Re: Fwd: [rhashtable] WARNING: CPU: 0 PID: 10 at kernel/locking/mutex.c:570 mutex_lock_nested()

From: Thomas Graf
Date: Tue Jan 13 2015 - 14:28:53 EST

Next message: Rik van Riel: "Re: [RFC PATCH 04/11] x86,fpu: defer FPU restore until return to userspace"
Previous message: Mike Turquette: "Re: [PATCH 3/3] clk: berlin: bg2q: remove non-exist "smemc" gate clock"
In reply to: Cong Wang: "Re: Fwd: [rhashtable] WARNING: CPU: 0 PID: 10 at kernel/locking/mutex.c:570 mutex_lock_nested()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 01/13/15 at 11:14am, Cong Wang wrote:
> On Tue, Jan 13, 2015 at 12:41 AM, Thomas Graf <tgraf@xxxxxxx> wrote:
> > I can't reproduce it in my KVM box either so far. It looks like a
> > mutex_lock() on an uninitialized mutex or use after free but I can't
> > find such a code path so far.
>
> Couldn't that be the delayed work is still running after rhashtable
> is destroyed by its caller? I mean, cancel_delayed_work_sync()
> should be called in rhashtable_destroy()?
>
> Of course, it may be caller's responsibility to ensure that, I haven't
> looked into it that much.

Yes, we came to the very same conclusion in a different email thread
and found the offending race condition.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Rik van Riel: "Re: [RFC PATCH 04/11] x86,fpu: defer FPU restore until return to userspace"
Previous message: Mike Turquette: "Re: [PATCH 3/3] clk: berlin: bg2q: remove non-exist "smemc" gate clock"
In reply to: Cong Wang: "Re: Fwd: [rhashtable] WARNING: CPU: 0 PID: 10 at kernel/locking/mutex.c:570 mutex_lock_nested()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]