1
linux/net
Felix Fietkau d8c7aae64c mac80211: add missing rcu_read_lock/unlock in agg-rx session timer
Fixes a lockdep warning:

===================================================
[ INFO: suspicious rcu_dereference_check() usage. ]
---------------------------------------------------
net/mac80211/agg-rx.c:148 invoked rcu_dereference_check() without protection!

other info that might help us debug this:

rcu_scheduler_active = 1, debug_locks = 1
1 lock held by arecord/11226:
 #0:  (&tid_agg_rx->session_timer){+.-...}, at: [<ffffffff81066bb0>] call_timer_fn+0x0/0x360

stack backtrace:
Pid: 11226, comm: arecord Not tainted 3.1.0-kml #16
Call Trace:
 <IRQ>  [<ffffffff81093454>] lockdep_rcu_dereference+0xa4/0xc0
 [<ffffffffa02778c9>] sta_rx_agg_session_timer_expired+0xc9/0x110 [mac80211]
 [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
 [<ffffffff81066c3a>] call_timer_fn+0x8a/0x360
 [<ffffffff81066bb0>] ? init_timer_deferrable_key+0x30/0x30
 [<ffffffff81477bb0>] ? _raw_spin_unlock_irq+0x30/0x70
 [<ffffffff81067049>] run_timer_softirq+0x139/0x310
 [<ffffffff81091d5e>] ? put_lock_stats.isra.25+0xe/0x40
 [<ffffffff810922ac>] ? lock_release_holdtime.part.26+0xdc/0x160
 [<ffffffffa0277800>] ? ieee80211_process_addba_resp+0x220/0x220 [mac80211]
 [<ffffffff8105cb78>] __do_softirq+0xc8/0x3c0
 [<ffffffff8108f088>] ? tick_dev_program_event+0x48/0x110
 [<ffffffff8108f16f>] ? tick_program_event+0x1f/0x30
 [<ffffffff81153b15>] ? putname+0x35/0x50
 [<ffffffff8147a43c>] call_softirq+0x1c/0x30
 [<ffffffff81004c55>] do_softirq+0xa5/0xe0
 [<ffffffff8105d1ee>] irq_exit+0xae/0xe0
 [<ffffffff8147ac6b>] smp_apic_timer_interrupt+0x6b/0x98
 [<ffffffff81479ab3>] apic_timer_interrupt+0x73/0x80
 <EOI>  [<ffffffff8146aac6>] ? free_debug_processing+0x1a1/0x1d5
 [<ffffffff81153b15>] ? putname+0x35/0x50
 [<ffffffff8146ab2b>] __slab_free+0x31/0x2ca
 [<ffffffff81477c3a>] ? _raw_spin_unlock_irqrestore+0x4a/0x90
 [<ffffffff81253b8f>] ? __debug_check_no_obj_freed+0x15f/0x210
 [<ffffffff81097054>] ? lock_release_nested+0x84/0xc0
 [<ffffffff8113ec55>] ? kmem_cache_free+0x105/0x250
 [<ffffffff81153b15>] ? putname+0x35/0x50
 [<ffffffff81153b15>] ? putname+0x35/0x50
 [<ffffffff8113ed8f>] kmem_cache_free+0x23f/0x250
 [<ffffffff81153b15>] putname+0x35/0x50
 [<ffffffff81146d8d>] do_sys_open+0x16d/0x1d0
 [<ffffffff81146e10>] sys_open+0x20/0x30
 [<ffffffff81478f42>] system_call_fastpath+0x16/0x1b

Reported-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
Signed-off-by: John W. Linville <linville@tuxdriver.com>
2012-06-04 15:25:41 -04:00
..
9p Autogenerated GPG tag for Rusty D1ADB8F1: 15EE 8D6C AB0E 7F0C F999 BFCB D920 0E6C D1AD B8F1 2012-05-21 20:20:23 -07:00
802 tokenring: delete all remaining driver support 2012-05-15 20:23:16 -04:00
8021q Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-16 22:17:37 -04:00
appletalk net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
atm Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2012-05-22 19:22:50 -07:00
ax25 Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-04-23 23:15:17 -04:00
batman-adv batman-adv: unset the TT_CLIENT_PENDING flag if the new local entry already exists 2012-05-14 09:05:08 +02:00
bluetooth tty: Revert the tty locking series, it needs more work 2012-06-02 15:21:43 -07:00
bridge ipv6: correct the ipv6 option name - Pad0 to Pad1 2012-05-17 15:49:51 -04:00
caif Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2012-05-22 19:22:50 -07:00
can
ceph Merge git://git.kernel.org/pub/scm/linux/kernel/git/sage/ceph-client 2012-05-30 11:17:19 -07:00
core net: sock: validate data_len before allocating skb in sock_alloc_send_pskb() 2012-05-31 18:22:45 -04:00
dcb net: dcb: add CEE notify calls 2012-04-25 19:47:17 -04:00
dccp net: include/net/sock.h cleanup 2012-05-17 04:50:21 -04:00
decnet net: Convert net_ratelimit uses to net_<level>_ratelimited 2012-05-15 13:45:03 -04:00
dns_resolver Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2012-05-21 20:27:36 -07:00
dsa dsa: Convert compare_ether_addr to ether_addr_equal 2012-05-09 20:49:19 -04:00
ethernet net, drivers/net: Convert compare_ether_addr_64bits to ether_addr_equal_64bits 2012-05-10 23:33:01 -04:00
ieee802154 ieee802154: interface type to be added 2012-05-16 15:17:08 -04:00
ipv4 tcp: reflect SYN queue_mapping into SYNACK packets 2012-06-01 14:22:11 -04:00
ipv6 tcp: reflect SYN queue_mapping into SYNACK packets 2012-06-01 14:22:11 -04:00
ipx ipx: Remove spurious NULL checking in ipx_ioctl(). 2012-05-19 00:51:04 -04:00
irda net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
iucv
key
l2tp genetlink: Build a generic netlink family module alias 2012-05-29 22:33:56 -04:00
lapb lapb: Neaten debugging 2012-05-17 18:45:20 -04:00
llc net: include/net/sock.h cleanup 2012-05-17 04:50:21 -04:00
mac80211 mac80211: add missing rcu_read_lock/unlock in agg-rx session timer 2012-06-04 15:25:41 -04:00
mac802154 mac802154: monitor device support 2012-05-16 15:17:08 -04:00
netfilter Merge branch 'for-3.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2012-05-22 17:37:47 -07:00
netlabel
netlink genetlink: Build a generic netlink family module alias 2012-05-29 22:33:56 -04:00
netrom net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
nfc NFC: Queue I frame fragments to the LLCP sockets queue tail 2012-05-16 13:08:14 -04:00
openvswitch Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-16 22:17:37 -04:00
packet af_packet: packet_getsockopt() cleanup 2012-04-21 16:36:42 -04:00
phonet net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
rds rds_rdma: don't assume infiniband device is PCI 2012-05-29 17:30:07 -04:00
rfkill
rose net: Convert all sysctl registrations to register_net_sysctl 2012-04-20 21:22:30 -04:00
rxrpc
sched sch_atm.c: get rid of poinless extern 2012-06-01 10:37:18 -04:00
sctp Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2012-05-16 22:17:37 -04:00
sunrpc Merge branch 'for-3.5' of git://linux-nfs.org/~bfields/linux 2012-06-01 08:32:58 -07:00
tipc tipc: compress out gratuitous extra carriage returns 2012-04-30 15:53:56 -04:00
unix net: sock_diag_handler structs can be const 2012-04-25 20:46:59 -04:00
wanrouter net/wanrouter: Deprecate and schedule for removal 2012-05-24 16:22:53 -04:00
wimax
wireless cfg80211: use sme_state in ibss start/join path 2012-06-04 15:21:28 -04:00
x25 net: add a limit parameter to sk_add_backlog() 2012-04-23 22:28:28 -04:00
xfrm ipv6: fix incorrect ipsec fragment 2012-05-27 01:11:22 -04:00
compat.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2012-05-21 20:27:36 -07:00
Kconfig net: drop NET dependency from HAVE_BPF_JIT 2012-05-21 12:50:12 -07:00
Makefile econet: remove ancient bug ridden protocol 2012-05-18 01:35:08 -04:00
nonet.c
socket.c Merge branch 'for-3.5' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/percpu 2012-05-22 17:37:47 -07:00
sysctl_net.c net: delete all instances of special processing for token ring 2012-05-15 20:14:35 -04:00