Re: [PATCH] Re: [BUG] fib_tries related Oops in 2.6.30

From: David Miller
Date: Mon Jun 15 2009 - 05:32:21 EST

From: Jarek Poplawski <jarkao2@xxxxxxxxx>
Date: Mon, 15 Jun 2009 06:53:33 +0000

> ipv4: Fix fib_trie rebalancing
> While doing trie_rebalance(): resize(), inflate(), halve() RCU free
> tnodes before updating their parents. It depends on RCU delaying the
> real destruction, but if RCU readers start after call_rcu() and before
> parent update they could access freed memory.
> It is currently prevented with preempt_disable() on the update side,
> but it's not safe, except maybe classic RCU, plus it conflicts with
> memory allocations with GFP_KERNEL flag used from these functions.
> This patch explicitly delays freeing of tnodes by adding them to the
> list, which is flushed after the update is finished.
> Reported-by: Yan Zheng <zheng.yan@xxxxxxxxxx>
> Signed-off-by: Jarek Poplawski <jarkao2@xxxxxxxxx>

Applied to net-next-2.6
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at