Bug 252222 - ipv6 device reference counting error in net/ipv6/anycast.c
Summary: ipv6 device reference counting error in net/ipv6/anycast.c
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel (Show other bugs)
(Show other bugs)
Version: 4.5
Hardware: All Linux
medium
medium
Target Milestone: ---
: ---
Assignee: Neil Horman
QA Contact: Martin Jenner
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 430698
TreeView+ depends on / blocked
 
Reported: 2007-08-14 19:50 UTC by Charlotte Richardson
Modified: 2008-07-24 19:15 UTC (History)
3 users (show)

Fixed In Version: RHSA-2008-0665
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-07-24 19:15:15 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
backport of upstream patch (349 bytes, patch)
2007-08-28 16:48 UTC, Neil Horman
no flags Details | Diff


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2008:0665 normal SHIPPED_LIVE Moderate: Updated kernel packages for Red Hat Enterprise Linux 4.7 2008-07-24 16:41:06 UTC

Description Charlotte Richardson 2007-08-14 19:50:04 UTC
Description of problem:
Reading /proc/net/anycast6 when there is no anycast address on an interface
results in an ever-increasing inet6_dev reference count, as well as a reference
to the netdevice you can't get rid of.

Version-Release number of selected component (if applicable):
2.6.9-55 kernel

How reproducible:
Every time

Steps to Reproduce:
1. cat /proc/net/anycast6
  
Actual results:
You will be unable to shutdown or reboot and will see console messages like
unregister_netdevice: waiting for eth<nnn> to become free. Usage count = 1

Expected results:
Nothing funky should happen.

Additional info:

This is due to a reference counting bug in net/ipv6/anycast.c. In static inline
struct ifacaddr *ac_get_first, after read_unlock_bh(&idev->lock); add
in6_dev_put(idev);

This source file is part of ipv6.ko.

Comment 1 Neil Horman 2007-08-28 16:48:01 UTC
Created attachment 177081 [details]
backport of upstream patch

Thanks,backport of upstream commit aa6e4a96e7589948fe770744f7bb4f0f743dddaa
attached.

Comment 2 RHEL Product and Program Management 2007-08-28 17:17:04 UTC
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.

Comment 3 Jason Baron 2007-12-20 18:42:17 UTC
committed in stream U7 build 68.4. A test kernel with this patch is available
from http://people.redhat.com/~jbaron/rhel4/


Comment 7 errata-xmlrpc 2008-07-24 19:15:15 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2008-0665.html


Note You need to log in before you can comment on or make changes to this bug.