From patchwork Fri Feb 15 14:03:50 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tomas Paukrt X-Patchwork-Id: 1042879 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=advantech-bb.cz Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=advantechO365.onmicrosoft.com header.i=@advantechO365.onmicrosoft.com header.b="bq2jz7wS"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 441FNv1HWNz9s4Z for ; Sat, 16 Feb 2019 01:03:59 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2391845AbfBOOD5 (ORCPT ); Fri, 15 Feb 2019 09:03:57 -0500 Received: from mail-eopbgr1310077.outbound.protection.outlook.com ([40.107.131.77]:46817 "EHLO APC01-SG2-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S2390785AbfBOOD4 (ORCPT ); Fri, 15 Feb 2019 09:03:56 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=advantechO365.onmicrosoft.com; s=selector1-advantechO365-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YX1tAax9tJoj2PvV8mNeb3SJsRhiizxLN6PLZ4jhxZ0=; b=bq2jz7wS7o/1325ALtWGLI8Nxxrcbi84ZAj0JvFstZKx3CAoSxoZzHsYozq5fg4BqcxJBX4SRtj+gWkKdOkAerDBesBUSIs0vHOWavxlvE4wq6/9JjCtgTRenmleAWbwbxzGSUckMVL98WPO27HGvSnYlsYI76Edg8gDM6wBtO0= Received: from KU1PR02MB2440.apcprd02.prod.outlook.com (52.133.200.144) by KU1PR02MB2438.apcprd02.prod.outlook.com (52.133.201.141) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1601.21; Fri, 15 Feb 2019 14:03:51 +0000 Received: from KU1PR02MB2440.apcprd02.prod.outlook.com ([fe80::ac4a:92c3:3865:49a6]) by KU1PR02MB2440.apcprd02.prod.outlook.com ([fe80::ac4a:92c3:3865:49a6%3]) with mapi id 15.20.1601.023; Fri, 15 Feb 2019 14:03:51 +0000 From: Tomas Paukrt To: "netdev@vger.kernel.org" CC: "roopa@cumulusnetworks.com" , "nikolay@cumulusnetworks.com" Subject: Bug in br_handle_frame Thread-Topic: Bug in br_handle_frame Thread-Index: AQHUxTdHY4QP4y/SLUG4WQ197i5zng== Date: Fri, 15 Feb 2019 14:03:50 +0000 Message-ID: <2c692688-ea77-1e80-6607-6577b157873a@advantech-bb.cz> Accept-Language: cs-CZ, en-US Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-clientproxiedby: AM6P194CA0078.EURP194.PROD.OUTLOOK.COM (2603:10a6:209:8f::19) To KU1PR02MB2440.apcprd02.prod.outlook.com (2603:1096:802:22::16) authentication-results: spf=none (sender IP is ) smtp.mailfrom=Tomas.Paukrt@advantech-bb.cz; x-ms-exchange-messagesentrepresentingtype: 1 x-originating-ip: [85.207.4.114] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: a24f4bef-5d66-474d-b1c9-08d6934e699c x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600110)(711020)(4605077)(2017052603328)(7153060)(49563074)(7193020); SRVR:KU1PR02MB2438; x-ms-traffictypediagnostic: KU1PR02MB2438: x-microsoft-exchange-diagnostics: =?iso-8859-2?q?1=3BKU1PR02MB2438=3B23?= =?iso-8859-2?q?=3A5rCGcBrIvcBk1WoEelMnjcI0vwkHr45FzKBbQULd9Laq0R8B?= =?iso-8859-2?q?/1lCA5vXLT6xPCOJiC9nkAyWJtZyfeRO0xOr/OB/5FRafpYeYHi?= =?iso-8859-2?q?suqcdBQdWuMrsYmZ2F0n4WSK1SgQrfCPwMpyJ7EIuzyoXUqmEoR?= =?iso-8859-2?q?to9s7zX1w50N2AcIcT7S1XI3jcaxDBxk35Hnk1Q3JYW6YDOe6F3?= =?iso-8859-2?q?TnaYHsKGuAJmQFex2YkEIG0Pof3eK5j5HghQg7pRuPT4zU9r9Jm?= =?iso-8859-2?q?kqlncsuzewB7zLAAislQ6/hNsbNojAn5VjYL1OVDionuQaM1Xgn?= =?iso-8859-2?q?G+flYWXRthAxoFJSYy29YSkSIYjRsINKXt2yXbBHkcNryRBQ9Ih?= =?iso-8859-2?q?eCLfAO444FZFPTbLQbHkUNfRm0TD4Py7cu2HYrBBaA9syb0ium0?= =?iso-8859-2?q?geCFpodS5L0ptYLb6YcZvvfbw5moyNMApnxbhf5LUf4DJLNpvgs?= =?iso-8859-2?q?6PspsFhwnoj+08N2IWlK303m1CmWpNhy8ZljmgLNGnQJItChO+4?= =?iso-8859-2?q?12Q7DQfziXHZvujqpebuJn5+3UalwjMWQ2NR2SEL6Gm69A8e95c?= =?iso-8859-2?q?9LWCY5bIoDsmmKKrCBXpHnOSBxD2pSwX/QRa26ciSNcVu8K6nIa?= =?iso-8859-2?q?bVErdOoR4L8ESOauYhfV8YNv8Vuj/Wb1MLqLEpjd34q0CeOPnXs?= =?iso-8859-2?q?PFUjanATuan5ZN60+2njSCdZtfKeeFCUlpYoS1Ev3fbAgGfJY2E?= =?iso-8859-2?q?A9WY4Bx2vOQX4rRM80Dopda1LLvB0qphPFiiwovxUW2JVMvamUO?= =?iso-8859-2?q?wim1TaUeE7CuIeJN0JZhaH0eCdjtJR1+Sc/z2D9sPTOU+rulSo/?= =?iso-8859-2?q?EMwfZARSF3VGCwkzmCBZMIoM/D37uMMX3lKdlQAfENLSdAtKj44?= =?iso-8859-2?q?MMDsJcnvg4gZBn/cTtI7Kv12qCsou8s9uSetZO6mwhxJQhLBjVa?= =?iso-8859-2?q?RHcz9VFdHG4Uvdjoiz1atQU2JNjzeuPkj0kUAaIc11bQIDCYSAd?= =?iso-8859-2?q?MFgeHekvtZkTU3Jtu1tesc1awZdsLreFVbz9aDHATBd3ZiT/gfB?= =?iso-8859-2?q?vRWE8+wdf0/deJXhxfUmLUi18aPgD7hKQCYlyfBoHmo+1f5txHS?= =?iso-8859-2?q?tfOEZHFeg9dUlhQYpB4ho2k8WFPXTRzGaBqA/SUpVmjDi792m/S?= =?iso-8859-2?q?ju3zAaohsg4tq35whsYwjd9tn88mdxBoAYyzTs/vaIzgBc98D6l?= =?iso-8859-2?q?sgYu2jeHU+6NNpi0sZgavkECKdQm9n/IFRZhv+nlNYOxmnRTdwz?= =?iso-8859-2?q?bm3vecsGXSDF9MWZPFTIYL24PEEro6Laduimbli6Uqc73SGsqil?= =?iso-8859-2?q?Anm5KbAM/Zf/asxEQkb8lfWBBdZyGeNOjHaAKjQuhdBFYfjr18O?= =?iso-8859-2?q?3n1Ea4eIwF0kgwx2AJeiQr2GHk/oB/OykytEQ8/JUDQ=3D=3D?= x-microsoft-antispam-prvs: x-forefront-prvs: 09497C15EB x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(136003)(346002)(376002)(396003)(39860400002)(366004)(199004)(189003)(6486002)(74482002)(31686004)(6512007)(4744005)(99936001)(6916009)(478600001)(99286004)(2501003)(86362001)(72206003)(105586002)(2351001)(106356001)(66066001)(14454004)(31696002)(316002)(52116002)(26005)(44832011)(2616005)(54906003)(476003)(7736002)(71200400001)(102836004)(1730700003)(4326008)(81156014)(71190400001)(53936002)(8936002)(5024004)(7116003)(81166006)(25786009)(305945005)(68736007)(3846002)(186003)(97736004)(386003)(6506007)(486006)(6116002)(8676002)(2906002)(256004)(6436002)(5640700003)(36756003); DIR:OUT; SFP:1101; SCL:1; SRVR:KU1PR02MB2438; H:KU1PR02MB2440.apcprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: advantech-bb.cz does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: zxI7aU2SQ0013kz4WGe9HIzlGwPMW64tPCg02EKZ62YdAYAhSj19TxfJcXJdOvwbzOmD1LmZ5u6dmqclG/dNCPWUb0fMaOaUWtr9quXrXmwX9KkB3erMB+5FvQeepw8fwFYkJZZEOpt6XvfF2o/4VyQO/w7x1+jxiREs4jC0efaAYqOV2Qza0GoG4TV+UxulZTBy1mu2hfcRqpqIWzgI2a4aIaCt4x16UiAnEz69rBJBjKgn7N3LI1RBS75X38r86sPNjEm7Ebzr1p9aLaapYE1CwbULu4lW8F4JKY9aCNhq5GV+9WLq6bKVLA6Yn6Vtysx8rOc9CV1JIobDXnTP19u8tj3UUcWjCb/atCP29QoAaS33oj6VO1e0XlbVeo9lA6qd1McKl/ax9jscE6b1nhO/0RVtldqBNtW22pAeCV0= MIME-Version: 1.0 X-OriginatorOrg: advantech-bb.cz X-MS-Exchange-CrossTenant-Network-Message-Id: a24f4bef-5d66-474d-b1c9-08d6934e699c X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Feb 2019 14:03:49.7114 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-id: a77d40d9-dcba-4dda-b571-5f18e6da853f X-MS-Exchange-Transport-CrossTenantHeadersStamped: KU1PR02MB2438 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Hi, I have recently discovered that kernel 3.12.10 is occasionally crashing due to NULL pointer dereference in function br_handle_frame when we reconfigure the bridge, because function br_port_get_rcu returns NULL. It is very hard for us to replicate this issue, because it happens about once per month in our testing environment, but I have created the attached patch. Can you please check it? The latest kernel seems to be affected too. Best regards Tomas diff --exclude CVS --exclude .git -uNr linux-3.12.10/net/bridge/br_input.c linux-3.12.10.modified/net/bridge/br_input.c --- linux-3.12.10/net/bridge/br_input.c 2014-03-31 03:41:44.000000000 +0200 +++ linux-3.12.10.modified/net/bridge/br_input.c 2019-02-15 10:51:23.376424560 +0100 @@ -174,6 +174,8 @@ return RX_HANDLER_CONSUMED; p = br_port_get_rcu(skb->dev); + if (!p) + return RX_HANDLER_PASS; if (unlikely(is_link_local_ether_addr(dest))) { /*