Re: [PATCH] rhashtable: fix for resize events during table walk

[Herbert Xu]

On Mon, Jul 06, 2015 at 02:01:42PM +0200, Phil Sutter wrote:
> If rhashtable_walk_next detects a resize operation in progress, it jumps
> to the new table and continues walking that one. But it misses to drop
> the reference to it's current item, leading it to continue traversing
> the new table's bucket in which the current item is sorted into, and
> after reaching that bucket's end continues traversing the new table's
> second bucket instead of the first one, thereby potentially missing
> items.
> 
> This fixes the rhashtable runtime test for me. Bug probably introduced
> by Herbert Xu's patch eddee5ba ("rhashtable: Fix walker behaviour during
> rehash") although not explicitly tested.
> 
> Fixes: eddee5ba ("rhashtable: Fix walker behaviour during rehash")
> Signed-off-by: Phil Sutter <phil@xxxxxx>

Good catch!

> diff --git a/lib/rhashtable.c b/lib/rhashtable.c
> index a60a6d3..e36b94b 100644
> --- a/lib/rhashtable.c
> +++ b/lib/rhashtable.c
> @@ -585,6 +585,7 @@ void *rhashtable_walk_next(struct rhashtable_iter *iter)
>  	struct bucket_table *tbl = iter->walker->tbl;
>  	struct rhashtable *ht = iter->ht;
>  	struct rhash_head *p = iter->p;
> +	void *rc = NULL;
>  
>  	if (p) {
>  		p = rht_dereference_bucket_rcu(p->next, tbl, iter->slot);
> @@ -617,12 +618,12 @@ next:
>  	if (iter->walker->tbl) {
>  		iter->slot = 0;
>  		iter->skip = 0;
> -		return ERR_PTR(-EAGAIN);
> +		rc = ERR_PTR(-EAGAIN);
>  	}
>  
>  	iter->p = NULL;

I think a simpler fix would be to move "iter->p = NULL" before
the if statement.

Thanks,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/