OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
20adfa1a81
linux/drivers
History
Nikolay Aleksandrov 9a72c2da69 bonding: fix div by zero while enslaving and transmitting 
The problem is that the slave is first linked and slave_cnt is
incremented afterwards leading to a div by zero in the modes that use it
as a modulus. What happens is that in bond_start_xmit()
bond_has_slaves() is used to evaluate further transmission and it becomes
true after the slave is linked in, but when slave_cnt is used in the xmit
path it is still 0, so fetch it once and transmit based on that. Since
it is used only in round-robin and XOR modes, the fix is only for them.
Thanks to Eric Dumazet for pointing out the fault in my first try to fix
this.

Call trace (took it out of net-next kernel, but it's the same with net):
[46934.330038] divide error: 0000 [#1] SMP
[46934.330041] Modules linked in: bonding(O) 9p fscache
snd_hda_codec_generic crct10dif_pclmul
[46934.330041] bond0: Enslaving eth1 as an active interface with an up
link
[46934.330051]  ppdev joydev crc32_pclmul crc32c_intel 9pnet_virtio
ghash_clmulni_intel snd_hda_intel 9pnet snd_hda_controller parport_pc
serio_raw pcspkr snd_hda_codec parport virtio_balloon virtio_console
snd_hwdep snd_pcm pvpanic i2c_piix4 snd_timer i2ccore snd soundcore
virtio_blk virtio_net virtio_pci virtio_ring virtio ata_generic
pata_acpi floppy [last unloaded: bonding]
[46934.330053] CPU: 1 PID: 3382 Comm: ping Tainted: G           O
3.17.0-rc4+ #27
[46934.330053] Hardware name: Bochs Bochs, BIOS Bochs 01/01/2011
[46934.330054] task: ffff88005aebf2c0 ti: ffff88005b728000 task.ti:
ffff88005b728000
[46934.330059] RIP: 0010:[<ffffffffa0198c33>]  [<ffffffffa0198c33>]
bond_start_xmit+0x1c3/0x450 [bonding]
[46934.330060] RSP: 0018:ffff88005b72b7f8  EFLAGS: 00010246
[46934.330060] RAX: 0000000000000679 RBX: ffff88004b077000 RCX:
000000000000002a
[46934.330061] RDX: 0000000000000000 RSI: ffff88004b3f0500 RDI:
ffff88004b077940
[46934.330061] RBP: ffff88005b72b830 R08: 00000000000000c0 R09:
ffff88004a83e000
[46934.330062] R10: 000000000000ffff R11: ffff88004b1f12c0 R12:
ffff88004b3f0500
[46934.330062] R13: ffff88004b3f0500 R14: 000000000000002a R15:
ffff88004b077940
[46934.330063] FS:  00007fbd91a4c740(0000) GS:ffff88005f080000(0000)
knlGS:0000000000000000
[46934.330064] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[46934.330064] CR2: 00007f803a8bb000 CR3: 000000004b2c9000 CR4:
00000000000406e0
[46934.330069] Stack:
[46934.330071]  ffffffff811e6169 00000000e772fa05 ffff88004b077000
ffff88004b3f0500
[46934.330072]  ffffffff81d17d18 000000000000002a 0000000000000000
ffff88005b72b8a0
[46934.330073]  ffffffff81620108 ffffffff8161fe0e ffff88005b72b8c4
ffff88005b302000
[46934.330073] Call Trace:
[46934.330077]  [<ffffffff811e6169>] ?
__kmalloc_node_track_caller+0x119/0x300
[46934.330084]  [<ffffffff81620108>] dev_hard_start_xmit+0x188/0x410
[46934.330086]  [<ffffffff8161fe0e>] ? harmonize_features+0x2e/0x90
[46934.330088]  [<ffffffff81620b06>] __dev_queue_xmit+0x456/0x590
[46934.330089]  [<ffffffff81620c50>] dev_queue_xmit+0x10/0x20
[46934.330090]  [<ffffffff8168f022>] arp_xmit+0x22/0x60
[46934.330091]  [<ffffffff8168f090>] arp_send.part.16+0x30/0x40
[46934.330092]  [<ffffffff8168f1e5>] arp_solicit+0x115/0x2b0
[46934.330094]  [<ffffffff8160b5d7>] ? copy_skb_header+0x17/0xa0
[46934.330096]  [<ffffffff8162875a>] neigh_probe+0x4a/0x70
[46934.330097]  [<ffffffff8162979c>] __neigh_event_send+0xac/0x230
[46934.330098]  [<ffffffff8162a00b>] neigh_resolve_output+0x13b/0x220
[46934.330100]  [<ffffffff8165f120>] ? ip_forward_options+0x1c0/0x1c0
[46934.330101]  [<ffffffff81660478>] ip_finish_output+0x1f8/0x860
[46934.330102]  [<ffffffff81661f08>] ip_output+0x58/0x90
[46934.330103]  [<ffffffff81661602>] ? __ip_local_out+0xa2/0xb0
[46934.330104]  [<ffffffff81661640>] ip_local_out_sk+0x30/0x40
[46934.330105]  [<ffffffff81662a66>] ip_send_skb+0x16/0x50
[46934.330106]  [<ffffffff81662ad3>] ip_push_pending_frames+0x33/0x40
[46934.330107]  [<ffffffff8168854c>] raw_sendmsg+0x88c/0xa30
[46934.330110]  [<ffffffff81612b31>] ? skb_recv_datagram+0x41/0x60
[46934.330111]  [<ffffffff816875a9>] ? raw_recvmsg+0xa9/0x1f0
[46934.330113]  [<ffffffff816978d4>] inet_sendmsg+0x74/0xc0
[46934.330114]  [<ffffffff81697a9b>] ? inet_recvmsg+0x8b/0xb0
[46934.330115] bond0: Adding slave eth2
[46934.330116]  [<ffffffff8160357c>] sock_sendmsg+0x9c/0xe0
[46934.330118]  [<ffffffff81603248>] ?
move_addr_to_kernel.part.20+0x28/0x80
[46934.330121]  [<ffffffff811b4477>] ? might_fault+0x47/0x50
[46934.330122]  [<ffffffff816039b9>] ___sys_sendmsg+0x3a9/0x3c0
[46934.330125]  [<ffffffff8144a14a>] ? n_tty_write+0x3aa/0x530
[46934.330127]  [<ffffffff810d1ae4>] ? __wake_up+0x44/0x50
[46934.330129]  [<ffffffff81242b38>] ? fsnotify+0x238/0x310
[46934.330130]  [<ffffffff816048a1>] __sys_sendmsg+0x51/0x90
[46934.330131]  [<ffffffff816048f2>] SyS_sendmsg+0x12/0x20
[46934.330134]  [<ffffffff81738b29>] system_call_fastpath+0x16/0x1b
[46934.330144] Code: 48 8b 10 4c 89 ee 4c 89 ff e8 aa bc ff ff 31 c0 e9
1a ff ff ff 0f 1f 00 4c 89 ee 4c 89 ff e8 65 fb ff ff 31 d2 4c 89 ee 4c
89 ff <f7> b3 64 09 00 00 e8 02 bd ff ff 31 c0 e9 f2 fe ff ff 0f 1f 00
[46934.330146] RIP  [<ffffffffa0198c33>] bond_start_xmit+0x1c3/0x450
[bonding]
[46934.330146]  RSP <ffff88005b72b7f8>

CC: Eric Dumazet <eric.dumazet@gmail.com>
CC: Andy Gospodarek <andy@greyhouse.net>
CC: Jay Vosburgh <j.vosburgh@gmail.com>
CC: Veaceslav Falico <vfalico@gmail.com>
Fixes: 278b208375 ("bonding: initial RCU conversion")
Signed-off-by: Nikolay Aleksandrov <nikolay@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-13 17:16:56 -04:00
..
accessibility
acpi Merge branches 'acpi-video' and 'acpi-ec' 2014-09-05 15:29:12 +02:00
amba ARM: tegra: Move includes to include/soc/tegra 2014-07-17 13:26:47 +02:00
ata ahci_xgene: Fix the link down in first attempt for the APM X-Gene SoC AHCI SATA host controller driver. 2014-09-06 11:27:15 +09:00
atm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2014-08-13 18:27:40 -06:00
auxdisplay
base Merge remote-tracking branches 'regmap/fix/cache', 'regmap/fix/debugfs' and 'regmap/fix/volatile' into regmap-linus 2014-08-31 13:23:45 +01:00
bcma bcma: add PCI ID for spromless BCM43217 2014-08-25 15:39:23 -04:00
block Merge branch 'akpm' (fixes from Andrew Morton) 2014-08-29 16:28:29 -07:00
bluetooth
bus bus: arm-ccn: Move event cleanup routine 2014-09-05 13:25:01 -07:00
cdrom
char virtio: rng: add derating factor for use by hwrng core 2014-08-15 10:26:01 +05:30
clk
clocksource
connector
cpufreq cpufreq: intel_pstate: Remove unneeded variable 2014-09-03 01:31:04 +02:00
cpuidle ARM: 8130/1: cpuidle/cpuidle-big_little: fix reading cpu id part number 2014-08-27 15:40:45 +01:00
crypto PCI changes for the v3.17 merge window (part 2): 2014-08-14 18:10:33 -06:00
dca
devfreq PM / OPP: Remove ARCH_HAS_OPP 2014-07-23 00:51:30 +02:00
dio
dma Merge branch 'for-linus' of git://git.infradead.org/users/vkoul/slave-dma 2014-08-11 07:14:01 -07:00
dma-buf dma-buf/fence: Fix a kerneldoc warning 2014-08-28 11:59:09 +05:30
edac Merge branch 'linux_next' of git://git.kernel.org/pub/scm/linux/kernel/git/mchehab/linux-edac 2014-08-15 17:56:45 -06:00
eisa
extcon
firewire
firmware firmware: Do not use WARN_ON(!spin_is_locked()) 2014-08-22 08:45:40 +01:00
fmc
gpio gpio: bt8xx: fix release of managed resources 2014-08-29 14:31:43 +02:00
gpu Merge branch 'linux-3.17' of git://anongit.freedesktop.org/git/nouveau/linux-2.6 into drm-fixes 2014-09-05 09:27:33 +10:00
hid Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/hid 2014-08-27 09:38:06 -07:00
hsi
hv
hwmon hwmon: (ds1621) Update zbits after conversion rate change 2014-08-28 11:18:47 -07:00
hwspinlock
i2c Revert "i2c: rcar: remove spinlock" 2014-09-04 19:59:42 +02:00
ide
idle intel_idle: Broadwell support 2014-08-15 17:06:40 -04:00
iio
infiniband mlx4: Fix wrong endianess access with QP context flags 2014-09-10 15:22:43 -07:00
input Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/dtor/input 2014-09-03 17:26:12 -07:00
iommu iommu/core: Check for the right function pointer in iommu_map() 2014-08-19 00:19:26 +02:00
ipack
irqchip
isdn drivers: isdn: eicon: xdi_msg.h: Fix typo in #ifndef 2014-08-22 11:31:30 -07:00
leds Revert "leds: convert blink timer to workqueue" 2014-09-02 10:02:13 -07:00
lguest
macintosh
mailbox
mcb
md dm crypt: fix access beyond the end of allocated space 2014-08-28 14:24:09 -04:00
media
memory
memstick
message
mfd mfd: twl4030-power: Fix PM idle pin configuration to not conflict with regulators 2014-08-28 15:57:55 +01:00
misc mei: nfc: fix memory leak in error path 2014-08-25 13:16:23 -07:00
mmc PCI changes for the v3.17 merge window (part 2): 2014-08-14 18:10:33 -06:00
mtd Two trivial MTD updates for 3.17-rc4: 2014-09-06 12:12:09 -07:00
net bonding: fix div by zero while enslaving and transmitting 2014-09-13 17:16:56 -04:00
nfc
ntb
nubus
of of/irq: Fix lookup to use 'interrupts-extended' property first 2014-08-16 09:03:58 +01:00
oprofile
parisc
parport
pci PCI update for v3.17: 2014-09-03 08:45:48 -07:00
pcmcia
phy
pinctrl pinctrl: exynos: Lock GPIOs as interrupts when used as EINTs 2014-08-21 07:24:29 -05:00
platform toshiba_acpi: fix and cleanup toshiba_kbd_bl_mode_store() 2014-09-03 10:45:12 -07:00
pnp
power ARM: SoC platform changes for 3.17 2014-08-08 11:14:29 -07:00
powercap powercap / RAPL: change domain detection message 2014-09-03 01:29:00 +02:00
pps
ps3 ps3-vuart: don't use PREPARE_WORK 2014-03-07 10:24:48 -05:00
ptp PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
pwm pwm: Fix period and polarity in pwm_get() for non-perfect matches 2014-08-18 10:58:43 +02:00
rapidio PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
ras
regulator == Changes to existing drivers == 2014-08-07 17:17:39 -07:00
remoteproc
reset
rpmsg
rtc drivers/rtc/rtc-s5m.c: re-add support for devices without irq specified 2014-08-29 16:28:16 -07:00
s390 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux 2014-09-08 08:27:00 -07:00
sbus
scsi Merge branch 'for-linus' of git://git.kernel.dk/linux-block 2014-08-29 11:21:49 -07:00
sfi
sh sh: intc: Confine SH_INTC to platforms that need it 2014-08-22 12:28:16 +09:00
sn
soc
spi Merge remote-tracking branch 'spi/fix/sh-msiof' into spi-linus 2014-08-31 13:46:19 +01:00
spmi
ssb ssb: add PCI ID 0x4351 2014-08-25 15:39:22 -04:00
staging USB fixes for 3.17-rc3 2014-08-29 12:10:03 -07:00
target
tc
thermal
thunderbolt thunderbolt: Clear hops before overwriting 2014-08-26 14:54:48 -07:00
tty The branch contains the following device tree changes the v3.17 merge 2014-08-14 09:53:39 -06:00
uio
usb USB: fix build error with CONFIG_PM_RUNTIME disabled 2014-08-27 16:55:29 -07:00
uwb
vfio drivers/vfio: Enable VFIO if EEH is not supported 2014-08-08 10:39:16 -06:00
vhost
video fbdev fixes for 3.17 2014-08-29 11:59:46 -07:00
virt
virtio
vlynq
vme vme: bridges: use pci_zalloc_consistent 2014-08-08 15:57:30 -07:00
w1
watchdog
xen PCI: Remove DEFINE_PCI_DEVICE_TABLE macro use 2014-08-12 12:15:14 -06:00
zorro
Kconfig
Makefile