On Tue, Oct 03, 2017 at 07:33:08PM -0300, Marcelo Ricardo Leitner wrote: > On Tue, Oct 03, 2017 at 10:25:22AM +0800, Jia-Ju Bai wrote: > > The SCTP program may sleep under a spinlock, and the function call path is: > > sctp_generate_t3_rtx_event (acquire the spinlock) > > sctp_do_sm > > sctp_side_effects > > sctp_cmd_interpreter > > sctp_make_init_ack > > sctp_pack_cookie > > crypto_shash_setkey > > shash_setkey_unaligned > > kmalloc(GFP_KERNEL) > > Are you sure this can happen? > The host is not supposed to store any information when replying to an > INIT packet (which generated the INIT_ACK listed above). That said, > it's weird to see the timer function triggering so. > > Checking now, that code is dead actually: > $ git grep -A 2 SCTP_CMD_GEN_INIT_ACK > sm_sideeffect.c: case SCTP_CMD_GEN_INIT_ACK: > sm_sideeffect.c- /* Generate an INIT ACK chunk. > */ > sm_sideeffect.c- new_obj = > sctp_make_init_ack(asoc, chunk, GFP_ATOMIC, > > Nobody is triggering a call to sctp_cmd_interpreter with > SCTP_CMD_GEN_INIT_ACK command, which would generate the callstack > above. Nevertheless, the issue is real through other call paths. Thanks, Marcelo
