On 7/31/23 13:12, Jason Gunthorpe wrote: > On Fri, Jul 21, 2023 at 03:50:17PM -0500, Bob Pearson wrote: >> In cable pull testing some NICs can hold a send packet long enough >> to allow ulp protocol stacks to destroy the qp and the cleanup >> routines to timeout waiting for all qp references to be released. >> When the NIC driver finally frees the SKB the qp pointer is no longer >> valid and causes a seg fault in rxe_skb_tx_dtor(). >> >> This patch passes the qp index instead of the qp to the skb destructor >> callback function. The call back is required to lookup the qp from the >> index and if it has been destroyed the lookup will return NULL and the >> qp will not be referenced avoiding the seg fault. > > And what if it is a different QP returned? > > Jason Since we are using xarray cyclic alloc you would have to create 16M QPs before the index was reused. This is as good as it gets I think. Bob
