ipv4: Fix fib_trie rebalancing, part 3
authorJarek Poplawski <jarkao2@gmail.com>
Tue, 30 Jun 2009 19:47:19 +0000 (12:47 -0700)
committerDavid S. Miller <davem@davemloft.net>
Tue, 30 Jun 2009 19:48:38 +0000 (12:48 -0700)
Alas current delaying of freeing old tnodes by RCU in trie_rebalance
is still not enough because we can free a top tnode before updating a
t->trie pointer.

Reported-by: Pawel Staszewski <pstaszewski@itcare.pl>
Tested-by: Pawel Staszewski <pstaszewski@itcare.pl>
Signed-off-by: Jarek Poplawski <jarkao2@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/fib_trie.c

index 012cf5a685814bdff7c538ccbdc8805519ed0939..00a54b246dfed11ae46b4782e25a13ea3c8c3e61 100644 (file)
@@ -1021,6 +1021,9 @@ static void trie_rebalance(struct trie *t, struct tnode *tn)
                                      (struct node *)tn, wasfull);
 
                tp = node_parent((struct node *) tn);
+               if (!tp)
+                       rcu_assign_pointer(t->trie, (struct node *)tn);
+
                tnode_free_flush();
                if (!tp)
                        break;