From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bart Van Assche Subject: Re: [PATCH] libfc: replace 'rp_mutex' with 'rp_lock' Date: Wed, 11 May 2016 07:44:43 -0700 Message-ID: <5733455B.7050903@sandisk.com> References: <1461571293-953-1-git-send-email-hare@suse.de> <57322963.7040507@sandisk.com> <5732C7E5.3000709@suse.de> <5732CC17.20800@suse.de> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 7bit Return-path: Received: from mail-bn1bon0059.outbound.protection.outlook.com ([157.56.111.59]:56271 "EHLO na01-bn1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751627AbcEKOot (ORCPT ); Wed, 11 May 2016 10:44:49 -0400 In-Reply-To: <5732CC17.20800@suse.de> Sender: linux-scsi-owner@vger.kernel.org List-Id: linux-scsi@vger.kernel.org To: Hannes Reinecke , "Martin K. Petersen" Cc: Christoph Hellwig , Ewan Milne , James Bottomley , "linux-scsi@vger.kernel.org" On 05/10/16 23:07, Hannes Reinecke wrote: > On 05/11/2016 07:49 AM, Hannes Reinecke wrote: > RIP: 0010:[] [] > fc_rport_lookup+0x4b/0x70 [libfc] > Call Trace: > [] fc_rport_create+0x17/0x1b0 [libfc] > [] fc_disc_recv_req+0x261/0x480 [libfc] > [] fc_lport_recv_els_req+0x68/0x130 [libfc] > [] fc_lport_recv_req+0x9a/0xf0 [libfc] > [] fnic_handle_frame+0x63/0xd0 [fnic] > [] process_one_work+0x172/0x420 > [] worker_thread+0x11a/0x3c0 > [] kthread+0xb4/0xc0 > [] ret_from_fork+0x58/0x90 Hello Hannes, Thanks for sharing this information. fc_disc_recv_req() protects the fc_rport_create() call via a mutex (disc_mutex). Since a mutex_lock() call may sleep it can trigger the start of an RCU grace period. I think this may result in freeing of an rport while fc_rport_lookup() is examining it. Have you already considered to add a rcu_read_lock()/rcu_read_unlock() pair in fc_rport_lookup()? Thanks, Bart.