tianxiangwei
commented
8 years ago I already solve it.thanks.
Closed tianxiangwei closed 7 years ago
tianxiangwei
commented
8 years ago I already solve it.thanks.
stevenchu2013
commented
8 years ago I have same problem in 3.10.49. can you help me to fix it. thanks
imq
commented
7 years ago
Hi, I patch the 3.10-imq.diff on 3.10.49 kernel,and using the two imq devices for tc.as follows:
iptables -t mangle -A PREROUTING -i eth3 -j IMQ--todev 0 iptables -t mangle -A POSTROUTING -o eth3 -j IMQ --todev 1 then each imq device has the same tc qdisc,as follows: tc prio->tc htb->tc pfifo then when traffic is going on (such as esurfing on internet),The crash happend as follows: root@Hiwifi:/# [ 333.670000] skbuff: IMQ(eth3): kfree_skb: skb->cb_next: 9b6e4100 [ 333.680000] skbuff: IMQ: kfree_skb: skb->nf_queue_entry != NULL [ 333.720000] skbuff: IMQ(eth3): kfree_skb: skb->cb_next: 9b6e4c40 [ 333.730000] skbuff: IMQ: kfree_skb: skb->nf_queue_entry != NULL [ 333.730000] skbuff: IMQ(eth3): kfree_skb: skb->cb_next: 9af31340 [ 333.740000] skbuff: IMQ: kfree_skb: skb->nf_queue_entry != NULL [ 333.790000] skbuff: IMQ(eth3): kfree_skb: skb->cb_next: 9ae15780 [ 333.790000] skbuff: IMQ: kfree_skb: skb->nf_queue_entry != NULL [ 333.800000] skbuff: IMQ(eth3): kfree_skb: skb->cb_next: 9af31d80 [ 333.800000] skbuff: IMQ: kfree_skb: skb->nf_queue_entry != NULL [ 335.910000] CPU 0 Unable to handle kernel paging request at virtual address 00000009, epc == 80152c98, ra == 801baf98 [ 335.920000] Oops[#1]: [ 335.920000] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 3.10.49 #18 [ 335.920000] task: 803958c8 ti: 80382000 task.ti: 80382000 [ 335.920000] $ 0 : 00000000 00000000 80390000 fffffffe [ 335.920000] $ 4 : 9b689d00 9b689d00 00000000 9b34b800 [ 335.920000] $ 8 : 00000300 00000000 00000000 00000000 [ 335.920000] $12 : 8038e0c0 00000600 00000001 00000001 [ 335.920000] $16 : 9b689d00 00000000 9b689d00 00000000 [ 335.920000] $20 : 9b78bb00 c1b750f8 00000000 00000000 [ 335.920000] $24 : 00000000 8020754c] 0xc1b74360
[ 335.920000]
[ 335.920000]
Code: 8c820010 1440000e 3c028039 <92230009> 2442d17c 00031880 00621021 8c420000 10400007
[ 336.260000] ---[ end trace ad27d0c38ab7216c ]---
[ 336.270000] 1:41
[ 336.270000] 2:56
[ 336.280000] Kernel panic - not syncing: Fatal exception in interrupt
[ 336.280000] 1:41
[ 336.280000] 2:56
[ 336.280000] mtdoops: ready 1, 2 (no erase)
[ 336.280000] nl wifi shutdown rai
[ 336.280000] ==>MT7612E Radio Off
[ 336.320000] nl wifi shutdown ra
[ 336.320000] ==>MT7603E Radio Off
[ 336.940000] Rebooting in 3 seconds
[ 335.920000] $28 : 80382000 80383c18 00000008 801baf98 [ 335.920000] Hi : 00000002 [ 335.920000] Lo : d92aaa7c [ 335.920000] epc : 80152c98 ip_rcv_finish+0x50/0x4b0 [ 335.920000] Not tainted [ 335.920000] ra : 801baf98 nf_reinject+0x130/0x1c0 [ 335.920000] Status: 1100fc03 KERNEL EXL IE [ 335.920000] Cause : 00800008 [ 335.920000] BadVA : 00000009 [ 335.920000] PrId : 0001992f (MIPS 1004Kc) [ 335.920000] Modules linked in: hwf_kprostat xt_PROSTAT kipstat hwf_kproxy kmultifast kjson .. [ 335.920000] Process swapper/0 (pid: 0, threadinfo=80382000, task=803958c8, tls=00000000) [ 335.920000] Stack : 00000000 c1470a00 8038c9d0 00000000 9ab77080 8033217c 9ab77080 00000001 9b689d00 00000000 9b78bb00 801baf98 00000001 00000001 9a505800 c1470d84 00000000 80383c70 80152c48 80000000 9af08900 00000002 8038c9d0 c14718a8 9af08900 9b44a800 9ab77080 c1b74360 35edc549 800a4c24 00000000 00000000 9af08900 9b44a800 40004002 800c7178 0000008c 9a505910 ffffffdf 9b399e00 ... [ 335.920000] Call Trace: [ 335.920000] [<80152c98>] ip_rcv_finish+0x50/0x4b0 [ 335.920000] [<801baf98>] nf_reinject+0x130/0x1c0 [ 335.920000] [
and gdb info as follows: (gdb) list * 0x80152c98 0x80152c98 is in ip_rcv_finish (net/ipv4/ip_input.c:319). 314 const struct iphdr iph = ip_hdr(skb); 315 struct rtable rt; 316 317 if (sysctl_ip_early_demux && !skb_dst(skb) && skb->sk == NULL) { 318 const struct net_protocol *ipprot; 319 int protocol = iph->protocol; 320 321 ipprot = rcu_dereference(inet_protos[protocol]); 322 if (ipprot && ipprot->early_demux) { 323 ipprot->early_demux(skb);
that seems like the ip header is null,so iph->protocol access invalid address!!! so why did the imq result info invalid ip header? and I found that the patch is almosty the same from 3.10 to 3.14. I try the 3.14 patch to the kernl,but the crash still exists,so what's the problem? @https://github.com/imq/linuximq/issues/30 I found the similar problem,but I move imq destructor ahead,that is still crash.
thanks a lot!