> -----Original Message-----
> From: Cong Wang [mailto:xiyou.wangc...@gmail.com]
> Sent: Wednesday, October 18, 2017 12:56 AM
> To: Chris Mi <chr...@mellanox.com>
> Cc: Linux Kernel Network Developers <netdev@vger.kernel.org>; Jamal Hadi
> Salim <j...@mojatatu.com>; Lucas Bates <luc...@mojatatu.com>; Jiri Pirko
> <j...@resnulli.us>; David Miller <da...@davemloft.net>
> Subject: Re: [patch net v3 2/4] net/sched: Use action array instead of action
> list as parameter
>
> On Mon, Oct 16, 2017 at 6:20 PM, Chris Mi <chr...@mellanox.com> wrote:
> > When destroying filters, actions should be destroyed first.
> > The pointers of each action are saved in an array. TC doesn't use the
> > array directly, but put all actions in a doubly linked list and use
> > that list as parameter.
> >
> > There is no problem if each filter has its own actions. But if some
> > filters share the same action, when these filters are destroyed, RCU
> > callback fl_destroy_filter() may be called at the same time. That
> > means the same action's 'struct list_head list'
> > could be manipulated at the same time. It may point to an invalid
> > address so that system will panic.
>
> So if we remove these RCU callbacks (by adding a sychronize_rcu) this is not a
> problem, right?
Maybe you are right. But do you think it will cause performance issue, I mean
it takes
longer time to destroy filters if using synchronize_rcu()?
Or is there any other races than RCU callbacks?
We haven't found them. This is the only one we found.
>
>
> >
> > This patch uses the action array directly to fix this issue.
> >
> > Fixes commit in pre-git era.
> >
> > Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
>
> This is wrong too. RCU callbacks were introduced very late.
