Le mercredi 11 janvier 2012 à 14:24 +0100, Hans Schillstrom a écrit : > On Wednesday 11 January 2012 11:01:51 Eric Dumazet wrote: > > Hmm, we either need to take rcu_read_lock() while calling > > __nf_ct_l3proto_find(), or define a variant using > > rcu_dereference_protected() in places we hold nf_conntrack_lock > > > I made a qick test with locks /unlocks in > __nf_ct_l3proto_find() and __nf_ct_l4proto_find() > > rcu_read_lock(); > ... > rcu_read_unlock(); > return retp; > > It seems to help, I cant see the dump anymore and everything else that I run works ... > > You cant do that, its just a brown paper bag :) If "retp" is returned, then the caller must handle the rcu_read_unlock() itself, after all possible "retp" dereferences. But really adding rcu_read_lock() should not be necessary on paths we own the conntrack lock. We should use rcu_dereference_protected() instead. I'll send a patch. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
