Re: oops in udpv6_sendmsg

oops in udpv6_sendmsg · Dave Jones <hidden> · 2013-03-29
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-03-29
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-04-02
Re: oops in udpv6_sendmsg · Dave Jones <hidden> · 2013-04-11
Re: oops in udpv6_sendmsg · Dave Jones <hidden> · 2013-04-17
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-04-17
Re: oops in udpv6_sendmsg · Dave Jones <hidden> · 2013-04-17
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-04-17
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-04-17
Re: oops in udpv6_sendmsg · Hannes Frederic Sowa <hidden> · 2013-06-25
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-06-26
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-06-26
Re: oops in udpv6_sendmsg · Eric Dumazet <hidden> · 2013-06-26
Re: oops in udpv6_sendmsg · Hannes Frederic Sowa <hidden> · 2013-06-26
Re: oops in udpv6_sendmsg · David Miller <davem@davemloft.net> · 2013-06-26

From: Dave Jones <hidden>
Date: 2013-04-17 14:11:42

On Tue, Apr 16, 2013 at 07:02:12PM -0700, Eric Dumazet wrote:

 > > rax is all kinds of crazy. 7ae9fffffff2b8ff doesn't look anything like an address.
 > 
 > rt->rt6i_idev contains garbage. It looks like a dst refcount issue.
 > 
 > Wow, it seems ip6_append_data() calls sock_alloc_send_skb() and can
 > release socket lock while waiting for buffer space.
 > 
 > This completely defeats corking, as another thread can mess with
 > cork->dst at the same time.
 > 
 > We need to hold dst before sleeping in sock_alloc_send_skb()

good news is that with some changes, I was able to make current
trinity reproduce this in seconds rather than hours..

./trinity -q -l off -n -c sendmsg -c connect 

on current tree seems to reliably trigger it for me.

	Dave

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help