c0327dd6>] inet6_rtm_deladdr+0x5f/0x6b [ 196.349000] [<c02da097>] rtnetlink_rcv_msg+0x1b3/0x1d6 [ 196.349000] [<c02e011c>] netlink_run_queue+0x5a/0xc6 [ 196.349000] [<c02d9e9d>] rtnetlink_rcv+0x29/0x42 [ 196.349000] [<c02e0576>] netlink_data_ready+0x12/0x49 [ 196.349000] [<c02df518>] netlink_sendskb+0x1c/0x4d [ 196.349000] [<c02dfea0>] netlink_unicast+0x1c4/0x1d0 [ 196.349000] [<c02e0557>] netlink_sendmsg+0x274/0x281 [ 196.349000] [<c02ca57e>] sock_sendmsg+0xeb/0x106 [ 196.349000] [<c02cad99>] sys_sendto+0xbe/0xdc [ 196.349000] [<c02cb522>] sys_socketcall+0xfb/0x186 [ 196.349000] [<c0102849>] sysenter_past_esp+0x56/0x79 [ 196.349000] Code: eb ff 89 5d a8 8d 45 b0 b9 10 00 00 00 89 f2 e8 c9 e0 eb ff 31 d2 83 7d 08 00 0f 95 c2 b9 ad cc 32 c0 89 f8 e8 47 7c 01 00 89 c3 <66> 83 7b 14 00 74 2d 8b 43 04 85 c0 7f 21 68 c4 19 37 c0 68 99 [ 196.349000] EIP: [<c032c436>] rt6_lookup+0x47/0x83 SS:ESP 0068:e8b25c20 The unlucky 'ip' process then gets a SIGSEGV and dies while holding a lock of some sort, so later 'ip' processes get hung in 'D' state. Checking the lkml and netdev archives didn't find any useful hits for 'ipv6_addr_rel'...
Attachment:
pgpuScyniHMoR.pgp
Description: PGP signature
- Follow-Ups:
- Re: 2.6.18-rc3-mm2 - BUG in rt6_lookup() from ipv6_del_addr()
- From: David Miller <[email protected]>
- Re: 2.6.18-rc3-mm2 - BUG in rt6_lookup() from ipv6_del_addr()
- References:
- 2.6.18-rc3-mm2
- From: Andrew Morton <[email protected]>
- 2.6.18-rc3-mm2
- Prev by Date: Re: [Ext2-devel] [PATCH 2/9] sector_t format string
- Next by Date: [RFC PATCH 3/4] powerpc 2.6.16-rt17: to support CONFIG_MCOUNT
- Previous by thread: Re: [patch] Use rwsems instead of custom locking scheme in net/socket.c and net/dccp/ccid.c
- Next by thread: Re: 2.6.18-rc3-mm2 - BUG in rt6_lookup() from ipv6_del_addr()
- Index(es):
 |