From patchwork Wed Jun 7 00:00:04 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: David Ahern X-Patchwork-Id: 772076 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3wj7wW174Kz9s7g for ; Wed, 7 Jun 2017 10:00:10 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="uu/q6wek"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751456AbdFGAAI (ORCPT ); Tue, 6 Jun 2017 20:00:08 -0400 Received: from mail-pf0-f193.google.com ([209.85.192.193]:34447 "EHLO mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750766AbdFGAAH (ORCPT ); Tue, 6 Jun 2017 20:00:07 -0400 Received: by mail-pf0-f193.google.com with SMTP id u1so832955pfg.1 for ; Tue, 06 Jun 2017 17:00:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=WUhCDZJ7iE/xhLCL4+85JwmIq7oJMrO3VDmj57mLT+c=; b=uu/q6wek5KQWWlbIGc8VGnMUSZGWTuKETt09s+2jMDZOEOHhbfNKi2Xol/il3LwfHR /nOLZk1RQBgGyb2/dwKTZR4xzmr8IxKfkE17XiiCxWb7qppcG9o2+YtFNbPY4yHv0ExX GwJuwGBDvOGTedS+TdRKm3y5GKbT5hUX+L35nNnk+WdhXRpo3Wy5KwPxMXRZlARBM7+f Ac6/GfNB6y2uf88k2AlbV31wz3Y7QyjDkTWIYGGOtv6mXqkGXSlTW6GJl2apzXfi9KX5 zIwN/E/XUtZCnoWHemYChIX9Aba+o52g2nenNtGN8iFXnYQzt6Li56NJTsFWYEvGF5Wj DmIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding; bh=WUhCDZJ7iE/xhLCL4+85JwmIq7oJMrO3VDmj57mLT+c=; b=gh7aN5X0f4u4pKzrrXb1R7jFyn6GdcOW7LS+zh0k99I8UgNryndwe78VD7BoiG44FG dHruXF1I2TFQtHg7FLwbF0F7XWF8I+Is67OMdRZXHl6aQ1hbGuU1pYzS06rUEq+b5AEm gbc4Apnq1hFKTH/d4s6ZuthMBrExSS6qqeM1ifXeePI1f22wv5ikYgoy6FLBApV1oS8l 5Lj2GgdSsYltSR3kwSW84t1nUbQbNkOdg7jAmnofFEe7CzZbTrtFCk8IyUXApviGXkLq aBGTzmV48JcygS0e466rna06w1Ldl/5c5sErS7pw+hMydFooRa5uhkKolYkGVwvqLMqf BdUg== X-Gm-Message-State: AODbwcBdj1lny63D94yxc8EvNYZTHKjjDxJ3Vpc6vXf74zK2w8FBoT9d /UgKIuEbmUcApgdE X-Received: by 10.84.129.67 with SMTP id 61mr15783731plb.229.1496793606267; Tue, 06 Jun 2017 17:00:06 -0700 (PDT) Received: from Davids-MacBook-Pro.local ([2601:282:800:7292:90dc:92e1:4960:b3c9]) by smtp.googlemail.com with ESMTPSA id r14sm71813671pfe.9.2017.06.06.17.00.05 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 06 Jun 2017 17:00:05 -0700 (PDT) Subject: Re: Repeatable inet6_dump_fib crash in stock 4.12.0-rc4+ To: Ben Greear , netdev References: From: David Ahern Message-ID: Date: Tue, 6 Jun 2017 18:00:04 -0600 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org On 6/6/17 3:06 PM, Ben Greear wrote: > This bug has been around forever, and we recently got an intern and > stuck him with > trying to reproduce it on the latest kernel. It is still here. I'm not > super excited > about trying to fix this, but we can easily test patches if someone has a > patch to try. Can you try this (whitespace damaged on paste, but it is moving the lock ahead of the fn_sernum check): cb->args[5] = w->root->fn_sernum; @@ -387,7 +388,6 @@ static int fib6_dump_table(struct fib6_table *table, struct sk_buff *skb, } else w->skip = 0; - read_lock_bh(&table->tb6_lock); res = fib6_walk_continue(w); read_unlock_bh(&table->tb6_lock); if (res <= 0) { diff --git a/net/ipv6/ip6_fib.c b/net/ipv6/ip6_fib.c index deea901746c8..7a44c49055c0 100644 --- a/net/ipv6/ip6_fib.c +++ b/net/ipv6/ip6_fib.c @@ -378,6 +378,7 @@ static int fib6_dump_table(struct fib6_table *table, struct sk_buff *skb, cb->args[5] = w->root->fn_sernum; } } else { + read_lock_bh(&table->tb6_lock); if (cb->args[5] != w->root->fn_sernum) { /* Begin at the root if the tree changed */