On Wed, Aug 10, 2016 at 09:55:39PM +0200, Roman Pen wrote: > percpu issues some RCU callbacks to synchronize its state, so before > freeing we have to wait all those callbacks to finish. > > E.g. the following simple sequence on stack causes nasty crash: > > struct percpu_ref ref; > > percpu_ref_init(&ref, release, 0, GFP_KERNEL); > percpu_ref_kill(&ref); > percpu_ref_exit(&ref);
Hmmm... that's just an illegal sequence of operations. You can't exit a ref which hasn't completed killing yet (the kill callback hasn't been called). Thanks. -- tejun
