On Tue, Mar 7, 2017 at 8:02 PM, Dmitry Vyukov <dvyu...@google.com> wrote:
> On Tue, Mar 7, 2017 at 7:43 PM, David Ahern <d...@cumulusnetworks.com> wrote:
>> On 3/7/17 11:13 AM, Dmitry Vyukov wrote:
>>>> on this warning:
>>>>
>>>> /* dst.next really should not be set at this point */
>>>> if (rt->dst.next && rt->dst.next->ops->family != AF_INET6) {
>>>> pr_warn("fib6_add: adding rt with bad next -- family %d dst
>>>> flags %x\n",
>>>> rt->dst.next->ops->family, rt->dst.next->flags);
>>>>
>>>> WARN_ON(1);
>>>> }
>>>>
>>>> You should have seen the pr_warn in the log preceding the WARN_ON dump.
>>>
>>> Right. They all have the same "IPv6: fib6_add: adding rt with bad next
>>> -- family 2 dst flags 6"
>>
>> remove the previous changes and try the attached.
>
>
> Doing this now.
> FWIW I've also applied your last patch with missing "iter->dst.flags
> &= ~DST_IN_FIB;" and restored the warning in rt6_rcu_free and it did
> not fire (in a limited run). I only saw the "WARNING in fib6_add" that
> I already reported.
So far I've hit only:
[ 1103.840031] BUG: KASAN: slab-out-of-bounds in fib6_age+0x3fd/0x480
at addr ffff8800799d2254
without any preceeding warnings.
But note that since the kernel is heavily stressed I can reliably get
any pr_err output if it happens right before BUG/WARNING. Anything
that happens minutes before will be lots because there are tons of
output.
