From: David Ahern <d...@cumulusnetworks.com> Date: Sun, 15 Jan 2017 12:07:04 -0800
> @@ -2143,6 +2143,26 @@ int ip6_del_rt(struct rt6_info *rt) > return __ip6_del_rt(rt, &info); > } > > +/* called with table lock held */ ... > @@ -2176,10 +2196,9 @@ static int ip6_route_del(struct fib6_config *cfg) > continue; > if (cfg->fc_protocol && cfg->fc_protocol != > rt->rt6i_protocol) > continue; > - dst_hold(&rt->dst); > - read_unlock_bh(&table->tb6_lock); > > - return __ip6_del_rt(rt, &cfg->fc_nlinfo); > + err = __ip6_route_del(rt, cfg); > + break; > } fib6_del() (invoked by __ip6_route_del()) has to be invoked with the table lock held a sa writer, but here you are only holding it as a reader. I also think some more thought has to be put into whether we can change behavior like this without using a flag, as suggested by Roopa.
