| Message ID | CAEfhGiz1FnghHRpcYUVKhWNV=4yjfU-pAsjynKTgwPctsNQ5Gw@mail.gmail.com |
|---|---|
| State | Not Applicable, archived |
| Delegated to: | David Miller |
| Headers | show |
From: Craig Gallek <kraigatgoog@gmail.com> Date: Tue, 22 Dec 2015 16:38:32 -0500 > On Tue, Dec 22, 2015 at 4:28 PM, David Miller <davem@davemloft.net> wrote: >> From: Craig Gallek <kraigatgoog@gmail.com> >> Date: Tue, 22 Dec 2015 15:51:19 -0500 >> >>> I was actually just looking at this as well (though a slightly >>> different stack). The issue is with: c6ff5268293e rhashtable: Fix >>> walker list corruption >>> >>> It changed the lock acquired in rhashtable_walk_init to use the new >>> spinlock, but the rht_dereference macro expects the mutex. I was >>> still trying to track down which repository this change came in >>> through, though... >> >> Both cam via my networking tree. > Simple fix is below. Though, I don't understand the history of the > multiple locks in this structure to be sure it's correct. I'll send > it as a formal patch. Please reject if it's not the right approach. > > diff --git a/lib/rhashtable.c b/lib/rhashtable.c > index 1c149e9..cc80870 100644 > --- a/lib/rhashtable.c > +++ b/lib/rhashtable.c > @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, > struct rhashtable_iter *iter) > return -ENOMEM; > > spin_lock(&ht->lock); > - iter->walker->tbl = rht_dereference(ht->tbl, ht); > + iter->walker->tbl = > + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); > list_add(&iter->walker->list, &iter->walker->tbl->walkers); > spin_unlock(&ht->lock); How can this be the "fix"? That's exactly what's in the tree. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Dec 22, 2015 at 4:42 PM, David Miller <davem@davemloft.net> wrote: > From: Craig Gallek <kraigatgoog@gmail.com> > Date: Tue, 22 Dec 2015 16:38:32 -0500 > >> On Tue, Dec 22, 2015 at 4:28 PM, David Miller <davem@davemloft.net> wrote: >>> From: Craig Gallek <kraigatgoog@gmail.com> >>> Date: Tue, 22 Dec 2015 15:51:19 -0500 >>> >>>> I was actually just looking at this as well (though a slightly >>>> different stack). The issue is with: c6ff5268293e rhashtable: Fix >>>> walker list corruption >>>> >>>> It changed the lock acquired in rhashtable_walk_init to use the new >>>> spinlock, but the rht_dereference macro expects the mutex. I was >>>> still trying to track down which repository this change came in >>>> through, though... >>> >>> Both cam via my networking tree. >> Simple fix is below. Though, I don't understand the history of the >> multiple locks in this structure to be sure it's correct. I'll send >> it as a formal patch. Please reject if it's not the right approach. >> >> diff --git a/lib/rhashtable.c b/lib/rhashtable.c >> index 1c149e9..cc80870 100644 >> --- a/lib/rhashtable.c >> +++ b/lib/rhashtable.c >> @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, >> struct rhashtable_iter *iter) >> return -ENOMEM; >> >> spin_lock(&ht->lock); >> - iter->walker->tbl = rht_dereference(ht->tbl, ht); >> + iter->walker->tbl = >> + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); >> list_add(&iter->walker->list, &iter->walker->tbl->walkers); >> spin_unlock(&ht->lock); > > How can this be the "fix"? That's exactly what's in the tree. Ah, you're right, this fix was submitted to next in 179ccc0a7364 but hasn't made it into net-next yet. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Dec 22, 2015 at 04:42:25PM -0500, David Miller wrote: > From: Craig Gallek <kraigatgoog@gmail.com> > Date: Tue, 22 Dec 2015 16:38:32 -0500 > > > On Tue, Dec 22, 2015 at 4:28 PM, David Miller <davem@davemloft.net> wrote: > >> From: Craig Gallek <kraigatgoog@gmail.com> > >> Date: Tue, 22 Dec 2015 15:51:19 -0500 > >> > >>> I was actually just looking at this as well (though a slightly > >>> different stack). The issue is with: c6ff5268293e rhashtable: Fix > >>> walker list corruption > >>> > >>> It changed the lock acquired in rhashtable_walk_init to use the new > >>> spinlock, but the rht_dereference macro expects the mutex. I was > >>> still trying to track down which repository this change came in > >>> through, though... > >> > >> Both cam via my networking tree. > > Simple fix is below. Though, I don't understand the history of the > > multiple locks in this structure to be sure it's correct. I'll send > > it as a formal patch. Please reject if it's not the right approach. > > > > diff --git a/lib/rhashtable.c b/lib/rhashtable.c > > index 1c149e9..cc80870 100644 > > --- a/lib/rhashtable.c > > +++ b/lib/rhashtable.c > > @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, > > struct rhashtable_iter *iter) > > return -ENOMEM; > > > > spin_lock(&ht->lock); > > - iter->walker->tbl = rht_dereference(ht->tbl, ht); > > + iter->walker->tbl = > > + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); > > list_add(&iter->walker->list, &iter->walker->tbl->walkers); > > spin_unlock(&ht->lock); > > How can this be the "fix"? That's exactly what's in the tree. I should have made clear, this is Linus' tree I'm hitting this on, which matches what Craig posted. Dave -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From: Dave Jones <davej@codemonkey.org.uk> Date: Tue, 22 Dec 2015 16:47:34 -0500 > On Tue, Dec 22, 2015 at 04:42:25PM -0500, David Miller wrote: > > From: Craig Gallek <kraigatgoog@gmail.com> > > Date: Tue, 22 Dec 2015 16:38:32 -0500 > > > > > On Tue, Dec 22, 2015 at 4:28 PM, David Miller <davem@davemloft.net> wrote: > > >> From: Craig Gallek <kraigatgoog@gmail.com> > > >> Date: Tue, 22 Dec 2015 15:51:19 -0500 > > >> > > >>> I was actually just looking at this as well (though a slightly > > >>> different stack). The issue is with: c6ff5268293e rhashtable: Fix > > >>> walker list corruption > > >>> > > >>> It changed the lock acquired in rhashtable_walk_init to use the new > > >>> spinlock, but the rht_dereference macro expects the mutex. I was > > >>> still trying to track down which repository this change came in > > >>> through, though... > > >> > > >> Both cam via my networking tree. > > > Simple fix is below. Though, I don't understand the history of the > > > multiple locks in this structure to be sure it's correct. I'll send > > > it as a formal patch. Please reject if it's not the right approach. > > > > > > diff --git a/lib/rhashtable.c b/lib/rhashtable.c > > > index 1c149e9..cc80870 100644 > > > --- a/lib/rhashtable.c > > > +++ b/lib/rhashtable.c > > > @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, > > > struct rhashtable_iter *iter) > > > return -ENOMEM; > > > > > > spin_lock(&ht->lock); > > > - iter->walker->tbl = rht_dereference(ht->tbl, ht); > > > + iter->walker->tbl = > > > + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); > > > list_add(&iter->walker->list, &iter->walker->tbl->walkers); > > > spin_unlock(&ht->lock); > > > > How can this be the "fix"? That's exactly what's in the tree. > > I should have made clear, this is Linus' tree I'm hitting this on, > which matches what Craig posted. Ok, so this should be fixed in my 'net' tree and I'll send that to Linus soon. Thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Tue, Dec 22, 2015 at 04:50:20PM -0500, David Miller wrote: > > > > Simple fix is below. Though, I don't understand the history of the > > > > multiple locks in this structure to be sure it's correct. I'll send > > > > it as a formal patch. Please reject if it's not the right approach. > > > > > > > > diff --git a/lib/rhashtable.c b/lib/rhashtable.c > > > > index 1c149e9..cc80870 100644 > > > > --- a/lib/rhashtable.c > > > > +++ b/lib/rhashtable.c > > > > @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, > > > > struct rhashtable_iter *iter) > > > > return -ENOMEM; > > > > > > > > spin_lock(&ht->lock); > > > > - iter->walker->tbl = rht_dereference(ht->tbl, ht); > > > > + iter->walker->tbl = > > > > + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); > > > > list_add(&iter->walker->list, &iter->walker->tbl->walkers); > > > > spin_unlock(&ht->lock); > > > > > > How can this be the "fix"? That's exactly what's in the tree. > > > > I should have made clear, this is Linus' tree I'm hitting this on, > > which matches what Craig posted. > > Ok, so this should be fixed in my 'net' tree and I'll send that to Linus > soon. Great, thanks Dave. Sorry for the fire-alarm :) Dave -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/lib/rhashtable.c b/lib/rhashtable.c index 1c149e9..cc80870 100644 --- a/lib/rhashtable.c +++ b/lib/rhashtable.c @@ -516,7 +516,8 @@ int rhashtable_walk_init(struct rhashtable *ht, struct rhashtable_iter *iter) return -ENOMEM; spin_lock(&ht->lock); - iter->walker->tbl = rht_dereference(ht->tbl, ht); + iter->walker->tbl = + rcu_dereference_protected(ht->tbl, lockdep_is_held(&ht->lock)); list_add(&iter->walker->list, &iter->walker->tbl->walkers); spin_unlock(&ht->lock);