On Thu, Mar 22, 2018 at 10:34:32PM +0200, Mark Bloch wrote:
> > Fixes: 5fff41e1f89d ("IB/core: Fix race condition in resolving IP to MAC")
> > Reported-by: syzbot+3b4acab09b6463472d0a@xxxxxxxxxxxxxxxxxxxxxxxxx
> > Signed-off-by: Jason Gunthorpe <jgg@xxxxxxxxxxxx>
> > drivers/infiniband/core/addr.c | 9 +++++++++
> > 1 file changed, 9 insertions(+)
> >
> > Leon, I took a look at this last bug you noted so we can get cleaned
> > up for the next kernel release.
> >
> > I didn't repo it, but I did confirm the C repo is calling
> > rdma_addr_cancel, so I think this is very likely to be the bug..
> >
> > Parav/Mark: Does this make sense?
> >
>
> Yea, there is an issue with calling rdma_addr_cancel().
> Parav has a fix to a different issue/symptoms.
>
> For now, this is the patch if anyone wants to have a look:
> https://git.kernel.org/pub/scm/linux/kernel/git/leon/linux-rdma.git/commit/?h=rdma-next&id=0118f2f11612e508f7b8ad003420f60536ffdb7d
Hm, yes.. And fencing the callback during rdma_addr_cancel is
obviously an important fix too, so this is a better fix, and should be
tagged with the syzcaller stuff too.. Leon?
But do we need to optimize so carefully? Can't we just call
flush_workqueue() in addr_cancel() instead of adding the canceled flag?
Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-rdma" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
