On Thu, Jul 25, 2019 at 04:36:20PM +0200, Maksym Planeta wrote: > Is this one better? > > Replace tasklets with workqueues in rxe driver. The reason for this > replacement is that tasklets are supposed to run atomically, although the > actual code may block. > > Modify the SKB destructor for outgoing SKB's to schedule QP tasks only if > the QP is not destroyed itself. > > Add a variable "pending_skb_down" to ensure that reference counting for a QP > is decremented only when QP access related to this skb is over. > > Separate part of pool element cleanup code to allow this code to be called > in the very end of cleanup, even if some of cleanup is scheduled for > asynchronous execution. Example, when it was happening is destructor for a > QP. > > Disallow calling of task functions "directly". This allows to simplify logic > inside rxe_task.c > > Schedule rxe_qp_do_cleanup onto high-priority system workqueue, because this > function can be scheduled from normal system workqueue. > > Before destroying a QP, wait until all references to this QP are gone. > Previously the problem was that outgoing SKBs could be freed after the QP > these SKBs refer to is destroyed. > > Add blocking rxe_run_task to replace __rxe_do_task that was calling task > function directly. Mostly but it would also be good to describe the use after free and races more specifically Jason
