|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH] xen/netback: Fix null-pointer access in netback_uevent
On Mon, May 31, 2010 at 09:07:04AM +0100, Jan Beulich wrote:
> >>> On 31.05.10 at 09:37, "Jan Beulich" <JBeulich@xxxxxxxxxx> wrote:
> > Furthermore, the backend creation patch also needs adjustment,
> ... path ...
> > as it currently stores a non-NULL non-pointer value in be->netif if
> > netif_alloc() fails. To require the sysfs path to use IS_ERR() on
> ... To *not* require ...
> > be->netif, I think netif_alloc()'s result should be stored to a local
> > variable first and only written to be->netif when valid.
78b55f90e72348e231092dbe3e50ac7414b9e1af still fails:
| BUG: unable to handle kernel NULL pointer dereference at 0000000000000150
| IP: [<ffffffff81200764>] netback_uevent+0x8c/0xb9
| PGD 1fe347067 PUD 1fa575067 PMD 0
| Oops: 0000 [#3] SMP
| last sysfs file: /sys/devices/vif-16-0/uevent
| CPU 4
| Modules linked in: xen_evtchn xenfs xt_tcpudp xt_state iptable_filter
ipt_MASQUERADE iptable_nat nf_nat nf_conntr
| ntrack nf_defrag_ipv4 ip_tables x_tables bridge stp dm_snapshot loop snd_pcm
snd_timer radeon snd ttm drm_kms_hel
| re amd64_edac_mod snd_page_alloc i2c_algo_bit i2c_piix4 ipmi_si edac_core
ipmi_msghandler psmouse shpchp edac_mce
| _core evdev serio_raw container button hpwdt pci_hotplug hpilo processor
acpi_processor ext3 jbd mbcache dm_mod b
| te crc32c libcrc32c sg usbhid hid sr_mod cdrom ata_generic sata_svw uhci_hcd
cciss ohci_hcd libata bnx2 scsi_mod
| e thermal nls_base thermal_sys [last unloaded: scsi_wait_scan]
| Pid: 596, comm: udevd Tainted: G D W 2.6.32-5-xen-amd64 #1 ProLiant
DL385 G6
| RIP: e030:[<ffffffff81200764>] [<ffffffff81200764>] netback_uevent+0x8c/0xb9
| RSP: e02b:ffff8801faa89e18 EFLAGS: 00010246
| RAX: 02000000000000c1 RBX: ffff8801f2345f00 RCX: 000000000080007d
| RDX: ffff8801f2345f40 RSI: ffffea0006cfb718 RDI: 02000000000002c0
| RBP: ffff8801bd34e000 R08: 0000000000000000 R09: ffffffff8146a4f0
| R10: 000000000000020a R11: ffffffff8100f00c R12: ffff8801fc5af800
| R13: 0000000000000000 R14: ffff8801bd038000 R15: ffff8801fce1ab00
| FS: 00007f7d1072f7a0(0000) GS:ffff88000b0be000(0000) knlGS:0000000000000000
| CS: e033 DS: 0000 ES: 0000 CR0: 000000008005003b
| CR2: 0000000000000150 CR3: 00000001fe38c000 CR4: 0000000000000660
| DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
| DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
| Process udevd (pid: 596, threadinfo ffff8801faa88000, task ffff8801fc0ab880)
| Stack:
| 0000000000000908 ffff8801fc5af840 ffff8801bd34e000 ffff8801f65a0b40
| <0> ffff8801bd34e000 ffffffff8122cac2 ffff8801fc5af850 ffff8801f65a0b40
| <0> ffffffff814ac170 0000000000000000 ffff8801fc5af850 ffffffff8122cc01
| Call Trace:
| [<ffffffff8122cac2>] ? dev_uevent+0x104/0x146
| [<ffffffff8122cc01>] ? show_uevent+0x81/0xd5
| [<ffffffff8122c7a6>] ? dev_attr_show+0x1f/0x42
| [<ffffffff8113f413>] ? sysfs_read_file+0xa7/0x125
| [<ffffffff810ef95a>] ? vfs_read+0xa6/0xff
| [<ffffffff810efa6f>] ? sys_read+0x45/0x6e
| [<ffffffff81011b42>] ? system_call_fastpath+0x16/0x1b
| Code: c7 c6 7a 4a 3f 81 31 c0 48 89 ef e8 a3 fb f8 ff 85 c0 74 0f 48 89 df bd
f4 ff ff ff e8 60 6f ee ff eb 2b 48
| ee ff <49> 8b 95 50 01 00 00 48 89 ef 31 c0 48 c7 c6 84 4a 3f 81 bd f4
| RIP [<ffffffff81200764>] netback_uevent+0x8c/0xb9
| RSP <ffff8801faa89e18>
| CR2: 0000000000000150
| ---[ end trace a7919e7f17c0a729 ]---
Bastian
--
Each kiss is as the first.
-- Miramanee, Kirk's wife, "The Paradise Syndrome",
stardate 4842.6
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |