> [ 318.244596] BUG: unable to handle kernel NULL pointer dereference
> at 000000000000008e
> [ 318.245182] IP: [<ffffffff81455e7c>] __skb_recv_datagram+0xbc/0x5a0
Replying to myself, and adding commit interested parties...
I went through the git log for the function in question, and
positively identified that the following commit introduces the crash:
738ac1e net: Clone skb before setting peeked flag
Null dereference is at line 224 of net/core/datagram.c (according to
my objdump dis-assembly):
spin_lock_irqsave(&queue->lock, cpu_flags);
skb_queue_walk(queue, skb) {
last = skb;
*peeked = skb->peeked;
^-----------------------------------
if (flags & MSG_PEEK) {
if (_off >= skb->len && (skb->len || _off ||
skb->peeked)) {
Beyond that, I'm probably out of my comfort zone, so if anyone has a
bright idea of a patch to try, I will gladly test it.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
