Message ID | 0-v1-e99919867b8d+1e2-netdev_tracker2_jgg@nvidia.com (mailing list archive) |
---|---|
State | Accepted |
Headers | show |
Series | RDMA: Add missed netdev_put() for the netdevice_tracker | expand |
On Fri, 9 Dec 2022 10:21:56 -0400, Jason Gunthorpe wrote: > The netdev core will detect if any untracked puts are done on tracked > pointers and throw refcount warnings: > > refcount_t: decrement hit 0; leaking memory. > WARNING: CPU: 1 PID: 33 at lib/refcount.c:31 refcount_warn_saturate+0x1d7/0x1f0 lib/refcount.c:31 > Modules linked in: > CPU: 1 PID: 33 Comm: kworker/u4:2 Not tainted 6.1.0-rc8-next-20221207-syzkaller #0 > Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 > Workqueue: ib-unreg-wq ib_unregister_work > RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0 lib/refcount.c:31 > Code: 05 5a 60 51 0a 01 e8 35 0a b5 05 0f 0b e9 d3 fe ff ff e8 6c 9b 75 fd 48 c7 c7 c0 6d a6 8a c6 05 37 60 51 0a 01 e8 16 0a b5 05 <0f> 0b e9 b4 fe > +ff ff 48 89 ef e8 5a b5 c3 fd e9 5c fe ff ff 0f 1f > RSP: 0018:ffffc90000aa7b30 EFLAGS: 00010082 > RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 > RDX: ffff8880172f9d40 RSI: ffffffff8166b1dc RDI: fffff52000154f58 > RBP: ffff88807906c600 R08: 0000000000000005 R09: 0000000000000000 > R10: 0000000080000001 R11: 0000000000000000 R12: 1ffff92000154f6b > R13: 0000000000000000 R14: ffff88807906c600 R15: ffff888046894000 > FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 > CR2: 00007ffe350a8ff8 CR3: 000000007a9e7000 CR4: 00000000003526e0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 > Call Trace: > <TASK> > __refcount_dec include/linux/refcount.h:344 [inline] > refcount_dec include/linux/refcount.h:359 [inline] > ref_tracker_free+0x539/0x6b0 lib/ref_tracker.c:118 > netdev_tracker_free include/linux/netdevice.h:4039 [inline] > netdev_put include/linux/netdevice.h:4056 [inline] > dev_put include/linux/netdevice.h:4082 [inline] > free_netdevs+0x1f8/0x470 drivers/infiniband/core/device.c:2204 > __ib_unregister_device+0xa0/0x1a0 drivers/infiniband/core/device.c:1478 > ib_unregister_work+0x19/0x30 drivers/infiniband/core/device.c:1586 > process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 > worker_thread+0x669/0x1090 kernel/workqueue.c:2436 > kthread+0x2e8/0x3a0 kernel/kthread.c:376 > ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 > > [...] Applied, thanks! [1/1] RDMA: Add missed netdev_put() for the netdevice_tracker https://git.kernel.org/rdma/rdma/c/e42f9c2e6aad58 Best regards,
diff --git a/drivers/infiniband/core/device.c b/drivers/infiniband/core/device.c index ff35cebb25e265..4d4f71f9728e13 100644 --- a/drivers/infiniband/core/device.c +++ b/drivers/infiniband/core/device.c @@ -2201,7 +2201,7 @@ static void free_netdevs(struct ib_device *ib_dev) * comparisons after the put */ rcu_assign_pointer(pdata->netdev, NULL); - dev_put(ndev); + netdev_put(ndev, &pdata->netdev_tracker); } spin_unlock_irqrestore(&pdata->netdev_lock, flags); }
The netdev core will detect if any untracked puts are done on tracked pointers and throw refcount warnings: refcount_t: decrement hit 0; leaking memory. WARNING: CPU: 1 PID: 33 at lib/refcount.c:31 refcount_warn_saturate+0x1d7/0x1f0 lib/refcount.c:31 Modules linked in: CPU: 1 PID: 33 Comm: kworker/u4:2 Not tainted 6.1.0-rc8-next-20221207-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/26/2022 Workqueue: ib-unreg-wq ib_unregister_work RIP: 0010:refcount_warn_saturate+0x1d7/0x1f0 lib/refcount.c:31 Code: 05 5a 60 51 0a 01 e8 35 0a b5 05 0f 0b e9 d3 fe ff ff e8 6c 9b 75 fd 48 c7 c7 c0 6d a6 8a c6 05 37 60 51 0a 01 e8 16 0a b5 05 <0f> 0b e9 b4 fe +ff ff 48 89 ef e8 5a b5 c3 fd e9 5c fe ff ff 0f 1f RSP: 0018:ffffc90000aa7b30 EFLAGS: 00010082 RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 RDX: ffff8880172f9d40 RSI: ffffffff8166b1dc RDI: fffff52000154f58 RBP: ffff88807906c600 R08: 0000000000000005 R09: 0000000000000000 R10: 0000000080000001 R11: 0000000000000000 R12: 1ffff92000154f6b R13: 0000000000000000 R14: ffff88807906c600 R15: ffff888046894000 FS: 0000000000000000(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007ffe350a8ff8 CR3: 000000007a9e7000 CR4: 00000000003526e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> __refcount_dec include/linux/refcount.h:344 [inline] refcount_dec include/linux/refcount.h:359 [inline] ref_tracker_free+0x539/0x6b0 lib/ref_tracker.c:118 netdev_tracker_free include/linux/netdevice.h:4039 [inline] netdev_put include/linux/netdevice.h:4056 [inline] dev_put include/linux/netdevice.h:4082 [inline] free_netdevs+0x1f8/0x470 drivers/infiniband/core/device.c:2204 __ib_unregister_device+0xa0/0x1a0 drivers/infiniband/core/device.c:1478 ib_unregister_work+0x19/0x30 drivers/infiniband/core/device.c:1586 process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289 worker_thread+0x669/0x1090 kernel/workqueue.c:2436 kthread+0x2e8/0x3a0 kernel/kthread.c:376 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308 So change the missed dev_put for pdata->netdev to also follow the tracker. Fixes: 09f530f0c6d6 ("RDMA: Add netdevice_tracker to ib_device_set_netdev()") Reported-by: syzbot+3fd8326d9a0812d19218@syzkaller.appspotmail.com Reported-by: syzbot+a1ed8ffe3121380cd5dd@syzkaller.appspotmail.com Reported-by: syzbot+8d0a099c8a6d1e4e601c@syzkaller.appspotmail.com Signed-off-by: Jason Gunthorpe <jgg@nvidia.com> --- drivers/infiniband/core/device.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) base-commit: 682c0722addae4b4a1440c9db9d8c86cb8e09ce5