Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC

From: Michal Hocko
Date: Mon Sep 26 2022 - 10:09:13 EST

Next message: Greg Kroah-Hartman: "Re: [PATCH] kernfs: fix a crash when two processes delete the same directory"
Previous message: ruanjinjie: "[PATCH -next] net: i82596: Add __init/__exit annotations to module init/exit funcs"
In reply to: Florian Westphal: "Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC"
Next in thread: Florian Westphal: "Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon 26-09-22 12:08:00, Florian Westphal wrote:
> Michal Hocko <mhocko@xxxxxxxx> wrote:
> > + old_tbl = rht_dereference_rcu(ht->tbl, ht);
> > + size = tbl->size;
> > +
> > + data = ERR_PTR(-EBUSY);
> > +
> > + if (rht_grow_above_75(ht, tbl))
> > + size *= 2;
> > + /* Do not schedule more than one rehash */
> > + else if (old_tbl != tbl)
> > + return data;
> > +
> > + data = ERR_PTR(-ENOMEM);
> > +
> > + rcu_read_unlock();
> > + new_tbl = bucket_table_alloc(ht, size, GFP_KERNEL);
> > + rcu_read_lock();
>
> I don't think this is going to work, there can be callers that
> rely on rcu protected data structures getting free'd.

The caller of this function drops RCU for each retry, why should be the
called function any special?
--
Michal Hocko
SUSE Labs

Next message: Greg Kroah-Hartman: "Re: [PATCH] kernfs: fix a crash when two processes delete the same directory"
Previous message: ruanjinjie: "[PATCH -next] net: i82596: Add __init/__exit annotations to module init/exit funcs"
In reply to: Florian Westphal: "Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC"
Next in thread: Florian Westphal: "Re: [PATCH mm] mm: fix BUG with kvzalloc+GFP_ATOMIC"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]