review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Eric Dumazet <edumazet@google.com>
	Fri, 4 Feb 2022 22:42:37 +0000 (14:42 -0800)
committer	David S. Miller <davem@davemloft.net>
	Sat, 5 Feb 2022 15:22:45 +0000 (15:22 +0000)
commit	4c6c11ea0f7b00a1894803efe980dfaf3b074886
tree	7aebfd050e64400172e0ad2c456d149f35898c0e	tree \| snapshot
parent	8fd5522f44dcd7f05454ddc4f16d0f821b676cd9	commit \| diff

net: refine dev_put()/dev_hold() debugging

We are still chasing some syzbot reports where we think a rogue dev_put()
is called with no corresponding prior dev_hold().
Unfortunately it eats a reference on dev->dev_refcnt taken by innocent
dev_hold_track(), meaning that the refcount saturation splat comes
too late to be useful.

Make sure that 'not tracked' dev_put() and dev_hold() better use
CONFIG_NET_DEV_REFCNT_TRACKER=y debug infrastructure:

Prior patch in the series allowed ref_tracker_alloc() and ref_tracker_free()
to be called with a NULL @trackerp parameter, and to use a separate refcount
only to detect too many put() even in the following case:

dev_hold_track(dev, tracker_1, GFP_ATOMIC);
dev_hold(dev);
dev_put(dev);
dev_put(dev); // Should complain loudly here.
dev_put_track(dev, tracker_1); // instead of here

Add clarification about netdev_tracker_alloc() role.

v2: I replaced the dev_put() in linkwatch_do_dev()
with __dev_put() because callers called netdev_tracker_free().

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/linux/netdevice.h		diff \| blob \| history
net/core/dev.c		diff \| blob \| history
net/core/link_watch.c		diff \| blob \| history