Hi, all:
         I have met a core dump issue when I ifconfig down vxlan-port durning 
sending vxlan packets.
         We know that when ifconfig down vxlan port, the udp socket will be 
freed, but vxlan_xmit_one will still using the socket to do the send action, 
and then a NULL is read.
         How we should avoid this problem??? Also see in openvswitch-2.6.0.
         The coredump file is:
[437952.039489] BUG: unable to handle kernel NULL pointer dereference at 
0000000000000020
[437952.047784] IP: [<ffffffffa05e5407>] 
vxlan_xmit_one.constprop.50+0x47/0x1210 [openvswitch]
[437952.056503] PGD d418fb067 PUD ee31f4067 PMD 0
[437952.061259] Thread overran stack, or stack corrupted
[437952.066472] Oops: 0000 [#1] SMP
[437952.074100] collected_len = 1015954, LOG_BUF_LEN_LOCAL = 1048576
[437952.099532] kbox: no notify die func register. no need to notify
[437952.105786] do nothing after die!
[437952.109352] Modules linked in: sch_netem ip_set_hash_net ip_set_hash_ipport 
rfile(OVE) vport_vxlan(O) bridge dm_service_time dm_multipath iscsi_tcp 
libiscsi_tcp libiscsi scsi_transport_iscsi 8021q garp stp mrp llc bonding 
nat(O) bum(O) ip_set nfnetlink vfat fat isofs ext4 jbd2 xfs dev_connlimit(O) 
ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter 
openvswitch(O) nf_defrag_ipv6 gre kboxdriver(O) kbox(O) signo_catch(O) 
pmcint(O) ipmi_devintf ipmi_si ipmi_msghandler ixgbe(O) coretemp intel_rapl 
crc32_pclmul crc32c_intel ghash_clmulni_intel vxlan aesni_intel ip6_udp_tunnel 
igb tg3 lrw udp_tunnel gf128mul glue_helper ablk_helper i2c_algo_bit cryptd ses 
dca i2c_i801 sb_edac enclosure edac_core sg iTCO_wdt iTCO_vendor_support 
i2c_core pcspkr ptp pps_core lpc_ich mfd_core shpchp mei_me mei
[437952.182915]  acpi_power_meter nf_conntrack_ipv4 nf_defrag_ipv4 vhost_net(O) 
tun(O) vhost(O) macvtap macvlan vfio_pci ip_tables ext3 mbcache jbd sd_mod 
kvm_intel(O) kvm(O) lpfc irqbypass ahci crc_t10dif libahci crct10dif_generic 
crct10dif_pclmul libata scsi_transport_fc scsi_tgt megaraid_sas 
crct10dif_common dm_mod vfio_iommu_type1 vfio xt_sctp nf_conntrack_proto_sctp 
nf_nat_proto_sctp nf_nat nf_conntrack sctp libcrc32c [last unloaded: rmem]
[437952.222291] CPU: 4 PID: 12988 Comm: handler903 Tainted: G           OE  
----V-------   3.10.0-327.28.3.41.x86_64 #1
[437952.233147] Hardware name: Huawei RH2288H V3/BC11HGSA0, BIOS 1.69 10/31/2015
[437952.240440] task: ffff88003f348000 ti: ffff880f09534000 task.ti: 
ffff880f09534000
[437952.248335] RIP: 0010:[<ffffffffa05e5407>]  [<ffffffffa05e5407>] 
vxlan_xmit_one.constprop.50+0x47/0x1210 [openvswitch]
[437952.259479] RSP: 0018:ffff880f09537728  EFLAGS: 00010246
[437952.265043] RAX: 0000000000000000 RBX: ffff881802e3e000 RCX: 
0000000000002000
[437952.272594] RDX: ffff8810185bf488 RSI: ffff881802e3e000 RDI: 
ffff880c1e603600
[437952.280099] RBP: ffff880f09537888 R08: ffff880f88b27708 R09: 
0000000000000000
[437952.287659] R10: ffffffff8151c007 R11: ffffea0030798080 R12: 
ffff880f8ba68d00
[437952.295158] R13: 000000000000ffbe R14: ffff880c1e603600 R15: 
ffff881810c9c858
[437952.302714] FS:  00007f119c7f8700(0000) GS:ffff88103ff00000(0000) 
knlGS:0000000000000000
[437952.315104] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[437952.321099] CR2: 0000000000000020 CR3: 0000000fdfa2a000 CR4: 
00000000001427e0
[437952.328644] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 
0000000000000000
[437952.336189] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 
0000000000000400
[437952.343733] Stack:
[437952.345996]  0000000000000000 0000000000000000 0000000000000000 
0000000000000000
[437952.353866]  0000000000000000 0000000000000000 0000000000000000 
0000000000000000
[437952.361740]  0000000000000000 8913000000000000 aa037909b0037909 
0000000000000000
[437952.369624] Call Trace:
[437952.372337]  [<ffffffffa05d60a7>] ? internal_dev_recv+0x167/0x180 
[openvswitch]
[437952.380062]  [<ffffffff8151c007>] ? kfree_skbmem+0x37/0x90
[437952.385811]  [<ffffffffa05e6625>] rpl_vxlan_xmit+0x55/0x80 [openvswitch]
[437952.392761]  [<ffffffffa05d5ad4>] ovs_vport_send+0x44/0xb0 [openvswitch]
[437952.399723]  [<ffffffffa05c62a5>] do_output+0x65/0x180 [openvswitch]
[437952.406329]  [<ffffffffa05c70dc>] do_execute_actions+0x10c/0x860 
[openvswitch]
[437952.413960]  [<ffffffffa05c7870>] ovs_execute_actions+0x40/0x130 
[openvswitch]
[437952.421597]  [<ffffffffa05cbb59>] ovs_packet_cmd_execute+0x2c9/0x2f0 
[openvswitch]
[437952.429587]  [<ffffffff8155f31d>] genl_family_rcv_msg+0x1cd/0x400
[437952.435927]  [<ffffffff8122b110>] ? ep_scan_ready_list.isra.9+0x1f0/0x1f0
[437952.442968]  [<ffffffff8155f550>] ? genl_family_rcv_msg+0x400/0x400
[437952.449488]  [<ffffffff8155f5e1>] genl_rcv_msg+0x91/0xd0
[437952.455054]  [<ffffffff8155d549>] netlink_rcv_skb+0xa9/0xc0
[437952.460878]  [<ffffffff8155da78>] genl_rcv+0x28/0x40
[437952.466096]  [<ffffffff8155ceba>] netlink_unicast+0x16a/0x210
[437952.472097]  [<ffffffff8155d277>] netlink_sendmsg+0x317/0x430
[437952.478095]  [<ffffffff8155b3c2>] ? netlink_recvmsg+0x212/0x490
[437952.484272]  [<ffffffff81514fd0>] sock_sendmsg+0xb0/0xf0
[437952.489838]  [<ffffffff8151569f>] ? sock_recvmsg+0xbf/0x100
[437952.495662]  [<ffffffff810b8f56>] ? try_to_wake_up+0x1b6/0x300
[437952.501742]  [<ffffffff81515409>] ___sys_sendmsg+0x3a9/0x3c0
[437952.507654]  [<ffffffff81198772>] ? do_numa_page+0x162/0x1f0
[437952.513564]  [<ffffffff811999d7>] ? handle_mm_fault+0x607/0xf50
[437952.519737]  [<ffffffff8122b253>] ? ep_poll+0x123/0x360
[437952.525191]  [<ffffffff815162f1>] __sys_sendmsg+0x51/0x90
[437952.530843]  [<ffffffff81516342>] SyS_sendmsg+0x12/0x20
[437952.536322]  [<ffffffff81649609>] system_call_fastpath+0x16/0x1b
[437952.542580] Code: 48 81 ec 38 01 00 00 8b 8e 40 09 00 00 65 48 8b 04 25 28 
00 00 00 48 89 84 24 30 01 00 00 31 c0 48 8b 86 e0 08 00 00 48 8b 40 30 <4c> 8b 
78 20 48 8b 47 38 48 85 c0 45 0f b7 47 10 0f 84 b3 0f 00
[437952.563291] RIP  [<ffffffffa05e5407>] 
vxlan_xmit_one.constprop.50+0x47/0x1210 [openvswitch]
[437952.572078]  RSP <ffff880f09537728>
[437952.575822] CR2: 0000000000000020
[437952.579911] ---[ end trace 28d6b1058663a9c7 ]---
[437952.665116] Kernel panic - not syncing: Fatal exception in interrupt
[437952.767620] die even has been record!

_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Reply via email to