From: Simon Wunderlich <sw@simonwunderlich.de>
To: Sven Eckelmann <sven@narfation.org>
Cc: antonio@mandelbit.com, marek.lindner@mailbox.org,
b.a.t.m.a.n@lists.open-mesh.org, sashiko-bot@kernel.org
Subject: Re: [PATCH batadv v3 2/2] batman-adv: bla: avoid double decrement of bla.num_requests
Date: Fri, 15 May 2026 14:05:30 +0200 [thread overview]
Message-ID: <5395267.31r3eYUQgx@prime> (raw)
In-Reply-To: <5105124.31r3eYUQgx@sven-desktop>
On Thursday, May 14, 2026 11:11:04 PM Central European Summer Time Sven
Eckelmann wrote:
> On Thursday, 14 May 2026 23:00:45 CEST sashiko-bot@kernel.org wrote:
> > [ ... ]
> >
> > > @@ -1517,14 +1529,21 @@ static void batadv_bla_periodic_work(struct
> > > work_struct *work)> >
> > > * some grace time.
> > > */
> > >
> > > - if (atomic_read(&backbone_gw->request_sent) == 0)
> > > - continue;
> > > + spin_lock_bh(&bat_priv->bla.num_requests_lock);
> > > + if (backbone_gw->state !=
BATADV_BLA_BACKBONE_GW_UNSYNCED)
> > > + goto unlock_next;
> > >
> > > - if (!atomic_dec_and_test(&backbone_gw-
>wait_periods))
> > > - continue;
> > > + if (backbone_gw->wait_periods > 0)
> > > + backbone_gw->wait_periods--;
> > > +
> > > + if (backbone_gw->wait_periods > 0)
> > > + goto unlock_next;
> > >
> > > + backbone_gw->state =
BATADV_BLA_BACKBONE_GW_SYNCED;
> > >
> > > atomic_dec(&backbone_gw->bat_priv-
>bla.num_requests);
> > >
> > > - atomic_set(&backbone_gw->request_sent, 0);
> > > +
> > > +unlock_next:
> > > + spin_unlock_bh(&bat_priv->bla.num_requests_lock);
> >
> > Will this prematurely reset the bridge loop avoidance sync state when a
> > request is sent?
> >
> > In the previous implementation, batadv_bla_send_request() set request_sent
> > to 1 but left wait_periods at 0. When batadv_bla_periodic_work() ran,
> > atomic_dec_and_test() on wait_periods would decrement it to -1 (returning
> > false), which correctly kept the gateway in the out-of-sync state until a
> > valid ANNOUNCE frame arrived.
> >
> > With wait_periods now being a u8, if batadv_bla_send_request() sets the
> > state to BATADV_BLA_BACKBONE_GW_UNSYNCED but leaves wait_periods at 0,
> > the next run of batadv_bla_periodic_work() will evaluate if
> > (backbone_gw->wait_periods > 0) as false.
> >
> > Because the code falls through when wait_periods is 0, it appears to
> > unconditionally transition back to BATADV_BLA_BACKBONE_GW_SYNCED.
> >
> > Could this spontaneously drop the out-of-sync block without receiving a
> > valid ANNOUNCE frame, potentially allowing broadcast loops?
>
> @Simon, can you double check this? My understanding is that this code is
> only relevant for own_backbone (see batadv_bla_get_backbone_gw()). And for
> own_backbone, we are always setting wait_periods to
> BATADV_BLA_WAIT_PERIODS.
This part was/is only relevant for the own gateway (we check for the own
primary address in the beginning of this function).
The wait_period is only set when creating the own backbone_gw, and then only
decremented in the worker. The idea is that we wait for ~30 seconds or so
after batman-adv initially joined the network before we allow broadcasts.
Sometimes switches or the Linux bridge need some learning time of their own
and would not forward our BLA announcements either, so we want to give them
this time to get to know us.
> An underflow was never expected and this code should not run for
> batadv_handle_announce() with CRC error (see batadv_bla_send_request()).
> Only in this codepath, we don't set wait_periods to anything.
Yes, I think this is the mistake on Sashikos side (saw that in another review
previously):
* we don't reset waiting times again. It's only set during creation
* we don't send requests to ourselves, therefore request_sent shouldn't be
touched by anything else. So basically the request_sent is serving a special
case purpose for own gatways.
Cheers,
Simon
prev parent reply other threads:[~2026-05-15 12:05 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-14 15:43 [PATCH batadv v3 0/2] batman-adv: BLA fixes for sashiko reports Sven Eckelmann
2026-05-14 15:43 ` [PATCH batadv v3 1/2] batman-adv: bla: fix report_work leak on backbone_gw purge Sven Eckelmann
2026-05-14 15:43 ` [PATCH batadv v3 2/2] batman-adv: bla: avoid double decrement of bla.num_requests Sven Eckelmann
[not found] ` <20260514210047.08C2BC2BCB3@smtp.kernel.org>
2026-05-14 21:11 ` Sven Eckelmann
2026-05-15 12:05 ` Simon Wunderlich [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5395267.31r3eYUQgx@prime \
--to=sw@simonwunderlich.de \
--cc=antonio@mandelbit.com \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
--cc=marek.lindner@mailbox.org \
--cc=sashiko-bot@kernel.org \
--cc=sven@narfation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox