Re: [Xen-devel] [PATCH 1/1] xen-netback: process malformed sk_buff correctly to avoid BUG_ON()

From: Dongli Zhang Date: Wed, 28 Mar 2018 07:42:16 +0800 > The "BUG_ON(!frag_iter)" in function xenvif_rx_next_chunk() is triggered if > the received sk_buff is malformed, that is, when the sk_buff has pattern > (skb->data_len && !skb_shinfo(skb)->nr_frags). Below is a

Re: [Xen-devel] [PATCH 1/1] xen-netback: process malformed sk_buff correctly to avoid BUG_ON()

> -Original Message- > From: Dongli Zhang [mailto:dongli.zh...@oracle.com] > Sent: 28 March 2018 00:42 > To: xen-devel@lists.xenproject.org; linux-ker...@vger.kernel.org > Cc: net...@vger.kernel.org; Wei Liu ; Paul Durrant > > Subject: [PATCH

Re: [Xen-devel] [PATCH 1/1] xen-netback: process malformed sk_buff correctly to avoid BUG_ON()

Below is the sample kernel module used to reproduce the issue on purpose with "vif1.0" hard coded: #include #include #include #include #include static int __init test_skb_init(void) { struct sk_buff *skb; struct skb_shared_info *si; struct net_device *dev;

[Xen-devel] [PATCH 1/1] xen-netback: process malformed sk_buff correctly to avoid BUG_ON()

The "BUG_ON(!frag_iter)" in function xenvif_rx_next_chunk() is triggered if the received sk_buff is malformed, that is, when the sk_buff has pattern (skb->data_len && !skb_shinfo(skb)->nr_frags). Below is a sample call stack: [ 438.652658] [ cut here ] [ 438.652660]